go.luppa.app Open in urlscan Pro
49.13.61.165 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lpa.hr/1vLj5Ll
Effective URL:
https://go.luppa.app/form/1vLj5Ll
Submission Tags: falconsandbox
Submission: On October 15 via api (October 15th 2024, 7:03:24 am UTC) from US — Scanned from NL

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 14 HTTP transactions. The main IP is 49.13.61.165, located in Berlin, Germany and belongs to HETZNER-AS, DE. The main domain is go.luppa.app.
TLS certificate: Issued by E6 on August 19th 2024. Valid for: 3 months.

This is the only time go.luppa.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	49.13.61.165 49.13.61.165	24940 (HETZNER-AS) (HETZNER-AS)
4	104.21.234.234 104.21.234.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lpa.hr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 49.13.61.165 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.61.13.49.clients.your-server.de

go.luppa.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.234.234 (None, )

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	luppa.app go.luppa.app	86 KB
4	rsms.me rsms.me — Cisco Umbrella Rank: 9083	327 KB
1	lpa.hr 1 redirects lpa.hr	517 B
14	3

	Domain	Requested by
10	go.luppa.app	go.luppa.app
4	rsms.me	go.luppa.app rsms.me
1	lpa.hr	1 redirects
14	3

This site contains no links.

Subject Issuer	Validity	Valid
go.luppa.app E6	`2024-08-19` - `2024-11-17`	3 months	crt.sh
rsms.me WE1	`2024-08-21` - `2024-11-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://go.luppa.app/form/1vLj5Ll
Frame ID: 04B1B85A50EBF0F86DF94DAF725445C1
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Luppa

Page URL History Show full URLs

https://lpa.hr/1vLj5Ll HTTP 301
https://go.luppa.app/form/1vLj5Ll Page URL

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

413 kB
Transfer

874 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lpa.hr/1vLj5Ll HTTP 301
https://go.luppa.app/form/1vLj5Ll Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1vLj5Ll Show response
go.luppa.app/form/
Redirect Chain

https://lpa.hr/1vLj5Ll
https://go.luppa.app/form/1vLj5Ll

356 KB
16 KB

219ms
111ms

Document
text/html

49.13.61.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.luppa.app/form/1vLj5Ll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.61.165 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.61.13.49.clients.your-server.de

Software

nginx /

Resource Hash

ef4a94080e3fac610ed8b4b2c26eacb833aff13b6d64ac199962aa3b2715c87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 15 Oct 2024 07:03:19 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=3600
cf-ray: 8d2df2d74d4071c5-FRA
content-length: 167
content-type: text/html
date: Tue, 15 Oct 2024 07:03:18 GMT
expires: Tue, 15 Oct 2024 08:03:18 GMT
location: https://go.luppa.app/form/1vLj5Ll
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wc7RihRH4JLWlS16zCx88n7Jbyi7Hln6faifvyThIAX%2FZqODi1JU0PPf5H3b17MTGTQXfTM75Jcnvt6q3J3yzT6OdD%2F5Ypu%2B9J8yNq754KiGww22LM4d2%2Bw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding

GET
H3 200 inter.css
rsms.me/inter/ 7 KB
1 KB 94ms
30ms Stylesheet
text/css 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: go.luppa.app
URL: https://go.luppa.app/form/1vLj5Ll
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://go.luppa.app/

Response headers

x-fastly-request-id: a69cab9c3173d6ce530c70d95dcf9249098d7c74
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6601abff-1b8d"
age: 64
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ue08S5i9dgVCrn2uWSQuTmCs9dVNFvBv3HGgO83WTLn9lucWfFPIgrQJX%2B7C1bkV3z25D2FXP3R6ykEPewNYyuf0R2mnCBM6Ufx0mgzHgKAx%2FwrY%2FlFbu503"}],"group":"cf-nel","max_age":604800}
x-github-request-id: 7641:0E93:8909E9:8BDCBF:66EA3F9E
expires: Wed, 18 Sep 2024 02:56:42 GMT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfExtPri
date: Tue, 15 Oct 2024 07:03:19 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230145-FRA
x-cache-hits: 1
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1726671729.630926,VS0,VE2
via: 1.1 varnish
cf-ray: 8d2df2d9a8fd65b2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 712
x-origin-cache: HIT
server: cloudflare

GET
H2 200 questionnaire-5ffe1f9e.css
go.luppa.app/build/assets/ 25 KB
5 KB 30ms
29ms Stylesheet
text/css 49.13.61.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.luppa.app/build/assets/questionnaire-5ffe1f9e.css

Requested by

Host: go.luppa.app
URL: https://go.luppa.app/form/1vLj5Ll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.61.165 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.61.13.49.clients.your-server.de

Software

nginx /

Resource Hash

5ffe1f9eb38f5317a45f527aee2764d5333f5ee79cb5cf7f96d56e7d8277661e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://go.luppa.app/form/1vLj5Ll

Response headers

vary: Accept-Encoding
content-encoding: gzip
etag: W/"670cc55a-6289"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Tue, 15 Oct 2024 07:03:19 GMT
content-type: text/css
last-modified: Mon, 14 Oct 2024 07:16:42 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 luppa_logo.png
go.luppa.app/images/ 5 KB
5 KB 31ms
30ms Image
image/png 49.13.61.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.luppa.app/images/luppa_logo.png

Requested by

Host: go.luppa.app
URL: https://go.luppa.app/form/1vLj5Ll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.61.165 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.61.13.49.clients.your-server.de

Software

nginx /

Resource Hash

7a76f813692239d74cdce2009228ed7f75014c6aceb98a5143b0fcaa67f4728f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://go.luppa.app/form/1vLj5Ll

Response headers

etag: "660a8098-14b4"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 5300
x-xss-protection: 1; mode=block
date: Tue, 15 Oct 2024 07:03:19 GMT
content-type: image/png
last-modified: Mon, 01 Apr 2024 09:38:32 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H3 200 Inter-SemiBold.woff2
rsms.me/inter/font-files/ 109 KB
110 KB 75ms
50ms Font
font/woff2 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-SemiBold.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e52a861dc26ff4608c50bd7ff89b65d0d6216a2afe7b47ce5d84544811ca400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://go.luppa.app
Referer: https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id: 7916a4495243f8c982b8d1f258202333ed1dffec
cf-cache-status: REVALIDATED
etag: "6601abff-1b3e4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oC1wUnRsh%2FAVi%2FW%2FFseAahA8vDvrIIp%2B80GDVVv6XRIH9DCRfeSclWx1dXAfRCGW6b2En0R%2F0dMm4xXzmrtDxHemRt6GPy8EVc%2FHft1irfkJl0itQPmCuIl%2B"}],"group":"cf-nel","max_age":604800}
x-github-request-id: A542:5DA83:5DA07AA:5FBD1FC:66E972E1
expires: Tue, 17 Sep 2024 12:25:29 GMT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfExtPri
date: Tue, 15 Oct 2024 07:03:19 GMT
content-type: font/woff2
x-served-by: cache-fra-eddf8230087-FRA
x-cache-hits: 2
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
vary: Accept-Encoding
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1728911291.884467,VS0,VE0
via: 1.1 varnish
cf-ray: 8d2df2dc4ccd2c2b-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 111588
x-origin-cache: HIT
server: cloudflare

GET
H3 200 Inter-Regular.woff2
rsms.me/inter/font-files/ 106 KB
107 KB 110ms
87ms Font
font/woff2 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Regular.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://go.luppa.app
Referer: https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id: a9ca25ba6b0a8bc54a239d0409d7bb89bae05fdd
cf-cache-status: REVALIDATED
etag: "6601abff-1a7c8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FhPvy8y%2FZsnKGoAJDGJ%2FmYuyz5saefRcJeXFURwi8AxwMXsXT6VU%2F8xBOTFXcngsoqmRb8q%2BCb4KtWfCO8yxYKzRP78Ql4O3hfBgZOf5ggXyRV5K9HiHhF5"}],"group":"cf-nel","max_age":604800}
x-github-request-id: 149A:24D16A:782F93:7AA737:670809C7
expires: Thu, 10 Oct 2024 17:17:19 GMT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfExtPri
date: Tue, 15 Oct 2024 07:03:19 GMT
content-type: font/woff2
x-served-by: cache-fra-eddf8230083-FRA
x-cache-hits: 5
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
vary: Accept-Encoding
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1728911291.884720,VS0,VE1
via: 1.1 varnish
cf-ray: 8d2df2dc4ccf2c2b-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 108488
x-origin-cache: HIT
server: cloudflare

GET
H3 200 Inter-Bold.woff2
rsms.me/inter/font-files/ 108 KB
109 KB 111ms
88ms Font
font/woff2 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Bold.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 220976705fbec109f43c5cfdceca639e99ace7e51f3eb67292b105d3575eb39b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://go.luppa.app
Referer: https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id: 74c087923a4b38f60379bf4888e8ad269b16f8b8
cf-cache-status: MISS
etag: "6601abff-1b1c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z5f7MiKyrDGIiCrxqDXf1oby9ZxgtZjbHIb7477tw6pRGUQ0SQxQOisTtGVRFYNfVjPZbbeBl5TEdQo7hg2d1aK%2BIuugngTeftyd1MhQBcNUGnuN%2BMaSWTVS"}],"group":"cf-nel","max_age":604800}
x-github-request-id: 8B0C:1EE5EF:779443:7AAE83:66F549CC
expires: Thu, 26 Sep 2024 11:57:17 GMT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfExtPri
date: Tue, 15 Oct 2024 07:03:19 GMT
content-type: font/woff2
x-served-by: cache-fra-eddf8230155-FRA
x-cache-hits: 4
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
vary: Accept-Encoding
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1728975800.736731,VS0,VE0
via: 1.1 varnish
cf-ray: 8d2df2dc4cd22c2b-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 111040
x-origin-cache: HIT
server: cloudflare

GET
H2 200 drag.png
go.luppa.app/images/ 648 B
840 B 25ms
24ms Image
image/png 49.13.61.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.luppa.app/images/drag.png?8b8cd90007ee598f951e59bfce102963

Requested by

Host: go.luppa.app
URL: https://go.luppa.app/form/1vLj5Ll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.61.165 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.61.13.49.clients.your-server.de

Software

nginx /

Resource Hash

1488b4335aebdea6cbf2dc628ff938c99011b0610553a3a1bedee86453161e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://go.luppa.app/form/1vLj5Ll

Response headers

etag: "660a8098-288"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 648
x-xss-protection: 1; mode=block
date: Tue, 15 Oct 2024 07:03:19 GMT
content-type: image/png
last-modified: Mon, 01 Apr 2024 09:38:32 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 form-ddc12666.js Show response
go.luppa.app/build/assets/ 81 KB
29 KB 55ms
54ms Script
application/javascript 49.13.61.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.luppa.app/build/assets/form-ddc12666.js

Requested by

Host: go.luppa.app
URL: https://go.luppa.app/form/1vLj5Ll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.61.165 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.61.13.49.clients.your-server.de

Software

nginx /

Resource Hash

fc6d68b2b451676706ed0546084fe41a9836d617e099b1f2e70923f108f8ab71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://go.luppa.app
Referer

Response headers

vary: Accept-Encoding
content-encoding: gzip
etag: W/"670cc55a-143bd"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Tue, 15 Oct 2024 07:03:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 07:16:42 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 _commonjsHelpers-13eccc99.js Show response
go.luppa.app/build/assets/ 29 KB
12 KB 87ms
86ms Script
application/javascript 49.13.61.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.luppa.app/build/assets/_commonjsHelpers-13eccc99.js

Requested by

Host: go.luppa.app
URL: https://go.luppa.app/form/1vLj5Ll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.61.165 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.61.13.49.clients.your-server.de

Software

nginx /

Resource Hash

0e510eea480e76c9b31429985d4e2f91c783f30864bb6db91319f70184e1f7d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://go.luppa.app
Referer

Response headers

vary: Accept-Encoding
content-encoding: gzip
etag: W/"670cc55a-7539"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Tue, 15 Oct 2024 07:03:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 07:16:42 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 sortable.esm-c9fcee54.js Show response
go.luppa.app/build/assets/ 36 KB
13 KB 88ms
88ms Script
application/javascript 49.13.61.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.luppa.app/build/assets/sortable.esm-c9fcee54.js

Requested by

Host: go.luppa.app
URL: https://go.luppa.app/form/1vLj5Ll

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.61.165 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.61.13.49.clients.your-server.de

Software

nginx /

Resource Hash

1103558f1946e5174bc1f262c20ffa12b279d45c13a2ba1a87b5b44f0550d7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://go.luppa.app
Referer

Response headers

vary: Accept-Encoding
content-encoding: gzip
etag: W/"670cc55a-8e0d"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Tue, 15 Oct 2024 07:03:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 07:16:42 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 favicon.png
go.luppa.app/ 775 B
967 B 24ms
23ms Other
image/png 49.13.61.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.luppa.app/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.61.165 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.61.13.49.clients.your-server.de

Software

nginx /

Resource Hash

465d03d4b0e1b4f702f3e7f1556b595a808c56fc04bcc3ba9998d3ea2bdde86f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://go.luppa.app/form/1vLj5Ll

Response headers

etag: "660a8098-307"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 775
x-xss-protection: 1; mode=block
date: Tue, 15 Oct 2024 07:03:19 GMT
content-type: image/png
last-modified: Mon, 01 Apr 2024 09:38:32 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 favicon.ico
go.luppa.app/ 4 KB
928 B 24ms
23ms Other
image/x-icon 49.13.61.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.luppa.app/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.61.165 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.61.13.49.clients.your-server.de

Software

nginx /

Resource Hash

152e98e16030ef4564e025c1839f640589f5c5861c6680067a9ddfb8bcbb9044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://go.luppa.app/form/1vLj5Ll

Response headers

vary: Accept-Encoding
content-encoding: gzip
etag: W/"660a8098-10be"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Tue, 15 Oct 2024 07:03:19 GMT
content-type: image/x-icon
last-modified: Mon, 01 Apr 2024 09:38:32 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 404 favicon.ico
go.luppa.app/public/ 6 KB
2 KB 44ms
43ms Other
text/html 49.13.61.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.luppa.app/public/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.13.61.165 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.61.13.49.clients.your-server.de
Software: nginx /
Resource Hash: 8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://go.luppa.app/form/1vLj5Ll

Response headers

cache-control: no-cache, private
content-encoding: gzip
date: Tue, 15 Oct 2024 07:03:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: nginx

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| formConfig

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			go.luppa.app/	1970-01-21 00:16:22	Name: XSRF-TOKEN Value: eyJpdiI6ImovYVIraEp3bHZhU0lkc1o2RFdwYnc9PSIsInZhbHVlIjoia1ZsREpzbU9TVUtubVJYbzUycVQ2RGp5UHFLcWptVVZQL01QZHNwVmNuNnRDS0pQRDFhd3BUTEg0R2ovb1JmdEY5dmk5ZjkwQThtT2VmZ2xTRzhqSFBUdGFhUWgxZmFTM2lUZGl2RGVhVXlQNXVTWjhUOHkvREloZEJkak9oaS8iLCJtYWMiOiJiZjM3MWNiNzBlYjgwYWQyODYxMjYxZjhhOGUwNmIyMmZhOWM2MDRkYjlmMjZjMDQyYzQxOGE3NWZjOTU2Y2NjIiwidGFnIjoiIn0%3D
			go.luppa.app/	1970-01-21 00:16:22	Name: luppa_session Value: eyJpdiI6Ink3U250UDBzblcxNHZIaW1vMU5OUWc9PSIsInZhbHVlIjoiUC9SbG1UaG9kcTFqZzFzL3QyNytLTk1sTVk0VlJDRHJpeGRJU0k4QkxwS2JVb3N6N3M2WXZZNnRLaW5teU5ZOFNDK2huZy9HQnpOdVBJZ1BPVjhoYndIZEVFb25ZUGJYM1llLzkzenVad2M2ZWNwa2Iycmx5SzJCWGlWb3N3TkkiLCJtYWMiOiJhMDM5NWIzOGZlZjk1MDIxZGY3ODkyNzM3MGM0N2Y1OWZlNDg0ZTVlMjAzNjAxM2EwMjI2YjhmYjZlMjk1N2NlIiwidGFnIjoiIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://go.luppa.app/public/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.luppa.app
lpa.hr
rsms.me
104.21.234.234
188.114.97.3
49.13.61.165
0e510eea480e76c9b31429985d4e2f91c783f30864bb6db91319f70184e1f7d6
1103558f1946e5174bc1f262c20ffa12b279d45c13a2ba1a87b5b44f0550d7bd
1488b4335aebdea6cbf2dc628ff938c99011b0610553a3a1bedee86453161e6c
152e98e16030ef4564e025c1839f640589f5c5861c6680067a9ddfb8bcbb9044
220976705fbec109f43c5cfdceca639e99ace7e51f3eb67292b105d3575eb39b
465d03d4b0e1b4f702f3e7f1556b595a808c56fc04bcc3ba9998d3ea2bdde86f
5ffe1f9eb38f5317a45f527aee2764d5333f5ee79cb5cf7f96d56e7d8277661e
7a76f813692239d74cdce2009228ed7f75014c6aceb98a5143b0fcaa67f4728f
8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968
8e52a861dc26ff4608c50bd7ff89b65d0d6216a2afe7b47ce5d84544811ca400
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a
ef4a94080e3fac610ed8b4b2c26eacb833aff13b6d64ac199962aa3b2715c87c
fc6d68b2b451676706ed0546084fe41a9836d617e099b1f2e70923f108f8ab71

go.luppa.app Open in urlscan Pro 49.13.61.165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

413 kBTransfer

874 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

go.luppa.app Open in urlscan Pro
49.13.61.165 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

413 kB
Transfer

874 kB
Size

2
Cookies

14 HTTP transactions
0 data transactions