www.hoellen.eu Open in urlscan Pro
2a01:4f8:151:41f8::10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://monitoring.xn--hllen-jua.eu/
Effective URL:
https://www.hoellen.eu/
Submission Tags: phishingrod
Submission: On March 17 via api (March 17th 2023, 12:27:43 pm UTC) from DE — Scanned from DE

Summary HTTP 11 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 2a01:4f8:151:41f8::10, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.hoellen.eu.
TLS certificate: Issued by R3 on January 9th 2023. Valid for: 3 months.

This is the only time www.hoellen.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 12	2a01:4f8:151:... 2a01:4f8:151:41f8::10		24940 (HETZNER-AS) (HETZNER-AS)
11	1

12 2a01:4f8:151:41f8::10 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

monitoring.xn--hllen-jua.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.hoellen.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	hoellen.eu www.hoellen.eu	3 MB
1	xn--hllen-jua.eu 1 redirects monitoring.xn--hllen-jua.eu	116 B
11	2

	Domain	Requested by
11	www.hoellen.eu	www.hoellen.eu
1	monitoring.xn--hllen-jua.eu	1 redirects
11	2

This site contains links to these domains. Also see Links.

Domain
hoellen.eu
cloud.hoellen.eu
mail.hoellen.eu
git.hoellen.eu

Subject Issuer	Validity	Valid
hoellen.eu R3	`2023-01-09` - `2023-04-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.hoellen.eu/
Frame ID: EB93088936B9FF6DCC9A6D9E5E549F62
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Willkommen - hoellen.eu

Page URL History Show full URLs

https://monitoring.xn--hllen-jua.eu/ HTTP 307
https://www.hoellen.eu/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

2565 kB
Transfer

2764 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://hoellen.eu/
Title: oellen.eu

Search URL Search Domain Scan URL

URL: https://cloud.hoellen.eu/
Title: Cloud

Search URL Search Domain Scan URL

URL: https://mail.hoellen.eu/
Title: Mail

Search URL Search Domain Scan URL

URL: https://git.hoellen.eu/
Title: Git

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://monitoring.xn--hllen-jua.eu/ HTTP 307
https://www.hoellen.eu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.hoellen.eu/
Redirect Chain

https://monitoring.xn--hllen-jua.eu/
https://www.hoellen.eu/

4 KB
1 KB

228ms
11ms

Document
text/html

2a01:4f8:151:41f8::10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hoellen.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:151:41f8::10 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

c9405c1061086127fbbc6704ed61b3c035845104afbc1d561cba6f03821741a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 17 Mar 2023 12:27:36 GMT
etag: W/"630e1d49-ec2"
last-modified: Tue, 30 Aug 2022 14:23:05 GMT
server: nginx
strict-transport-security: max-age=31536000;preload
vary: Accept-Encoding

Redirect headers

content-length: 164
content-type: text/html
date: Fri, 17 Mar 2023 12:27:36 GMT
location: https://www.hoellen.eu/
server: nginx
strict-transport-security: max-age=31536000;preload

GET
H2 200 fonts.css
www.hoellen.eu/css/ 634 B
398 B 12ms
11ms Stylesheet
text/css 2a01:4f8:151:41f8::10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hoellen.eu/css/fonts.css

Requested by

Host: www.hoellen.eu
URL: https://www.hoellen.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:151:41f8::10 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

f73bdfda14fcee9799cf9ab27ecc4c71f6aaf283bde5c78740f3497e5aa75241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hoellen.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:27:36 GMT
strict-transport-security: max-age=31536000;preload
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 16:18:05 GMT
server: nginx
etag: W/"630e383d-27a"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 font-awesome.min.css
www.hoellen.eu/css/ 27 KB
6 KB 13ms
12ms Stylesheet
text/css 2a01:4f8:151:41f8::10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hoellen.eu/css/font-awesome.min.css

Requested by

Host: www.hoellen.eu
URL: https://www.hoellen.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:151:41f8::10 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hoellen.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:27:36 GMT
strict-transport-security: max-age=31536000;preload
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 14:21:20 GMT
server: nginx
etag: W/"630e1ce0-6b4a"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 bootstrap.min.css
www.hoellen.eu/css/ 118 KB
20 KB 13ms
12ms Stylesheet
text/css 2a01:4f8:151:41f8::10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hoellen.eu/css/bootstrap.min.css

Requested by

Host: www.hoellen.eu
URL: https://www.hoellen.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:151:41f8::10 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hoellen.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:27:36 GMT
strict-transport-security: max-age=31536000;preload
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 15:27:14 GMT
server: nginx
etag: W/"61781e52-1d9ac"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
www.hoellen.eu/css/ 553 B
475 B 13ms
13ms Stylesheet
text/css 2a01:4f8:151:41f8::10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hoellen.eu/css/style.css

Requested by

Host: www.hoellen.eu
URL: https://www.hoellen.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:151:41f8::10 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

aa158589367604615fffbc01d25d42bf21d6e78d411c10a38d613069fcd02e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hoellen.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:27:36 GMT
strict-transport-security: max-age=31536000;preload
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 15:27:14 GMT
server: nginx
etag: W/"61781e52-229"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery-2.2.0.min.js Show response
www.hoellen.eu/js/ 84 KB
30 KB 14ms
13ms Script
application/javascript 2a01:4f8:151:41f8::10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hoellen.eu/js/jquery-2.2.0.min.js

Requested by

Host: www.hoellen.eu
URL: https://www.hoellen.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:151:41f8::10 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hoellen.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:27:36 GMT
strict-transport-security: max-age=31536000;preload
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 15:27:14 GMT
server: nginx
etag: W/"61781e52-14e55"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 bootstrap.min.js Show response
www.hoellen.eu/js/ 36 KB
10 KB 14ms
13ms Script
application/javascript 2a01:4f8:151:41f8::10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hoellen.eu/js/bootstrap.min.js

Requested by

Host: www.hoellen.eu
URL: https://www.hoellen.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:151:41f8::10 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hoellen.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:27:36 GMT
strict-transport-security: max-age=31536000;preload
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 15:27:14 GMT
server: nginx
etag: W/"61781e52-9004"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 background.jpg
www.hoellen.eu/img/ 2 MB
2 MB 11ms
11ms Image
image/jpeg 2a01:4f8:151:41f8::10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hoellen.eu/img/background.jpg

Requested by

Host: www.hoellen.eu
URL: https://www.hoellen.eu/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:151:41f8::10 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

2c947c868ec2020e69d4154b9bddbd7f787f60d421c05f43c54f6fbb603608ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hoellen.eu/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:27:36 GMT
strict-transport-security: max-age=31536000;preload
last-modified: Tue, 26 Oct 2021 15:27:14 GMT
server: nginx
etag: "61781e52-242065"
content-type: image/jpeg
accept-ranges: bytes
content-length: 2367589

GET
H2 200 fontawesome-webfont.woff2
www.hoellen.eu/fonts/ 65 KB
65 KB 22ms
21ms Font
font/woff2 2a01:4f8:151:41f8::10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hoellen.eu/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: www.hoellen.eu
URL: https://www.hoellen.eu/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:151:41f8::10 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;preload

Request headers

Referer: https://www.hoellen.eu/css/font-awesome.min.css
Origin: https://www.hoellen.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:27:36 GMT
strict-transport-security: max-age=31536000;preload
last-modified: Tue, 30 Aug 2022 16:21:36 GMT
server: nginx
etag: "630e3910-10440"
content-type: font/woff2
accept-ranges: bytes
content-length: 66624

GET
H2 200 S6uyw4BMUTPHjx4wWw.ttf
www.hoellen.eu/fonts/ 59 KB
59 KB 22ms
22ms Font
application/octet-stream 2a01:4f8:151:41f8::10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hoellen.eu/fonts/S6uyw4BMUTPHjx4wWw.ttf

Requested by

Host: www.hoellen.eu
URL: https://www.hoellen.eu/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:151:41f8::10 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;preload

Request headers

Referer: https://www.hoellen.eu/css/fonts.css
Origin: https://www.hoellen.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:27:36 GMT
strict-transport-security: max-age=31536000;preload
last-modified: Tue, 30 Aug 2022 14:10:22 GMT
server: nginx
etag: "630e1a4e-ec7c"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 60540

GET
H2 200 S6u9w4BMUTPHh6UVSwiPHA.ttf
www.hoellen.eu/fonts/ 58 KB
58 KB 24ms
23ms Font
application/octet-stream 2a01:4f8:151:41f8::10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hoellen.eu/fonts/S6u9w4BMUTPHh6UVSwiPHA.ttf

Requested by

Host: www.hoellen.eu
URL: https://www.hoellen.eu/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f8:151:41f8::10 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

7e15d8482756e9d79c5b14dde8cd92256fd2afe0307703d825d4e8178d416c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;preload

Request headers

Referer: https://www.hoellen.eu/css/fonts.css
Origin: https://www.hoellen.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:27:36 GMT
strict-transport-security: max-age=31536000;preload
last-modified: Tue, 30 Aug 2022 14:10:31 GMT
server: nginx
etag: "630e1a57-e6a8"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 59048

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

monitoring.xn--hllen-jua.eu
www.hoellen.eu
2a01:4f8:151:41f8::10
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2c947c868ec2020e69d4154b9bddbd7f787f60d421c05f43c54f6fbb603608ec
7e15d8482756e9d79c5b14dde8cd92256fd2afe0307703d825d4e8178d416c41
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
aa158589367604615fffbc01d25d42bf21d6e78d411c10a38d613069fcd02e70
b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4
c9405c1061086127fbbc6704ed61b3c035845104afbc1d561cba6f03821741a0
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f73bdfda14fcee9799cf9ab27ecc4c71f6aaf283bde5c78740f3497e5aa75241
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.hoellen.eu Open in urlscan Pro 2a01:4f8:151:41f8::10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

2565 kBTransfer

2764 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.hoellen.eu Open in urlscan Pro
2a01:4f8:151:41f8::10 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

2565 kB
Transfer

2764 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions