Submitted URL: http://drone.netzwissen.de/
Effective URL: https://drone.netzwissen.de/welcome
Submission Tags: @phish_report
Submission: On October 24 via api from FI — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 138.201.52.38, located in Esslingen am Neckar, Germany and belongs to HETZNER-AS, DE. The main domain is drone.netzwissen.de.
TLS certificate: Issued by R3 on October 23rd 2023. Valid for: 3 months.
This is the only time drone.netzwissen.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13 138.201.52.38 24940 (HETZNER-AS)
11 1
Apex Domain
Subdomains
Transfer
13 netzwissen.de
drone.netzwissen.de
3 MB
11 1
Domain Requested by
13 drone.netzwissen.de 2 redirects drone.netzwissen.de
11 1

This site contains no links.

Subject Issuer Validity Valid
netzwissen.de
R3
2023-10-23 -
2024-01-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://drone.netzwissen.de/welcome
Frame ID: A4846AD1FFCEB8FE9D99D33F6D2FA6B6
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Drone CI

Page URL History Show full URLs

  1. http://drone.netzwissen.de/ HTTP 301
    https://drone.netzwissen.de/ HTTP 303
    https://drone.netzwissen.de/welcome Page URL

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

3418 kB
Transfer

3414 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://drone.netzwissen.de/ HTTP 301
    https://drone.netzwissen.de/ HTTP 303
    https://drone.netzwissen.de/welcome Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request welcome
drone.netzwissen.de/
Redirect Chain
  • http://drone.netzwissen.de/
  • https://drone.netzwissen.de/
  • https://drone.netzwissen.de/welcome
2 KB
3 KB
Document
General
Full URL
https://drone.netzwissen.de/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.52.38 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
devel.netzwissen.de
Software
/
Resource Hash
1176dcffebcd0c86c648fed44c75cc0a32407747489a25e2b335c4d46d49538f
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
text/html; charset=UTF-8
date
Tue, 24 Oct 2023 00:22:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
strict-transport-security
max-age=16000000; includeSubDomains; preload;
transfer-encoding
chunked
x-accel-expires
0
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
35
content-type
text/html; charset=utf-8
date
Tue, 24 Oct 2023 00:22:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
location
/welcome
pragma
no-cache
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-accel-expires
0
x-frame-options
DENY
x-xss-protection
1; mode=block
2.abad2096.chunk.css
drone.netzwissen.de/static/css/
18 KB
18 KB
Stylesheet
General
Full URL
https://drone.netzwissen.de/static/css/2.abad2096.chunk.css
Requested by
Host: drone.netzwissen.de
URL: https://drone.netzwissen.de/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.52.38 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
devel.netzwissen.de
Software
/
Resource Hash
56f43b0ce8c672a349ae29a16ca80cef18bc11b19f4bfd229d15e0a4b0341554
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drone.netzwissen.de/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-accel-expires
0
date
Tue, 24 Oct 2023 00:22:58 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
last-modified
Mon, 09 May 2022 12:48:54 GMT
etag
0bfa340e6dd4925a69d18476950f5d09
x-frame-options
DENY
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18078
x-xss-protection
1; mode=block
main.a224ae8d.chunk.css
drone.netzwissen.de/static/css/
97 KB
97 KB
Stylesheet
General
Full URL
https://drone.netzwissen.de/static/css/main.a224ae8d.chunk.css
Requested by
Host: drone.netzwissen.de
URL: https://drone.netzwissen.de/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.52.38 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
devel.netzwissen.de
Software
/
Resource Hash
466c7664518e0855f002c48bdc3233d59646c5828c9dbe21d47b9f352ff1783b
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drone.netzwissen.de/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-accel-expires
0
date
Tue, 24 Oct 2023 00:22:58 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
last-modified
Mon, 09 May 2022 12:48:54 GMT
etag
0bfa340e6dd4925a69d18476950f5d09
x-frame-options
DENY
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
98841
x-xss-protection
1; mode=block
2.6edc03c8.chunk.js
drone.netzwissen.de/static/js/
2 MB
2 MB
Script
General
Full URL
https://drone.netzwissen.de/static/js/2.6edc03c8.chunk.js
Requested by
Host: drone.netzwissen.de
URL: https://drone.netzwissen.de/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.52.38 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
devel.netzwissen.de
Software
/
Resource Hash
eff66891622e054a1c4c67966446905147761f4e7720d1b9a5499585f4136a21
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drone.netzwissen.de/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-accel-expires
0
date
Tue, 24 Oct 2023 00:22:58 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
last-modified
Mon, 09 May 2022 12:48:54 GMT
etag
0bfa340e6dd4925a69d18476950f5d09
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2225038
x-xss-protection
1; mode=block
main.01bfde30.chunk.js
drone.netzwissen.de/static/js/
270 KB
270 KB
Script
General
Full URL
https://drone.netzwissen.de/static/js/main.01bfde30.chunk.js
Requested by
Host: drone.netzwissen.de
URL: https://drone.netzwissen.de/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.52.38 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
devel.netzwissen.de
Software
/
Resource Hash
9407f1d8f52cfd00a0956b445f6bd15ec76cc65dc682fe5e2c5ea9297fed4e30
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drone.netzwissen.de/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-accel-expires
0
date
Tue, 24 Oct 2023 00:22:58 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
last-modified
Mon, 09 May 2022 12:48:54 GMT
etag
0bfa340e6dd4925a69d18476950f5d09
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
276196
x-xss-protection
1; mode=block
user
drone.netzwissen.de/api/
27 B
383 B
XHR
General
Full URL
https://drone.netzwissen.de/api/user
Requested by
Host: drone.netzwissen.de
URL: https://drone.netzwissen.de/static/js/2.6edc03c8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.52.38 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
devel.netzwissen.de
Software
/
Resource Hash
470d94443e0ff9a9fc3167ffec7f686e7650797a9df7219be1fc4076e486ab1b
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Accept
application/json, text/plain, */*
Referer
https://drone.netzwissen.de/welcome
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
x-accel-expires
0
date
Tue, 24 Oct 2023 00:22:59 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
vary
Origin
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
27
expires
Thu, 01 Jan 1970 00:00:00 UTC
stream
drone.netzwissen.de/api/
8 B
0
EventSource
General
Full URL
https://drone.netzwissen.de/api/stream
Requested by
Host: drone.netzwissen.de
URL: https://drone.netzwissen.de/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.52.38 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
devel.netzwissen.de
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://drone.netzwissen.de/welcome
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
x-accel-expires
0
date
Tue, 24 Oct 2023 00:22:59 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
vary
Origin
transfer-encoding
chunked
content-type
text/event-stream
cache-control
no-cache
x-accel-buffering
no
expires
Thu, 01 Jan 1970 00:00:00 UTC
D4BA146C9DCC15D1.png
drone.netzwissen.de/
2 KB
2 KB
Image
General
Full URL
https://drone.netzwissen.de/D4BA146C9DCC15D1.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.52.38 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
devel.netzwissen.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drone.netzwissen.de/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
x-accel-expires
0
date
Tue, 24 Oct 2023 00:22:59 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-frame-options
DENY
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 UTC
Inter-SemiBold.c6588ec1.ttf
drone.netzwissen.de/static/media/
286 KB
287 KB
Font
General
Full URL
https://drone.netzwissen.de/static/media/Inter-SemiBold.c6588ec1.ttf
Requested by
Host: drone.netzwissen.de
URL: https://drone.netzwissen.de/static/css/main.a224ae8d.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.52.38 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
devel.netzwissen.de
Software
/
Resource Hash
98542636e6c900d04e987ca7a37e160a407df344be073fb041fd88f2cd90085a
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://drone.netzwissen.de/static/css/main.a224ae8d.chunk.css
Origin
https://drone.netzwissen.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-accel-expires
0
date
Tue, 24 Oct 2023 00:22:59 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
last-modified
Mon, 09 May 2022 12:48:54 GMT
etag
0bfa340e6dd4925a69d18476950f5d09
x-frame-options
DENY
content-type
font/ttf
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
293028
x-xss-protection
1; mode=block
Inter-Regular.9cd7588f.ttf
drone.netzwissen.de/static/media/
281 KB
282 KB
Font
General
Full URL
https://drone.netzwissen.de/static/media/Inter-Regular.9cd7588f.ttf
Requested by
Host: drone.netzwissen.de
URL: https://drone.netzwissen.de/static/css/main.a224ae8d.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.52.38 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
devel.netzwissen.de
Software
/
Resource Hash
1041a8cf17dab7579acef0cc46b21f6497ec1ae01918ddc3495416efb81a4780
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://drone.netzwissen.de/static/css/main.a224ae8d.chunk.css
Origin
https://drone.netzwissen.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-accel-expires
0
date
Tue, 24 Oct 2023 00:22:59 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
last-modified
Mon, 09 May 2022 12:48:54 GMT
etag
0bfa340e6dd4925a69d18476950f5d09
x-frame-options
DENY
content-type
font/ttf
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
287928
x-xss-protection
1; mode=block
Inter-Medium.18b8c68e.ttf
drone.netzwissen.de/static/media/
285 KB
286 KB
Font
General
Full URL
https://drone.netzwissen.de/static/media/Inter-Medium.18b8c68e.ttf
Requested by
Host: drone.netzwissen.de
URL: https://drone.netzwissen.de/static/css/main.a224ae8d.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.52.38 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
devel.netzwissen.de
Software
/
Resource Hash
5249ae5f8ddfded34c98c6e3cf09e08f178f234e1bfa28a68f98f6f957628418
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://drone.netzwissen.de/static/css/main.a224ae8d.chunk.css
Origin
https://drone.netzwissen.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-accel-expires
0
date
Tue, 24 Oct 2023 00:22:59 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
last-modified
Mon, 09 May 2022 12:48:54 GMT
etag
0bfa340e6dd4925a69d18476950f5d09
x-frame-options
DENY
content-type
font/ttf
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
292140
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonpdrone-ui-react object| regeneratorRuntime function| _

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://drone.netzwissen.de/api/user
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options DENY
X-Xss-Protection 1; mode=block