URL: https://figure.uber.space/
Submission: On March 08 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 2a00:d0c0:200:0:b9:1a:9c:42, located in Germany and belongs to UBERSPACE, DE. The main domain is figure.uber.space.
TLS certificate: Issued by R3 on March 8th 2023. Valid for: 3 months.
This is the only time figure.uber.space was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2a00:d0c0:200... 205766 (UBERSPACE)
2 2a00:d0c0:200... 205766 (UBERSPACE)
11 2
Apex Domain
Subdomains
Transfer
9 uber.space
figure.uber.space
1 MB
2 nckl.de
matomo.nckl.de
25 KB
11 2
Domain Requested by
9 figure.uber.space figure.uber.space
2 matomo.nckl.de figure.uber.space
matomo.nckl.de
11 2

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
twitter.com
Subject Issuer Validity Valid
figure.uber.space
R3
2023-03-08 -
2023-06-06
3 months crt.sh
matomo.nckl.de
R3
2023-02-01 -
2023-05-02
3 months crt.sh

This page contains 1 frames:

Primary Page: https://figure.uber.space/
Frame ID: 5A17A5FBA08EFAD006C56F7A4907115B
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Figure Case

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1064 kB
Transfer

1109 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
figure.uber.space/
3 KB
1 KB
Document
General
Full URL
https://figure.uber.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:b9:1a:9c:42 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
4a78bf108a12031a91eb7b5ce3715fbc2ce6e96c41a876d249312fbdd21ff43a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Mar 2023 23:17:38 GMT
etag
W/"c81-5980142ee2bdc"
last-modified
Sat, 23 Nov 2019 10:47:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
style.css
figure.uber.space/
2 KB
1 KB
Stylesheet
General
Full URL
https://figure.uber.space/style.css
Requested by
Host: figure.uber.space
URL: https://figure.uber.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:b9:1a:9c:42 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
006b69be6afabb3827bb18b3872f821c1b1c1abfb662d2b26efe220c58e21da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://figure.uber.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 23:17:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 23 Nov 2019 10:47:50 GMT
server
nginx
content-encoding
gzip
etag
W/"7f6-59801430267a5"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
icon-rounded.png
figure.uber.space/
7 KB
7 KB
Image
General
Full URL
https://figure.uber.space/icon-rounded.png
Requested by
Host: figure.uber.space
URL: https://figure.uber.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:b9:1a:9c:42 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
6e6c747026ca82fe6e2a907bf5adcb10651e71965f6696f13d7f8a5424604980
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://figure.uber.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 23:17:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 23 Nov 2019 10:47:26 GMT
server
nginx
etag
"1a83-59801419eb745"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
6787
x-xss-protection
1; mode=block
download-on-app-store.svg
figure.uber.space/
11 KB
5 KB
Image
General
Full URL
https://figure.uber.space/download-on-app-store.svg
Requested by
Host: figure.uber.space
URL: https://figure.uber.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:b9:1a:9c:42 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://figure.uber.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 23:17:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 14 Nov 2019 14:32:57 GMT
server
nginx
content-encoding
gzip
etag
W/"2a34-5974f5b8e948e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
x-xss-protection
1; mode=block
screen1.png
figure.uber.space/img/
199 KB
199 KB
Image
General
Full URL
https://figure.uber.space/img/screen1.png
Requested by
Host: figure.uber.space
URL: https://figure.uber.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:b9:1a:9c:42 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
b8c36c72bd996d3a9e92e5d042befde1baa808cdb28c5161ea010113f46fa0de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://figure.uber.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 23:17:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Nov 2019 08:39:38 GMT
server
nginx
etag
"31af0-597af0131fe29"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
203504
x-xss-protection
1; mode=block
screen2.png
figure.uber.space/img/
239 KB
239 KB
Image
General
Full URL
https://figure.uber.space/img/screen2.png
Requested by
Host: figure.uber.space
URL: https://figure.uber.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:b9:1a:9c:42 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
00bcbd669bc1aa1503bbed4c9c4cab2c5ab855d2c4aed18aeb2b1fa586c69658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://figure.uber.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 23:17:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Nov 2019 08:39:39 GMT
server
nginx
etag
"3ba8d-597af013e8158"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
244365
x-xss-protection
1; mode=block
screen3.png
figure.uber.space/img/
194 KB
195 KB
Image
General
Full URL
https://figure.uber.space/img/screen3.png
Requested by
Host: figure.uber.space
URL: https://figure.uber.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:b9:1a:9c:42 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
ca0ec2a4182c9620257e3aff83999d28b74f42385885360c64b9fb85267ef901
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://figure.uber.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 23:17:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Nov 2019 08:39:39 GMT
server
nginx
etag
"309a9-597af013d0e3e"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
199081
x-xss-protection
1; mode=block
screen1-ipad.png
figure.uber.space/img/
195 KB
196 KB
Image
General
Full URL
https://figure.uber.space/img/screen1-ipad.png
Requested by
Host: figure.uber.space
URL: https://figure.uber.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:b9:1a:9c:42 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
987c2424641b416e8a42511c0b50ce50f80bac077916da952dd3566cc669f0b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://figure.uber.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 23:17:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Nov 2019 08:39:36 GMT
server
nginx
etag
"30d5e-597af011755d0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
200030
x-xss-protection
1; mode=block
screen2-ipad.png
figure.uber.space/img/
196 KB
196 KB
Image
General
Full URL
https://figure.uber.space/img/screen2-ipad.png
Requested by
Host: figure.uber.space
URL: https://figure.uber.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:b9:1a:9c:42 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
1b74f56cf181504f04a2a3353474e2040881bac1e86029f24ca6cbaedefa9cc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://figure.uber.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 23:17:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Nov 2019 08:39:39 GMT
server
nginx
etag
"30ecb-597af013d50a6"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
200395
x-xss-protection
1; mode=block
matomo.js
matomo.nckl.de/
64 KB
25 KB
Script
General
Full URL
https://matomo.nckl.de/matomo.js
Requested by
Host: figure.uber.space
URL: https://figure.uber.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:b9:1a:9c:38 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://figure.uber.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 23:17:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 01 Feb 2023 14:50:11 GMT
server
nginx
content-encoding
gzip
etag
W/"10132-5f3a490b83cb1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
matomo.php
matomo.nckl.de/
0
254 B
Ping
General
Full URL
https://matomo.nckl.de/matomo.php?action_name=Figure%20Case&idsite=7&rec=1&r=112504&h=23&m=17&s=38&url=https%3A%2F%2Ffigure.uber.space%2F&_id=7eff8eb7ddf3c36f&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=F1v78p&pf_net=58&pf_srv=10&pf_tfr=1&pf_dm1=31&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.nckl.de
URL: https://matomo.nckl.de/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:b9:1a:9c:38 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://figure.uber.space/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Wed, 08 Mar 2023 23:17:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://figure.uber.space
access-control-allow-credentials
true
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

2 Cookies

Domain/Path Name / Value
figure.uber.space/ Name: _pk_id.7.a04e
Value: 7eff8eb7ddf3c36f.1678317458.
figure.uber.space/ Name: _pk_ses.7.a04e
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block