urlscan.io logo urlscan.io
SecurityTrails logo

civi.public-transport-lab.de Open in urlscan Pro
157.97.39.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://einsteigen.civiservice.de/
Effective URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Submission: On January 16 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 24 HTTP transactions. The main IP is 157.97.39.158, located in Germany and belongs to MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE. The main domain is civi.public-transport-lab.de.
TLS certificate: Issued by R3 on January 16th 2021. Valid for: 3 months.
This is the only time civi.public-transport-lab.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 157.97.39.158 15817 (MITTWALD-...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1828:200... 34240 (MANITU)
2 2a00:1450:400... 15169 (GOOGLE)
24 4
Domain Requested by
18 civi.public-transport-lab.de civi.public-transport-lab.de
3 einsteigen.jetzt civi.public-transport-lab.de
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com civi.public-transport-lab.de
1 einsteigen.civiservice.de 1 redirects
24 5
Subject Issuer Validity Valid
civi.public-transport-lab.de
R3		 2021-01-16 -
2021-04-16		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
einsteigen.jetzt
R3		 2020-12-26 -
2021-03-26		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Frame ID: 21FEF25245C300C90D9EDC6ABB640D2E
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://einsteigen.civiservice.de/ HTTP 302
    https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

24
Requests

100 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

294 kB
Transfer

451 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://einsteigen.civiservice.de/ HTTP 302
    https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wp-signup.php
civi.public-transport-lab.de/
Redirect Chain
  • https://einsteigen.civiservice.de/
  • https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
73 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
ba755839b9d49cd5610c9d17ce538c436d8c538ee9322ad359b93d083127cb12

Request headers

:method
GET
:authority
civi.public-transport-lab.de
:scheme
https
:path
/wp-signup.php?new=einsteigen.civiservice.de
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:15 GMT
server
Apache
pragma
no-cache
x-ua-compatible
IE=edge
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
PHPSESSID=fafhaupn1qnk4qi295ktns81cu; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
13300
content-type
text/html; charset=UTF-8

Redirect headers

date
Sat, 16 Jan 2021 23:56:15 GMT
server
Apache
location
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
cache-control
max-age=0
expires
Sat, 16 Jan 2021 23:56:15 GMT
content-type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		5 KB
1018 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4cceb47a13cd7530d8cd2c1c88b3bc2596289160a9bcec63079d741f215baf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Jan 2021 23:56:16 GMT
server
ESF
date
Sat, 16 Jan 2021 23:56:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Jan 2021 23:56:16 GMT
style.min.css
civi.public-transport-lab.de/wp-includes/css/dist/block-library/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-includes/css/dist/block-library/style.min.css?ver=5.6
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 11:31:29 GMT
server
Apache
etag
"c8e9-5b62ea2350683-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7855
expires
Sun, 16 Jan 2022 23:56:16 GMT
all.min.css
civi.public-transport-lab.de/wp-content/themes/generatepress/assets/css/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-content/themes/generatepress/assets/css/all.min.css?ver=3.0.2
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
73bbc5206f991d8a603fe956c759d27cc4185cac74373f507b4e2dbf4764047c

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
content-encoding
gzip
last-modified
Thu, 05 Nov 2020 10:06:05 GMT
server
Apache
etag
"7a07-5b3593e7f5c44-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6798
expires
Sun, 16 Jan 2022 23:56:16 GMT
offside.min.css
civi.public-transport-lab.de/wp-content/plugins/gp-premium/menu-plus/functions/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=1.12.3
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
628492e9ee5248b3ae1bd504a7d60227a2e7a09b953b858784044d7d28844489

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 11:32:54 GMT
server
Apache
etag
"1732-5b62ea73eedbc-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1524
expires
Sun, 16 Jan 2022 23:56:16 GMT
navigation-branding.min.css
civi.public-transport-lab.de/wp-content/plugins/gp-premium/menu-plus/functions/css/ 		3 KB
723 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding.min.css?ver=1.12.3
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 11:32:54 GMT
server
Apache
etag
"b00-5b62ea73eedbc-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
668
expires
Sun, 16 Jan 2022 23:56:16 GMT
cropped-201901_IN-EE_logo-web-transparent_resize50px.png
civi.public-transport-lab.de/wp-content/uploads/2020/04/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://civi.public-transport-lab.de/wp-content/uploads/2020/04/cropped-201901_IN-EE_logo-web-transparent_resize50px.png
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
418e14419c39d0e32f0286b8a63258b7beb3edcc486cea43d939f3dd7ae077f5

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
last-modified
Tue, 21 Apr 2020 15:14:17 GMT
server
Apache
etag
"4b84-5a3ce78184440"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19332
expires
Mon, 15 Feb 2021 23:56:16 GMT
BS_Logo2_freigestellt-1-300x84.png
einsteigen.jetzt/wp-content/uploads/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://einsteigen.jetzt/wp-content/uploads/BS_Logo2_freigestellt-1-300x84.png
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1828:2000:462::8080 , Germany, ASN34240 (MANITU, DE),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
3ab6a84ca2759a03dfbf22fe7e59355e13dd2d93b96062494fc82d1634ec012a

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
last-modified
Tue, 04 Feb 2020 12:30:45 GMT
server
Apache/2.4.38 (Debian)
etag
"e2e-59dbf357c3de6"
vary
User-Agent,Accept
content-type
image/webp
accept-ranges
bytes
content-length
3630
Logo_EE_neu-300x129.png
einsteigen.jetzt/wp-content/uploads/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://einsteigen.jetzt/wp-content/uploads/Logo_EE_neu-300x129.png
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1828:2000:462::8080 , Germany, ASN34240 (MANITU, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
wp-emoji-release.min.js
civi.public-transport-lab.de/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-includes/js/wp-emoji-release.min.js?ver=5.6
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 11:31:29 GMT
server
Apache
etag
"37a6-5b62ea231da05-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4671
expires
Sun, 16 Jan 2022 23:56:16 GMT
offside.min.js
civi.public-transport-lab.de/wp-content/plugins/gp-premium/menu-plus/functions/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=1.12.3
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
9ab6ba1e7e051b464b2a5855abc359ba0f4cde98edc2335e2648bbfe5a35cf38

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 11:32:54 GMT
server
Apache
etag
"1631-5b62ea73ede1c-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2053
expires
Sun, 16 Jan 2022 23:56:16 GMT
smooth-scroll.min.js
civi.public-transport-lab.de/wp-content/plugins/gp-premium/general/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=1.12.3
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
be764d640a7efa0022ca94a330ec3c7f38f462016f79f400d06da583be69a31e

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 11:32:54 GMT
server
Apache
etag
"1ae5-5b62ea73f7a5b-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2713
expires
Sun, 16 Jan 2022 23:56:16 GMT
main.min.js
civi.public-transport-lab.de/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.2
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
content-encoding
gzip
last-modified
Thu, 05 Nov 2020 10:06:05 GMT
server
Apache
etag
"1c98-5b3593e7f3d04-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1765
expires
Sun, 16 Jan 2022 23:56:16 GMT
wp-embed.min.js
civi.public-transport-lab.de/wp-includes/js/ 		1 KB
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-includes/js/wp-embed.min.js?ver=5.6
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 00:23:37 GMT
server
Apache
etag
"59a-5a243cfd67440-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
769
expires
Sun, 16 Jan 2022 23:56:16 GMT
background3.png
einsteigen.jetzt/wp-content/uploads/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://einsteigen.jetzt/wp-content/uploads/background3.png
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1828:2000:462::8080 , Germany, ASN34240 (MANITU, DE),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
dfbfcf288a7b755f3674a35a393c6d19b29fd23b248ef31ce68900f9d43dc1a9

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
last-modified
Tue, 04 Feb 2020 12:30:46 GMT
server
Apache/2.4.38 (Debian)
etag
"13836-59dbf358af37e"
vary
User-Agent,Accept
content-type
image/webp
accept-ranges
bytes
content-length
79926
Header.jpg
civi.public-transport-lab.de/wp-content/uploads/2020/04/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://civi.public-transport-lab.de/wp-content/uploads/2020/04/Header.jpg
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
f8c7c13bdabf3f308f46223ae97d869325ea0e378a220ef3d129e758412b9ddd

Request headers

Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
last-modified
Tue, 21 Apr 2020 16:42:55 GMT
server
Apache
etag
"21332-5a3cfb51281c0"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
135986
expires
Mon, 15 Feb 2021 23:56:16 GMT
poppins-v9-latin-regular.woff2
civi.public-transport-lab.de/wp-content/themes/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-content/themes/fonts/poppins-v9-latin-regular.woff2
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Origin
https://civi.public-transport-lab.de
Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
server
Apache
content-length
662
content-type
text/html; charset=iso-8859-1
poppins-v9-latin-600.woff2
civi.public-transport-lab.de/wp-content/themes/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-content/themes/fonts/poppins-v9-latin-600.woff2
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Origin
https://civi.public-transport-lab.de
Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
server
Apache
content-length
662
content-type
text/html; charset=iso-8859-1
poppins-v9-latin-regular.woff
civi.public-transport-lab.de/wp-content/themes/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-content/themes/fonts/poppins-v9-latin-regular.woff
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Origin
https://civi.public-transport-lab.de
Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
server
Apache
content-length
662
content-type
text/html; charset=iso-8859-1
poppins-v9-latin-600.woff
civi.public-transport-lab.de/wp-content/themes/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-content/themes/fonts/poppins-v9-latin-600.woff
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Origin
https://civi.public-transport-lab.de
Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
server
Apache
content-length
662
content-type
text/html; charset=iso-8859-1
poppins-v9-latin-600.ttf
civi.public-transport-lab.de/wp-content/themes/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-content/themes/fonts/poppins-v9-latin-600.ttf
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Origin
https://civi.public-transport-lab.de
Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
server
Apache
content-length
662
content-type
text/html; charset=iso-8859-1
poppins-v9-latin-regular.ttf
civi.public-transport-lab.de/wp-content/themes/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://civi.public-transport-lab.de/wp-content/themes/fonts/poppins-v9-latin-regular.ttf
Requested by
Host: civi.public-transport-lab.de
URL: https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.97.39.158 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Origin
https://civi.public-transport-lab.de
Referer
https://civi.public-transport-lab.de/wp-signup.php?new=einsteigen.civiservice.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 23:56:16 GMT
server
Apache
content-length
662
content-type
text/html; charset=iso-8859-1
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://civi.public-transport-lab.de
Referer
https://fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 15:47:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:13 GMT
server
sffe
age
115738
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Sat, 15 Jan 2022 15:47:18 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://civi.public-transport-lab.de
Referer
https://fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 22:12:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:02:15 GMT
server
sffe
age
265398
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
expires
Thu, 13 Jan 2022 22:12:58 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| offSide object| twemoji object| wp object| generateOffside object| closeElements object| slideoutLinks function| closeOffsideOnAction function| offside object| smooth object| gpscroll function| SmoothScroll object| generatepressMenu

1 Cookies

Domain/Path Name / Value
civi.public-transport-lab.de/ Name: PHPSESSID
Value: fafhaupn1qnk4qi295ktns81cu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

civi.public-transport-lab.de
einsteigen.civiservice.de
einsteigen.jetzt
fonts.googleapis.com
fonts.gstatic.com
157.97.39.158
2a00:1450:4001:809::2003
2a00:1450:4001:819::200a
2a00:1828:2000:462::8080
1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
3ab6a84ca2759a03dfbf22fe7e59355e13dd2d93b96062494fc82d1634ec012a
418e14419c39d0e32f0286b8a63258b7beb3edcc486cea43d939f3dd7ae077f5
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
628492e9ee5248b3ae1bd504a7d60227a2e7a09b953b858784044d7d28844489
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
73bbc5206f991d8a603fe956c759d27cc4185cac74373f507b4e2dbf4764047c
9ab6ba1e7e051b464b2a5855abc359ba0f4cde98edc2335e2648bbfe5a35cf38
b4cceb47a13cd7530d8cd2c1c88b3bc2596289160a9bcec63079d741f215baf7
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
ba755839b9d49cd5610c9d17ce538c436d8c538ee9322ad359b93d083127cb12
be764d640a7efa0022ca94a330ec3c7f38f462016f79f400d06da583be69a31e
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456
dfbfcf288a7b755f3674a35a393c6d19b29fd23b248ef31ce68900f9d43dc1a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8c7c13bdabf3f308f46223ae97d869325ea0e378a220ef3d129e758412b9ddd