urlscan.io logo urlscan.io
SecurityTrails logo

www.hexenliebeszauber.de Open in urlscan Pro
142.132.128.222  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hexenliebeszauber.de/
Effective URL: https://www.hexenliebeszauber.de/
Submission: On November 28 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 142.132.128.222, located in Falkenstein, Germany and belongs to HETZNER-AS, DE. The main domain is www.hexenliebeszauber.de.
TLS certificate: Issued by R3 on November 28th 2023. Valid for: 3 months.
This is the only time www.hexenliebeszauber.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 142.132.128.222 24940 (HETZNER-AS)
1 1 2a02:cb40:200... 20546 (SOPRADO-ANY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 3
Apex Domain
Subdomains		 Transfer
7 hexenliebeszauber.de
hexenliebeszauber.de
www.hexenliebeszauber.de
145 KB
2 hmstats.eu
hmstats.eu
22 KB
1 deguisetoi.fr
www.deguisetoi.fr — Cisco Umbrella Rank: 836499
48 KB
1 adcell.com
t.adcell.com — Cisco Umbrella Rank: 64876
215 B
9 4
Domain Requested by
6 www.hexenliebeszauber.de www.hexenliebeszauber.de
2 hmstats.eu www.hexenliebeszauber.de
hmstats.eu
1 www.deguisetoi.fr www.hexenliebeszauber.de
1 t.adcell.com 1 redirects
1 hexenliebeszauber.de 1 redirects
9 5

This site contains links to these domains. Also see Links.

Domain
cookiedatabase.org
t.adcell.com
Subject Issuer Validity Valid
hexenliebeszauber.de
R3		 2023-11-28 -
2024-02-26		 3 months crt.sh
hmstats.eu
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.hexenliebeszauber.de/
Frame ID: 7D2F827A0DF2F76906773A5337F5DB4F
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shop - hexenliebeszauber.de

Page URL History Show full URLs

  1. https://hexenliebeszauber.de/ HTTP 301
    https://www.hexenliebeszauber.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

22 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

3
IPs

2
Countries

215 kB
Transfer

723 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hexenliebeszauber.de/ HTTP 301
    https://www.hexenliebeszauber.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://t.adcell.com/p/image?promoId=337552&slotId=85497 HTTP 302
  • https://www.deguisetoi.fr/imagesfb/Affiliation/generique2023/DE/DE-GENE2023-300x250.jpg

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hexenliebeszauber.de/
Redirect Chain
  • https://hexenliebeszauber.de/
  • https://www.hexenliebeszauber.de/
27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hexenliebeszauber.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.128.222 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv01.han-media.de
Software
nginx / PleskLin
Resource Hash
d781f01ce3be86efb7d7156c22821b9a325386669825d0ea926cc02b8ef61812
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
7378
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 17:31:43 GMT
expires
Mon, 29 Oct 1923 20:30:00 GMT
last-modified
Mon, 06 Nov 2023 06:50:48 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
vary
User-Agent,Accept-Encoding
x-powered-by
PleskLin

Redirect headers

content-length
162
content-type
text/html
date
Tue, 28 Nov 2023 17:31:43 GMT
location
https://www.hexenliebeszauber.de/
server
nginx
autoptimize_cf5361bb2540b41a1c29719a85f26131.css
www.hexenliebeszauber.de/wp-content/cache/autoptimize/css/ 		324 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hexenliebeszauber.de/wp-content/cache/autoptimize/css/autoptimize_cf5361bb2540b41a1c29719a85f26131.css
Requested by
Host: www.hexenliebeszauber.de
URL: https://www.hexenliebeszauber.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.128.222 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv01.han-media.de
Software
nginx / PleskLin
Resource Hash
e6e8457ec6ab681c4240a2d069b8ca8766dc04f5f1b77c919ca180b4a0836dec
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hexenliebeszauber.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:31:43 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Mon, 06 Nov 2023 06:50:46 GMT
server
nginx
etag
W/"65488cc6-51068"
x-powered-by
PleskLin
content-type
text/css
jquery.min.js
www.hexenliebeszauber.de/wp-includes/js/jquery/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hexenliebeszauber.de/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: www.hexenliebeszauber.de
URL: https://www.hexenliebeszauber.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.128.222 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv01.han-media.de
Software
nginx / PleskLin
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hexenliebeszauber.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:31:43 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Tue, 07 Nov 2023 20:06:00 GMT
server
nginx
etag
W/"654a98a8-15601"
x-powered-by
PleskLin
content-type
application/javascript
autoptimize_be374cb3e7baa4b5deda26af828a3a07.js
www.hexenliebeszauber.de/wp-content/cache/autoptimize/js/ 		157 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hexenliebeszauber.de/wp-content/cache/autoptimize/js/autoptimize_be374cb3e7baa4b5deda26af828a3a07.js
Requested by
Host: www.hexenliebeszauber.de
URL: https://www.hexenliebeszauber.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.128.222 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv01.han-media.de
Software
nginx / PleskLin
Resource Hash
ca37f93818d55d3c6468608a9045f828648318a5be78322cb59e5cc4b110f44b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hexenliebeszauber.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:31:43 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Mon, 06 Nov 2023 06:50:46 GMT
server
nginx
etag
W/"65488cc6-272f0"
x-powered-by
PleskLin
content-type
application/javascript
matomo.js
hmstats.eu/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmstats.eu/matomo.js
Requested by
Host: www.hexenliebeszauber.de
URL: https://www.hexenliebeszauber.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.128.222 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv01.han-media.de
Software
nginx / PleskLin
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hexenliebeszauber.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:31:43 GMT
content-encoding
br
last-modified
Fri, 04 Aug 2023 05:32:37 GMT
server
nginx
etag
W/"64cc8d75-10132"
x-powered-by
PleskLin
content-type
application/javascript
truncated
/ 		315 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e65b64b2b529af3dbbcba46d846c444b9d235641cadfb0b1aa9cbb5e48c6728

Request headers

Referer
Origin
https://www.hexenliebeszauber.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		369 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b47600f4b822fdf469e8daf8d586713b24946cf1c3fe57042c7f41a89dda59b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
DE-GENE2023-300x250.jpg
www.deguisetoi.fr/imagesfb/Affiliation/generique2023/DE/
Redirect Chain
  • https://t.adcell.com/p/image?promoId=337552&slotId=85497
  • https://www.deguisetoi.fr/imagesfb/Affiliation/generique2023/DE/DE-GENE2023-300x250.jpg
47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deguisetoi.fr/imagesfb/Affiliation/generique2023/DE/DE-GENE2023-300x250.jpg
Requested by
Host: www.hexenliebeszauber.de
URL: https://www.hexenliebeszauber.de/
Protocol
H2
Server
2606:4700::6810:c70d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b09b180b57a4dd67b3452653fdf5963b68ea6be4c86d99486f5f08e14a287126
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hexenliebeszauber.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:31:43 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
48320
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 Feb 2023 09:13:13 GMT
server
cloudflare
etag
"bcc0-5f51e129796ba"
vary
Accept-Encoding
content-type
image/jpeg
x-server-id
dgtprdweb40
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82d4589c6d974d4a-FRA
expires
Wed, 27 Nov 2024 17:31:43 GMT

Redirect headers

date
Tue, 28 Nov 2023 17:31:43 GMT
strict-transport-security
max-age=15768000
server
myracloud
content-type
text/html
location
https://www.deguisetoi.fr/imagesfb/Affiliation/generique2023/DE/DE-GENE2023-300x250.jpg
cache-control
max-age=0
content-length
0
expires
Tue, 28 Nov 2023 17:31:43 GMT
banner-1-optin.css
www.hexenliebeszauber.de/wp-content/uploads/complianz/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hexenliebeszauber.de/wp-content/uploads/complianz/css/banner-1-optin.css?v=33
Requested by
Host: www.hexenliebeszauber.de
URL: https://www.hexenliebeszauber.de/wp-content/cache/autoptimize/js/autoptimize_be374cb3e7baa4b5deda26af828a3a07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.128.222 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv01.han-media.de
Software
nginx / PleskLin
Resource Hash
34a96679e537e83dd60e43b908d5712e3cb5cecf287193db0895a4a68930d82d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hexenliebeszauber.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:31:43 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Thu, 31 Aug 2023 10:27:28 GMT
server
nginx
etag
W/"64f06b10-3aef"
x-powered-by
PleskLin
content-type
text/css
/
www.hexenliebeszauber.de/ 		634 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hexenliebeszauber.de/?wc-ajax=get_refreshed_fragments
Requested by
Host: www.hexenliebeszauber.de
URL: https://www.hexenliebeszauber.de/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.128.222 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv01.han-media.de
Software
nginx / PHP/8.2.13, PleskLin
Resource Hash
f963969633c3e79d713703a8025402e58b14f63d1c13f6c58f6a90d79a5ab208
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.hexenliebeszauber.de/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 28 Nov 2023 17:31:43 GMT
strict-transport-security
max-age=15768000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
nginx
x-powered-by
PHP/8.2.13, PleskLin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.hexenliebeszauber.de
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
matomo.php
hmstats.eu/ 		0
152 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://hmstats.eu/matomo.php?action_name=Shop%20-%20hexenliebeszauber.de&idsite=60&rec=1&r=370204&h=18&m=31&s=43&url=https%3A%2F%2Fwww.hexenliebeszauber.de%2F&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=Am89sT&pf_net=106&pf_srv=12&pf_tfr=1&pf_dm1=59&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: hmstats.eu
URL: https://hmstats.eu/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.128.222 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv01.han-media.de
Software
nginx / PHP/8.2.13, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hexenliebeszauber.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://www.hexenliebeszauber.de
date
Tue, 28 Nov 2023 17:31:43 GMT
access-control-allow-credentials
true
server
nginx
x-powered-by
PHP/8.2.13, PleskLin
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f611530f4afa9725059483ce98d2510b34fd209e40c6ad714b079f002ead82a

Request headers

Referer
Origin
https://www.hexenliebeszauber.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| advanced_ads_ready object| advanced_ads_ready_queue undefined| $ function| jQuery object| commercekit_ajs object| commercekit_pdp object| commercekit_as object| wc_add_to_cart_params object| woocommerce_params undefined| interceptor object| complianz object| wc_cart_fragments_params object| _paq boolean| canRunClickFunc function| makeTouchstartWithClick function| makeOnTouchTapped function| cmplz_create_element function| cmplz_add_event function| cmplz_is_hidden function| cmplz_html_decode function| cmplzLoadConsentAreaContent function| cmplz_set_category_as_body_class function| cmplz_append_css function| cmplz_load_css function| cmplz_run_script function| cmplz_maybe_run_waiting_scripts function| cmplz_set_blocked_content_container function| cmplz_insert_placeholder_text function| cmplz_set_blocked_content_container_aspect_ratio undefined| cmplzResizeTimer function| cmplz_has_blocked_scripts function| cmplz_enable_category function| cmplz_remove_placeholder function| cmplz_get_waiting_script function| cmplz_array_is_empty function| cmplz_is_waiting_script function| cmplz_run_after_all_scripts function| cmplz_run_tm_event function| cmplz_legacy function| cmplz_do_not_track function| cmplz_get_services_on_page function| cmplz_is_bot function| cmplz_is_speedbot function| cmplz_exists_service_consent function| cmplz_set_service_consent function| cmplz_clear_all_service_consents function| cmplz_get_all_service_consents function| cmplz_get_cookie_path function| cmplz_get_cookie_domain function| cmplz_reload_browser_compatible undefined| cmplz_id_cookie undefined| cmplz_id_session undefined| cmplz_id object| cmplz_user_data function| cmplz_track_status_end function| cmplz_set_up_auto_dismiss function| cmplz_fire_categories_event function| cmplz_track_status function| cmplz_accepted_categories function| cmplz_sync_category_checkboxes function| cmplz_merge_object function| cmplz_check_cookie_policy_id function| cmplz_clear_cookies function| cmplz_set_accepted_cookie_policy_id function| cmplz_integrations_init function| cmplz_integrations_revoke function| cmplz_set_integrations_cookies function| cmplz_get_url_parameter function| cmplz_maybe_auto_redirect function| cmplz_wp_set_consent undefined| cmplzCleanCookieInterval object| cmplz_cookie_data function| cmplz_start_clean function| cmplz_do_cleanup function| cmplz_setup_clean_interval function| cmplz_clear_storage function| cmplz_load_manage_consent_container function| cmplz_equals function| cmplzCopyAttributes function| cmplz_migrate_add_event object| cmplzTMFiredEvents function| Cookies function| cmplz_get_cookie function| cmplz_set_cookie function| cmplz_in_array function| cmplz_highest_accepted_category function| cmplz_accept_all function| conditionally_show_banner function| show_cookie_banner function| cmplz_get_banner_status function| cmplz_set_banner_status function| cmplz_has_consent function| cmplz_is_service_denied function| cmplz_has_service_consent function| cmplz_set_consent string| wp_consent_type function| cmplz_deny_all object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubDomains