mails.beste-sales24.de Open in urlscan Pro
54.36.234.44 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mails.beste-sales24.de/BxfAo/5uGQj1hiTeuyR1NOS1JeRtVuR1FOSrJeTZ3XSupeTdiej
Submission: On August 15 via api (August 15th 2022, 8:47:11 pm UTC) from CH — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 54.36.234.44, located in France and belongs to OVH, FR. The main domain is mails.beste-sales24.de.
TLS certificate: Issued by R3 on June 24th 2022. Valid for: 3 months.

This is the only time mails.beste-sales24.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	54.36.234.44 54.36.234.44	16276 (OVH) (OVH)
6	52.219.170.153 52.219.170.153	16509 (AMAZON-02) (AMAZON-02)
1	46.4.91.100 46.4.91.100	24940 (HETZNER-AS) (HETZNER-AS)
9	3

2 54.36.234.44 (France)

ASN16276 (OVH, FR)
PTR: main.rd-worker.de

mails.beste-sales24.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.219.170.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3.eu-central-1.amazonaws.com

s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.91.100 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.100.91.4.46.clients.your-server.de

ph365.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	amazonaws.com s3.eu-central-1.amazonaws.com	279 KB
2	beste-sales24.de mails.beste-sales24.de	7 KB
1	ph365.de ph365.de — Cisco Umbrella Rank: 731382	304 B
9	3

	Domain	Requested by
6	s3.eu-central-1.amazonaws.com	mails.beste-sales24.de
2	mails.beste-sales24.de	mails.beste-sales24.de
1	ph365.de	mails.beste-sales24.de
9	3

This site contains no links.

Subject Issuer	Validity	Valid
mails.beste-sales24.de R3	`2022-06-24` - `2022-09-22`	3 months	crt.sh
*.s3.eu-central-1.amazonaws.com Amazon	`2021-12-09` - `2022-12-06`	a year	crt.sh
*.ph365.de AlphaSSL CA - SHA256 - G2	`2022-06-13` - `2023-07-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mails.beste-sales24.de/BxfAo/5uGQj1hiTeuyR1NOS1JeRtVuR1FOSrJeTZ3XSupeTdiej
Frame ID: 731CDF1FBF060298B3954537E5BA0648
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

286 kB
Transfer

317 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 5uGQj1hiTeuyR1NOS1JeRtVuR1FOSrJeTZ3XSupeTdiej Show response mails.beste-sales24.de/BxfAo/	39 KB 6 KB	307ms 131ms	Document text/html	54.36.234.44 OVH
General Check archive.org Show headers Download Go to Full URL https://mails.beste-sales24.de/BxfAo/5uGQj1hiTeuyR1NOS1JeRtVuR1FOSrJeTZ3XSupeTdiej Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 54.36.234.44 , France, ASN16276 (OVH, FR), Reverse DNS main.rd-worker.de Software Apache/2.4.29 (Ubuntu) / Resource Hash `09228c88288d9a91ea861b46f7fa70ec7c51d9d868b486c1cdfdeed4af1b9a93` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Headers Origin, Content-Type, X-Auth-Token, authorization,collective,Cache-Control,x-requested-with,Connection,Content-Length,Content-Type Access-Control-Allow-Methods GET, POST, PATCH, PUT, DELETE, OPTIONS Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 5503 Content-Type text/html; charset=UTF-8 Date Mon, 15 Aug 2022 20:47:09 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding
GET H/1.1	200 OK	14354.jpg s3.eu-central-1.amazonaws.com/z1img/670/	113 KB 113 KB	53ms 23ms	Image image/jpeg	52.219.170.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.eu-central-1.amazonaws.com/z1img/670/14354.jpg Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/BxfAo/5uGQj1hiTeuyR1NOS1JeRtVuR1FOSrJeTZ3XSupeTdiej Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.170.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS s3.eu-central-1.amazonaws.com Software AmazonS3 / Resource Hash `bab8ea9b6898b0cc46be05c46218d0b6afc8e06867dbc58195061b811e53e79e` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 20:47:10 GMT Last-Modified Mon, 25 Jul 2022 11:35:39 GMT Server AmazonS3 x-amz-request-id XTCMNDBTWN5YQRVH ETag "d7e080d36236c0860702758323af754d" Content-Type image/jpeg Accept-Ranges bytes Content-Length 115390 x-amz-id-2 71Yi0DcSifaBbUddskT8TyhxRTwqOX9dyVZeI6Bdt30yi+VxjYN+WG9HlAbmqTCOEZ8F38dUw3Q=
GET H/1.1	200 OK	14355.jpg s3.eu-central-1.amazonaws.com/z1img/670/	86 KB 86 KB	52ms 22ms	Image image/jpeg	52.219.170.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.eu-central-1.amazonaws.com/z1img/670/14355.jpg Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/BxfAo/5uGQj1hiTeuyR1NOS1JeRtVuR1FOSrJeTZ3XSupeTdiej Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.170.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS s3.eu-central-1.amazonaws.com Software AmazonS3 / Resource Hash `b782767a94dfef8d103253c3190e69ed2ce98955f7ab5cd574e866ab19286de9` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 20:47:10 GMT Last-Modified Mon, 25 Jul 2022 11:35:39 GMT Server AmazonS3 x-amz-request-id XTCK0DTNX06GD2H4 ETag "812af84c6e10fd4eea73bd89f9039c53" Content-Type image/jpeg Accept-Ranges bytes Content-Length 88117 x-amz-id-2 12UWjGkGwPiVDXdS3A+SyItP/tDOIdubCHMduEPrjGZ4fjP0Ky1pky+NPKZte9ehxl8nUl2k4ZU=
GET H/1.1	200 OK	14356.png s3.eu-central-1.amazonaws.com/z1img/670/	267 B 623 B	47ms 30ms	Image image/png	52.219.170.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.eu-central-1.amazonaws.com/z1img/670/14356.png Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/BxfAo/5uGQj1hiTeuyR1NOS1JeRtVuR1FOSrJeTZ3XSupeTdiej Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.170.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS s3.eu-central-1.amazonaws.com Software AmazonS3 / Resource Hash `2428bd1ab0607b8aed68edb7ba7ff727b2671c52583989c57467ea0ab6665d27` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 20:47:10 GMT Last-Modified Mon, 25 Jul 2022 11:35:39 GMT Server AmazonS3 x-amz-request-id XTCKHN28YNRAP03K ETag "99e23f81728087cc4626df9df66f127e" Content-Type image/png Accept-Ranges bytes Content-Length 267 x-amz-id-2 3Oc94iX35eee/oIdcnX1o3XANF6oI+ofjgkRA+Zc5LNj6dpk2Ag5A4TKo6V0QEnvEN6xWBsLFpY=
GET H/1.1	200 OK	14357.jpg s3.eu-central-1.amazonaws.com/z1img/670/	77 KB 77 KB	33ms 17ms	Image image/jpeg	52.219.170.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.eu-central-1.amazonaws.com/z1img/670/14357.jpg Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/BxfAo/5uGQj1hiTeuyR1NOS1JeRtVuR1FOSrJeTZ3XSupeTdiej Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.170.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS s3.eu-central-1.amazonaws.com Software AmazonS3 / Resource Hash `680dc3bad6556b7432c9860714970da12056550cb3d14d70bdf883e4e2085ce9` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 20:47:10 GMT Last-Modified Mon, 25 Jul 2022 11:35:40 GMT Server AmazonS3 x-amz-request-id XTCVEMNFFT723H9E ETag "6fcf89d924a3e2709c1e52bbc6eac166" Content-Type image/jpeg Accept-Ranges bytes Content-Length 78619 x-amz-id-2 iklDVpJE6HpdFucP1uoCXd/w+GmDaZeNZdGDiKsLhfmaMzD6ubtUfOCwjAc4T9XjQibf5fun2rU=
GET H/1.1	200 OK	14358.png s3.eu-central-1.amazonaws.com/z1img/670/	1 KB 2 KB	38ms 22ms	Image image/png	52.219.170.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.eu-central-1.amazonaws.com/z1img/670/14358.png Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/BxfAo/5uGQj1hiTeuyR1NOS1JeRtVuR1FOSrJeTZ3XSupeTdiej Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.170.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS s3.eu-central-1.amazonaws.com Software AmazonS3 / Resource Hash `b48b7a013d0c2eec176ac2ea7bcdf82d55a0513943cc3352e6e1269658f96d6f` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 20:47:10 GMT Last-Modified Mon, 25 Jul 2022 11:35:40 GMT Server AmazonS3 x-amz-request-id XTCHMB04359HKEYS ETag "cd0918a2db159b7393ad4843a349b497" Content-Type image/png Accept-Ranges bytes Content-Length 1359 x-amz-id-2 wKGDxFC8QWwAKVMqeDhCh2tsmYIlUJTzdLHmjfu6tlrh7vXMb7Ie3OmIYpFYB/KIINb4zgpHD2E=
GET H/1.1	200 OK	14359.gif s3.eu-central-1.amazonaws.com/z1img/670/	43 B 398 B	36ms 20ms	Image image/gif	52.219.170.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.eu-central-1.amazonaws.com/z1img/670/14359.gif Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/BxfAo/5uGQj1hiTeuyR1NOS1JeRtVuR1FOSrJeTZ3XSupeTdiej Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.170.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS s3.eu-central-1.amazonaws.com Software AmazonS3 / Resource Hash `548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 20:47:10 GMT Last-Modified Mon, 25 Jul 2022 11:35:40 GMT Server AmazonS3 x-amz-request-id XTCJC15XB0PG034C ETag "df3e567d6f16d040326c7a0ea29a4f41" Content-Type image/gif Accept-Ranges bytes Content-Length 43 x-amz-id-2 qaE5ttkdJKpweO1Y1CYdLE5BgB2Fo6ANE3DvLBS84U8m/HHarrt/4aRm/w4Y7XSVSKw3sIMLQ/c=
GET H/1.1	200 OK	pixel ph365.de/	43 B 304 B	75ms 15ms	Image image/gif	46.4.91.100 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph365.de/pixel?tid=33382 Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/BxfAo/5uGQj1hiTeuyR1NOS1JeRtVuR1FOSrJeTZ3XSupeTdiej Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.4.91.100 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.100.91.4.46.clients.your-server.de Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.2.34 / PHP/7.2.34 Resource Hash `aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 20:47:09 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.2.34 Connection Keep-Alive X-Powered-By PHP/7.2.34 Content-Length 43 Keep-Alive timeout=5, max=100 Content-Type image/gif
GET H/1.1	200 OK	8rJNmYgeWbxLUYQLVYMbUqYrUYILVoMbWW6UVrsbWalbm.gif mails.beste-sales24.de/UZSVA/	53 B 615 B	29ms 29ms	Image image/gif	54.36.234.44 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://mails.beste-sales24.de/UZSVA/8rJNmYgeWbxLUYQLVYMbUqYrUYILVoMbWW6UVrsbWalbm.gif Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/BxfAo/5uGQj1hiTeuyR1NOS1JeRtVuR1FOSrJeTZ3XSupeTdiej Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 54.36.234.44 , France, ASN16276 (OVH, FR), Reverse DNS main.rd-worker.de Software Apache/2.4.29 (Ubuntu) / Resource Hash `b60195c8afcd1defecd9f8c0c00352bf27aba7377fd8d49902b1fb6425a0ecea` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/BxfAo/5uGQj1hiTeuyR1NOS1JeRtVuR1FOSrJeTZ3XSupeTdiej User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Pragma no-cache Date Mon, 15 Aug 2022 20:47:09 GMT Server Apache/2.4.29 (Ubuntu) Access-Control-Allow-Methods GET, POST, PATCH, PUT, DELETE, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Access-Control-Allow-Headers Origin, Content-Type, X-Auth-Token, authorization,collective,Cache-Control,x-requested-with,Connection,Content-Length,Content-Type Content-Length 53 Keep-Alive timeout=5, max=99 Expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mails.beste-sales24.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: b6kgsjo1dpvlu0osfmmihvtrim

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mails.beste-sales24.de
ph365.de
s3.eu-central-1.amazonaws.com
46.4.91.100
52.219.170.153
54.36.234.44
09228c88288d9a91ea861b46f7fa70ec7c51d9d868b486c1cdfdeed4af1b9a93
2428bd1ab0607b8aed68edb7ba7ff727b2671c52583989c57467ea0ab6665d27
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
680dc3bad6556b7432c9860714970da12056550cb3d14d70bdf883e4e2085ce9
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b48b7a013d0c2eec176ac2ea7bcdf82d55a0513943cc3352e6e1269658f96d6f
b60195c8afcd1defecd9f8c0c00352bf27aba7377fd8d49902b1fb6425a0ecea
b782767a94dfef8d103253c3190e69ed2ce98955f7ab5cd574e866ab19286de9
bab8ea9b6898b0cc46be05c46218d0b6afc8e06867dbc58195061b811e53e79e

mails.beste-sales24.de Open in urlscan Pro 54.36.234.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

286 kBTransfer

317 kBSize

1 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

Indicators

mails.beste-sales24.de Open in urlscan Pro
54.36.234.44 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

286 kB
Transfer

317 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions