urlscan.io logo urlscan.io
SecurityTrails logo

zfl.de.cool Open in urlscan Pro
2a00:f48:2000:affe::50  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
Effective URL: https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
Submission: On November 11 via manual from BR — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2a00:f48:2000:affe::50, located in Germany and belongs to TTM, DE. The main domain is zfl.de.cool.
TLS certificate: Issued by R3 on August 27th 2021. Valid for: 3 months.
This is the only time zfl.de.cool was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 2a00:f48:2000... 47447 (TTM)
1 2 2001:4cf0:2:4... 680 (DFN Verei...)
8 2
Apex Domain
Subdomains		 Transfer
8 de.cool
zfl.de.cool
70 KB
2 uni-muenster.de
wwuindico.uni-muenster.de
329 B
8 2
Domain Requested by
8 zfl.de.cool 1 redirects zfl.de.cool
2 wwuindico.uni-muenster.de 1 redirects zfl.de.cool
8 2

This site contains links to these domains. Also see Links.

Domain
www.linkagogo.com
www.q2amarket.com
www.question2answer.org
Subject Issuer Validity Valid
*.de.cool
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
Frame ID: 1CFB9F59818FCCEBFB82E3DAC8DBA338
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Konto baldwincraft23 - 3D TEST

Page URL History Show full URLs

  1. http://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23 HTTP 301
    https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23 Page URL

Page Statistics

8
Requests

88 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

69 kB
Transfer

200 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23 HTTP 301
    https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://wwuindico.uni-muenster.de/event/217/images/51-2020-07-24_Logo%20mittel.png HTTP 302
  • https://wwuindico.uni-muenster.de/event/217/registrations/401/

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
zfl.de.cool/
Redirect Chain
  • http://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
  • https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:affe::50 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
openresty / PHP/7.4.13
Resource Hash
edf863a50e20bec03fd0aa5beb598ea50bbcd243fd354f05f8ed4773d09695b9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

server
openresty
date
Thu, 11 Nov 2021 13:38:16 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Accept-Encoding
x-lima-id
arzB1VfzwipD39i1U9
x-powered-by
PHP/7.4.13
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-security-policy
upgrade-insecure-requests
content-encoding
gzip

Redirect headers

Server
openresty
Date
Thu, 11 Nov 2021 13:38:16 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=65
X-Lima-Id
arOEKpr9G3dWLXNEmG
Location
https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
Content-Security-Policy
upgrade-insecure-requests
qa-styles.css
zfl.de.cool/qa-theme/SnowFlat/ 		66 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zfl.de.cool/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by
Host: zfl.de.cool
URL: https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:affe::50 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
openresty /
Resource Hash
dcb8e017638066c9ee38288752daf839b253def27a830e6dbf00c69c5615452d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 13:38:16 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:41:46 GMT
server
openresty
etag
W/"108ef-5c235733e91bf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-lima-id
arguhjRwDfJcdps7SR
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests
expires
Sat, 11 Dec 2021 13:38:16 GMT
jquery-3.5.1.min.js
zfl.de.cool/qa-content/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zfl.de.cool/qa-content/jquery-3.5.1.min.js
Requested by
Host: zfl.de.cool
URL: https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:affe::50 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
openresty /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 13:38:16 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:41:02 GMT
server
openresty
etag
W/"15d84-5c23570a40154"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-lima-id
arV6isUCTO3o0UFXJu
cache-control
max-age=604800
content-security-policy
upgrade-insecure-requests
expires
Thu, 18 Nov 2021 13:38:16 GMT
qa-global.js
zfl.de.cool/qa-content/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zfl.de.cool/qa-content/qa-global.js?1.8.6
Requested by
Host: zfl.de.cool
URL: https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:affe::50 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
openresty /
Resource Hash
e48e4db5ebf7ec63a028eb6fa5ad8f5265c4b1cb7bd887517e7230474d8d2b67
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 13:38:16 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:41:02 GMT
server
openresty
etag
W/"4d04-5c23570a75cb3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-lima-id
arEodBP5GtegYdWOs2
cache-control
max-age=604800
content-security-policy
upgrade-insecure-requests
expires
Thu, 18 Nov 2021 13:38:16 GMT
snow-core.js
zfl.de.cool/qa-theme/SnowFlat/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zfl.de.cool/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by
Host: zfl.de.cool
URL: https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:affe::50 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
openresty /
Resource Hash
8599a30ee5a8a384539e694fe8ebfd9a4bf5f0785790155f0bb219ce26cd36b2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 13:38:16 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:41:45 GMT
server
openresty
etag
W/"8fe-5c235733bd29f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-lima-id
arYkdUA95ShucXLxBP
cache-control
max-age=604800
content-security-policy
upgrade-insecure-requests
expires
Thu, 18 Nov 2021 13:38:16 GMT
/
wwuindico.uni-muenster.de/event/217/registrations/401/
Redirect Chain
  • https://wwuindico.uni-muenster.de/event/217/images/51-2020-07-24_Logo%20mittel.png
  • https://wwuindico.uni-muenster.de/event/217/registrations/401/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwuindico.uni-muenster.de/event/217/registrations/401/
Requested by
Host: zfl.de.cool
URL: https://zfl.de.cool/index.php?qa=user&qa_1=baldwincraft23
Protocol
HTTP/1.1
Server
2001:4cf0:2:4020::1c:d1c0 , Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://zfl.de.cool/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date
Thu, 11 Nov 2021 13:38:16 GMT
Server
Apache
X-Indico-URL
/event/217/images/51-2020-07-24_Logo mittel.png
Content-Type
text/html; charset=utf-8
Location
https://wwuindico.uni-muenster.de/event/217/registrations/401/
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
265
spinner-icon-14x14.gif
zfl.de.cool/qa-theme/SnowFlat/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zfl.de.cool/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by
Host: zfl.de.cool
URL: https://zfl.de.cool/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:affe::50 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
openresty /
Resource Hash
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://zfl.de.cool/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 13:38:16 GMT
last-modified
Thu, 13 May 2021 12:41:45 GMT
server
openresty
etag
"1e65-5c2357336e100"
content-type
image/gif
x-lima-id
ar7cWA8CbivFYa8yLk
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
7781
expires
Sat, 11 Dec 2021 13:38:16 GMT
fontello.woff
zfl.de.cool/qa-theme/SnowFlat/fonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zfl.de.cool/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by
Host: zfl.de.cool
URL: https://zfl.de.cool/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:affe::50 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
openresty /
Resource Hash
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://zfl.de.cool/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin
https://zfl.de.cool
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 13:38:16 GMT
last-modified
Thu, 13 May 2021 12:41:42 GMT
server
openresty
etag
"1c20-5c2357308bc83"
content-type
application/font-woff
x-lima-id
aryRcbPzwYhREwoIzf
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
7200

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| qa_root string| qa_request function| $ function| jQuery function| qa_reveal function| qa_conceal function| qa_set_inner_html function| qa_set_outer_html function| qa_show_waiting_after function| qa_hide_waiting function| qa_vote_click function| qa_notice_click function| qa_favorite_click function| qa_ajax_post function| qa_ajax_error function| qa_display_rule_show object| qa_element_revealed function| qa_toggle_element function| qa_submit_answer function| qa_submit_comment function| qa_answer_click function| qa_comment_click function| qa_show_comments function| qa_form_params function| qa_scroll_page_to function| qa_title_change function| qa_html_unescape function| qa_html_escape function| qa_tag_click function| qa_tag_hints function| qa_tags_to_html function| qa_caret_from_end function| qa_tag_typed_parts function| qa_category_select function| set_category_description function| qa_submit_wall_post function| qa_wall_post_click function| qa_pm_click object| b

5 Cookies

Domain/Path Name / Value
zfl.de.cool/ Name: _lcp
Value: a
zfl.de.cool/ Name: LCWSID
Value: a34291af38cdd77be6f3ec1e005e4484
zfl.de.cool/ Name: qa_key
Value: e9fsb87iidse7jr8xg469ldjplpm8mjb
zfl.de.cool/ Name: _lcp2
Value: a
zfl.de.cool/ Name: _lcp3
Value: a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests