forms.dtpartners.com Open in urlscan Pro
5.161.106.40 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://forms.dtpartners.com/view.php?id=46643
Submission: On September 20 via manual (September 20th 2023, 11:41:13 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 5.161.106.40, located in United States and belongs to HETZNER-CLOUD2-AS, DE. The main domain is forms.dtpartners.com.
TLS certificate: Issued by R3 on August 6th 2023. Valid for: 3 months.

This is the only time forms.dtpartners.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	5.161.106.40 5.161.106.40	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
2	34.231.204.134 34.231.204.134	14618 (AMAZON-AES) (AMAZON-AES)
11	2

9 5.161.106.40 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.40.106.161.5.clients.your-server.de

forms.dtpartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.231.204.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-204-134.compute-1.amazonaws.com

matomo.dtpartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	dtpartners.com forms.dtpartners.com matomo.dtpartners.com	99 KB
11	1

	Domain	Requested by
9	forms.dtpartners.com	forms.dtpartners.com
2	matomo.dtpartners.com	forms.dtpartners.com matomo.dtpartners.com
11	2

This site contains no links.

Subject Issuer	Validity	Valid
forms.dtpartners.com R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
matomo.dtpartners.com R3	`2023-09-09` - `2023-12-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://forms.dtpartners.com/view.php?id=46643
Frame ID: CBFA5EBFE86B3AEB3FC5825529CDD633
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Helpdesk Manager - Page 1 of 6 (Personal Information)

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

99 kB
Transfer

311 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request view.php Show response forms.dtpartners.com/	19 KB 5 KB	588ms 153ms	Document text/html	5.161.106.40 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://forms.dtpartners.com/view.php?id=46643 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.161.106.40 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.40.106.161.5.clients.your-server.de Software nginx / PHP/7.4.33 PleskLin Resource Hash `bbc360c200748ee5e711d71d8390bb365098a72d9c7bedf04404f2c3207957c1` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 5268 content-type text/html; charset=UTF-8 date Wed, 20 Sep 2023 23:41:08 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx vary Accept-Encoding x-powered-by PHP/7.4.33 PleskLin
GET H2	200	view.css forms.dtpartners.com/data/form_46643/css/	50 KB 8 KB	95ms 94ms	Stylesheet text/css	5.161.106.40 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://forms.dtpartners.com/data/form_46643/css/view.css Requested by Host: forms.dtpartners.com URL: https://forms.dtpartners.com/view.php?id=46643 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.161.106.40 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.40.106.161.5.clients.your-server.de Software nginx / PleskLin Resource Hash `26460c65eb7a51448fa4c34c8b70cbd29dfbe8060b64ac2240891332cfabc058` Request headers accept-language de-DE,de;q=0.9 Referer https://forms.dtpartners.com/view.php?id=46643 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 23:41:08 GMT content-encoding br last-modified Mon, 11 Sep 2023 18:41:02 GMT server nginx etag W/"64ff5f3e-c81f" x-powered-by PleskLin content-type text/css
GET H2	200	view.mobile.css forms.dtpartners.com/	8 KB 2 KB	95ms 94ms	Stylesheet text/css	5.161.106.40 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://forms.dtpartners.com/view.mobile.css Requested by Host: forms.dtpartners.com URL: https://forms.dtpartners.com/view.php?id=46643 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.161.106.40 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.40.106.161.5.clients.your-server.de Software nginx / PleskLin Resource Hash `48bf78864961636ee40296b1e7a667a93a1473e0db683b10320f8de409fb5346` Request headers accept-language de-DE,de;q=0.9 Referer https://forms.dtpartners.com/view.php?id=46643 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 23:41:08 GMT content-encoding br last-modified Sun, 27 Jun 2021 05:40:08 GMT server nginx etag W/"60d80f38-21ca" x-powered-by PleskLin content-type text/css
GET H2	200	theme_23.css forms.dtpartners.com/data/themes/	3 KB 879 B	96ms 94ms	Stylesheet text/css	5.161.106.40 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://forms.dtpartners.com/data/themes/theme_23.css Requested by Host: forms.dtpartners.com URL: https://forms.dtpartners.com/view.php?id=46643 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.161.106.40 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.40.106.161.5.clients.your-server.de Software nginx / PleskLin Resource Hash `2a0a2ce9bd438bf8208082d8dec6e9f3b9791d19b170fadb8ddc02233d28a7cd` Request headers accept-language de-DE,de;q=0.9 Referer https://forms.dtpartners.com/view.php?id=46643 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 23:41:08 GMT content-encoding br last-modified Fri, 05 Nov 2021 18:53:58 GMT server nginx etag W/"61857dc6-d5f" x-powered-by PleskLin content-type text/css
GET H2	200	jquery.min.js Show response forms.dtpartners.com/js/	87 KB 30 KB	186ms 185ms	Script application/javascript	5.161.106.40 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://forms.dtpartners.com/js/jquery.min.js Requested by Host: forms.dtpartners.com URL: https://forms.dtpartners.com/view.php?id=46643 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.161.106.40 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.40.106.161.5.clients.your-server.de Software nginx / PleskLin Resource Hash `f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d` Request headers accept-language de-DE,de;q=0.9 Referer https://forms.dtpartners.com/view.php?id=46643 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 23:41:08 GMT content-encoding br last-modified Sun, 27 Jun 2021 05:40:08 GMT server nginx etag W/"60d80f38-15d84" x-powered-by PleskLin content-type application/javascript
GET H2	200	effect.js Show response forms.dtpartners.com/js/jquery-ui-1.12/	40 KB 12 KB	200ms 199ms	Script application/javascript	5.161.106.40 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://forms.dtpartners.com/js/jquery-ui-1.12/effect.js Requested by Host: forms.dtpartners.com URL: https://forms.dtpartners.com/view.php?id=46643 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.161.106.40 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.40.106.161.5.clients.your-server.de Software nginx / PleskLin Resource Hash `01a98d8f1c110708e03c959cab5ed0bfae07cb4c6fbde366ddddac1ca71eee4b` Request headers accept-language de-DE,de;q=0.9 Referer https://forms.dtpartners.com/view.php?id=46643 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 23:41:08 GMT content-encoding br last-modified Sun, 27 Jun 2021 05:40:08 GMT server nginx etag W/"60d80f38-a025" x-powered-by PleskLin content-type application/javascript
GET H2	200	view.js Show response forms.dtpartners.com/	23 KB 5 KB	201ms 200ms	Script application/javascript	5.161.106.40 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://forms.dtpartners.com/view.js Requested by Host: forms.dtpartners.com URL: https://forms.dtpartners.com/view.php?id=46643 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.161.106.40 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.40.106.161.5.clients.your-server.de Software nginx / PleskLin Resource Hash `bc4852f6a3956afbd3ee6b8eecb9e3c4a81bbb1bf493af5f2d69abc57d36b68e` Request headers accept-language de-DE,de;q=0.9 Referer https://forms.dtpartners.com/view.php?id=46643 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 23:41:08 GMT content-encoding br last-modified Sun, 27 Jun 2021 05:40:08 GMT server nginx etag W/"60d80f38-5be3" x-powered-by PleskLin content-type application/javascript
GET H2	200	matomo.js Show response matomo.dtpartners.com/	64 KB 21 KB	428ms 97ms	Script application/javascript	34.231.204.134 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://matomo.dtpartners.com/matomo.js Requested by Host: forms.dtpartners.com URL: https://forms.dtpartners.com/view.php?id=46643 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.231.204.134 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-231-204-134.compute-1.amazonaws.com Software Apache/2.4.38 (Debian) / Resource Hash `d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693` Request headers accept-language de-DE,de;q=0.9 Referer https://forms.dtpartners.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 23:41:08 GMT content-encoding gzip last-modified Fri, 13 Jan 2023 13:18:23 GMT server Apache/2.4.38 (Debian) etag "10132-5f2251172a220-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 21441
GET H2	200	blu_stripes.png forms.dtpartners.com/images/form_resources/	5 KB 5 KB	99ms 98ms	Image image/png	5.161.106.40 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Show image Full URL https://forms.dtpartners.com/images/form_resources/blu_stripes.png Requested by Host: forms.dtpartners.com URL: https://forms.dtpartners.com/data/themes/theme_23.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.161.106.40 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.40.106.161.5.clients.your-server.de Software nginx / PleskLin Resource Hash `0a5f61c4e945330366a956d32a6256828f9c13394c803127ae3e86cb44d0c096` Request headers accept-language de-DE,de;q=0.9 Referer https://forms.dtpartners.com/data/themes/theme_23.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 23:41:08 GMT last-modified Sun, 27 Jun 2021 05:40:08 GMT server nginx etag "60d80f38-145e" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 5214
GET H2	200	img_4c9eb5ad1c9c4b5d40dbda6b5fa5a7ba-dtp_logo_machform.png forms.dtpartners.com/data/themes/images/	11 KB 11 KB	99ms 99ms	Image image/png	5.161.106.40 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Show image Full URL https://forms.dtpartners.com/data/themes/images/img_4c9eb5ad1c9c4b5d40dbda6b5fa5a7ba-dtp_logo_machform.png Requested by Host: forms.dtpartners.com URL: https://forms.dtpartners.com/data/themes/theme_23.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.161.106.40 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.40.106.161.5.clients.your-server.de Software nginx / PleskLin Resource Hash `a4ee920992dc54ef200637b2c157c4d2b511e62412bb104c482b2b7b7324fe50` Request headers accept-language de-DE,de;q=0.9 Referer https://forms.dtpartners.com/data/themes/theme_23.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 20 Sep 2023 23:41:08 GMT last-modified Fri, 05 Nov 2021 18:50:31 GMT server nginx etag "61857cf7-2a2a" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 10794
POST H2	204	matomo.php matomo.dtpartners.com/	0 105 B	137ms 137ms	Ping text/plain	34.231.204.134 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://matomo.dtpartners.com/matomo.php?action_name=Helpdesk%20Manager%20-%20Page%201%20of%206%20(Personal%20Information)&idsite=4&rec=1&r=383560&h=1&m=41&s=9&url=https%3A%2F%2Fforms.dtpartners.com%2Fview.php%3Fid%3D46643&_id=e4d426af02944e59&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=CNYTmT&pf_net=436&pf_srv=153&pf_tfr=1&pf_dm1=254&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D Requested by Host: matomo.dtpartners.com URL: https://matomo.dtpartners.com/matomo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.231.204.134 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-231-204-134.compute-1.amazonaws.com Software Apache/2.4.38 (Debian) / PHP/7.4.19 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://forms.dtpartners.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://forms.dtpartners.com date Wed, 20 Sep 2023 23:41:09 GMT access-control-allow-credentials true server Apache/2.4.38 (Debian) x-powered-by PHP/7.4.19

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
forms.dtpartners.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: b1ukc1vuh5npi7bai6b2rj30a3
forms.dtpartners.com/	1970-01-20 14:55:39	Name: mf_has_cookie Value: 1
forms.dtpartners.com/	1970-01-21 00:20:08	Name: _pk_id.4.0738 Value: e4d426af02944e59.1695253269.
forms.dtpartners.com/	1970-01-20 14:54:15	Name: _pk_ses.4.0738 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

forms.dtpartners.com
matomo.dtpartners.com
34.231.204.134
5.161.106.40
01a98d8f1c110708e03c959cab5ed0bfae07cb4c6fbde366ddddac1ca71eee4b
0a5f61c4e945330366a956d32a6256828f9c13394c803127ae3e86cb44d0c096
26460c65eb7a51448fa4c34c8b70cbd29dfbe8060b64ac2240891332cfabc058
2a0a2ce9bd438bf8208082d8dec6e9f3b9791d19b170fadb8ddc02233d28a7cd
48bf78864961636ee40296b1e7a667a93a1473e0db683b10320f8de409fb5346
a4ee920992dc54ef200637b2c157c4d2b511e62412bb104c482b2b7b7324fe50
bbc360c200748ee5e711d71d8390bb365098a72d9c7bedf04404f2c3207957c1
bc4852f6a3956afbd3ee6b8eecb9e3c4a81bbb1bf493af5f2d69abc57d36b68e
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

forms.dtpartners.com Open in urlscan Pro 5.161.106.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

2 IPs

1 Countries

99 kBTransfer

311 kBSize

4 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

4 Cookies

Indicators

forms.dtpartners.com Open in urlscan Pro
5.161.106.40 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

99 kB
Transfer

311 kB
Size

4
Cookies

11 HTTP transactions
0 data transactions