Submitted URL: https://termin.it-haecker.de/
Effective URL: https://termine.it-haecker.de/
Submission: On July 24 via api from US — Scanned from IT

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 85.13.162.109, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is termine.it-haecker.de.
TLS certificate: Issued by R11 on July 22nd 2024. Valid for: 3 months.
This is the only time termine.it-haecker.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 85.13.162.109 34788 (NMM-AS D)
1 2 52.97.189.66 8075 (MICROSOFT...)
3 2
Apex Domain
Subdomains
Transfer
3 it-haecker.de
termin.it-haecker.de
termine.it-haecker.de
1 KB
2 office365.com
outlook.office365.com — Cisco Umbrella Rank: 71
904 B
3 2
Domain Requested by
2 outlook.office365.com 1 redirects termine.it-haecker.de
2 termine.it-haecker.de
1 termin.it-haecker.de 1 redirects
3 3

This site contains no links.

Subject Issuer Validity Valid
termine.it-haecker.de
R11
2024-07-22 -
2024-10-20
3 months crt.sh
outlook.com
DigiCert Cloud Services CA-1
2024-06-27 -
2025-06-26
a year crt.sh

This page contains 2 frames:

Primary Page: https://termine.it-haecker.de/
Frame ID: 1D90100EA3109F8CB7A4CB0FABB9F2AD
Requests: 2 HTTP requests in this frame

Frame: https://outlook.office365.com/book/Termine@it-haecker.de/
Frame ID: 8282CD129997845A7CF358063A105AC3
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

IT-Häcker Termine

Page URL History Show full URLs

  1. https://termin.it-haecker.de/ HTTP 301
    https://termine.it-haecker.de/ Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

1 kB
Transfer

1 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://termin.it-haecker.de/ HTTP 301
    https://termine.it-haecker.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://outlook.office365.com/owa/calendar/Termine@it-haecker.de/bookings/ HTTP 302
  • https://outlook.office365.com/book/Termine@it-haecker.de/

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
termine.it-haecker.de/
Redirect Chain
  • https://termin.it-haecker.de/
  • https://termine.it-haecker.de/
449 B
353 B
Document
General
Full URL
https://termine.it-haecker.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44302.kasserver.com
Software
Apache /
Resource Hash
4854ddab26112efa21b1df0d53c39fa4b306a670ce7d434835b479445c041f92

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
br
content-length
211
content-type
text/html
date
Wed, 24 Jul 2024 01:37:25 GMT
etag
"1c1-61ddf65f4426e-br"
last-modified
Tue, 23 Jul 2024 00:39:45 GMT
server
Apache
vary
Accept-Encoding,User-Agent

Redirect headers

content-length
238
content-type
text/html; charset=iso-8859-1
date
Wed, 24 Jul 2024 01:37:24 GMT
location
https://termine.it-haecker.de/
server
Apache
/
outlook.office365.com/book/Termine@it-haecker.de/ Frame 8282
Redirect Chain
  • https://outlook.office365.com/owa/calendar/Termine@it-haecker.de/bookings/
  • https://outlook.office365.com/book/Termine@it-haecker.de/
0
0
Document
General
Full URL
https://outlook.office365.com/book/Termine@it-haecker.de/
Requested by
Host: termine.it-haecker.de
URL: https://termine.it-haecker.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.97.189.66 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://termine.it-haecker.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
cache-control
no-cache
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 24 Jul 2024 01:37:25 GMT
expires
-1
ms-cv
u4pKjKeutR3iMUEhp4MmbA.1
pragma
no-cache
referrer-policy
no-referrer
request-id
8c4a8abb-aea7-1db5-e231-4121a783266c
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-app-name
BookingsC2
x-backendhttpstatus
200
x-bepartition
CLDEUP281FRA01
x-beserver
FRYP281MB2239
x-besku
UNKNOWN
x-calculatedbetarget
FRYP281MB2239.DEUP281.PROD.OUTLOOK.COM
x-client-version
20240712002.14
x-clique
CLDEUP281FRA01
x-feserver
FR2P281CA0001
x-firsthopcafeefz
FRA
x-nanoproxy
1
x-proxy-backendserverstatus
200
x-proxy-routingcorrectness
1
x-web-server-version
24.7.16.1

Redirect headers

alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
cache-control
private
content-length
174
content-type
text/html; charset=utf-8
date
Wed, 24 Jul 2024 01:37:25 GMT
location
https://outlook.office365.com/book/Termine@it-haecker.de/
request-id
0a89fc4e-9367-8ff5-9e5d-6248f2fe6f4c
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-backend-begin
2024-07-24T01:37:25.670
x-backend-end
2024-07-24T01:37:25.748
x-backendhttpstatus
302
x-beserver
FRYP281MB0125
x-besku
WCS6
x-calculatedbetarget
FRYP281MB0125.DEUP281.PROD.OUTLOOK.COM
x-content-type-options
nosniff
x-diaginfo
FRYP281MB0125
x-feefzinfo
FRA
x-feproxyinfo
FR2P281CA0001.DEUP281.PROD.OUTLOOK.COM
x-feserver
FR2P281CA0001
x-firsthopcafeefz
FRA
x-owa-correlationid
c79c9ab8-bf35-42f0-8981-82e5ef83b304
x-owa-diagnosticsinfo
102;2;0;
x-proxy-backendserverstatus
302
x-proxy-routingcorrectness
1
x-rum-notupdatequerieddbcopy
1
x-rum-notupdatequeriedpath
1
x-rum-validated
1
x-ua-compatible
IE=EmulateIE7
favicon.ico
termine.it-haecker.de/
688 B
800 B
Other
General
Full URL
https://termine.it-haecker.de/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44302.kasserver.com
Software
Apache /
Resource Hash
7495527060d123efb57316835a733dfc9996d1d1ce56a8bee29fa0ee9d327041

Request headers

Referer
https://termine.it-haecker.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:37:26 GMT
content-encoding
br
last-modified
Tue, 23 Jul 2024 00:39:42 GMT
server
Apache
etag
"2b0-61ddf65c25539-br"
vary
Accept-Encoding,User-Agent
content-type
image/x-icon
accept-ranges
bytes
content-length
692

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

2 Cookies

Domain/Path Name / Value
outlook.office365.com/ Name: ClientId
Value: 3D83652416CF43B4823BF33BDDB59384
outlook.office365.com/ Name: OIDC
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

outlook.office365.com
termin.it-haecker.de
termine.it-haecker.de
52.97.189.66
85.13.162.109
4854ddab26112efa21b1df0d53c39fa4b306a670ce7d434835b479445c041f92
7495527060d123efb57316835a733dfc9996d1d1ce56a8bee29fa0ee9d327041