www.hair-express.de
Open in
urlscan Pro
85.13.134.119
Public Scan
Effective URL: https://www.hair-express.de/
Submission: On September 20 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Certum Domain Validation CA SHA2 on April 15th 2021. Valid for: a year.
This is the only time www.hair-express.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 185.107.56.205 185.107.56.205 | 43350 (NFORCE) (NFORCE) | |
1 2 | 198.54.112.216 198.54.112.216 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 1 | 49.12.0.235 49.12.0.235 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 1 | 78.46.197.88 78.46.197.88 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 157.90.169.168 157.90.169.168 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 1 | 2606:4700:303... 2606:4700:3036::ac43:872c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 85.13.134.119 85.13.134.119 | 34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68) | |
28 | 4 |
ASN24940 (HETZNER-AS, DE)
PTR: static.235.0.12.49.clients.your-server.de
rtpnt.xyz |
ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de
clever-redirect.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de
lookandfind.me |
ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd12130.kasserver.com
www.hair-express.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
hair-express.de
www.hair-express.de |
493 KB |
2 |
lookandfind.me
lookandfind.me |
979 B |
2 |
rebiraert.com
1 redirects
4773.rebiraert.com |
719 B |
2 |
employeewalgreens.com
1 redirects
employeewalgreens.com |
852 B |
1 |
utkv6nyu.de
1 redirects
utkv6nyu.de |
759 B |
1 |
clever-redirect.com
1 redirects
clever-redirect.com |
239 B |
1 |
rtpnt.xyz
1 redirects
rtpnt.xyz |
199 B |
28 | 7 |
Domain | Requested by | |
---|---|---|
24 | www.hair-express.de |
lookandfind.me
www.hair-express.de |
2 | lookandfind.me |
4773.rebiraert.com
|
2 | 4773.rebiraert.com |
1 redirects
employeewalgreens.com
|
2 | employeewalgreens.com | 1 redirects |
1 | utkv6nyu.de | 1 redirects |
1 | clever-redirect.com | 1 redirects |
1 | rtpnt.xyz | 1 redirects |
28 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.beautywelt.de |
www.billiger.de |
www.haarpflege-express.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
employeewalgreens.com R3 |
2021-09-20 - 2021-12-19 |
3 months | crt.sh |
lookandfind.me R3 |
2021-09-04 - 2021-12-03 |
3 months | crt.sh |
hair-express.de Certum Domain Validation CA SHA2 |
2021-04-15 - 2022-05-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.hair-express.de/
Frame ID: 348666F1C9C956D425663338E1C74D8D
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
Friseur Online Shop für Haarpflege, Shampoo, Stylingprodukte, FarbenPage URL History Show full URLs
- https://employeewalgreens.com/ Page URL
-
https://employeewalgreens.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzMjE...
HTTP 302
http://4773.rebiraert.com/match-4773/67091/9912450/1632164148/mf_d6a6003e-5d32-4839-b39c-7201579f53b4/... Page URL
-
http://4773.rebiraert.com/match-4773/67091/9912450/1632164148/mf_d6a6003e-5d32-4839-b39c-7201579f53b4/...
HTTP 302
https://rtpnt.xyz/v6/r?s=r8d&s3=apix07-employeewalgreens.com HTTP 302
https://clever-redirect.com/s/r6?s=r8d&s2=&s3=apix07employeewalgreenscom HTTP 302
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=hair-express.de&s1=r8d&s2=&... Page URL
- https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3... Page URL
-
https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=220b4779836dcaf36f5e12bab...
HTTP 302
https://www.hair-express.de/ Page URL
Detected technologies
JTL Shop (Ecommerce) ExpandDetected patterns
- (?:<input[^>]+name="JTLSHOP|<a href="jtl\.php)
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: NeuEntdecken Sie unseren Beautyblog und lassen Sie sich von den aktuellen Trends inspirieren.jetzt entdecken >
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Haarpflege-Express
Search URL Search Domain Scan URL
Title: Beautywelt
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://employeewalgreens.com/ Page URL
-
https://employeewalgreens.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzMjE3MTM0OCwiaWF0IjoxNjMyMTY0MTQ4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWo5cDk5NWg3cDQ1M2wzaGMxN21zNG0iLCJuYmYiOjE2MzIxNjQxNDgsInRzIjoxNjMyMTY0MTQ4MDgxNjI0fQ.96vJkJxxM1EyI0vtE6l9DVLSF4uvYdgWS8TU46m3y8c&sid=5e1bbc00-1a44-11ec-8f72-d5af76c1c932
HTTP 302
http://4773.rebiraert.com/match-4773/67091/9912450/1632164148/mf_d6a6003e-5d32-4839-b39c-7201579f53b4/YXBpeDA3LWVtcGxveWVld2FsZ3JlZW5zLmNvbQ==/feed Page URL
-
http://4773.rebiraert.com/match-4773/67091/9912450/1632164148/mf_d6a6003e-5d32-4839-b39c-7201579f53b4/YXBpeDA3LWVtcGxveWVld2FsZ3JlZW5zLmNvbQ==
HTTP 302
https://rtpnt.xyz/v6/r?s=r8d&s3=apix07-employeewalgreens.com HTTP 302
https://clever-redirect.com/s/r6?s=r8d&s2=&s3=apix07employeewalgreenscom HTTP 302
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=hair-express.de&s1=r8d&s2=&s3=apix07employeewalgreenscom Page URL
- https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D220b4779836dcaf36f5e12bab3003285%26url%3Dhttps%253A%252F%252Fwww.hair-express.de%252F&h=10d7d9669d9f5cad29419431ffac28f2 Page URL
-
https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=220b4779836dcaf36f5e12bab3003285&url=https%3A%2F%2Fwww.hair-express.de%2F
HTTP 302
https://www.hair-express.de/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://employeewalgreens.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzMjE3MTM0OCwiaWF0IjoxNjMyMTY0MTQ4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWo5cDk5NWg3cDQ1M2wzaGMxN21zNG0iLCJuYmYiOjE2MzIxNjQxNDgsInRzIjoxNjMyMTY0MTQ4MDgxNjI0fQ.96vJkJxxM1EyI0vtE6l9DVLSF4uvYdgWS8TU46m3y8c&sid=5e1bbc00-1a44-11ec-8f72-d5af76c1c932 HTTP 302
- http://4773.rebiraert.com/match-4773/67091/9912450/1632164148/mf_d6a6003e-5d32-4839-b39c-7201579f53b4/YXBpeDA3LWVtcGxveWVld2FsZ3JlZW5zLmNvbQ==/feed
- http://4773.rebiraert.com/match-4773/67091/9912450/1632164148/mf_d6a6003e-5d32-4839-b39c-7201579f53b4/YXBpeDA3LWVtcGxveWVld2FsZ3JlZW5zLmNvbQ== HTTP 302
- https://rtpnt.xyz/v6/r?s=r8d&s3=apix07-employeewalgreens.com HTTP 302
- https://clever-redirect.com/s/r6?s=r8d&s2=&s3=apix07employeewalgreenscom HTTP 302
- https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=hair-express.de&s1=r8d&s2=&s3=apix07employeewalgreenscom
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
employeewalgreens.com/ |
478 B 697 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
feed
4773.rebiraert.com/match-4773/67091/9912450/1632164148/mf_d6a6003e-5d32-4839-b39c-7201579f53b4/YXBpeDA3LWVtcGxveWVld2FsZ3JlZW5zLmNvbQ==/ Redirect Chain
|
432 B 519 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
lookandfind.me/s/ Redirect Chain
|
433 B 600 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r
lookandfind.me/s/ |
349 B 379 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.hair-express.de/ Redirect Chain
|
85 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20200806.js
www.hair-express.de/cache/js/s2/ |
91 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20200925.js
www.hair-express.de/cache/js/v0/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20200925.css
www.hair-express.de/cache/css/om/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20200925_1.css
www.hair-express.de/cache/css/0/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20210831.css
www.hair-express.de/cache/css/18/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_header.png
www.hair-express.de/bilder/intern/shoplogo/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kerastase_resistance.jpg
www.hair-express.de/cache/mediafiles/Bilder/startseite/slider/ |
63 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paul_mitchell_invisiblewear.jpg
www.hair-express.de/cache/mediafiles/Bilder/startseite/slider/ |
75 KB 76 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
goldwel_stylesign_curls_and_waves.jpg
www.hair-express.de/cache/mediafiles/Bilder/startseite/slider/ |
78 KB 79 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sans_soucis_daily_vitamins.jpg
www.hair-express.de/cache/mediafiles/Bilder/startseite/banner/ |
64 KB 65 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20200806.png
www.hair-express.de/cache/png/j8/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
topmarken.png
www.hair-express.de/cache/startseite/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iu.woff2
www.hair-express.de/cache/files/ |
20 KB 20 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iw.woff2
www.hair-express.de/cache/files/ |
4 KB 4 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iv.woff2
www.hair-express.de/cache/files/ |
25 KB 25 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201008_ger.js
www.hair-express.de/cache/js/a2n/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20200925_ger.js
www.hair-express.de/cache/js/zz/ |
316 B 294 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201019.js
www.hair-express.de/cache/js/a10/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201008_ger.html
www.hair-express.de/cache/html/a47/ |
3 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20200925.js
www.hair-express.de/cache/js/a0d/ |
458 B 374 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20200925.css
www.hair-express.de/cache/css/r9/ |
5 KB 2 KB |
XHR
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20200925.js
www.hair-express.de/cache/js/a43/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ghd_heat_protect.jpg
www.hair-express.de/cache/mediafiles/Bilder/startseite/slider/ |
56 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| z2 function| $ function| jQuery function| Swiper number| vc function| _ function| z1 object| jQuery112400089177902106802884 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.employeewalgreens.com/ | Name: sid Value: 5e1bbc00-1a44-11ec-8f72-d5af76c1c932 |
|
utkv6nyu.de/ | Name: PHPSESSID Value: mlc8kcf4ijsgf7qpo1t6801a64 |
|
www.hair-express.de/ | Name: JTLSHOP Value: e2feb39a73a8a098d3f079990dde6caf |
|
www.hair-express.de/ | Name: gh1 Value: 4 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
4773.rebiraert.com
clever-redirect.com
employeewalgreens.com
lookandfind.me
rtpnt.xyz
utkv6nyu.de
www.hair-express.de
157.90.169.168
185.107.56.205
198.54.112.216
2606:4700:3036::ac43:872c
49.12.0.235
78.46.197.88
85.13.134.119
10e28bfa82759ceb6cabe03772861e4079ebe1fc88bdeb274c9c648f064ae6d3
15e5a2bf57b4fe889a1eac8e20ae253655a366f90543ea53fd0f20da89d305ee
1d7250bc543ce623f76df8ea5b01a857b094ae15540d0ab22e96d1996842c54e
1dbbdef1e14b213f7f9129a55adbd3c8f796167d68036afe1030f15518d2dacc
25ec22166db06f6b24e5867ede272dcc792f56939ac85fa1bccd6fb06cfea5b7
36096b44b2eabfc7e4c7204fb024e2b6d6f439742b78ebb5c5f38ba7c70e9458
388dd4d6a62fff2aab784fc30091b979ab6c748c1107a7e15ed94cce84951bbe
3bd32fe9bb2532c05cad5898705d1771016debd9e6e5313b9dcd525ba333391d
47235cbc1cc54f914bd38e5427f686b39156080457d9470681641a3349d91430
4a2e292f4e35180c47ce4217845423bfeb9c053d257c0fc7f46a754c36402b46
630e2c09b3e6407ef9ddb53bdf4384107416eed6a71f5eeccf212bf3630c970e
64164b73d78ebf02b5d7fa843b65905d902f97acf3229418fd88edb705548702
66f1b8929098573a5d65a5c1d8762ef1c444d30b10d6d12168ba9c075d69130b
95111fa0c89d0c074c0a314ad797eb24e550cb98804d09e774a1411455a69474
9b5d5f86a2681b6c2996e7799c083e29f257fd5b06aee5dc508929de93905694
a1a1e825a93fbabeba15ed6345521825769fa327e778c1aa00b0e8a16afb3208
a58e0a2d69bb1f4904d7b379f5fcdcffa08d10febe82bf8ddcad2cb0e5149074
af3b80a1c6da56a7a64f7551bafe4c1b3dfdbdb30e14ae11c8cfd2149cb1ca11
ca620335c9119f50b404f0a4c96a2f3e026d62fb2069ff6fbb4e19af897fe216
ca8c2560ecc7a5e5b438492a0f80a4483b4cbd39d87654d6b48b43870298bf14
cf0a91d16a09c56dddec563bef896d3db16a0d87f280b80fb854aa97f9565bb0
d032c391b39b680a97233b187f32c9797df5bde14bd27efbb63fb44426858d77
e169a198e5a39581eb47f68c778e84c81249851a7139e0f05267b18866e0706a
edbdd3615935c9ee6ef863fb2b2b500ba8cd586234a7f0be6b9d65786615e92f
ee799968835accd9505ec561450847e71669a3b897b3d0f3da55cec45d98fa57