16.yamf.heidersv-frauen.de Open in urlscan Pro
116.202.31.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://16.yamf.heidersv-frauen.de/png/comerica-wiring-instructions.html
Submission: On August 27 via manual (August 27th 2019, 5:27:12 pm UTC) from US

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 12 domains to perform 30 HTTP transactions. The main IP is 116.202.31.48, located in Germany and belongs to HETZNER-AS, DE. The main domain is 16.yamf.heidersv-frauen.de.

This is the only time 16.yamf.heidersv-frauen.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	116.202.31.48 116.202.31.48	24940 (HETZNER-AS) (HETZNER-AS)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
30	4

1 116.202.31.48 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.31.202.116.clients.your-server.de

16.yamf.heidersv-frauen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	29 KB
1	googleapis.com ajax.googleapis.com	30 KB
1	heidersv-frauen.de 16.yamf.heidersv-frauen.de	7 KB
0	gstatic.com Failed encrypted-tbn0.gstatic.com Failed
0	heartlandtv.com Failed media.heartlandtv.com Failed
0	ekopamag.com Failed www.ekopamag.com Failed
0	studylib.net Failed s2.studylib.net Failed
0	howtobankonline.org Failed howtobankonline.org Failed
0	listofbank.com Failed listofbank.com Failed
0	comerica.com Failed www.comerica.com Failed
0	ulumgroup.com Failed ulumgroup.com Failed
0	Failed function sub() { [native code] }. Failed
30	12

	Domain	Requested by
2	maxcdn.bootstrapcdn.com	16.yamf.heidersv-frauen.de
1	ajax.googleapis.com	16.yamf.heidersv-frauen.de
1	16.yamf.heidersv-frauen.de
0	encrypted-tbn0.gstatic.com Failed	16.yamf.heidersv-frauen.de
0	media.heartlandtv.com Failed	16.yamf.heidersv-frauen.de
0	www.ekopamag.com Failed	16.yamf.heidersv-frauen.de
0	s2.studylib.net Failed	16.yamf.heidersv-frauen.de
0	howtobankonline.org Failed	16.yamf.heidersv-frauen.de
0	listofbank.com Failed	16.yamf.heidersv-frauen.de
0	www.comerica.com Failed	16.yamf.heidersv-frauen.de
0	ulumgroup.com Failed	16.yamf.heidersv-frauen.de
0	116.202.31.48 Failed	16.yamf.heidersv-frauen.de
30	12

This site contains no links.

Subject Issuer	Validity	Valid
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://16.yamf.heidersv-frauen.de/png/comerica-wiring-instructions.html
Frame ID: BBB1CDB5C4C6557291C5619E9E0C8BF8
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

30
Requests

10 %
HTTPS

67 %
IPv6

12
Domains

12
Subdomains

4
IPs

2
Countries

66 kB
Transfer

278 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request comerica-wiring-instructions.html Show response
16.yamf.heidersv-frauen.de/png/ 38 KB
7 KB 2966ms
2875ms Document
text/html 116.202.31.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://16.yamf.heidersv-frauen.de/png/comerica-wiring-instructions.html
Protocol: HTTP/1.1
Server: 116.202.31.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.31.202.116.clients.your-server.de
Software: nginx /
Resource Hash: aac30b141c2f86e87282eace6b9e8f8b103eff9284a977469edbe00c7a104df7

Request headers

Host: 16.yamf.heidersv-frauen.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Tue, 27 Aug 2019 17:26:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <http://116.202.31.48/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 28ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by: Host: 16.yamf.heidersv-frauen.de
URL: http://16.yamf.heidersv-frauen.de/png/comerica-wiring-instructions.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://16.yamf.heidersv-frauen.de/png/comerica-wiring-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 27 Aug 2019 17:26:37 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
status: 200
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: 16.yamf.heidersv-frauen.de
URL: http://16.yamf.heidersv-frauen.de/png/comerica-wiring-instructions.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://16.yamf.heidersv-frauen.de/png/comerica-wiring-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 23 Aug 2019 10:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369301
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Aug 2020 10:51:36 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 31ms
13ms Script
text/javascript 2001:4de0:ac19::1:b:3b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by: Host: 16.yamf.heidersv-frauen.de
URL: http://16.yamf.heidersv-frauen.de/png/comerica-wiring-instructions.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://16.yamf.heidersv-frauen.de/png/comerica-wiring-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 27 Aug 2019 17:26:37 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
status: 200
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET style.css
116.202.31.48/wp-content/themes/gn/ 0
0

GET jquery.mousewheel.pack.js
116.202.31.48/wp-content/themes/gn/images/ 0
0

GET jquery.fancybox.css
116.202.31.48/wp-content/themes/gn/images/source/ 0
0

GET jquery.fancybox.pack.js
116.202.31.48/wp-content/themes/gn/images/source/ 0
0

GET jquery.fancybox-buttons.css
116.202.31.48/wp-content/themes/gn/images/source/helpers/ 0
0

GET jquery.fancybox-buttons.js
116.202.31.48/wp-content/themes/gn/images/source/helpers/ 0
0

GET jquery.fancybox-media.js
116.202.31.48/wp-content/themes/gn/images/source/helpers/ 0
0

GET jquery.fancybox-thumbs.css
116.202.31.48/wp-content/themes/gn/images/source/helpers/ 0
0

GET jquery.fancybox-thumbs.js
116.202.31.48/wp-content/themes/gn/images/source/helpers/ 0
0

GET Comerica-Check-1280x720.jpg
ulumgroup.com/wp-content/uploads/2019/03/ 0
0

GET Liberty-Check-300x200.jpg
ulumgroup.com/wp-content/uploads/2019/04/ 0
0

GET Bangor-Savings-Bank-Routing-Number-Check.png
ulumgroup.com/wp-content/uploads/2018/07/ 0
0

GET check_jpg.jpg
www.comerica.com/content/dam/comerica/en/images/misc-images/Personal/ 0
0

GET HSBC-Sample-check-300x200.jpg
ulumgroup.com/wp-content/uploads/2019/04/ 0
0

GET Comerica-Bank.jpg
listofbank.com/wp-content/uploads/2019/03/ 0
0

GET Comerica-Web-Banking-Login-300x200.png
ulumgroup.com/wp-content/uploads/2019/03/ 0
0

GET Comercia-Bank-Routing-Number-on-Check-400x215.png
howtobankonline.org/wp-content/uploads/ 0
0

GET IBC-check-International-Bank-of-Commerce-300x200.jpg
ulumgroup.com/wp-content/uploads/2019/04/ 0
0

GET 016087947_1-878ad3dacda24f74f69ae0e137a6860c.png
s2.studylib.net/store/data/ 0
0

GET Apple-Bank-Personal-check.jpg
ulumgroup.com/wp-content/uploads/2018/07/ 0
0

GET heloc-ca.png
www.comerica.com/content/dam/comerica/en/images/personal/ 0
0

GET routing-number.png
www.ekopamag.com/wp-content/uploads/2018/06/ 0
0

GET IMG_0289.JPG
media.heartlandtv.com/images/ 0
0

GET Comerica-Online-Web-Banking-1024x600.jpg
howtobankonline.org/wp-content/uploads/ 0
0

GET images
encrypted-tbn0.gstatic.com/ 0
0

GET secure-icon.png
116.202.31.48/wp-content/themes/gn/images/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 116.202.31.48
URL: http://116.202.31.48/wp-content/themes/gn/style.css

Domain: 116.202.31.48
URL: http://116.202.31.48/wp-content/themes/gn/images/jquery.mousewheel.pack.js

Domain: 116.202.31.48
URL: http://116.202.31.48/wp-content/themes/gn/images/source/jquery.fancybox.css

Domain: 116.202.31.48
URL: http://116.202.31.48/wp-content/themes/gn/images/source/jquery.fancybox.pack.js

Domain: 116.202.31.48
URL: http://116.202.31.48/wp-content/themes/gn/images/source/helpers/jquery.fancybox-buttons.css

Domain: 116.202.31.48
URL: http://116.202.31.48/wp-content/themes/gn/images/source/helpers/jquery.fancybox-buttons.js

Domain: 116.202.31.48
URL: http://116.202.31.48/wp-content/themes/gn/images/source/helpers/jquery.fancybox-media.js

Domain: 116.202.31.48
URL: http://116.202.31.48/wp-content/themes/gn/images/source/helpers/jquery.fancybox-thumbs.css

Domain: 116.202.31.48
URL: http://116.202.31.48/wp-content/themes/gn/images/source/helpers/jquery.fancybox-thumbs.js

Domain: ulumgroup.com
URL: http://ulumgroup.com/wp-content/uploads/2019/03/Comerica-Check-1280x720.jpg

Domain: ulumgroup.com
URL: http://ulumgroup.com/wp-content/uploads/2019/04/Liberty-Check-300x200.jpg

Domain: ulumgroup.com
URL: http://ulumgroup.com/wp-content/uploads/2018/07/Bangor-Savings-Bank-Routing-Number-Check.png

Domain: www.comerica.com
URL: https://www.comerica.com/content/dam/comerica/en/images/misc-images/Personal/check_jpg.jpg

Domain: ulumgroup.com
URL: http://ulumgroup.com/wp-content/uploads/2019/04/HSBC-Sample-check-300x200.jpg

Domain: listofbank.com
URL: http://listofbank.com/wp-content/uploads/2019/03/Comerica-Bank.jpg

Domain: ulumgroup.com
URL: http://ulumgroup.com/wp-content/uploads/2019/03/Comerica-Web-Banking-Login-300x200.png

Domain: howtobankonline.org
URL: https://howtobankonline.org/wp-content/uploads/Comercia-Bank-Routing-Number-on-Check-400x215.png

Domain: ulumgroup.com
URL: http://ulumgroup.com/wp-content/uploads/2019/04/IBC-check-International-Bank-of-Commerce-300x200.jpg

Domain: s2.studylib.net
URL: https://s2.studylib.net/store/data/016087947_1-878ad3dacda24f74f69ae0e137a6860c.png

Domain: ulumgroup.com
URL: http://ulumgroup.com/wp-content/uploads/2018/07/Apple-Bank-Personal-check.jpg

Domain: www.comerica.com
URL: https://www.comerica.com/content/dam/comerica/en/images/personal/heloc-ca.png

Domain: www.ekopamag.com
URL: http://www.ekopamag.com/wp-content/uploads/2018/06/routing-number.png

Domain: media.heartlandtv.com
URL: http://media.heartlandtv.com/images/IMG_0289.JPG

Domain: howtobankonline.org
URL: https://howtobankonline.org/wp-content/uploads/Comerica-Online-Web-Banking-1024x600.jpg

Domain: encrypted-tbn0.gstatic.com
URL: https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSEjE68jqJ_L5S4NX8b2r8N7_3w5trNjIIWBvdkOg6vWi2TrNvd4Q

Domain: 116.202.31.48
URL: http://116.202.31.48/wp-content/themes/gn/images/secure-icon.png

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

116.202.31.48
16.yamf.heidersv-frauen.de
ajax.googleapis.com
encrypted-tbn0.gstatic.com
howtobankonline.org
listofbank.com
maxcdn.bootstrapcdn.com
media.heartlandtv.com
s2.studylib.net
ulumgroup.com
www.comerica.com
www.ekopamag.com
116.202.31.48
encrypted-tbn0.gstatic.com
howtobankonline.org
listofbank.com
media.heartlandtv.com
s2.studylib.net
ulumgroup.com
www.comerica.com
www.ekopamag.com
116.202.31.48
2001:4de0:ac19::1:b:3b
2a00:1450:4001:81f::200a
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
aac30b141c2f86e87282eace6b9e8f8b103eff9284a977469edbe00c7a104df7
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

16.yamf.heidersv-frauen.de Open in urlscan Pro 116.202.31.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

30 Requests

10 %HTTPS

67 %IPv6

12 Domains

12 Subdomains

4 IPs

2 Countries

66 kBTransfer

278 kBSize

0 Cookies

0 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

16.yamf.heidersv-frauen.de Open in urlscan Pro
116.202.31.48 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

10 %
HTTPS

67 %
IPv6

12
Domains

12
Subdomains

4
IPs

2
Countries

66 kB
Transfer

278 kB
Size

0
Cookies

30 HTTP transactions
0 data transactions