urlscan.io logo urlscan.io
SecurityTrails logo

kunden.schuh-frank.de Open in urlscan Pro
135.181.117.84  Public Scan

Go To Rescan Add Verdict Report
URL: https://kunden.schuh-frank.de/
Submission: On August 24 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 135.181.117.84, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is kunden.schuh-frank.de.
TLS certificate: Issued by R11 on August 24th 2024. Valid for: 3 months.
This is the only time kunden.schuh-frank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 135.181.117.84 24940 (HETZNER-AS)
2 2400:52e0:1e0... 60068 (CDN77 _)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 4
Apex Domain
Subdomains		 Transfer
5 schuh-frank.de
kunden.schuh-frank.de
31 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
961 B
2 linearicons.com
cdn.linearicons.com — Cisco Umbrella Rank: 59956
24 KB
1 gstatic.com
www.gstatic.com
215 KB
11 4
Domain Requested by
5 kunden.schuh-frank.de kunden.schuh-frank.de
3 www.google.com kunden.schuh-frank.de
www.gstatic.com
2 cdn.linearicons.com kunden.schuh-frank.de
cdn.linearicons.com
1 www.gstatic.com www.google.com
11 4

This site contains links to these domains. Also see Links.

Domain
www.schuh-frank.de
Subject Issuer Validity Valid
kunden.schuh-frank.de
R11		 2024-08-24 -
2024-11-22		 3 months crt.sh
cdn.linearicons.com
R10		 2024-07-14 -
2024-10-12		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://kunden.schuh-frank.de/
Frame ID: D9B720595BD59AA49A45827D862D9ECF
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuArIZAAAAADe0SyDov_KMUtHIxv32O6uCkgJ3&co=aHR0cHM6Ly9rdW5kZW4uc2NodWgtZnJhbmsuZGU6NDQz&hl=de&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&cb=mw7hvlm2owb
Frame ID: 069FE53BF2A733334EE7B6E17CB38323
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nachtrag Ihrer E-Mail-Adresse - Schuh FrankSchuh-Frank.de - Nachfassung

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

11
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

272 kB
Transfer

610 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kunden.schuh-frank.de/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kunden.schuh-frank.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.181.117.84 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
webhost.schuh-frank.de
Software
nginx / PHP/7.3.33 PleskLin
Resource Hash
d508460921bf24d2f8b816ea1279252cace063a289c4fcc1addee233f99944d2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, must-revalidate, private
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1231
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Aug 2024 11:40:40 GMT
Expires
Sat, 24 Aug 2024 11:40:40 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000; includeSubDomains
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33 PleskLin
pragma
no-cache
normalize.css
kunden.schuh-frank.de/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kunden.schuh-frank.de/css/normalize.css
Requested by
Host: kunden.schuh-frank.de
URL: https://kunden.schuh-frank.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.181.117.84 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
webhost.schuh-frank.de
Software
nginx / PleskLin
Resource Hash
cd6da89a7351d004bfe48c19d8903820332d9ae9a8837625652832baa1d0cff7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://kunden.schuh-frank.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 11:40:40 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
Content-Encoding
br
Last-Modified
Tue, 21 Jul 2020 07:07:06 GMT
Server
nginx
ETag
W/"5f16941a-186b"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
style.css
kunden.schuh-frank.de/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kunden.schuh-frank.de/css/style.css
Requested by
Host: kunden.schuh-frank.de
URL: https://kunden.schuh-frank.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.181.117.84 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
webhost.schuh-frank.de
Software
nginx / PleskLin
Resource Hash
56ff132a590116fdd1caf6584b405723c3c12f0b1e11810755c229b3a54259bd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://kunden.schuh-frank.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 11:40:40 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
Content-Encoding
br
Last-Modified
Thu, 25 Nov 2021 13:58:36 GMT
Server
nginx
ETag
W/"619f968c-1641"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
icon-font.min.css
cdn.linearicons.com/free/1.0.0/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.linearicons.com/free/1.0.0/icon-font.min.css
Requested by
Host: kunden.schuh-frank.de
URL: https://kunden.schuh-frank.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::863:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-863 /
Resource Hash
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3

Request headers

Referer
https://kunden.schuh-frank.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 11:40:40 GMT
content-encoding
br
cdn-edgestorageid
722
cdn-cachedat
10/31/2023 18:48:38
cdn-pullzone
1459430
last-modified
Wed, 07 Jun 2023 23:52:14 GMT
server
BunnyCDN-DE1-863
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"ec26292e52e5bc20624b029974bd0adf"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
d49c78b7ce66b766ca6422091e453e1d
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
api.js
www.google.com/recaptcha/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: kunden.schuh-frank.de
URL: https://kunden.schuh-frank.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
476dd34cc54442b0c8c3dec0ce3c59b546a2e1103116bcd8cb179b03f7eb83a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kunden.schuh-frank.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 11:40:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 24 Aug 2024 11:40:40 GMT
logo-schuh-frankRDLTm1EyvdUwo.jpg
kunden.schuh-frank.de/img/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kunden.schuh-frank.de/img/logo-schuh-frankRDLTm1EyvdUwo.jpg
Requested by
Host: kunden.schuh-frank.de
URL: https://kunden.schuh-frank.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.181.117.84 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
webhost.schuh-frank.de
Software
nginx / PleskLin
Resource Hash
8d2d64a7a8ea5480f2c6afd7960de3e8debad2cebebfa3b53da8c79332e69467
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://kunden.schuh-frank.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 11:40:40 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
Last-Modified
Tue, 21 Jul 2020 07:07:06 GMT
Server
nginx
ETag
"5f16941a-5f96"
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24470
recaptcha__de.js
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 		539 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kunden.schuh-frank.de/
Origin
https://kunden.schuh-frank.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219509
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 04:00:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Aug 2025 12:45:59 GMT
api.js
www.google.com/recaptcha/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: kunden.schuh-frank.de
URL: https://kunden.schuh-frank.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
476dd34cc54442b0c8c3dec0ce3c59b546a2e1103116bcd8cb179b03f7eb83a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kunden.schuh-frank.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 11:40:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 24 Aug 2024 11:40:40 GMT
Linearicons-Free.woff2
cdn.linearicons.com/free/1.0.0/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.linearicons.com/free/1.0.0/Linearicons-Free.woff2
Requested by
Host: cdn.linearicons.com
URL: https://cdn.linearicons.com/free/1.0.0/icon-font.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::863:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-863 /
Resource Hash
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33

Request headers

Referer
https://cdn.linearicons.com/free/1.0.0/icon-font.min.css
Origin
https://kunden.schuh-frank.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 11:40:40 GMT
cdn-edgestorageid
874
cdn-cachedat
10/31/2023 18:51:21
cdn-pullzone
1459430
content-length
21780
last-modified
Thu, 18 Jun 2015 09:10:36 GMT
server
BunnyCDN-DE1-863
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"03e91f122aa5fd425abbe23c85546eb0"
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
2c4610f1cdaf371e1a5571337b1c6c17
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
anchor
www.google.com/recaptcha/api2/ Frame 069F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuArIZAAAAADe0SyDov_KMUtHIxv32O6uCkgJ3&co=aHR0cHM6Ly9rdW5kZW4uc2NodWgtZnJhbmsuZGU6NDQz&hl=de&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&cb=mw7hvlm2owb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4ADDSKWHS27wPoKA3Gbo_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kunden.schuh-frank.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4ADDSKWHS27wPoKA3Gbo_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Aug 2024 11:40:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
frank-favicon.png
kunden.schuh-frank.de/img/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kunden.schuh-frank.de/img/frank-favicon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.181.117.84 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
webhost.schuh-frank.de
Software
nginx / PleskLin
Resource Hash
bfbb1062d70f974d8abcf77625b4d8b1b088158dcf117cb0651f1168899d1826
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://kunden.schuh-frank.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 11:40:41 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
Last-Modified
Tue, 21 Jul 2020 07:07:06 GMT
Server
nginx
ETag
"5f16941a-666"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1638

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onSubmit object| recaptcha object| closure_lm_523105

1 Cookies

Domain/Path Name / Value
kunden.schuh-frank.de/ Name: PHPSESSID
Value: 73rr6sb6b3ug1dqargcr7phcus

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubDomains