Submitted URL: https://thediscworld.de/
Effective URL: https://www.thediscworld.de/index.php/Hauptseite
Submission Tags: phishingrod
Submission: On October 02 via api from DE — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 85.25.8.41, located in Strasbourg, France and belongs to VELIANET-AS velia.net Internetdienste GmbH, DE. The main domain is www.thediscworld.de.
TLS certificate: Issued by R11 on October 1st 2024. Valid for: 3 months.
This is the only time www.thediscworld.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 85.25.8.41 29066 (VELIANET-...)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
8 3
Apex Domain
Subdomains
Transfer
8 thediscworld.de
thediscworld.de
www.thediscworld.de
367 KB
1 licensebuttons.net
licensebuttons.net — Cisco Umbrella Rank: 33549
2 KB
1 creativecommons.org
i.creativecommons.org — Cisco Umbrella Rank: 37820
406 B
8 3
Domain Requested by
7 www.thediscworld.de www.thediscworld.de
1 licensebuttons.net www.thediscworld.de
1 i.creativecommons.org 1 redirects
1 thediscworld.de 1 redirects
8 4
Subject Issuer Validity Valid
ankh-morpork-times.de
R11
2024-10-01 -
2024-12-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.thediscworld.de/index.php/Hauptseite
Frame ID: DEF06DD2E6A681F68DA26008F5153EBB
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

DiscWiki

Page URL History Show full URLs

  1. https://thediscworld.de/ HTTP 301
    http://www.thediscworld.de/index.php/Hauptseite HTTP 307
    https://www.thediscworld.de/index.php/Hauptseite Page URL

Page Statistics

8
Requests

88 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

368 kB
Transfer

475 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://thediscworld.de/ HTTP 301
    http://www.thediscworld.de/index.php/Hauptseite HTTP 307
    https://www.thediscworld.de/index.php/Hauptseite Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://i.creativecommons.org/l/by-nc-sa/2.0/88x31.png HTTP 301
  • https://licensebuttons.net/l/by-nc-sa/2.0/88x31.png

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Hauptseite
www.thediscworld.de/index.php/
Redirect Chain
  • https://thediscworld.de/
  • http://www.thediscworld.de/index.php/Hauptseite
  • https://www.thediscworld.de/index.php/Hauptseite
32 KB
9 KB
Document
General
Full URL
https://www.thediscworld.de/index.php/Hauptseite
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.25.8.41 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
puck525.startdedicated.de
Software
Apache/2.4.38 (Debian) /
Resource Hash
06509573caeaf282f886939a69444289ff2d37958ca82a7f6d8e63abbe7d849f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
8266
Content-Type
text/html; charset=UTF-8
Content-language
de
Date
Wed, 02 Oct 2024 07:26:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Mon, 04 Jul 2022 18:29:28 GMT
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding,Cookie
X-Content-Type-Options
nosniff

Redirect headers

Location
https://www.thediscworld.de/index.php/Hauptseite
Non-Authoritative-Reason
HttpsUpgrades
load.php
www.thediscworld.de/
83 KB
20 KB
Stylesheet
General
Full URL
https://www.thediscworld.de/load.php?lang=de&modules=mediawiki.legacy.commonPrint%2Cshared%7Cmediawiki.skinning.content.externallinks%7Cmediawiki.skinning.interface%7Cskins.monobook.responsive&only=styles&skin=monobook
Requested by
Host: www.thediscworld.de
URL: https://www.thediscworld.de/index.php/Hauptseite
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.25.8.41 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
puck525.startdedicated.de
Software
Apache/2.4.38 (Debian) /
Resource Hash
106fab9bc421ee4ea158915510620a1eeb7db91c2e9ab80fd43a34899c450b49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thediscworld.de/index.php/Hauptseite

Response headers

Link
</newturtle.png?ec17b>;rel=preload;as=image
Cache-Control
public, max-age=300, s-maxage=300
Content-Encoding
gzip
ETag
W/"1rivs-gzip"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Wed, 02 Oct 2024 07:31:12 GMT
Access-Control-Allow-Origin
*
Content-Length
19613
Keep-Alive
timeout=5, max=99
Date
Wed, 02 Oct 2024 07:26:12 GMT
Content-Type
text/css; charset=utf-8
Vary
Accept-Encoding
Server
Apache/2.4.38 (Debian)
load.php
www.thediscworld.de/
38 KB
39 KB
Script
General
Full URL
https://www.thediscworld.de/load.php?lang=de&modules=startup&only=scripts&raw=1&skin=monobook
Requested by
Host: www.thediscworld.de
URL: https://www.thediscworld.de/index.php/Hauptseite
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.25.8.41 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
puck525.startdedicated.de
Software
Apache/2.4.38 (Debian) /
Resource Hash
b9c7a540587b60cc3d3fffbb6038b3a3b67ff7beaf5f9f945997cd4d6aa34609
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thediscworld.de/index.php/Hauptseite

Response headers

Transfer-Encoding
chunked
Cache-Control
public, max-age=300, s-maxage=300
ETag
W/"1g6mc"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Wed, 02 Oct 2024 07:31:13 GMT
Keep-Alive
timeout=5, max=100
Date
Wed, 02 Oct 2024 07:26:12 GMT
Content-Type
text/javascript; charset=utf-8
Server
Apache/2.4.38 (Debian)
88x31.png
licensebuttons.net/l/by-nc-sa/2.0/
Redirect Chain
  • https://i.creativecommons.org/l/by-nc-sa/2.0/88x31.png
  • https://licensebuttons.net/l/by-nc-sa/2.0/88x31.png
2 KB
2 KB
Image
General
Full URL
https://licensebuttons.net/l/by-nc-sa/2.0/88x31.png
Requested by
Host: www.thediscworld.de
URL: https://www.thediscworld.de/index.php/Hauptseite
Protocol
H2
Server
2606:4700:10::6816:a79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c15eb6363ffed47e2913229559af9d19974d4dc35e97a84bac0bb3e25bdc87c8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thediscworld.de/

Response headers

cf-bgj
imgq:100,h2pri
etag
"5eab4a31-1554"
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
cf-polished
origSize=5460
date
Wed, 02 Oct 2024 07:26:13 GMT
content-type
image/png
last-modified
Thu, 30 Apr 2020 21:59:13 GMT
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=15768000
cache-control
max-age=432000
cf-ray
8cc2f684ec00929f-FRA
accept-ranges
bytes
content-length
1628
x-xss-protection
1; mode=block
server
cloudflare

Redirect headers

strict-transport-security
max-age=15768000
location
https://licensebuttons.net/l/by-nc-sa/2.0/88x31.png
cf-cache-status
EXPIRED
x-content-type-options
nosniff
cf-ray
8cc2f680cb480394-FRA
date
Wed, 02 Oct 2024 07:26:13 GMT
x-xss-protection
1; mode=block
content-type
text/html
vary
Accept-Encoding
server
cloudflare
x-frame-options
deny
poweredby_mediawiki_88x31.png
www.thediscworld.de/resources/assets/
3 KB
4 KB
Image
General
Full URL
https://www.thediscworld.de/resources/assets/poweredby_mediawiki_88x31.png
Requested by
Host: www.thediscworld.de
URL: https://www.thediscworld.de/index.php/Hauptseite
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.25.8.41 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
puck525.startdedicated.de
Software
Apache/2.4.38 (Debian) /
Resource Hash
a26827a91943911e5570ad3bf4e6d4ee751ed02fffdcc6567a818f48df40f70c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thediscworld.de/index.php/Hauptseite

Response headers

ETag
"da1-5968936c32d40"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3489
Keep-Alive
timeout=5, max=98
Date
Wed, 02 Oct 2024 07:26:12 GMT
Last-Modified
Mon, 04 Nov 2019 18:09:17 GMT
Content-Type
image/png
Server
Apache/2.4.38 (Debian)
newturtle.png
www.thediscworld.de/
28 KB
29 KB
Image
General
Full URL
https://www.thediscworld.de/newturtle.png?ec17b
Requested by
Host: www.thediscworld.de
URL: https://www.thediscworld.de/index.php/Hauptseite
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.25.8.41 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
puck525.startdedicated.de
Software
Apache/2.4.38 (Debian) /
Resource Hash
f08d535aa0d02bc145d987cbab4893140381204cd5ca0600c01e4c8d28d9c898

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thediscworld.de/index.php/Hauptseite

Response headers

ETag
"71cc-5a6b1d5af6ac2"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
29132
Keep-Alive
timeout=5, max=97
Date
Wed, 02 Oct 2024 07:26:12 GMT
Last-Modified
Thu, 28 May 2020 09:20:08 GMT
Content-Type
image/png
Server
Apache/2.4.38 (Debian)
truncated
/
21 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2da8637d7134c6287047f30deb47cc2f74b7a805feafcf9b4aa8ecc5e21b0a98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
542 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1578b2367203acbe0038ec4430519d491ca504217a7d2d6c77d6653e9da5b639

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
376 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b214d211354b631503b4da6b791d82880f5c0a96bfebe02496419cc1c6c014a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
149 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b4b879bd139b0d374608b3616be95bce6ac7ac675d5bbfd953f385dcb2041c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
load.php
www.thediscworld.de/
266 KB
266 KB
Script
General
Full URL
https://www.thediscworld.de/load.php?lang=de&modules=jquery%2Csite%7Cjquery.client%2CgetAttrs%2ChighlightText%2Csuggestions%7Cmediawiki.String%2CTitle%2Capi%2Cbase%2Cnotify%2CsearchSuggest%2Cutil%7Cmediawiki.page.ready%2Cstartup%7Cskins.monobook.mobile%7Cuser.defaults&skin=monobook&version=1v60a
Requested by
Host: www.thediscworld.de
URL: https://www.thediscworld.de/load.php?lang=de&modules=startup&only=scripts&raw=1&skin=monobook
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.25.8.41 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
puck525.startdedicated.de
Software
Apache/2.4.38 (Debian) /
Resource Hash
7b840d63997da21244309db161c877d08995fa4f6077d1a8966474a7778400ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thediscworld.de/index.php/Hauptseite

Response headers

Transfer-Encoding
chunked
Cache-Control
public, max-age=2592000, s-maxage=2592000
ETag
W/"1v60a"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Fri, 01 Nov 2024 07:26:15 GMT
Keep-Alive
timeout=5, max=99
Date
Wed, 02 Oct 2024 07:26:13 GMT
Content-Type
text/javascript; charset=utf-8
Server
Apache/2.4.38 (Debian)
favicon.ico
www.thediscworld.de/
894 B
1 KB
Other
General
Full URL
https://www.thediscworld.de/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.25.8.41 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
puck525.startdedicated.de
Software
Apache/2.4.38 (Debian) /
Resource Hash
32aa460e516fb52170a94c0b63e954e2b28a3b9f300c5e848ea45ed4bb36c883

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thediscworld.de/index.php/Hauptseite

Response headers

ETag
"37e-5a6b1dac6ea41"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
894
Keep-Alive
timeout=5, max=98
Date
Wed, 02 Oct 2024 07:26:15 GMT
Last-Modified
Thu, 28 May 2020 09:21:33 GMT
Content-Type
image/vnd.microsoft.icon
Server
Apache/2.4.38 (Debian)

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| RLCONF object| RLSTATE object| RLPAGEMODULES object| RLQ function| isCompatible object| mediaWiki object| mw string| skin string| stylepath string| wgUrlProtocols string| wgArticlePath string| wgScript object| wgActionPaths string| wgServer string| wgServerName string| wgUserLanguage string| wgContentLanguage boolean| wgTranslateNumerals string| wgVersion boolean| wgEnableAPI boolean| wgEnableWriteAPI object| wgFormattedNamespaces object| wgNamespaceIds object| wgContentNamespaces string| wgSiteName string| wgDBname string| wgWikiID object| wgExtraSignatureNamespaces string| wgExtensionAssetsPath string| wgCookiePrefix string| wgCookiePath number| wgCookieExpiration object| wgCaseSensitiveNamespaces string| wgLegalTitleChars string| wgIllegalFileChars object| wgForeignUploadTargets boolean| wgEnableUploads number| wgCommentCodePointLimit string| wgPageName string| wgTitle number| wgCurRevisionId number| wgRevisionId number| wgArticleId boolean| wgIsArticle string| wgAction object| wgUserGroups object| wgCategories string| wgPageContentLanguage string| wgPageContentModel object| wgSeparatorTransformTable object| wgDigitTransformTable string| wgDefaultDateFormat object| wgMonthNames object| wgMonthNamesShort string| wgRelevantPageName number| wgRelevantArticleId string| wgRequestId object| wgRestrictionEdit object| wgRestrictionMove boolean| wgIsMainPage object| wgPageParseReport number| wgBackendResponseTime object| NORLQ function| $ function| jQuery function| $j

0 Cookies

2 Console Messages

Source Level URL
Text
security warning URL: https://www.thediscworld.de/index.php/Hauptseite
Message:
Mixed Content: The page at 'https://www.thediscworld.de/index.php/Hauptseite' was loaded over HTTPS, but requested an insecure element 'http://i.creativecommons.org/l/by-nc-sa/2.0/88x31.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.thediscworld.de/index.php/Hauptseite(Line 242)
Message:
Mixed Content: The page at 'https://www.thediscworld.de/index.php/Hauptseite' was loaded over HTTPS, but requested an insecure element 'http://i.creativecommons.org/l/by-nc-sa/2.0/88x31.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff