verwaltung.heinlein-hosting.de Open in urlscan Pro
80.241.57.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://verwaltung.teilhabeberatung-kreis-wesel.de/
Effective URL:
https://verwaltung.heinlein-hosting.de/
Submission: On March 23 via api (March 23rd 2024, 1:06:32 pm UTC) from US — Scanned from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 80.241.57.9, located in Berlin, Germany and belongs to HPLS-AS, DE. The main domain is verwaltung.heinlein-hosting.de.
TLS certificate: Issued by Thawte TLS RSA CA G1 on October 24th 2023. Valid for: a year.

This is the only time verwaltung.heinlein-hosting.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	80.241.58.18 80.241.58.18	199118 (HPLS-AS) (HPLS-AS)
10	80.241.57.9 80.241.57.9	199118 (HPLS-AS) (HPLS-AS)
2	185.97.174.14 185.97.174.14	199118 (HPLS-AS) (HPLS-AS)
12	2

2 80.241.58.18 (Berlin, Germany) 2 redirects

ASN199118 (HPLS-AS, DE)
PTR: avanti.heinlein-hosting.de

verwaltung.teilhabeberatung-kreis-wesel.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 80.241.57.9 (Berlin, Germany)

ASN199118 (HPLS-AS, DE)
PTR: verwaltung.heinlein-hosting.de

verwaltung.heinlein-hosting.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.97.174.14 (Berlin, Germany)

ASN199118 (HPLS-AS, DE)
PTR: api.mx.heinlein-hosting.de

api.mx.heinlein-hosting.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	heinlein-hosting.de verwaltung.heinlein-hosting.de api.mx.heinlein-hosting.de	1 MB
2	teilhabeberatung-kreis-wesel.de 2 redirects verwaltung.teilhabeberatung-kreis-wesel.de	531 B
12	2

	Domain	Requested by
10	verwaltung.heinlein-hosting.de	verwaltung.heinlein-hosting.de
2	api.mx.heinlein-hosting.de	verwaltung.heinlein-hosting.de
2	verwaltung.teilhabeberatung-kreis-wesel.de	2 redirects
12	3

This site contains no links.

Subject Issuer	Validity	Valid
*.heinlein-hosting.de Thawte TLS RSA CA G1	`2023-10-24` - `2024-11-22`	a year	crt.sh
api.mx.heinlein-hosting.de Thawte TLS RSA CA G1	`2023-03-30` - `2024-04-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://verwaltung.heinlein-hosting.de/
Frame ID: 81E7D9F31C6B1F9FA8F6508427E1795B
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JPBerlin Verwaltung

Page URL History Show full URLs

https://verwaltung.teilhabeberatung-kreis-wesel.de/ HTTP 301
http://verwaltung.teilhabeberatung-kreis-wesel.de/ HTTP 301
https://verwaltung.heinlein-hosting.de/ Page URL

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

1323 kB
Transfer

1312 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://verwaltung.teilhabeberatung-kreis-wesel.de/ HTTP 301
http://verwaltung.teilhabeberatung-kreis-wesel.de/ HTTP 301
https://verwaltung.heinlein-hosting.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
verwaltung.heinlein-hosting.de/
Redirect Chain

https://verwaltung.teilhabeberatung-kreis-wesel.de/
http://verwaltung.teilhabeberatung-kreis-wesel.de/
https://verwaltung.heinlein-hosting.de/

6 KB
7 KB

665ms
162ms

Document
text/html

80.241.57.9
HPLS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://verwaltung.heinlein-hosting.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.241.57.9 Berlin, Germany, ASN199118 (HPLS-AS, DE),

Reverse DNS

verwaltung.heinlein-hosting.de

Software

Apache/2.4.58 (Unix) /

Resource Hash

3ebe58da06e8a625fcbb91bac7648e13fb4cd517074b0b0e9b7f0e5810e7de40

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/
cache-control: private
content-length: 6011
content-security-policy: default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
content-type: text/html
date: Sat, 23 Mar 2024 13:06:26 GMT
etag: "177b-61414b8d2fb40"
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none';
last-modified: Wed, 20 Mar 2024 10:04:53 GMT
referrer-policy: same-origin
server: Apache/2.4.58 (Unix)
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 247
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 23 Mar 2024 13:06:26 GMT
Keep-Alive: timeout=5, max=100
Location: https://verwaltung.heinlein-hosting.de/
Server: Apache

GET
H/1.1 200
OK style.css
verwaltung.heinlein-hosting.de/css/ 62 KB
63 KB 171ms
164ms Stylesheet
text/css 80.241.57.9
HPLS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://verwaltung.heinlein-hosting.de/css/style.css

Requested by

Host: verwaltung.heinlein-hosting.de
URL: https://verwaltung.heinlein-hosting.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.241.57.9 Berlin, Germany, ASN199118 (HPLS-AS, DE),

Reverse DNS

verwaltung.heinlein-hosting.de

Software

Apache/2.4.58 (Unix) /

Resource Hash

8b83ef41da4ebe08ae8e36dcb98e346dbce9a3f37fb09c1353ee71fb18a7de96

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://verwaltung.heinlein-hosting.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:06:27 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Wed, 20 Mar 2024 10:04:55 GMT
server: Apache/2.4.58 (Unix)
x-permitted-cross-domain-policies: none
etag: "f691-61414b8f17fc0"
content-security-policy: default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
content-type: text/css
access-control-allow-origin: https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none';
accept-ranges: bytes
content-length: 63121
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK lib.css
verwaltung.heinlein-hosting.de/lib/ 31 KB
32 KB 653ms
321ms Stylesheet
text/css 80.241.57.9
HPLS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://verwaltung.heinlein-hosting.de/lib/lib.css

Requested by

Host: verwaltung.heinlein-hosting.de
URL: https://verwaltung.heinlein-hosting.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.241.57.9 Berlin, Germany, ASN199118 (HPLS-AS, DE),

Reverse DNS

verwaltung.heinlein-hosting.de

Software

Apache/2.4.58 (Unix) /

Resource Hash

89cd008c9a236f27561d4a2095f4ff2eb65be2857f739e4c45e5bca8e9911cc9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://verwaltung.heinlein-hosting.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:06:27 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Wed, 20 Mar 2024 10:03:09 GMT
server: Apache/2.4.58 (Unix)
x-permitted-cross-domain-policies: none
etag: "7a96-61414b2a01140"
content-security-policy: default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
content-type: text/css
access-control-allow-origin: https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none';
accept-ranges: bytes
content-length: 31382
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK logo.svg
verwaltung.heinlein-hosting.de/images/ 13 KB
14 KB 498ms
162ms Image
image/svg+xml 80.241.57.9
HPLS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://verwaltung.heinlein-hosting.de/images/logo.svg

Requested by

Host: verwaltung.heinlein-hosting.de
URL: https://verwaltung.heinlein-hosting.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.241.57.9 Berlin, Germany, ASN199118 (HPLS-AS, DE),

Reverse DNS

verwaltung.heinlein-hosting.de

Software

Apache/2.4.58 (Unix) /

Resource Hash

7b1e199a8a88e50939fdde78f082110ac3567c50de0660ddd56ea8d2044b03fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://verwaltung.heinlein-hosting.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:06:27 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
x-permitted-cross-domain-policies: none
content-length: 12949
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 20 Mar 2024 10:03:09 GMT
server: Apache/2.4.58 (Unix)
etag: "3295-61414b2a01140"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none';
accept-ranges: bytes

GET
H/1.1 200
OK lib.js Show response
verwaltung.heinlein-hosting.de/lib/ 549 KB
550 KB 499ms
163ms Script
text/javascript 80.241.57.9
HPLS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://verwaltung.heinlein-hosting.de/lib/lib.js

Requested by

Host: verwaltung.heinlein-hosting.de
URL: https://verwaltung.heinlein-hosting.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.241.57.9 Berlin, Germany, ASN199118 (HPLS-AS, DE),

Reverse DNS

verwaltung.heinlein-hosting.de

Software

Apache/2.4.58 (Unix) /

Resource Hash

757d4cf4bde826de3771aa932464d30269e9397edea9fc3bed40772253701033

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://verwaltung.heinlein-hosting.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:06:27 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Wed, 20 Mar 2024 10:03:09 GMT
server: Apache/2.4.58 (Unix)
x-permitted-cross-domain-policies: none
etag: "894f5-61414b2a01140"
content-security-policy: default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
content-type: text/javascript
access-control-allow-origin: https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none';
accept-ranges: bytes
content-length: 562421
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK templates-app-core.js Show response
verwaltung.heinlein-hosting.de/js/ 6 KB
7 KB 512ms
163ms Script
text/javascript 80.241.57.9
HPLS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://verwaltung.heinlein-hosting.de/js/templates-app-core.js

Requested by

Host: verwaltung.heinlein-hosting.de
URL: https://verwaltung.heinlein-hosting.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.241.57.9 Berlin, Germany, ASN199118 (HPLS-AS, DE),

Reverse DNS

verwaltung.heinlein-hosting.de

Software

Apache/2.4.58 (Unix) /

Resource Hash

6e3a93b5e1c8b1137b33172f1898fedcc237bdc0ce296ab75e23da950bea468b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://verwaltung.heinlein-hosting.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:06:27 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Wed, 20 Mar 2024 10:04:55 GMT
server: Apache/2.4.58 (Unix)
x-permitted-cross-domain-policies: none
etag: "19bd-61414b8f17fc0"
content-security-policy: default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
content-type: text/javascript
access-control-allow-origin: https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none';
accept-ranges: bytes
content-length: 6589
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK templates-app-jpb.js Show response
verwaltung.heinlein-hosting.de/js/ 313 KB
314 KB 525ms
164ms Script
text/javascript 80.241.57.9
HPLS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://verwaltung.heinlein-hosting.de/js/templates-app-jpb.js

Requested by

Host: verwaltung.heinlein-hosting.de
URL: https://verwaltung.heinlein-hosting.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.241.57.9 Berlin, Germany, ASN199118 (HPLS-AS, DE),

Reverse DNS

verwaltung.heinlein-hosting.de

Software

Apache/2.4.58 (Unix) /

Resource Hash

5735edcafa41cef0ad06cfc01298deef5f78920d1b9b22c3395ff3f305df7b50

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://verwaltung.heinlein-hosting.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:06:27 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Wed, 20 Mar 2024 10:04:55 GMT
server: Apache/2.4.58 (Unix)
x-permitted-cross-domain-policies: none
etag: "4e536-61414b8f17fc0"
content-security-policy: default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
content-type: text/javascript
access-control-allow-origin: https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none';
accept-ranges: bytes
content-length: 320822
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK app-jpb.js Show response
verwaltung.heinlein-hosting.de/js/ 135 KB
136 KB 162ms
162ms Script
text/javascript 80.241.57.9
HPLS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://verwaltung.heinlein-hosting.de/js/app-jpb.js

Requested by

Host: verwaltung.heinlein-hosting.de
URL: https://verwaltung.heinlein-hosting.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.241.57.9 Berlin, Germany, ASN199118 (HPLS-AS, DE),

Reverse DNS

verwaltung.heinlein-hosting.de

Software

Apache/2.4.58 (Unix) /

Resource Hash

f5f47b417f0f8e08e2f4d4c5895f433ddfc85895821de20ec2d46463a3a7d670

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://verwaltung.heinlein-hosting.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:06:27 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Wed, 20 Mar 2024 10:04:54 GMT
server: Apache/2.4.58 (Unix)
x-permitted-cross-domain-policies: none
etag: "21b51-61414b8e23d80"
content-security-policy: default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
content-type: text/javascript
access-control-allow-origin: https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none';
accept-ranges: bytes
content-length: 138065
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 200
OK /
api.mx.heinlein-hosting.de/ 0
0 1209ms
229ms Preflight
application/octet-stream 185.97.174.14
HPLS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mx.heinlein-hosting.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.97.174.14 Berlin, Germany, ASN199118 (HPLS-AS, DE),

Reverse DNS

api.mx.heinlein-hosting.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org ; style-src 'self' data: 'unsafe-inline' ; frame-src 'self' https://manage.mailbox.org https://status.mailbox.org; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://verwaltung.heinlein-hosting.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers: Keep-Alive,User-Agent,X-Requested-With,Content-Type,HPLS-AUTH,response-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'self' ; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org ; style-src 'self' data: 'unsafe-inline' ; frame-src 'self' https://manage.mailbox.org https://status.mailbox.org; frame-ancestors 'self'; object-src 'none';
Content-Type: application/octet-stream
Date: Sat, 23 Mar 2024 13:06:29 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none';
Server: nginx
Strict-Transport-Security: max-age=15768000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none

GET
H/1.1 200
OK jpb-de_DE.json Show response
verwaltung.heinlein-hosting.de/lang/ 162 KB
163 KB 165ms
164ms XHR
application/json 80.241.57.9
HPLS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://verwaltung.heinlein-hosting.de/lang/jpb-de_DE.json

Requested by

Host: verwaltung.heinlein-hosting.de
URL: https://verwaltung.heinlein-hosting.de/lib/lib.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.241.57.9 Berlin, Germany, ASN199118 (HPLS-AS, DE),

Reverse DNS

verwaltung.heinlein-hosting.de

Software

Apache/2.4.58 (Unix) /

Resource Hash

ae1437b71d36cc342850e6cf19b8c7e6d2b5b276379b072441ea2e776500511e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://verwaltung.heinlein-hosting.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:06:28 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
x-permitted-cross-domain-policies: none
content-length: 165538
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 20 Mar 2024 10:04:53 GMT
server: Apache/2.4.58 (Unix)
etag: "286a2-61414b8d2fb40"
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none';
accept-ranges: bytes

POST
H/1.1 200
OK / Show response
api.mx.heinlein-hosting.de/ 118 B
1 KB 172ms
171ms XHR
application/json 185.97.174.14
HPLS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mx.heinlein-hosting.de/

Requested by

Host: verwaltung.heinlein-hosting.de
URL: https://verwaltung.heinlein-hosting.de/lib/lib.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.97.174.14 Berlin, Germany, ASN199118 (HPLS-AS, DE),

Reverse DNS

api.mx.heinlein-hosting.de

Software

nginx /

Resource Hash

7146a135d1e376aa862baf9d8479b192a851e2413fb45f6ba8c71ccfd6aa697c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org ; style-src 'self' data: 'unsafe-inline' ; frame-src 'self' https://manage.mailbox.org https://status.mailbox.org; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 23 Mar 2024 13:06:29 GMT
Strict-Transport-Security: max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' ; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org ; style-src 'self' data: 'unsafe-inline' ; frame-src 'self' https://manage.mailbox.org https://status.mailbox.org; frame-ancestors 'self'; object-src 'none';
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Feature-Policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none';
Access-Control-Allow-Headers: Keep-Alive,User-Agent,X-Requested-With,Content-Type,HPLS-AUTH,response-type

GET
H/1.1 200
OK MaterialIcons-Regular.woff2
verwaltung.heinlein-hosting.de/font/ 36 KB
37 KB 163ms
163ms Font
font/woff2 80.241.57.9
HPLS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://verwaltung.heinlein-hosting.de/font/MaterialIcons-Regular.woff2

Requested by

Host: verwaltung.heinlein-hosting.de
URL: https://verwaltung.heinlein-hosting.de/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.241.57.9 Berlin, Germany, ASN199118 (HPLS-AS, DE),

Reverse DNS

verwaltung.heinlein-hosting.de

Software

Apache/2.4.58 (Unix) /

Resource Hash

732ede8a2e23292a923db629fb4370dfd5dda64976d49f98d9f9ac548d9c3f4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://verwaltung.heinlein-hosting.de/css/style.css
Origin: https://verwaltung.heinlein-hosting.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:06:28 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
x-permitted-cross-domain-policies: none
content-length: 36888
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 20 Mar 2024 10:03:09 GMT
server: Apache/2.4.58 (Unix)
etag: "9018-61414b2a01140"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none';
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| angular object| punycode

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			verwaltung.heinlein-hosting.de/	1969-12-31 23:59:59	Name: b55fef0e7d38f2d2bf2bc4998c846a86 Value: 37e989cf5bb5eea92b0c4d23c5dd4d7a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://api.mailbox.org/v1/ https://api.mx.heinlein-hosting.de/ https://hsapi-master.apps.okd-test01.heinlein-hosting.de; img-src 'self' https://piwik.mailbox.org; script-src 'self' https://piwik.mailbox.org 'unsafe-inline' 'unsafe-eval' ; style-src 'self' data: 'unsafe-inline' ;
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mx.heinlein-hosting.de
verwaltung.heinlein-hosting.de
verwaltung.teilhabeberatung-kreis-wesel.de
185.97.174.14
80.241.57.9
80.241.58.18
3ebe58da06e8a625fcbb91bac7648e13fb4cd517074b0b0e9b7f0e5810e7de40
5735edcafa41cef0ad06cfc01298deef5f78920d1b9b22c3395ff3f305df7b50
6e3a93b5e1c8b1137b33172f1898fedcc237bdc0ce296ab75e23da950bea468b
7146a135d1e376aa862baf9d8479b192a851e2413fb45f6ba8c71ccfd6aa697c
732ede8a2e23292a923db629fb4370dfd5dda64976d49f98d9f9ac548d9c3f4c
757d4cf4bde826de3771aa932464d30269e9397edea9fc3bed40772253701033
7b1e199a8a88e50939fdde78f082110ac3567c50de0660ddd56ea8d2044b03fb
89cd008c9a236f27561d4a2095f4ff2eb65be2857f739e4c45e5bca8e9911cc9
8b83ef41da4ebe08ae8e36dcb98e346dbce9a3f37fb09c1353ee71fb18a7de96
ae1437b71d36cc342850e6cf19b8c7e6d2b5b276379b072441ea2e776500511e
f5f47b417f0f8e08e2f4d4c5895f433ddfc85895821de20ec2d46463a3a7d670

verwaltung.heinlein-hosting.de Open in urlscan Pro 80.241.57.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

1323 kBTransfer

1312 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

verwaltung.heinlein-hosting.de Open in urlscan Pro
80.241.57.9 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

1323 kB
Transfer

1312 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions