urlscan.io logo urlscan.io
SecurityTrails logo

folgemirzutoom.de Open in urlscan Pro
85.13.166.105  Public Scan

Go To Rescan Add Verdict Report
URL: https://folgemirzutoom.de/
Submission: On November 23 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 29 HTTP transactions. The main IP is 85.13.166.105, located in Germany and belongs to NMM-AS Neue Medien Muennich GmbH, DE. The main domain is folgemirzutoom.de.
TLS certificate: Issued by R10 on October 14th 2024. Valid for: 3 months.
This is the only time folgemirzutoom.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 85.13.166.105 34788 (NMM-AS Ne...)
12 185.18.100.13 50179 (DELPHI-HR...)
29 3
Apex Domain
Subdomains		 Transfer
16 folgemirzutoom.de
folgemirzutoom.de
484 KB
12 dvinci-easy.com
static.dvinci-easy.com — Cisco Umbrella Rank: 573441
toom-baumarkt.dvinci-easy.com Failed
147 KB
29 2
Domain Requested by
16 folgemirzutoom.de folgemirzutoom.de
12 static.dvinci-easy.com folgemirzutoom.de
static.dvinci-easy.com
0 toom-baumarkt.dvinci-easy.com Failed static.dvinci-easy.com
29 3

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
api.whatsapp.com
www.linkedin.com
www.xing-share.com
toom.de
www.rewe-group.com
Subject Issuer Validity Valid
folgemirzutoom.de
R10		 2024-10-14 -
2025-01-12		 3 months crt.sh
*.dvinci-easy.com
Thawte TLS RSA CA G1		 2024-04-11 -
2025-05-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://folgemirzutoom.de/
Frame ID: AC6656E4931A6B7A812A3FEE1316115B
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TOOM - Mitarbeiterempfehlungsprogramm

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

97 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

631 kB
Transfer

1351 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
folgemirzutoom.de/ 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://folgemirzutoom.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
24469a7e05296eeba672d4732c399dc0df053ac182ec521feecc01782e031da6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
br
content-length
3190
content-type
text/html
date
Sat, 23 Nov 2024 00:20:57 GMT
etag
"2a21-60176bd6bef00-br"
last-modified
Thu, 27 Jul 2023 12:02:36 GMT
server
Apache
vary
Accept-Encoding,User-Agent
bootstrap.min.css
folgemirzutoom.de/vendor/bootstrap/css/ 		152 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://folgemirzutoom.de/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folgemirzutoom.de/

Response headers

content-encoding
br
etag
"26074-5e81695efd280-br"
accept-ranges
bytes
content-length
20781
date
Sat, 23 Nov 2024 00:20:57 GMT
last-modified
Wed, 07 Sep 2022 13:49:46 GMT
vary
Accept-Encoding,User-Agent
server
Apache
content-type
text/css
toom.css
folgemirzutoom.de/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://folgemirzutoom.de/css/toom.css
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
cf1d998881e74343554e1913a6861f877be879e156bc2f595db7f7071d1be8ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folgemirzutoom.de/

Response headers

content-encoding
br
etag
"1164-5e81695d14e00-br"
accept-ranges
bytes
content-length
1254
date
Sat, 23 Nov 2024 00:20:57 GMT
last-modified
Wed, 07 Sep 2022 13:49:44 GMT
vary
Accept-Encoding,User-Agent
server
Apache
content-type
text/css
all.css
folgemirzutoom.de/fontawesome/css/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://folgemirzutoom.de/fontawesome/css/all.css
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folgemirzutoom.de/

Response headers

content-encoding
br
etag
"11f69-5c8bd6a93d280-br"
accept-ranges
bytes
content-length
12745
date
Sat, 23 Nov 2024 00:20:57 GMT
last-modified
Wed, 04 Aug 2021 15:25:46 GMT
vary
Accept-Encoding,User-Agent
server
Apache
content-type
text/css
logo-2023.jpg
folgemirzutoom.de/inc/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://folgemirzutoom.de/inc/logo-2023.jpg
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
23e3d50a9031bb5b610cee97c8c438ad72dbb5ec3689cb373b4cd842b532a1e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folgemirzutoom.de/

Response headers

accept-ranges
bytes
content-length
25891
etag
"6523-6001b99294680"
date
Sat, 23 Nov 2024 00:20:57 GMT
last-modified
Mon, 10 Jul 2023 05:53:14 GMT
content-type
image/jpeg
server
Apache
Header.jpg
folgemirzutoom.de/inc/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://folgemirzutoom.de/inc/Header.jpg
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
7b4ba6cfbbf50d3c6c6e3254ab3c6d3c0402a4211848075c06b79191c7129d83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folgemirzutoom.de/

Response headers

accept-ranges
bytes
content-length
182542
etag
"2c90e-5ffdec7a73540"
date
Sat, 23 Nov 2024 00:20:57 GMT
last-modified
Fri, 07 Jul 2023 05:19:41 GMT
content-type
image/jpeg
server
Apache
step1.png
folgemirzutoom.de/inc/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://folgemirzutoom.de/inc/step1.png
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
a044358b5c48a513360b6c7d6d54c172380f4e8f45188de16e4f280d27a2ff4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folgemirzutoom.de/

Response headers

accept-ranges
bytes
content-length
5240
etag
"1478-5e81695d14e00"
date
Sat, 23 Nov 2024 00:20:57 GMT
last-modified
Wed, 07 Sep 2022 13:49:44 GMT
content-type
image/png
server
Apache
step2.png
folgemirzutoom.de/inc/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://folgemirzutoom.de/inc/step2.png
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
83e029142dbc0c4ba37953de438aeb43f722fee9af87d32c1421aa42a74ef269

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folgemirzutoom.de/

Response headers

accept-ranges
bytes
content-length
7014
etag
"1b66-5e81695efd280"
date
Sat, 23 Nov 2024 00:20:57 GMT
last-modified
Wed, 07 Sep 2022 13:49:46 GMT
content-type
image/png
server
Apache
step3.png
folgemirzutoom.de/inc/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://folgemirzutoom.de/inc/step3.png
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
2be87bc75f40a0fa7b80508f9850c2690620aa0310ccb2cea55aa82c55fa2380

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folgemirzutoom.de/

Response headers

accept-ranges
bytes
content-length
6387
etag
"18f3-5e81695d14e00"
date
Sat, 23 Nov 2024 00:20:57 GMT
last-modified
Wed, 07 Sep 2022 13:49:44 GMT
content-type
image/png
server
Apache
dvinci-job-widget-full-1.0.0.min.js
static.dvinci-easy.com/files/job-widget-v1/ 		461 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dvinci-easy.com/files/job-widget-v1/dvinci-job-widget-full-1.0.0.min.js
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.18.100.13 , Germany, ASN50179 (DELPHI-HRS d.vinci HR-Systems GmbH, DE),
Reverse DNS
Software
openresty /
Resource Hash
3e2f00186217b3c96b26106a5d49aaa9a1c5ac525f18f4f9ff39c32f4d580fe2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folgemirzutoom.de/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"673f60ed-7351b"
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
*
date
Sat, 23 Nov 2024 00:20:57 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 16:33:49 GMT
server
openresty
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,If-None-Match
siegel1.png
folgemirzutoom.de/inc/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://folgemirzutoom.de/inc/siegel1.png
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
5f6cec76e3d7ed0a96f4b501cc559a2b3363d252a45973183fa23f88c6da334f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folgemirzutoom.de/

Response headers

accept-ranges
bytes
content-length
5623
etag
"15f7-5e81695efd280"
date
Sat, 23 Nov 2024 00:20:57 GMT
last-modified
Wed, 07 Sep 2022 13:49:46 GMT
content-type
image/png
server
Apache
siegel2.png
folgemirzutoom.de/inc/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://folgemirzutoom.de/inc/siegel2.png
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
bb4219b5a66ee7a5700740956cc7a896c9b3f259ed9f99984475a4f0fd1c091e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folgemirzutoom.de/

Response headers

accept-ranges
bytes
content-length
17180
etag
"431c-6137764984280"
date
Sat, 23 Nov 2024 00:20:57 GMT
last-modified
Tue, 12 Mar 2024 14:22:50 GMT
content-type
image/png
server
Apache
jquery.min.js
folgemirzutoom.de/vendor/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://folgemirzutoom.de/vendor/jquery/jquery.min.js
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folgemirzutoom.de/

Response headers

content-encoding
br
etag
"15853-5e816960e5700-br"
accept-ranges
bytes
content-length
30091
date
Sat, 23 Nov 2024 00:20:57 GMT
last-modified
Wed, 07 Sep 2022 13:49:48 GMT
vary
Accept-Encoding,User-Agent
server
Apache
content-type
application/javascript
bootstrap.bundle.min.js
folgemirzutoom.de/vendor/bootstrap/js/ 		77 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://folgemirzutoom.de/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folgemirzutoom.de/

Response headers

content-encoding
br
etag
"13331-5e816960e5700-br"
accept-ranges
bytes
content-length
21423
date
Sat, 23 Nov 2024 00:20:57 GMT
last-modified
Wed, 07 Sep 2022 13:49:48 GMT
vary
Accept-Encoding,User-Agent
server
Apache
content-type
application/javascript
fa-solid-900.woff2
folgemirzutoom.de/fontawesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://folgemirzutoom.de/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/fontawesome/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://folgemirzutoom.de
Referer
https://folgemirzutoom.de/fontawesome/css/all.css

Response headers

accept-ranges
bytes
content-length
78268
etag
"131bc-5c8bd6a93d280"
date
Sat, 23 Nov 2024 00:20:57 GMT
last-modified
Wed, 04 Aug 2021 15:25:46 GMT
content-type
font/woff2
server
Apache
fa-brands-400.woff2
folgemirzutoom.de/fontawesome/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://folgemirzutoom.de/fontawesome/webfonts/fa-brands-400.woff2
Requested by
Host: folgemirzutoom.de
URL: https://folgemirzutoom.de/fontawesome/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://folgemirzutoom.de
Referer
https://folgemirzutoom.de/fontawesome/css/all.css

Response headers

accept-ranges
bytes
content-length
76736
etag
"12bc0-5c8bd6a93d280"
date
Sat, 23 Nov 2024 00:20:57 GMT
last-modified
Wed, 04 Aug 2021 15:25:46 GMT
content-type
font/woff2
server
Apache
favicon.ico
folgemirzutoom.de/ 		196 B
246 B 		Other
General
Check archive.org
Download Go to
Full URL
https://folgemirzutoom.de/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.166.105 , Germany, ASN34788 (NMM-AS Neue Medien Muennich GmbH, DE),
Reverse DNS
dd52206.kasserver.com
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folgemirzutoom.de/

Response headers

content-length
196
date
Sat, 23 Nov 2024 00:20:57 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
dvinci-job-widget-1.0.0.min.css
static.dvinci-easy.com/files/job-widget-v1/ 		82 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dvinci-easy.com/files/job-widget-v1/dvinci-job-widget-1.0.0.min.css
Requested by
Host: static.dvinci-easy.com
URL: https://static.dvinci-easy.com/files/job-widget-v1/dvinci-job-widget-full-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.18.100.13 , Germany, ASN50179 (DELPHI-HRS d.vinci HR-Systems GmbH, DE),
Reverse DNS
Software
openresty /
Resource Hash
d650b2010ee6214832978aa2cb86991c3043a3dba1786116b279b0e005c7c6b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://folgemirzutoom.de
Referer
https://folgemirzutoom.de/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"65f03512-14861"
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
*
date
Sat, 23 Nov 2024 00:20:58 GMT
content-type
text/css
last-modified
Tue, 12 Mar 2024 10:57:22 GMT
server
openresty
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,If-None-Match
skin.json
static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/ 		865 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/skin.json
Requested by
Host: static.dvinci-easy.com
URL: https://static.dvinci-easy.com/files/job-widget-v1/dvinci-job-widget-full-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.18.100.13 , Germany, ASN50179 (DELPHI-HRS d.vinci HR-Systems GmbH, DE),
Reverse DNS
Software
openresty /
Resource Hash
0541bad2c1ec35f8487007a0c1a30e820d24bac4fec5bb5ad85a731422da2220
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://folgemirzutoom.de/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"673f60ed-361"
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
*
date
Sat, 23 Nov 2024 00:20:58 GMT
content-type
application/json
last-modified
Thu, 21 Nov 2024 16:33:49 GMT
server
openresty
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,If-None-Match
extra.css
static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/css/extra.css
Requested by
Host: static.dvinci-easy.com
URL: https://static.dvinci-easy.com/files/job-widget-v1/dvinci-job-widget-full-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.18.100.13 , Germany, ASN50179 (DELPHI-HRS d.vinci HR-Systems GmbH, DE),
Reverse DNS
Software
openresty /
Resource Hash
3b830404307e98dd56cfebdc5bf5855d87d9e3065f720c172a6f35cb6879da4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://folgemirzutoom.de
Referer
https://folgemirzutoom.de/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"673f60ed-135c"
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
*
date
Sat, 23 Nov 2024 00:20:58 GMT
content-type
text/css
last-modified
Thu, 21 Nov 2024 16:33:49 GMT
server
openresty
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,If-None-Match
dvinciJobWidget.html
static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/views/ 		533 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/views/dvinciJobWidget.html
Requested by
Host: static.dvinci-easy.com
URL: https://static.dvinci-easy.com/files/job-widget-v1/dvinci-job-widget-full-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.18.100.13 , Germany, ASN50179 (DELPHI-HRS d.vinci HR-Systems GmbH, DE),
Reverse DNS
Software
openresty /
Resource Hash
0669b10e57efb4ac12e3256137750853c264262d22773c81a7aea44d2b4747c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://folgemirzutoom.de/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"673f60ed-215"
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
*
date
Sat, 23 Nov 2024 00:20:58 GMT
content-type
text/html
last-modified
Thu, 21 Nov 2024 16:33:49 GMT
server
openresty
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,If-None-Match
dvinciJobFilters.html
static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/views/ 		1 KB
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/views/dvinciJobFilters.html
Requested by
Host: static.dvinci-easy.com
URL: https://static.dvinci-easy.com/files/job-widget-v1/dvinci-job-widget-full-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.18.100.13 , Germany, ASN50179 (DELPHI-HRS d.vinci HR-Systems GmbH, DE),
Reverse DNS
Software
openresty /
Resource Hash
2b25e000a69a06f1e2926ab6f60084f14d2970e59c9c8157192e9cca4f14a10d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://folgemirzutoom.de/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"673f60ed-541"
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
*
date
Sat, 23 Nov 2024 00:20:58 GMT
content-type
text/html
last-modified
Thu, 21 Nov 2024 16:33:49 GMT
server
openresty
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,If-None-Match
dvinciCard.html
static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/views/ 		2 KB
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/views/dvinciCard.html
Requested by
Host: static.dvinci-easy.com
URL: https://static.dvinci-easy.com/files/job-widget-v1/dvinci-job-widget-full-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.18.100.13 , Germany, ASN50179 (DELPHI-HRS d.vinci HR-Systems GmbH, DE),
Reverse DNS
Software
openresty /
Resource Hash
a75745fab057447e19981248fe71a31147fd40170e1ab85f3772eb4f37a19d1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://folgemirzutoom.de/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"673f60ed-61a"
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
*
date
Sat, 23 Nov 2024 00:20:58 GMT
content-type
text/html
last-modified
Thu, 21 Nov 2024 16:33:49 GMT
server
openresty
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,If-None-Match
dvinciJobListPagination.html
static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/views/ 		570 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/views/dvinciJobListPagination.html
Requested by
Host: static.dvinci-easy.com
URL: https://static.dvinci-easy.com/files/job-widget-v1/dvinci-job-widget-full-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.18.100.13 , Germany, ASN50179 (DELPHI-HRS d.vinci HR-Systems GmbH, DE),
Reverse DNS
Software
openresty /
Resource Hash
caac3eac3f4ce96e01fa93ab07b758ec69532b0c6bd91941bccc21337fb76343
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://folgemirzutoom.de/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"673f60ed-23a"
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
*
date
Sat, 23 Nov 2024 00:20:58 GMT
content-type
text/html
last-modified
Thu, 21 Nov 2024 16:33:49 GMT
server
openresty
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,If-None-Match
one-column.html
static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/views/layout/ 		168 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/views/layout/one-column.html
Requested by
Host: static.dvinci-easy.com
URL: https://static.dvinci-easy.com/files/job-widget-v1/dvinci-job-widget-full-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.18.100.13 , Germany, ASN50179 (DELPHI-HRS d.vinci HR-Systems GmbH, DE),
Reverse DNS
Software
openresty /
Resource Hash
d638453c45d27eb41fc2dc215d62425fa3ce5d18bceac80a063e59259816b433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://folgemirzutoom.de/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
cache-control
no-cache
etag
"673f60ed-a8"
access-control-allow-methods
GET, HEAD, OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
content-length
168
date
Sat, 23 Nov 2024 00:20:58 GMT
content-type
text/html
last-modified
Thu, 21 Nov 2024 16:33:49 GMT
server
openresty
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,If-None-Match
job-entry-columns.html
static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/views/layout/ 		169 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/views/layout/job-entry-columns.html
Requested by
Host: static.dvinci-easy.com
URL: https://static.dvinci-easy.com/files/job-widget-v1/dvinci-job-widget-full-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.18.100.13 , Germany, ASN50179 (DELPHI-HRS d.vinci HR-Systems GmbH, DE),
Reverse DNS
Software
openresty /
Resource Hash
867ca95fe2494d1003f47988ed03edf31a998b5d24e6bba14c33589d5a67eab7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://folgemirzutoom.de/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
cache-control
no-cache
etag
"673f60ed-a9"
access-control-allow-methods
GET, HEAD, OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
content-length
169
date
Sat, 23 Nov 2024 00:20:58 GMT
content-type
text/html
last-modified
Thu, 21 Nov 2024 16:33:49 GMT
server
openresty
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,If-None-Match
de.json
static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/i18n/ 		188 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/i18n/de.json
Requested by
Host: static.dvinci-easy.com
URL: https://static.dvinci-easy.com/files/job-widget-v1/dvinci-job-widget-full-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.18.100.13 , Germany, ASN50179 (DELPHI-HRS d.vinci HR-Systems GmbH, DE),
Reverse DNS
Software
openresty /
Resource Hash
8870df66045728346823b85c11f475f5c4141c92b49f6cf34c7f88cfa08792da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://folgemirzutoom.de/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
cache-control
no-cache
etag
"673f60ed-bc"
access-control-allow-methods
GET, HEAD, OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
content-length
188
date
Sat, 23 Nov 2024 00:20:58 GMT
content-type
application/json
last-modified
Thu, 21 Nov 2024 16:33:49 GMT
server
openresty
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,If-None-Match
en.json
static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/i18n/ 		108 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dvinci-easy.com/files/job-widget-v1/skins/toom-mep-intern/i18n/en.json
Requested by
Host: static.dvinci-easy.com
URL: https://static.dvinci-easy.com/files/job-widget-v1/dvinci-job-widget-full-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.18.100.13 , Germany, ASN50179 (DELPHI-HRS d.vinci HR-Systems GmbH, DE),
Reverse DNS
Software
openresty /
Resource Hash
f16a9b8f7dd1964081eeb08d9acd8398d867c9157e204f3582c5e1765547df51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://folgemirzutoom.de/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
cache-control
no-cache
etag
"673f60ed-6c"
access-control-allow-methods
GET, HEAD, OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
content-length
108
date
Sat, 23 Nov 2024 00:20:58 GMT
content-type
application/json
last-modified
Thu, 21 Nov 2024 16:33:49 GMT
server
openresty
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,If-None-Match
list.json
toom-baumarkt.dvinci-easy.com/portal/toom-empfehlen/jobPublication/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
toom-baumarkt.dvinci-easy.com
URL
https://toom-baumarkt.dvinci-easy.com/portal/toom-empfehlen/jobPublication/list.json?maxCacheAge=1800&widget-version=v1

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dvinci function| $ function| jQuery object| bootstrap function| MarkerClusterer number| ng339 object| dvinciJobWidgetConfigTrace

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://folgemirzutoom.de/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

folgemirzutoom.de
static.dvinci-easy.com
toom-baumarkt.dvinci-easy.com
toom-baumarkt.dvinci-easy.com
185.18.100.13
85.13.166.105
0541bad2c1ec35f8487007a0c1a30e820d24bac4fec5bb5ad85a731422da2220
0669b10e57efb4ac12e3256137750853c264262d22773c81a7aea44d2b4747c8
0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc
23e3d50a9031bb5b610cee97c8c438ad72dbb5ec3689cb373b4cd842b532a1e3
24469a7e05296eeba672d4732c399dc0df053ac182ec521feecc01782e031da6
2b25e000a69a06f1e2926ab6f60084f14d2970e59c9c8157192e9cca4f14a10d
2be87bc75f40a0fa7b80508f9850c2690620aa0310ccb2cea55aa82c55fa2380
3b830404307e98dd56cfebdc5bf5855d87d9e3065f720c172a6f35cb6879da4c
3e2f00186217b3c96b26106a5d49aaa9a1c5ac525f18f4f9ff39c32f4d580fe2
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc
5f6cec76e3d7ed0a96f4b501cc559a2b3363d252a45973183fa23f88c6da334f
7b4ba6cfbbf50d3c6c6e3254ab3c6d3c0402a4211848075c06b79191c7129d83
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
83e029142dbc0c4ba37953de438aeb43f722fee9af87d32c1421aa42a74ef269
867ca95fe2494d1003f47988ed03edf31a998b5d24e6bba14c33589d5a67eab7
8870df66045728346823b85c11f475f5c4141c92b49f6cf34c7f88cfa08792da
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
a044358b5c48a513360b6c7d6d54c172380f4e8f45188de16e4f280d27a2ff4e
a75745fab057447e19981248fe71a31147fd40170e1ab85f3772eb4f37a19d1e
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
bb4219b5a66ee7a5700740956cc7a896c9b3f259ed9f99984475a4f0fd1c091e
caac3eac3f4ce96e01fa93ab07b758ec69532b0c6bd91941bccc21337fb76343
cf1d998881e74343554e1913a6861f877be879e156bc2f595db7f7071d1be8ad
d638453c45d27eb41fc2dc215d62425fa3ce5d18bceac80a063e59259816b433
d650b2010ee6214832978aa2cb86991c3043a3dba1786116b279b0e005c7c6b3
f16a9b8f7dd1964081eeb08d9acd8398d867c9157e204f3582c5e1765547df51