urlscan.io logo urlscan.io
SecurityTrails logo

ongeto.schwabo.de Open in urlscan Pro
85.215.230.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ongeto.schwabo.de/
Effective URL: https://ongeto.schwabo.de/login.php
Submission: On July 18 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 19 HTTP transactions. The main IP is 85.215.230.13, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is ongeto.schwabo.de.
TLS certificate: Issued by R10 on July 18th 2024. Valid for: 3 months.
This is the only time ongeto.schwabo.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 85.215.230.13 8560 (IONOS-AS ...)
3 85.214.205.154 6724 (STRATO ST...)
3 2a04:4e42:400... 54113 (FASTLY)
3 104.18.70.113 13335 (CLOUDFLAR...)
1 2600:9000:216... 16509 (AMAZON-02)
1 2600:9000:237... 16509 (AMAZON-02)
1 2600:9000:216... 16509 (AMAZON-02)
2 208.82.75.148 205411 (BOREUS)
1 162.159.138.6 13335 (CLOUDFLAR...)
19 10
4    85.215.230.13 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ip85-215-230-13.pbiaas.com
ongeto.schwabo.de
3    85.214.205.154 (Germany)

ASN6724 (STRATO STRATO AG, DE)
PTR: janoe-media.de
umami.janoe-media.de
3    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
1    2600:9000:2165:ca00:1d:b730:7840:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.schwarzwaelder-bote.de
1    2600:9000:237d:ca00:2:7cff:d940:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.stuttgarter-zeitung.de
1    2600:9000:2165:7e00:e:220d:1b80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.stuttgarter-nachrichten.de
2    208.82.75.148 (Germany)

ASN205411 (BOREUS, DE)
PTR: lb-sir-cmsfe.dns.boreus.de
www.krzbb.de
www.esslinger-zeitung.de
1    162.159.138.6 (None, )

ASN13335 (CLOUDFLARENET, US)
janoemedia.zendesk.com
Apex Domain
Subdomains		 Transfer
4 schwabo.de
ongeto.schwabo.de
9 KB
3 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3854
ekr.zdassets.com — Cisco Umbrella Rank: 4356
38 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
56 KB
3 janoe-media.de
umami.janoe-media.de
3 KB
1 zendesk.com
janoemedia.zendesk.com
971 B
1 esslinger-zeitung.de
www.esslinger-zeitung.de
4 KB
1 krzbb.de
www.krzbb.de
7 KB
1 stuttgarter-nachrichten.de
www.stuttgarter-nachrichten.de — Cisco Umbrella Rank: 554373
7 KB
1 stuttgarter-zeitung.de
www.stuttgarter-zeitung.de — Cisco Umbrella Rank: 485913
7 KB
1 schwarzwaelder-bote.de
www.schwarzwaelder-bote.de — Cisco Umbrella Rank: 517723
5 KB
0 jnmstat.space Failed
jnmstat.space Failed
19 11
Domain Requested by
4 ongeto.schwabo.de 1 redirects ongeto.schwabo.de
3 cdn.jsdelivr.net ongeto.schwabo.de
3 umami.janoe-media.de ongeto.schwabo.de
umami.janoe-media.de
2 static.zdassets.com ongeto.schwabo.de
static.zdassets.com
1 janoemedia.zendesk.com static.zdassets.com
1 ekr.zdassets.com static.zdassets.com
1 www.esslinger-zeitung.de ongeto.schwabo.de
1 www.krzbb.de ongeto.schwabo.de
1 www.stuttgarter-nachrichten.de ongeto.schwabo.de
1 www.stuttgarter-zeitung.de ongeto.schwabo.de
1 www.schwarzwaelder-bote.de ongeto.schwabo.de
0 jnmstat.space Failed ongeto.schwabo.de
19 12

This site contains links to these domains. Also see Links.

Domain
schwarzwaelder-bote.de
Subject Issuer Validity Valid
ongeto.schwabo.de
R10		 2024-07-18 -
2024-10-16		 3 months crt.sh
umami.janoe-media.de
R3		 2024-06-05 -
2024-09-03		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
zdassets.com
E6		 2024-06-29 -
2024-09-27		 3 months crt.sh
schwarzwaelder-bote.de
Amazon RSA 2048 M02		 2024-03-20 -
2025-04-18		 a year crt.sh
*.stuttgarter-zeitung.de
Thawte TLS RSA CA G1		 2023-09-13 -
2024-10-13		 a year crt.sh
*.stuttgarter-nachrichten.de
Thawte TLS RSA CA G1		 2023-11-06 -
2024-12-06		 a year crt.sh
krzbb.de
R11		 2024-06-14 -
2024-09-12		 3 months crt.sh
*.esslinger-zeitung.de
Thawte RSA CA 2018		 2023-07-17 -
2024-08-16		 a year crt.sh
zendesk.com
E1		 2024-05-22 -
2024-08-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ongeto.schwabo.de/login.php
Frame ID: 774EC71CF76AC70C6BC0624F4758DC9B
Requests: 16 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-3afd32023dcbd9f25ddb.js
Frame ID: 74EB1EA0704EF6EE267698F25C24A5E3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SB-Server Login

Page URL History Show full URLs

  1. https://ongeto.schwabo.de/ HTTP 302
    https://ongeto.schwabo.de/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

95 %
HTTPS

44 %
IPv6

11
Domains

12
Subdomains

10
IPs

3
Countries

133 kB
Transfer

438 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ongeto.schwabo.de/ HTTP 302
    https://ongeto.schwabo.de/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
ongeto.schwabo.de/
Redirect Chain
  • https://ongeto.schwabo.de/
  • https://ongeto.schwabo.de/login.php
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ongeto.schwabo.de/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.215.230.13 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip85-215-230-13.pbiaas.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
72c91e30f22cc40a5a332c6bca7d5601074337c61aab6a72727b0a7c64f9bf99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-length
4530
content-type
text/html; charset=UTF-8
date
Thu, 18 Jul 2024 03:17:29 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
3443
content-type
text/html; charset=UTF-8
date
Thu, 18 Jul 2024 03:17:29 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/login.php
pragma
no-cache
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
script.js
umami.janoe-media.de/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://umami.janoe-media.de/script.js
Requested by
Host: ongeto.schwabo.de
URL: https://ongeto.schwabo.de/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.214.205.154 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
janoe-media.de
Software
nginx / PleskLin
Resource Hash
e4bf17663a2e43a9ee87e6ad3b8887aef50dcde984211f0dfe0757d8b74a83e1
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined

Request headers

Referer
https://ongeto.schwabo.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 03:17:30 GMT
Content-Security-Policy
default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
Content-Encoding
gzip
Last-Modified
Sat, 29 Jun 2024 08:23:47 GMT
Server
nginx
ETag
W/"a11-1906317e191"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
X-DNS-Prefetch-Control
on
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 		160 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: ongeto.schwabo.de
URL: https://ongeto.schwabo.de/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ongeto.schwabo.de/
Origin
https://ongeto.schwabo.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 18 Jul 2024 03:17:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
1375698
x-jsd-version
5.1.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26333
x-served-by
cache-fra-etou8220051-FRA
x-jsd-version-type
version
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: ongeto.schwabo.de
URL: https://ongeto.schwabo.de/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ongeto.schwabo.de/
Origin
https://ongeto.schwabo.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 18 Jul 2024 03:17:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
73614
x-jsd-version
5.1.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
22075
x-served-by
cache-fra-etou8220051-FRA
x-jsd-version-type
version
etag
W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
masonry.pkgd.min.js
cdn.jsdelivr.net/npm/masonry-layout@4.2.2/dist/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/masonry-layout@4.2.2/dist/masonry.pkgd.min.js
Requested by
Host: ongeto.schwabo.de
URL: https://ongeto.schwabo.de/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ongeto.schwabo.de/
Origin
https://ongeto.schwabo.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 18 Jul 2024 03:17:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
619369
x-jsd-version
4.2.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7857
x-served-by
cache-fra-etou8220051-FRA
x-jsd-version-type
version
etag
W/"5e27-0gJSz3bDvorzeoQV0TrTaMditNg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
umami.js
jnmstat.space/ 		0
0
signin.css
ongeto.schwabo.de/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ongeto.schwabo.de/signin.css
Requested by
Host: ongeto.schwabo.de
URL: https://ongeto.schwabo.de/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.215.230.13 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip85-215-230-13.pbiaas.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://ongeto.schwabo.de/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Thu, 18 Jul 2024 03:17:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
1024
content-type
text/html
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=ab73c605-3fd2-4c1d-bcf8-fe7f300e97e5
Requested by
Host: ongeto.schwabo.de
URL: https://ongeto.schwabo.de/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://ongeto.schwabo.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 03:17:30 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
16EJPM9K30XP37FF
age
23
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
z1V/NuijnK7Md6R8xho26aVzAi5YWZpIy2l2KX04qLLf562XDGukX+pnpGWp4oLzz96OIYLMddM=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15FJbknMK9735O5YBl6BpFw5mMmQdzDhQdjfnJ%2BttlV74SDl%2FbVxvHA%2Fd51A%2BH44RxZFWs5uyxx8WHR7BmpcqWZnSf2puS9mBz39myLc7qNrOIlZ2sxcjWi9voqdyxQSZp7Jnp0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8a4f51b138dd4480-TXL
access-control-allow-headers
*
schwarzwaelder-bote_logo.svg
www.schwarzwaelder-bote.de/staticcontent/schwarzwaelder_bote/common/assets/svg/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.schwarzwaelder-bote.de/staticcontent/schwarzwaelder_bote/common/assets/svg/schwarzwaelder-bote_logo.svg
Requested by
Host: ongeto.schwabo.de
URL: https://ongeto.schwabo.de/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2165:ca00:1d:b730:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
66f1fd3e6f4375fdb5542a1a6fd92d947d08916bc7229f08332861dca4538f86
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ongeto.schwabo.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
via
1.1 varnish-v4, 1.1 aa80856e4ab1425bca16fde063f31814.cloudfront.net (CloudFront)
x-content-type-options
nosniff
date
Wed, 17 Jul 2024 17:21:08 GMT
x-amz-cf-pop
MUC50-P6
age
35783
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 11 Nov 2020 14:09:17 GMT
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
69815604
cache-control
public, max-age=604800
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
CMXTBLxSrtfoeDeBzK8q94BfQi_K7QyQG4DST3GM_PfGFy7bw2cHmg==
x-ua-dig
desktop
expires
Thu, 01 Jan 1970 00:00:00 GMT
stuttgarter-zeitung.svg
www.stuttgarter-zeitung.de/staticcontent/stuttgarter_zeitung/common/img/logos/ 		16 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.stuttgarter-zeitung.de/staticcontent/stuttgarter_zeitung/common/img/logos/stuttgarter-zeitung.svg
Requested by
Host: ongeto.schwabo.de
URL: https://ongeto.schwabo.de/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:ca00:2:7cff:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5311cab212781fdd85492692abbeadb06a259496cd6fd188250d948817eb0540
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ongeto.schwabo.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
via
1.1 varnish-v4, 1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
date
Wed, 17 Jul 2024 22:06:13 GMT
x-amz-cf-pop
MUC50-P2
age
54132
x-cache
Hit from cloudfront
content-length
6810
x-xss-protection
1; mode=block
last-modified
Tue, 07 Jan 2020 15:50:39 GMT
x-frame-options
sameorigin
access-control-allow-methods
GET, HEAD
x-varnish
348605738 349691757
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
yDRWtuut49USV6kUJn5r_C8wwjDCcrcMcDIxAD5I5zxNqfJMxUZQlQ==
x-ua-dig
desktop
expires
Thu, 01 Jan 1970 00:00:00 GMT
stn-blue.png
www.stuttgarter-nachrichten.de/staticcontent/stuttgarter_nachrichten/common/img/logos/amp/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.stuttgarter-nachrichten.de/staticcontent/stuttgarter_nachrichten/common/img/logos/amp/stn-blue.png
Requested by
Host: ongeto.schwabo.de
URL: https://ongeto.schwabo.de/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2165:7e00:e:220d:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
61207f2cddc6524939c84528f5d95ded7d93c15e464facf00417ad22d0fdaf03
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ongeto.schwabo.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
via
1.1 varnish-v4, 1.1 37e423fd0afc1d9345b73ddf180cdd6a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
date
Wed, 17 Jul 2024 15:56:54 GMT
x-amz-cf-pop
MUC50-P6
age
40836
x-cache
Hit from cloudfront
content-length
6385
x-xss-protection
1; mode=block
last-modified
Tue, 10 Apr 2018 07:22:43 GMT
x-frame-options
sameorigin
vary
Accept-Encoding
x-varnish
40938064 40542770
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
x-amz-cf-id
aG_CbagUibppbhunr8L_cfOqp6cqjDkmpjG_1ukjjs5CPlh729pTgQ==
x-ua-dig
desktop
expires
Thu, 01 Jan 1970 00:00:00 GMT
kreiszeitung-boeblinger-bote.svg
www.krzbb.de/staticcontent/kreiszeitung_boeblinger_bote/common/assets/svg/ 		27 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krzbb.de/staticcontent/kreiszeitung_boeblinger_bote/common/assets/svg/kreiszeitung-boeblinger-bote.svg
Requested by
Host: ongeto.schwabo.de
URL: https://ongeto.schwabo.de/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.148 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
lb-sir-cmsfe.dns.boreus.de
Software
/
Resource Hash
21a0b44bb0ea9be8d3b9bface810bcad0e5a1005f222b987b2cd5285583c7a1b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ongeto.schwabo.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 06:25:12 GMT
content-encoding
gzip
via
1.1 varnish-v4
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
age
75138
content-length
6699
x-xss-protection
1; mode=block
last-modified
Wed, 23 Dec 2020 10:43:39 GMT
vary
Accept-Encoding, User-Agent
x-frame-options
sameorigin
content-type
image/svg+xml
x-varnish
143539936 125225270
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-methods
GET, HEAD
access-control-allow-credentials
false
accept-ranges
bytes
x-ua-dig
desktop
expires
Thu, 01 Jan 1970 00:00:00 GMT
esslinger-zeitung.png
www.esslinger-zeitung.de/staticcontent/esslinger_zeitung/assets/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.esslinger-zeitung.de/staticcontent/esslinger_zeitung/assets/img/esslinger-zeitung.png
Requested by
Host: ongeto.schwabo.de
URL: https://ongeto.schwabo.de/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.148 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
lb-sir-cmsfe.dns.boreus.de
Software
/
Resource Hash
81eb51c6472a30f0779ec76880e9d7996db06277655ea83087b0121f3b1962da
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ongeto.schwabo.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 03:01:53 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
age
87337
content-length
3305
x-xss-protection
1; mode=block
last-modified
Fri, 17 Jan 2020 10:54:08 GMT
vary
Accept-Encoding, User-Agent
x-frame-options
sameorigin
content-type
image/png
x-varnish
44963175 38880593
cache-control
public, max-age=604800
accept-ranges
bytes
x-ua-dig
desktop
expires
Thu, 01 Jan 1970 00:00:00 GMT
ab73c605-3fd2-4c1d-bcf8-fe7f300e97e5
ekr.zdassets.com/compose/ 		373 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/ab73c605-3fd2-4c1d-bcf8-fe7f300e97e5
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ab73c605-3fd2-4c1d-bcf8-fe7f300e97e5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d24a099c120c71b019f20cb599643d1ec8f1aabf30f2763b69a35daad5f95967
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ongeto.schwabo.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 03:17:31 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8a39f991fb1537f7-SEA, 8a39f991fb1537f7-SEA
x-runtime
0.013082
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"d24a099c120c71b019f20cb599643d1e"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ltNbkT9F5k%2FwPF3KXwPJUH0wAq4TtFtxqQJYc49zaq3GMB4%2ByIcSqEP5GIcXUntNbLEt3qJwfQuKCM3YPQwgLY79xLSYAnH%2FY8kYdi%2Bkse7S%2F9WWgkcJ0H9vio2fgAascMg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
8a4f51b2ce2daca7-TXL
send
umami.janoe-media.de/api/ 		600 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://umami.janoe-media.de/api/send
Requested by
Host: umami.janoe-media.de
URL: https://umami.janoe-media.de/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.214.205.154 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
janoe-media.de
Software
nginx / PleskLin
Resource Hash
e0aabad6cb87e7df3cb04280ea65e71793d3a7d76d6caa4a59c7f57a2647e14c
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined

Request headers

Referer
https://ongeto.schwabo.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 18 Jul 2024 03:17:30 GMT
Content-Security-Policy
default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
Server
nginx
ETag
"1ju1n81nk1go"
X-Powered-By
PleskLin
X-DNS-Prefetch-Control
on
Vary
Accept-Encoding
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
600
send
umami.janoe-media.de/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://umami.janoe-media.de/api/send
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.214.205.154 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
janoe-media.de
Software
nginx / PleskLin
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ongeto.schwabo.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Length
0
Content-Security-Policy
default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
Date
Thu, 18 Jul 2024 03:17:30 GMT
Server
nginx
Vary
Access-Control-Request-Headers
X-DNS-Prefetch-Control
on
X-Powered-By
PleskLin
favicon.ico
ongeto.schwabo.de/docs/4.0/assets/img/favicons/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ongeto.schwabo.de/docs/4.0/assets/img/favicons/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.215.230.13 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip85-215-230-13.pbiaas.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c818428cde1ec4d24d46037733fb51b2f624e54b7dd69cd34080c801bfb19161

Request headers

Referer
https://ongeto.schwabo.de/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Thu, 18 Jul 2024 03:17:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
1024
content-type
text/html
web-widget-framework-3afd32023dcbd9f25ddb.js
static.zdassets.com/web_widget/latest/ Frame 74EB 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-3afd32023dcbd9f25ddb.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ab73c605-3fd2-4c1d-bcf8-fe7f300e97e5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ac1b2f571bee1248a01690bafeeb42f0a31d7b2ad78bbcc9b6a3530c0686456
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 03:17:31 GMT
x-amz-version-id
xFWTzwp6iKD4MLTW0JLSZScwqrRLHeIr
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
2RJ042MPMPMD14MV
age
219621
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
sMTNkTYzi0zlrLktO30vKU55+snKVLZ9QvB3ZSLbwUl38ki/lKOO/mLv91ZPhJp0uxp1/RVtrow=
last-modified
Mon, 15 Jul 2024 08:19:10 GMT
server
cloudflare
etag
W/"c555ebb37ef2bf46d4344447a6e14720"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yPjOfI78eQTmZiDP9%2Fj1QZFq1xdMxBZz8RyXMdMPytOkzYAmdTMb0c0B%2FRTvST%2FTgwEsbMGVYk2QabQsVGnl0H2OKmfj0XFLtcWkmOn4PNlhGhpRQQebCFFxxL1IBRhsvirGzRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a4f51b76a154480-TXL
access-control-allow-headers
*
expires
Tue, 15 Jul 2025 08:19:09 GMT
config
janoemedia.zendesk.com/embeddable/ Frame 74EB 		15 B
971 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://janoemedia.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3afd32023dcbd9f25ddb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 03:17:32 GMT
strict-transport-security
max-age=0;
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-596b8fcbc9-znbt5
x-request-id
8a4f51b8e85858ea-WAW
x-runtime
0.007969
server
cloudflare
x-zendesk-zorg
yes, yes
vary
Accept, Origin, Accept-Encoding
access-control-max-age
7200
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MmoLjQypbQ81SYrxT8JqcEQDJTsHNMenXcRW3Xh4x2Hsxgl6p6EbMfDSm1Ti7yIKPYcki8MrNQi4pGHxmZcD67goS2frc3oW%2BoMgtJ%2BJ2qFdgtpx4N8xt%2FV326uEn7O8dZVC%2F4GOP%2BA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=3600
content-type
text/plain; charset=utf-8
cf-ray
8a4f51b8e85858ea-TXL

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
jnmstat.space
URL
https://jnmstat.space/umami.js

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| uidEvent object| bootstrap object| umami object| zEWebpackACJsonp function| zE function| zEmbed function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry boolean| zEACLoaded

1 Cookies

Domain/Path Name / Value
ongeto.schwabo.de/ Name: PHPSESSID
Value: cno6cbq0972f5bq0b8e2uq2gnl

5 Console Messages

Source Level URL
Text
network error URL: https://ongeto.schwabo.de/signin.css
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://ongeto.schwabo.de/login.php
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://jnmstat.space/umami.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ongeto.schwabo.de/docs/4.0/assets/img/favicons/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://janoemedia.zendesk.com/embeddable/config
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
ekr.zdassets.com
janoemedia.zendesk.com
jnmstat.space
ongeto.schwabo.de
static.zdassets.com
umami.janoe-media.de
www.esslinger-zeitung.de
www.krzbb.de
www.schwarzwaelder-bote.de
www.stuttgarter-nachrichten.de
www.stuttgarter-zeitung.de
jnmstat.space
104.18.70.113
162.159.138.6
208.82.75.148
2600:9000:2165:7e00:e:220d:1b80:93a1
2600:9000:2165:ca00:1d:b730:7840:93a1
2600:9000:237d:ca00:2:7cff:d940:93a1
2a04:4e42:400::485
85.214.205.154
85.215.230.13
0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27
21a0b44bb0ea9be8d3b9bface810bcad0e5a1005f222b987b2cd5285583c7a1b
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
5311cab212781fdd85492692abbeadb06a259496cd6fd188250d948817eb0540
61207f2cddc6524939c84528f5d95ded7d93c15e464facf00417ad22d0fdaf03
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
66f1fd3e6f4375fdb5542a1a6fd92d947d08916bc7229f08332861dca4538f86
72c91e30f22cc40a5a332c6bca7d5601074337c61aab6a72727b0a7c64f9bf99
81eb51c6472a30f0779ec76880e9d7996db06277655ea83087b0121f3b1962da
8ac1b2f571bee1248a01690bafeeb42f0a31d7b2ad78bbcc9b6a3530c0686456
c818428cde1ec4d24d46037733fb51b2f624e54b7dd69cd34080c801bfb19161
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d24a099c120c71b019f20cb599643d1ec8f1aabf30f2763b69a35daad5f95967
e0aabad6cb87e7df3cb04280ea65e71793d3a7d76d6caa4a59c7f57a2647e14c
e4bf17663a2e43a9ee87e6ad3b8887aef50dcde984211f0dfe0757d8b74a83e1
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3