urlscan.io logo urlscan.io
SecurityTrails logo

stammbaum.orschulik.de Open in urlscan Pro
95.143.172.224  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fror.uber.space/
Effective URL: https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
Submission: On July 29 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 95.143.172.224, located in Germany and belongs to RHTEC-AS www.rh-tec.de, DE. The main domain is stammbaum.orschulik.de.
TLS certificate: Issued by R11 on June 7th 2024. Valid for: 3 months.
This is the only time stammbaum.orschulik.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 95.143.172.224 25560 (RHTEC-AS ...)
7 2
Apex Domain
Subdomains		 Transfer
8 orschulik.de
stammbaum.orschulik.de
2 MB
1 uber.space
fror.uber.space
401 B
7 2
Domain Requested by
8 stammbaum.orschulik.de 1 redirects stammbaum.orschulik.de
1 fror.uber.space 1 redirects
7 2

This site contains links to these domains. Also see Links.

Domain
webtrees.net
Subject Issuer Validity Valid
stammbaum.orschulik.de
R11		 2024-06-07 -
2024-09-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
Frame ID: EE0B42B6D2E8E75B057D3CBA87615B08
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in

Page URL History Show full URLs

  1. https://fror.uber.space/ HTTP 302
    https://stammbaum.orschulik.de/index.php?route=%2F HTTP 302
    https://stammbaum.orschulik.de/index.php?route=%2Flogin&url= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

2756 kB
Transfer

5746 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fror.uber.space/ HTTP 302
    https://stammbaum.orschulik.de/index.php?route=%2F HTTP 302
    https://stammbaum.orschulik.de/index.php?route=%2Flogin&url= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
stammbaum.orschulik.de/
Redirect Chain
  • https://fror.uber.space/
  • https://stammbaum.orschulik.de/index.php?route=%2F
  • https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
26 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.143.172.224 , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),
Reverse DNS
hercules.uberspace.de
Software
nginx /
Resource Hash
7737ebdef87606b4e6c0e2bfd0de4bff3db99837c17f399c5da9904106b2ddb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jul 2024 11:03:48 GMT
permissions-policy
browsing-topics=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000
vary
accept-encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 29 Jul 2024 11:03:47 GMT
location
https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
permissions-policy
browsing-topics=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
index.php
stammbaum.orschulik.de/ 		51 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stammbaum.orschulik.de/index.php?route=%2Fmodule%2F_argon_%2FAsset&asset=css%2Fvendor.css&hash=1683056479
Requested by
Host: stammbaum.orschulik.de
URL: https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.143.172.224 , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),
Reverse DNS
hercules.uberspace.de
Software
nginx /
Resource Hash
68e66d2c45590e69018cd00d2b14f2899129a26c9109cac1fbea4b2c2e2d9a94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 11:03:48 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
cache-control
public,max-age=31536000
permissions-policy
browsing-topics=()
x-xss-protection
1; mode=block
index.php
stammbaum.orschulik.de/ 		4 MB
2 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stammbaum.orschulik.de/index.php?route=%2Fmodule%2F_argon_%2FAsset&asset=css%2Ftheme.css&hash=1683056480
Requested by
Host: stammbaum.orschulik.de
URL: https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.143.172.224 , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),
Reverse DNS
hercules.uberspace.de
Software
nginx /
Resource Hash
30575c1c99d8ee6c1fd3b096e0f98f787292a8d4f744ee245e3165dcc1d529dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 11:03:48 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
cache-control
public,max-age=31536000
permissions-policy
browsing-topics=()
x-xss-protection
1; mode=block
vendor.min.js
stammbaum.orschulik.de/public/js/ 		1 MB
358 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stammbaum.orschulik.de/public/js/vendor.min.js?v=2.1.19
Requested by
Host: stammbaum.orschulik.de
URL: https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.143.172.224 , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),
Reverse DNS
hercules.uberspace.de
Software
nginx /
Resource Hash
a38966ae717b7825b61a0f55ad5b21361ccb35b65e1345acad392ab7df1eafb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 11:03:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 08 Apr 2024 12:42:09 GMT
server
nginx
content-encoding
gzip
etag
W/"10635e-61595224c3203"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
webtrees.min.js
stammbaum.orschulik.de/public/js/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stammbaum.orschulik.de/public/js/webtrees.min.js?v=2.1.19
Requested by
Host: stammbaum.orschulik.de
URL: https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.143.172.224 , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),
Reverse DNS
hercules.uberspace.de
Software
nginx /
Resource Hash
aba0339785ba13ec19657b6e9863bb70a9376ed39792f6d09257010cae2dd73d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 11:03:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 08 Apr 2024 12:42:09 GMT
server
nginx
content-encoding
gzip
etag
W/"697f-61595224c2a33"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
index.php
stammbaum.orschulik.de/ 		440 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stammbaum.orschulik.de/index.php?route=%2Fmodule%2F_argon_%2FAsset&asset=js%2Ftheme.js&hash=1683056479
Requested by
Host: stammbaum.orschulik.de
URL: https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.143.172.224 , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),
Reverse DNS
hercules.uberspace.de
Software
nginx /
Resource Hash
e48448cda984ea9772b1250993d7a7cbe6cea05a570e0669466002f7ef7bcc7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 11:03:48 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public,max-age=31536000
permissions-policy
browsing-topics=()
x-xss-protection
1; mode=block
truncated
/ 		105 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f461742308b7791fee6e9698e1212aa6e8fd1d5e5b41795bfd68e93aa011073d

Request headers

Referer
Origin
https://stammbaum.orschulik.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		146 KB
146 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2c5cf547e2e8d74a17d05c5ad9f1f593ca526452e228124294fa983b908ff82

Request headers

Referer
Origin
https://stammbaum.orschulik.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
favicon-32.png
stammbaum.orschulik.de/public/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://stammbaum.orschulik.de/public/favicon-32.png?v=2.1.19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.143.172.224 , Germany, ASN25560 (RHTEC-AS www.rh-tec.de, DE),
Reverse DNS
hercules.uberspace.de
Software
nginx /
Resource Hash
ea0deddc4fd61ccf97c5200b5ce3c7053fc3954f3b9d930f88902ecd911a4128
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stammbaum.orschulik.de/index.php?route=%2Flogin&url=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 11:03:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 08 Apr 2024 12:42:09 GMT
server
nginx
etag
"6b6-61595224c39d3"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
1718
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk number| uidEvent object| __apiStruct object| FontAwesomeConfig object| ___FONT_AWESOME___ function| SearchIndex object| L object| bootstrap function| TomSelect function| jQuery function| $ function| Bloodhound function| Sortable function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _toPropertyKey function| _toPrimitive function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles string| GOOGLE_CHARTS_LIB function| Statistics object| statistics function| TreeViewHandler function| createCookie function| readCookie object| webtrees

1 Cookies

Domain/Path Name / Value
.stammbaum.orschulik.de/ Name: __Secure-WT-ID
Value: 7bcbp33pj4o4pfee8ukr062k22

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block