web9045.web07.bero-webspace.de Open in urlscan Pro
109.71.253.24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/xLOh9QBeyF
Effective URL:
https://web9045.web07.bero-webspace.de/coinbase/
Submission: On November 14 via manual (November 14th 2022, 10:26:12 am UTC) from IN — Scanned from DE

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 9 HTTP transactions. The main IP is 109.71.253.24, located in Germany and belongs to SYNLINQ synlinq.de, DE. The main domain is web9045.web07.bero-webspace.de.
TLS certificate: Issued by R3 on November 7th 2022. Valid for: 3 months.

This is the only time web9045.web07.bero-webspace.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 1	3.228.239.40 3.228.239.40	14618 (AMAZON-AES) (AMAZON-AES)
1 1	45.126.58.78 45.126.58.78	132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia)
1	162.214.74.29 162.214.74.29	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	185.239.208.35 185.239.208.35	51167 (CONTABO) (CONTABO)
1 7	109.71.253.24 109.71.253.24	44486 (SYNLINQ s...) (SYNLINQ synlinq.de)
9	4

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.239.40 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-239-40.compute-1.amazonaws.com

rebrand.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.126.58.78 (Indonesia) 1 redirects

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.214.74.29 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: dedi-5712196.pneustyres.com.br

pneustyres.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.239.208.35 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: ip-35-208-239-185.static.contabo.net

gakofresh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 109.71.253.24 (Germany) 1 redirects

ASN44486 (SYNLINQ synlinq.de, DE)
PTR: web07.bero-host.de

web9045.web07.bero-webspace.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	bero-webspace.de 1 redirects web9045.web07.bero-webspace.de	21 KB
1	gakofresh.com gakofresh.com	368 B
1	pneustyres.com.br pneustyres.com.br	232 B
1	s.id 1 redirects s.id — Cisco Umbrella Rank: 177881	178 B
1	rebrand.ly 1 redirects rebrand.ly — Cisco Umbrella Rank: 74305	278 B
1	t.co t.co — Cisco Umbrella Rank: 475	549 B
9	6

	Domain	Requested by
7	web9045.web07.bero-webspace.de	1 redirects web9045.web07.bero-webspace.de
1	gakofresh.com
1	pneustyres.com.br	t.co
1	s.id	1 redirects
1	rebrand.ly	1 redirects
1	t.co
9	6

This site contains links to these domains. Also see Links.

Domain
coinbase.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
pneustyres.com.br R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
gakofresh.com cPanel, Inc. Certification Authority	`2022-09-04` - `2022-12-03`	3 months	crt.sh
web9045.web07.bero-webspace.de R3	`2022-11-07` - `2023-02-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://web9045.web07.bero-webspace.de/coinbase/
Frame ID: CC046E43503170C54EC6DFC35D799935
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Coinbase - Sign In

Page URL History Show full URLs

https://t.co/xLOh9QBeyF Page URL
https://rebrand.ly/126d6a HTTP 301
https://s.id/1ouvN HTTP 301
https://pneustyres.com.br/app/cieloapipro5/icones/coin.php Page URL
https://gakofresh.com/wp-admin/images/coin.php Page URL
https://web9045.web07.bero-webspace.de/coinbase HTTP 301
https://web9045.web07.bero-webspace.de/coinbase/ Page URL

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

22 kB
Transfer

115 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://coinbase.com/legal/cookie
Title: Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/xLOh9QBeyF Page URL
https://rebrand.ly/126d6a HTTP 301
https://s.id/1ouvN HTTP 301
https://pneustyres.com.br/app/cieloapipro5/icones/coin.php Page URL
https://gakofresh.com/wp-admin/images/coin.php Page URL
https://web9045.web07.bero-webspace.de/coinbase HTTP 301
https://web9045.web07.bero-webspace.de/coinbase/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://rebrand.ly/126d6a HTTP 301
https://s.id/1ouvN HTTP 301
https://pneustyres.com.br/app/cieloapipro5/icones/coin.php

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 xLOh9QBeyF
t.co/ 230 B
549 B 143ms
122ms Document
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/xLOh9QBeyF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 177
content-type: text/html; charset=utf-8
date: Mon, 14 Nov 2022 10:26:02 GMT
expires: Mon, 14 Nov 2022 10:31:03 GMT
perf: 7626143928
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 01cbbaab60f76ea870822708f7ebc7cf52f6b1a4fdab45c424874f1875d920f8
x-response-time: 116
x-transaction-id: ad351110de85d933
x-xss-protection: 0

GET
H2

200

coin.php
pneustyres.com.br/app/cieloapipro5/icones/
Redirect Chain

https://rebrand.ly/126d6a
https://s.id/1ouvN
https://pneustyres.com.br/app/cieloapipro5/icones/coin.php

147 B
232 B

2065ms
1731ms

Document
text/html

162.214.74.29
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://pneustyres.com.br/app/cieloapipro5/icones/coin.php
Requested by: Host: t.co
URL: https://t.co/xLOh9QBeyF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.214.74.29 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: dedi-5712196.pneustyres.com.br
Software: Apache /
Resource Hash

Request headers

Referer: https://t.co/xLOh9QBeyF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 14 Nov 2022 10:26:04 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

cache-control: private, max-age=30
content-length: 93
content-type: text/html; charset=utf-8
date: Mon, 14 Nov 2022 10:26:04 GMT
location: https://pneustyres.com.br/app/cieloapipro5/icones/coin.php
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 coin.php Show response
gakofresh.com/wp-admin/images/ 148 B
368 B 1025ms
966ms Document
text/html 185.239.208.35
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://gakofresh.com/wp-admin/images/coin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.208.35 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: ip-35-208-239-185.static.contabo.net
Software: LiteSpeed /
Resource Hash: bd6fa4314a6603d11479f105a059f1482076428a7b82a047a331f087b42109bc

Request headers

Referer: https://pneustyres.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 125
content-type: text/html; charset=UTF-8
date: Mon, 14 Nov 2022 10:26:07 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2

200

Primary Request / Show response
web9045.web07.bero-webspace.de/coinbase/
Redirect Chain

https://web9045.web07.bero-webspace.de/coinbase
https://web9045.web07.bero-webspace.de/coinbase/

21 KB
4 KB

974ms
972ms

Document
text/html

109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web9045.web07.bero-webspace.de/coinbase/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash: 88c8d3d28c781e30a7ee5905523fa6d6348db07c7090eaca49f020cecbe5baaa

Request headers

Referer: https://gakofresh.com/wp-admin/images/coin.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 3645
content-type: text/html; charset=UTF-8
date: Mon, 14 Nov 2022 10:26:08 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.33 PleskLin

Redirect headers

content-length: 337
content-type: text/html; charset=iso-8859-1
date: Mon, 14 Nov 2022 10:26:08 GMT
location: https://web9045.web07.bero-webspace.de/coinbase/
server: nginx
x-powered-by: PleskLin

GET
H2 200 styles.c153074692ca2188139d.css
web9045.web07.bero-webspace.de/coinbase/css/ 92 KB
16 KB 28ms
28ms Stylesheet
text/css 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web9045.web07.bero-webspace.de/coinbase/css/styles.c153074692ca2188139d.css
Requested by: Host: web9045.web07.bero-webspace.de
URL: https://web9045.web07.bero-webspace.de/coinbase/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 4ea4fc23020f83f6b59f58c76339205524ad38faa076dc5ed2de271b9913d6ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://web9045.web07.bero-webspace.de/coinbase/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:26:09 GMT
content-encoding: br
last-modified: Thu, 06 Oct 2022 10:59:52 GMT
server: nginx
etag: W/"633eb528-16ef5"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 styles.f41b97d53666de9b764b.css
web9045.web07.bero-webspace.de/coinbase/css/ 2 KB
545 B 30ms
29ms Stylesheet
text/css 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web9045.web07.bero-webspace.de/coinbase/css/styles.f41b97d53666de9b764b.css
Requested by: Host: web9045.web07.bero-webspace.de
URL: https://web9045.web07.bero-webspace.de/coinbase/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 3599d0d1a71ca5e56f6b6ff4018ce913e25cf503a5c076f47ba95a9478f8d665

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://web9045.web07.bero-webspace.de/coinbase/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:26:09 GMT
content-encoding: br
last-modified: Thu, 06 Oct 2022 10:59:52 GMT
server: nginx
etag: W/"633eb528-70c"
x-powered-by: PleskLin
content-type: text/css

GET
H2 404 8a6a40a08f92d9a9b3e5.woff2
web9045.web07.bero-webspace.de/static/ 0
0 28ms
27ms Font
text/html 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web9045.web07.bero-webspace.de/static/8a6a40a08f92d9a9b3e5.woff2
Requested by: Host: web9045.web07.bero-webspace.de
URL: https://web9045.web07.bero-webspace.de/coinbase/css/styles.c153074692ca2188139d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx /
Resource Hash

Request headers

Referer: https://web9045.web07.bero-webspace.de/coinbase/css/styles.c153074692ca2188139d.css
Origin: https://web9045.web07.bero-webspace.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:26:09 GMT
content-encoding: br
last-modified: Mon, 07 Nov 2022 22:43:07 GMT
server: nginx
etag: W/"328-5ece925ac98d7"
content-type: text/html

GET
H2 404 71371380d08a07cda58a.woff2
web9045.web07.bero-webspace.de/static/ 0
0 31ms
31ms Font
text/html 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web9045.web07.bero-webspace.de/static/71371380d08a07cda58a.woff2
Requested by: Host: web9045.web07.bero-webspace.de
URL: https://web9045.web07.bero-webspace.de/coinbase/css/styles.c153074692ca2188139d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx /
Resource Hash

Request headers

Referer: https://web9045.web07.bero-webspace.de/coinbase/css/styles.c153074692ca2188139d.css
Origin: https://web9045.web07.bero-webspace.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:26:09 GMT
content-encoding: br
last-modified: Mon, 07 Nov 2022 22:43:07 GMT
server: nginx
etag: W/"328-5ece925ac98d7"
content-type: text/html

GET
H2 404 502b733210ea3fdd4bf8.woff2
web9045.web07.bero-webspace.de/static/ 0
0 38ms
38ms Font
text/html 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web9045.web07.bero-webspace.de/static/502b733210ea3fdd4bf8.woff2
Requested by: Host: web9045.web07.bero-webspace.de
URL: https://web9045.web07.bero-webspace.de/coinbase/css/styles.c153074692ca2188139d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx /
Resource Hash

Request headers

Referer: https://web9045.web07.bero-webspace.de/coinbase/css/styles.c153074692ca2188139d.css
Origin: https://web9045.web07.bero-webspace.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:26:09 GMT
content-encoding: br
last-modified: Mon, 07 Nov 2022 22:43:07 GMT
server: nginx
etag: W/"328-5ece925ac98d7"
content-type: text/html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.t.co/	1970-01-20 16:57:15	Name: muc Value: 611f3849-236b-4cd4-9a4f-79bd58f86b1b

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://web9045.web07.bero-webspace.de/static/8a6a40a08f92d9a9b3e5.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://web9045.web07.bero-webspace.de/static/71371380d08a07cda58a.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://web9045.web07.bero-webspace.de/static/502b733210ea3fdd4bf8.woff2 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gakofresh.com
pneustyres.com.br
rebrand.ly
s.id
t.co
web9045.web07.bero-webspace.de
104.244.42.133
109.71.253.24
162.214.74.29
185.239.208.35
3.228.239.40
45.126.58.78
3599d0d1a71ca5e56f6b6ff4018ce913e25cf503a5c076f47ba95a9478f8d665
4ea4fc23020f83f6b59f58c76339205524ad38faa076dc5ed2de271b9913d6ef
88c8d3d28c781e30a7ee5905523fa6d6348db07c7090eaca49f020cecbe5baaa
bd6fa4314a6603d11479f105a059f1482076428a7b82a047a331f087b42109bc

web9045.web07.bero-webspace.de Open in urlscan Pro 109.71.253.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

4 IPs

3 Countries

22 kBTransfer

115 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

3 Console Messages

Security Headers

Indicators

web9045.web07.bero-webspace.de Open in urlscan Pro
109.71.253.24 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

22 kB
Transfer

115 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions