mail.doerr-spielplatz.jud3.xyz Open in urlscan Pro
2a02:247a:22a:de00::1  Public Scan

URL: https://mail.doerr-spielplatz.jud3.xyz/
Submission: On January 24 via api from US — Scanned from US

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2a02:247a:22a:de00::1, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is mail.doerr-spielplatz.jud3.xyz.
TLS certificate: Issued by R3 on January 22nd 2024. Valid for: 3 months.
This is the only time mail.doerr-spielplatz.jud3.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a02:247a:22a... 8560 (IONOS-AS ...)
11 2600:9000:21a... 16509 (AMAZON-02)
3 13.225.63.112 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
17 5
Apex Domain
Subdomains
Transfer
11 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 55673
320 KB
3 framer.com
events.framer.com — Cisco Umbrella Rank: 65739
16 KB
2 gstatic.com
fonts.gstatic.com
44 KB
1 jud3.xyz
mail.doerr-spielplatz.jud3.xyz
17 KB
17 4
Domain Requested by
11 framerusercontent.com mail.doerr-spielplatz.jud3.xyz
framerusercontent.com
3 events.framer.com mail.doerr-spielplatz.jud3.xyz
events.framer.com
2 fonts.gstatic.com mail.doerr-spielplatz.jud3.xyz
1 mail.doerr-spielplatz.jud3.xyz
17 4

This site contains links to these domains. Also see Links.

Domain
framer.com
Subject Issuer Validity Valid
doerr-spielplatz.jud3.xyz
R3
2024-01-22 -
2024-04-21
3 months crt.sh
framerusercontent.com
Amazon RSA 2048 M02
2023-12-18 -
2025-01-14
a year crt.sh
events.framer.com
Amazon RSA 2048 M01
2023-04-26 -
2024-05-23
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh

This page contains 1 frames:

Primary Page: https://mail.doerr-spielplatz.jud3.xyz/
Frame ID: 748A201A238754A50AF62BF941086D3F
Requests: 22 HTTP requests in this frame

Screenshot

Page Title

My Framer Site

Page Statistics

17
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

397 kB
Transfer

952 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
mail.doerr-spielplatz.jud3.xyz/
125 KB
17 KB
Document
General
Full URL
https://mail.doerr-spielplatz.jud3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:247a:22a:de00::1 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
28b58255ed9c3f4c52b051e09912e1802c309bfab41b377cf1b49b2ce5d6fd06

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
17665
content-type
text/html
date
Wed, 24 Jan 2024 01:21:52 GMT
etag
"1f2c4-60f8dedb2fe40-gzip"
last-modified
Mon, 22 Jan 2024 19:35:13 GMT
server
Apache
vary
Accept-Encoding
chunk-SIJVXZSG.mjs
framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/
237 B
994 B
Script
General
Full URL
https://framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/chunk-SIJVXZSG.mjs
Requested by
Host: mail.doerr-spielplatz.jud3.xyz
URL: https://mail.doerr-spielplatz.jud3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5400:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8b4567118c2f95cc5a5714fbc9ecb2695eefe237060ec581cf9112b50269a7a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mail.doerr-spielplatz.jud3.xyz/
Origin
https://mail.doerr-spielplatz.jud3.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:37:09 GMT
x-amz-version-id
mm8SNAx9RtJZRrrwnGYjUcgNybU4thZn
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e830c64a8809a708404ba54d59d32214.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
107084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
237
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 19:28:23 GMT
server
CloudFront
etag
"e4154576a1f2ab4a972a8d2a74ffff16"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
Cnz20mMw99lLX2TjtGHTifdIPHXLTf79WaG3RBnwa6IkYdZ1dwYSrA==
chunk-BVXGJ6DL.mjs
framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/
519 KB
154 KB
Script
General
Full URL
https://framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/chunk-BVXGJ6DL.mjs
Requested by
Host: mail.doerr-spielplatz.jud3.xyz
URL: https://mail.doerr-spielplatz.jud3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5400:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c5432fb2a4f29af08751ed6b396114fc86e0d402a94b9eb57a12c28529fc19ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mail.doerr-spielplatz.jud3.xyz/
Origin
https://mail.doerr-spielplatz.jud3.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:37:09 GMT
x-amz-version-id
Ztpm_Y_5aml9cm1XafVSGSr03HtFoOXW
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e830c64a8809a708404ba54d59d32214.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
age
107084
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 19:28:23 GMT
server
CloudFront
etag
W/"542176aa7f90975e97a5047ee026bcf5"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
xhbqogUC41CPFeLfOQ1T1B-lKi43EgqhDDJSdVOsoTCzXsV9jZ6f2g==
chunk-ELYU6EKT.mjs
framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/
447 B
1 KB
Script
General
Full URL
https://framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/chunk-ELYU6EKT.mjs
Requested by
Host: mail.doerr-spielplatz.jud3.xyz
URL: https://mail.doerr-spielplatz.jud3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5400:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mail.doerr-spielplatz.jud3.xyz/
Origin
https://mail.doerr-spielplatz.jud3.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:37:09 GMT
x-amz-version-id
gUIHTpV7JzkBZBwGt3FM4jeA2Pjb2JjC
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e830c64a8809a708404ba54d59d32214.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
107084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
447
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 19:28:23 GMT
server
CloudFront
etag
"bac0d5b5f6a61029b51079932ccda746"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
2hO7vd3PYmb3HzrCmhd70KELA4dQdyCdewat-ntwkCaRP9K-Ek1V3Q==
-b2WjsjjFfOFMeW7fVHoBoXcT5jidwlwTqNUaLQALHg.X26B227Z.mjs
framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/
76 KB
19 KB
Script
General
Full URL
https://framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/-b2WjsjjFfOFMeW7fVHoBoXcT5jidwlwTqNUaLQALHg.X26B227Z.mjs
Requested by
Host: mail.doerr-spielplatz.jud3.xyz
URL: https://mail.doerr-spielplatz.jud3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5400:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
5617b6646a885c8a24f13d4b624f0e7df0a7f4de771343d07a80e978dec2d20a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mail.doerr-spielplatz.jud3.xyz/
Origin
https://mail.doerr-spielplatz.jud3.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:37:09 GMT
x-amz-version-id
wU7Yet1JJgkOYfC1sGmnoqKz.ggxrap0
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e830c64a8809a708404ba54d59d32214.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
age
107084
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 19:28:23 GMT
server
CloudFront
etag
W/"9c9a8f8d35037b0e47cccad877a6617b"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
5JHu-SCDjeOCsjQ1Cc-nYCIDzREz-x11tCbISsl2gPmCA_MxwtGztQ==
chunk-Q6H2ZEXC.mjs
framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/
690 B
1 KB
Script
General
Full URL
https://framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/chunk-Q6H2ZEXC.mjs
Requested by
Host: mail.doerr-spielplatz.jud3.xyz
URL: https://mail.doerr-spielplatz.jud3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5400:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
3b0edede416744bf88f8d7f4749ae8acf01a2e99a9bde145282016a482984f7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mail.doerr-spielplatz.jud3.xyz/
Origin
https://mail.doerr-spielplatz.jud3.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:37:09 GMT
x-amz-version-id
0.wxNxFLCcccRORYuWqMa45ISMLFlVUq
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e830c64a8809a708404ba54d59d32214.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
107084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
690
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 19:28:23 GMT
server
CloudFront
etag
"1a1eba4c7dfda578786b3e29db8df989"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
-Y1VCb8ckmBb2_ALYeHuPi_MAYpORPuWhlN2xoiJB0nOMJ_rqvfwUQ==
chunk-42U43NKG.mjs
framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/
44 B
800 B
Script
General
Full URL
https://framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/chunk-42U43NKG.mjs
Requested by
Host: mail.doerr-spielplatz.jud3.xyz
URL: https://mail.doerr-spielplatz.jud3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5400:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mail.doerr-spielplatz.jud3.xyz/
Origin
https://mail.doerr-spielplatz.jud3.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:37:09 GMT
x-amz-version-id
wvegFVvneC4xWev1IdOFRHalHm.g2qwz
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e830c64a8809a708404ba54d59d32214.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
107084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
44
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 19:28:23 GMT
server
CloudFront
etag
"f5fe0cab78140e0e5aa29f68ce8c2888"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
UTt8Jby7AIz8h69rWy9aqYbtO0zzHfhwknC3qOybcRcKyG-Ez67Ntg==
chunk-SELWQIQL.mjs
framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/
736 B
1 KB
Script
General
Full URL
https://framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/chunk-SELWQIQL.mjs
Requested by
Host: mail.doerr-spielplatz.jud3.xyz
URL: https://mail.doerr-spielplatz.jud3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5400:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
fcf328993a2d5429a6f98eff750db15c25ffe2843e450413dd014a8b98225317
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mail.doerr-spielplatz.jud3.xyz/
Origin
https://mail.doerr-spielplatz.jud3.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:37:09 GMT
x-amz-version-id
_UXLBlpxsoKovK46jwjUz6eqwGj0jhxC
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e830c64a8809a708404ba54d59d32214.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
107084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
736
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 19:28:23 GMT
server
CloudFront
etag
"00bfad7bd5576f2e4d15110850a0ca15"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
hh1WA9i4TbFI0gizQQ1Z7UCFUZE5fCIJaXRUsS_lNL_Ntn9dp3sLmQ==
script
events.framer.com/
15 KB
16 KB
Script
General
Full URL
https://events.framer.com/script
Requested by
Host: mail.doerr-spielplatz.jud3.xyz
URL: https://mail.doerr-spielplatz.jud3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-112.ewr53.r.cloudfront.net
Software
/
Resource Hash
0a75bfd9c51bb5e02f71c03d3d40303736ebc93448d59099dd36d4151fb9393e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.doerr-spielplatz.jud3.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 01:21:52 GMT
via
1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
15602
x-amz-cf-pop
EWR53-C1
x-amzn-trace-id
Root=1-65b06630-611a866654c50f5c7bee5049
x-amzn-requestid
5736b143-9eea-40de-9eec-4b380d54bfb6
x-cache
Miss from cloudfront
content-type
text/javascript
timestamp
Wed, 24 Jan 2024 01:20:09 GMT
x-amz-apigw-id
SBTnpHk8oAMEXcQ=
content-length
15602
x-amz-cf-id
RSxjsqSjuGOqb4EGINmnFU3Rj_YcKfuhpbywv6flFHqIgXWI2tus0Q==
default_script0.XG6VV2H5.mjs
framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/
2 KB
2 KB
Script
General
Full URL
https://framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/default_script0.XG6VV2H5.mjs
Requested by
Host: mail.doerr-spielplatz.jud3.xyz
URL: https://mail.doerr-spielplatz.jud3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5400:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
283d7fea3dd5e6b4ddf381c22b689a518df8887b9caf621266d4d601478b1f5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mail.doerr-spielplatz.jud3.xyz/
Origin
https://mail.doerr-spielplatz.jud3.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:37:09 GMT
x-amz-version-id
s5LyJ5nqI3Ib7._wuYh0GJlNGr2rlVv7
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e830c64a8809a708404ba54d59d32214.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
age
107084
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 19:28:22 GMT
server
CloudFront
etag
W/"17431b8569a933b7497cc0f0978d48d9"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
R71SjRq1EFdpZo2oLAD_N24vJDi5MvGMCjuuaN1Wtcs8cYS3ZmpDWg==
truncated
/
859 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ba944bf60bc3e2c5c8ead9b41f2eef4c7bed1918f27c37e84f54f04b5988612

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
801 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8c7b2bff5553b2cd183fe20685cf7ea55e464e34e3ab0db1fec86ddd099eaa1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad5e5a9f898b015a4ad93a76de1e40fb34fa29802880822f53abd98ab16b71a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
712 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
281e7b45bb46ec51707a7ae908a4187168ca77c5c4323ce6946462c25fac5b73

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
fonts.gstatic.com/s/worksans/v19/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
Requested by
Host: mail.doerr-spielplatz.jud3.xyz
URL: https://mail.doerr-spielplatz.jud3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
996d2f01acc82f075e4de4980849bc80c64fb3756054b5265977636a978728f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.doerr-spielplatz.jud3.xyz/
Origin
https://mail.doerr-spielplatz.jud3.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:32:04 GMT
x-content-type-options
nosniff
age
388188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20000
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:54:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:32:04 GMT
w8gXH2EuRptdsN8.woff2
fonts.gstatic.com/s/oi/v19/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oi/v19/w8gXH2EuRptdsN8.woff2
Requested by
Host: mail.doerr-spielplatz.jud3.xyz
URL: https://mail.doerr-spielplatz.jud3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29825235338e58fded39659d15f6fad9c2ad97b24d2b8b441595e5550bf60c1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.doerr-spielplatz.jud3.xyz/
Origin
https://mail.doerr-spielplatz.jud3.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:09:36 GMT
x-content-type-options
nosniff
age
389536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24316
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:56:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:09:36 GMT
xm5wpHo4cVwZAsECruyHZDsRyxA.png
framerusercontent.com/images/
39 KB
40 KB
Image
General
Full URL
https://framerusercontent.com/images/xm5wpHo4cVwZAsECruyHZDsRyxA.png?scale-down-to=512
Requested by
Host: mail.doerr-spielplatz.jud3.xyz
URL: https://mail.doerr-spielplatz.jud3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5400:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8da555346232c9504bad3dcec29a252b46403e8d7f9a9ed0cd24a722a3ce7b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.doerr-spielplatz.jud3.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:27:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 c895b3711944bd74895c678884a6e914.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
107660
x-amzn-requestid
7f8ab747-aa22-419f-b3e2-48f5783934c4
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
CloudFront
x-amzn-trace-id
root=1-65aec1a4-5fc4acbf16a6b4860b3ab335;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
XgqvSpzp1D5AGDLWjx9AJ_s1lmuzb-YCio25FftaN-QRIl4FUL-Faw==
2T6swNozlP4vkmC2FQhMbXviSE.png
framerusercontent.com/images/
92 KB
93 KB
Image
General
Full URL
https://framerusercontent.com/images/2T6swNozlP4vkmC2FQhMbXviSE.png?scale-down-to=512
Requested by
Host: mail.doerr-spielplatz.jud3.xyz
URL: https://mail.doerr-spielplatz.jud3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5400:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
5a419524f322d1d45754750e9484107ca0d8a58d45ad32a831447a23ff88d023
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.doerr-spielplatz.jud3.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:28:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 c895b3711944bd74895c678884a6e914.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
107628
x-amzn-requestid
d08d15f3-f92a-441b-998b-cb73e034b4f2
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
CloudFront
x-amzn-trace-id
root=1-65aec1c4-3978ae5a6b2b4d531b3dc432;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
jPQs04Twv6tyY-mLdBvaQhHFo7ebwG9y1SKBELZDoHiQZr-3dIAHxg==
anonymous
events.framer.com/
0
0
Fetch
General
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-112.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://mail.doerr-spielplatz.jud3.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 24 Jan 2024 01:21:53 GMT
via
1.1 34d27d5dec8d9c8d04bc61d1e0056be2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
x-amzn-trace-id
Root=1-65b06630-2f1fcfa61c04d9ae06009fd5;Sampled=1;lineage=c457ad49:0
x-amzn-requestid
49990d85-8cf8-41e1-8631-44cff124b1a4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
SBTnsFSNoAMEINA=
content-length
0
x-amz-cf-id
4T9GNx9KqqKo1aE7q4EnQ3Ok5HbVWGSePqOzQlhpLLWSzxdruIoOfw==
anonymous
events.framer.com/
0
0
Preflight
General
Full URL
https://events.framer.com/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-112.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mail.doerr-spielplatz.jud3.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 24 Jan 2024 01:21:52 GMT
via
1.1 34d27d5dec8d9c8d04bc61d1e0056be2.cloudfront.net (CloudFront)
x-amz-apigw-id
SBTnrFjSIAMEaZQ=
x-amz-cf-id
Y0zb4QlH9D8BIcIWullxENrICvfJcIo2Y2sp133OU7bt2ZRg47QIlg==
x-amz-cf-pop
EWR53-C1
x-amzn-requestid
d2021b2c-3a35-4d0a-a8a7-40ee858915cb
x-cache
Miss from cloudfront
__framer-badge.K5MIZHT5.mjs
framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/
26 KB
7 KB
Script
General
Full URL
https://framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/__framer-badge.K5MIZHT5.mjs
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/default_script0.XG6VV2H5.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5400:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f47629218184ad644e6a1536ca06f05238e305e17ea473daf7f63511bc41c501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://framerusercontent.com/sites/3aHrTkwRLZnMJYwodYjR1p/default_script0.XG6VV2H5.mjs
Origin
https://mail.doerr-spielplatz.jud3.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:37:09 GMT
x-amz-version-id
uuLurXInjwpEugDOFMDj_jZ.3Ju6vnC5
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e830c64a8809a708404ba54d59d32214.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
age
107085
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 19:28:23 GMT
server
CloudFront
etag
W/"eed9398d4884726ea814eaf5fd87ceb2"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
6oxci-ftQVJtT3a9DEQYFBETMluk5Lf2btcBRJF0Nlg11Q6Sp5pTfQ==
truncated
/
254 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a852e0caa2a81cd62b8264e46e91092b49013faf44e8e5f09e44c5984aa033fe

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
10 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22668234d8364958181dfb5e4acf3206a18d9aa17a01f6f7b91943b6ebb5d54f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| __send_framer_event function| __framer_importFromPackage object| process

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events.framer.com
fonts.gstatic.com
framerusercontent.com
mail.doerr-spielplatz.jud3.xyz
13.225.63.112
2600:9000:21a2:5400:d:ada1:a280:93a1
2607:f8b0:4006:81d::2003
2a02:247a:22a:de00::1
0a75bfd9c51bb5e02f71c03d3d40303736ebc93448d59099dd36d4151fb9393e
22668234d8364958181dfb5e4acf3206a18d9aa17a01f6f7b91943b6ebb5d54f
281e7b45bb46ec51707a7ae908a4187168ca77c5c4323ce6946462c25fac5b73
283d7fea3dd5e6b4ddf381c22b689a518df8887b9caf621266d4d601478b1f5d
28b58255ed9c3f4c52b051e09912e1802c309bfab41b377cf1b49b2ce5d6fd06
29825235338e58fded39659d15f6fad9c2ad97b24d2b8b441595e5550bf60c1e
3b0edede416744bf88f8d7f4749ae8acf01a2e99a9bde145282016a482984f7f
3ba944bf60bc3e2c5c8ead9b41f2eef4c7bed1918f27c37e84f54f04b5988612
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
5617b6646a885c8a24f13d4b624f0e7df0a7f4de771343d07a80e978dec2d20a
5a419524f322d1d45754750e9484107ca0d8a58d45ad32a831447a23ff88d023
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
8b4567118c2f95cc5a5714fbc9ecb2695eefe237060ec581cf9112b50269a7a6
8da555346232c9504bad3dcec29a252b46403e8d7f9a9ed0cd24a722a3ce7b6c
996d2f01acc82f075e4de4980849bc80c64fb3756054b5265977636a978728f4
a852e0caa2a81cd62b8264e46e91092b49013faf44e8e5f09e44c5984aa033fe
ad5e5a9f898b015a4ad93a76de1e40fb34fa29802880822f53abd98ab16b71a1
c5432fb2a4f29af08751ed6b396114fc86e0d402a94b9eb57a12c28529fc19ec
f47629218184ad644e6a1536ca06f05238e305e17ea473daf7f63511bc41c501
f8c7b2bff5553b2cd183fe20685cf7ea55e464e34e3ab0db1fec86ddd099eaa1
fcf328993a2d5429a6f98eff750db15c25ffe2843e450413dd014a8b98225317