fraval.uber.space Open in urlscan Pro
2001:1a50:11:0:50d6:6ff:fe48:c9ca Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fraval.norma.uberspace.de/
Effective URL:
https://fraval.uber.space/de
Submission: On August 11 via automatic, source certstream-suspicious (August 11th 2024, 12:46:22 am UTC) — Scanned from DE

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 10 HTTP transactions. The main IP is 2001:1a50:11:0:50d6:6ff:fe48:c9ca, located in Germany and belongs to RHTEC-AS www.rh-tec.de, DE. The main domain is fraval.uber.space.
TLS certificate: Issued by R11 on August 8th 2024. Valid for: 3 months.

This is the only time fraval.uber.space was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2001:1a50:11:... 2001:1a50:11:0:fc4f:b4ff:fef6:51e6	25560 (RHTEC-AS ...) (RHTEC-AS www.rh-tec.de)
1 10	2001:1a50:11:... 2001:1a50:11:0:50d6:6ff:fe48:c9ca	25560 (RHTEC-AS ...) (RHTEC-AS www.rh-tec.de)
10	2

1 2001:1a50:11:0:fc4f:b4ff:fef6:51e6 (Germany) 1 redirects

ASN25560 (RHTEC-AS www.rh-tec.de, DE)

fraval.norma.uberspace.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2001:1a50:11:0:50d6:6ff:fe48:c9ca (Germany) 1 redirects

ASN25560 (RHTEC-AS www.rh-tec.de, DE)

fraval.uber.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	uber.space 1 redirects fraval.uber.space	473 KB
1	uberspace.de 1 redirects fraval.norma.uberspace.de	95 B
0	googleapis.com Failed fonts.googleapis.com Failed
10	3

	Domain	Requested by
10	fraval.uber.space	1 redirects fraval.uber.space
1	fraval.norma.uberspace.de	1 redirects
0	fonts.googleapis.com Failed	fraval.uber.space
10	3

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
fraval.uber.space R11	`2024-08-08` - `2024-11-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fraval.uber.space/de
Frame ID: 7A2142EB0D5A880D3080BD7A86BBE93B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Heilpraktiker Fraval

Page URL History Show full URLs

https://fraval.norma.uberspace.de/ HTTP 302
https://fraval.uber.space/ HTTP 302
https://fraval.uber.space/de Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

10
Requests

90 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

473 kB
Transfer

534 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/HeilpraktikerFraval/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fraval.norma.uberspace.de/ HTTP 302
https://fraval.uber.space/ HTTP 302
https://fraval.uber.space/de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request de Show response
fraval.uber.space/
Redirect Chain

https://fraval.norma.uberspace.de/
https://fraval.uber.space/
https://fraval.uber.space/de

4 KB
2 KB

32ms
31ms

Document
text/html

2001:1a50:11:0:50d6:6ff:fe48:c9ca
RHTEC-AS www.rh-t...

General

Check archive.org

Show headers Download Go to

Full URL

https://fraval.uber.space/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:1a50:11:0:50d6:6ff:fe48:c9ca , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),

Reverse DNS

Software

nginx /

Resource Hash

50ef7370b835759f6fee7e6aa00e1e49fa79ac492c218d151b4aabf8ca55edaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 11 Aug 2024 00:46:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 11 Aug 2024 00:46:15 GMT
location: https://fraval.uber.space/de
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 uniform.css
fraval.uber.space/assets/css/ 72 B
358 B 54ms
53ms Stylesheet
text/css 2001:1a50:11:0:50d6:6ff:fe48:c9ca
RHTEC-AS www.rh-t...

General

Check archive.org

Show headers Download Go to

Full URL

https://fraval.uber.space/assets/css/uniform.css

Requested by

Host: fraval.uber.space
URL: https://fraval.uber.space/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:1a50:11:0:50d6:6ff:fe48:c9ca , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),

Reverse DNS

Software

nginx /

Resource Hash

6a56bef150f0ec84162b27ab0bec39112f94c0ed6ef684bd5d857ac016d95a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraval.uber.space/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:46:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Nov 2019 11:20:32 GMT
server: nginx
etag: "48-597c55e6b6000"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 72
x-xss-protection: 1; mode=block

GET
H2 200 style.css
fraval.uber.space/assets/css/ 14 KB
5 KB 57ms
55ms Stylesheet
text/css 2001:1a50:11:0:50d6:6ff:fe48:c9ca
RHTEC-AS www.rh-t...

General

Check archive.org

Show headers Download Go to

Full URL

https://fraval.uber.space/assets/css/style.css

Requested by

Host: fraval.uber.space
URL: https://fraval.uber.space/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:1a50:11:0:50d6:6ff:fe48:c9ca , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),

Reverse DNS

Software

nginx /

Resource Hash

bba92acb203823d6078614129a1c4275af1c4151d0dcd30095eb97ec9ebae9fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraval.uber.space/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:46:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 07 Mar 2016 01:37:28 GMT
server: nginx
content-encoding: gzip
etag: W/"374b-52d6b81eb8600"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 logo.png
fraval.uber.space/assets/img/ 21 KB
21 KB 52ms
50ms Image
image/png 2001:1a50:11:0:50d6:6ff:fe48:c9ca
RHTEC-AS www.rh-t...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fraval.uber.space/assets/img/logo.png

Requested by

Host: fraval.uber.space
URL: https://fraval.uber.space/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:1a50:11:0:50d6:6ff:fe48:c9ca , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),

Reverse DNS

Software

nginx /

Resource Hash

1c2d948569df021b958e35dbc38e7f300e4a2f866a7a8096d4218b5e8579ed69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraval.uber.space/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:46:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 07 Mar 2016 01:37:58 GMT
server: nginx
etag: "53d0-52d6b83b54980"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 21456
x-xss-protection: 1; mode=block

GET
H2 200 logo-fb.jpg
fraval.uber.space/content/1-accueil/ 5 KB
5 KB 30ms
29ms Image
image/jpeg 2001:1a50:11:0:50d6:6ff:fe48:c9ca
RHTEC-AS www.rh-t...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fraval.uber.space/content/1-accueil/logo-fb.jpg

Requested by

Host: fraval.uber.space
URL: https://fraval.uber.space/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:1a50:11:0:50d6:6ff:fe48:c9ca , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),

Reverse DNS

Software

nginx /

Resource Hash

290db8c251955c6287ff88404942306170461c164e72cca523a6d3d7331da569

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraval.uber.space/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:46:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Mar 2017 11:34:04 GMT
server: nginx
etag: "129e-54a3681726300"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 4766
x-xss-protection: 1; mode=block

GET
H2 200 _mg_4395_small.jpg
fraval.uber.space/content/1-accueil/ 312 KB
313 KB 60ms
60ms Image
image/jpeg 2001:1a50:11:0:50d6:6ff:fe48:c9ca
RHTEC-AS www.rh-t...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fraval.uber.space/content/1-accueil/_mg_4395_small.jpg

Requested by

Host: fraval.uber.space
URL: https://fraval.uber.space/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:1a50:11:0:50d6:6ff:fe48:c9ca , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),

Reverse DNS

Software

nginx /

Resource Hash

366deae13d138b7028c33649743522e2590871ec28ae9f32ca1254d0f2f0c010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraval.uber.space/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:46:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Mar 2017 13:41:04 GMT
server: nginx
etag: "4e0d6-54a3847a25c00"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 319702
x-xss-protection: 1; mode=block

GET
H2 200 script.js Show response
fraval.uber.space/assets/js/ 85 KB
35 KB 62ms
62ms Script
application/javascript 2001:1a50:11:0:50d6:6ff:fe48:c9ca
RHTEC-AS www.rh-t...

General

Check archive.org

Show headers Download Go to

Full URL

https://fraval.uber.space/assets/js/script.js

Requested by

Host: fraval.uber.space
URL: https://fraval.uber.space/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:1a50:11:0:50d6:6ff:fe48:c9ca , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),

Reverse DNS

Software

nginx /

Resource Hash

ff4f04694faef7c7e18fb5f65765ceff4ebf2d0a2df32d50cc5a173385672f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraval.uber.space/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:46:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 07 Mar 2016 01:38:01 GMT
server: nginx
content-encoding: gzip
etag: W/"155c6-52d6b83e31040"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 banner.jpg
fraval.uber.space/assets/img/ 90 KB
90 KB 87ms
86ms Image
image/jpeg 2001:1a50:11:0:50d6:6ff:fe48:c9ca
RHTEC-AS www.rh-t...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fraval.uber.space/assets/img/banner.jpg

Requested by

Host: fraval.uber.space
URL: https://fraval.uber.space/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:1a50:11:0:50d6:6ff:fe48:c9ca , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),

Reverse DNS

Software

nginx /

Resource Hash

ab9dd986df943f39583cbf04cb93bd77bdb330b93562f4663dab566afb02f4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraval.uber.space/assets/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:46:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 07 Mar 2016 01:37:57 GMT
server: nginx
etag: "1665f-52d6b83a60740"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 91743
x-xss-protection: 1; mode=block

GET
H2 404 favicon.png
fraval.uber.space/ 3 KB
2 KB 33ms
33ms Other
text/html 2001:1a50:11:0:50d6:6ff:fe48:c9ca
RHTEC-AS www.rh-t...

General

Check archive.org

Show headers Download Go to

Full URL

https://fraval.uber.space/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:1a50:11:0:50d6:6ff:fe48:c9ca , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),

Reverse DNS

Software

nginx /

Resource Hash

c4954dd987d72cf9245585de614cdbbc88904e68e5ffa7b3283f892513dce568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraval.uber.space/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 00:46:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400italic,400,700|Open+Sans+Condensed:300,700

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fraval.uber.space/	1969-12-31 23:59:59	Name: kirby_session Value: vjs3a03lfnak1il4osl2k801vg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://fraval.uber.space/de(Line 8) Message: Mixed Content: The page at 'https://fraval.uber.space/de' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans:400italic,400,700\|Open+Sans+Condensed:300,700'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://fraval.uber.space/favicon.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fraval.norma.uberspace.de
fraval.uber.space
fonts.googleapis.com
2001:1a50:11:0:50d6:6ff:fe48:c9ca
2001:1a50:11:0:fc4f:b4ff:fef6:51e6
1c2d948569df021b958e35dbc38e7f300e4a2f866a7a8096d4218b5e8579ed69
290db8c251955c6287ff88404942306170461c164e72cca523a6d3d7331da569
366deae13d138b7028c33649743522e2590871ec28ae9f32ca1254d0f2f0c010
50ef7370b835759f6fee7e6aa00e1e49fa79ac492c218d151b4aabf8ca55edaa
6a56bef150f0ec84162b27ab0bec39112f94c0ed6ef684bd5d857ac016d95a23
ab9dd986df943f39583cbf04cb93bd77bdb330b93562f4663dab566afb02f4bd
bba92acb203823d6078614129a1c4275af1c4151d0dcd30095eb97ec9ebae9fd
c4954dd987d72cf9245585de614cdbbc88904e68e5ffa7b3283f892513dce568
ff4f04694faef7c7e18fb5f65765ceff4ebf2d0a2df32d50cc5a173385672f79

fraval.uber.space Open in urlscan Pro 2001:1a50:11:0:50d6:6ff:fe48:c9ca Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

90 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

473 kBTransfer

534 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

fraval.uber.space Open in urlscan Pro
2001:1a50:11:0:50d6:6ff:fe48:c9ca Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

473 kB
Transfer

534 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions