urlscan.io logo urlscan.io
SecurityTrails logo

data.leibold.biz Open in urlscan Pro
85.13.136.173  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.mitarbeiter.leibold.biz/
Effective URL: https://data.leibold.biz/formular/NeueMitarbeiter.html
Submission: On August 18 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 85.13.136.173, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is data.leibold.biz.
TLS certificate: Issued by R11 on August 10th 2024. Valid for: 3 months.
This is the only time data.leibold.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 85.13.136.173 34788 (NMM-AS D)
1 192.229.133.221 15133 (EDGECAST)
2 2a04:4e42::649 54113 (FASTLY)
8 3
Apex Domain
Subdomains		 Transfer
6 leibold.biz
www.mitarbeiter.leibold.biz
data.leibold.biz
13 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
96 KB
1 w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 37965
7 KB
8 3
Domain Requested by
5 data.leibold.biz data.leibold.biz
2 code.jquery.com data.leibold.biz
1 www.w3schools.com data.leibold.biz
1 www.mitarbeiter.leibold.biz 1 redirects
8 4

This site contains links to these domains. Also see Links.

Domain
landingpage.vema-eg.de
Subject Issuer Validity Valid
data.leibold.biz
R11		 2024-08-10 -
2024-11-08		 3 months crt.sh
*.w3schools.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-03 -
2025-05-04		 a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://data.leibold.biz/formular/NeueMitarbeiter.html
Frame ID: 20F12CF0EF22C017E0909E501E0B2B4E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Meldung von neuen Mitarbeitern

Page URL History Show full URLs

  1. https://www.mitarbeiter.leibold.biz/ HTTP 301
    https://data.leibold.biz/formular/NeueMitarbeiter.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

8
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

115 kB
Transfer

394 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.mitarbeiter.leibold.biz/ HTTP 301
    https://data.leibold.biz/formular/NeueMitarbeiter.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request NeueMitarbeiter.html
data.leibold.biz/formular/
Redirect Chain
  • https://www.mitarbeiter.leibold.biz/
  • https://data.leibold.biz/formular/NeueMitarbeiter.html
30 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://data.leibold.biz/formular/NeueMitarbeiter.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.136.173 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd15418.kasserver.com
Software
Apache /
Resource Hash
5e9fa2c01af37dde7de5c6b5fa277b2ccb160cb3bb045a44f62ce02662c11460

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
br
content-length
7443
content-type
text/html
date
Sun, 18 Aug 2024 19:41:04 GMT
etag
"7918-5e070b9809cb0-br"
last-modified
Thu, 02 Jun 2022 06:00:36 GMT
server
Apache
vary
Accept-Encoding,User-Agent

Redirect headers

content-length
262
content-type
text/html; charset=iso-8859-1
date
Sun, 18 Aug 2024 19:41:04 GMT
location
https://data.leibold.biz/formular/NeueMitarbeiter.html
server
Apache
w3.css
www.w3schools.com/lib/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/lib/w3.css
Requested by
Host: data.leibold.biz
URL: https://data.leibold.biz/formular/NeueMitarbeiter.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674D) / ASP.NET
Resource Hash
2f2d3c65754f7a485d41c260209aeb4f8a900428359f9708ac610c947f1fb321
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;

Request headers

Referer
https://data.leibold.biz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
content-encoding
gzip
date
Sun, 18 Aug 2024 19:41:04 GMT
last-modified
Mon, 12 Aug 2024 12:27:42 GMT
server
ECS (frb/674D)
age
387835
etag
"0b3e76b3ecda1:0+gzip"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public,max-age=31536000,public
accept-ranges
bytes
content-length
6679
x-content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
jquery-1.11.2.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.2.min.js
Requested by
Host: data.leibold.biz
URL: https://data.leibold.biz/formular/NeueMitarbeiter.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer
https://data.leibold.biz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 19:41:04 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3319845
x-cache
HIT, HIT
content-length
33262
x-served-by
cache-lga13622-LGA, cache-fra-eddf8230043-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1724010065.636481,VS0,VE0
etag
W/"28feccc0-176bb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
7, 9034
jquery-ui.min.js
code.jquery.com/ui/1.11.2/ 		234 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.2/jquery-ui.min.js
Requested by
Host: data.leibold.biz
URL: https://data.leibold.biz/formular/NeueMitarbeiter.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054

Request headers

Referer
https://data.leibold.biz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 19:41:04 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2017989
x-cache
HIT, HIT
content-length
64186
x-served-by
cache-lga21955-LGA, cache-fra-eddf8230043-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1724010065.636397,VS0,VE0
etag
W/"28feccc0-3a7cc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
19, 1270
formmail_v4.php
data.leibold.biz/formmail/v4136/ 		724 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.leibold.biz/formmail/v4136/formmail_v4.php?action=captcha&id=547134
Requested by
Host: data.leibold.biz
URL: https://data.leibold.biz/formular/NeueMitarbeiter.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.136.173 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd15418.kasserver.com
Software
Apache /
Resource Hash
e9829014e971a1deb28bc6b233e1c265c03ebe207ec46fdc6659427b35a0c3bc

Request headers

Referer
https://data.leibold.biz/formular/NeueMitarbeiter.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 18 Aug 2024 19:41:04 GMT
content-disposition
filename="captcha.png"
server
Apache
vary
User-Agent
content-type
image/png
refresh.png
data.leibold.biz/formmail/v4136/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.leibold.biz/formmail/v4136/refresh.png
Requested by
Host: data.leibold.biz
URL: https://data.leibold.biz/formular/NeueMitarbeiter.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.136.173 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd15418.kasserver.com
Software
Apache /
Resource Hash
730cf2a8330a9a2784025673ba4f0ff99533bab3189a5069c5eec78491288d65

Request headers

Referer
https://data.leibold.biz/formular/NeueMitarbeiter.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 19:41:04 GMT
last-modified
Thu, 19 May 2022 06:47:52 GMT
server
Apache
etag
"c09-5df57c0b9346e"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
3081
formmail_v4.php
data.leibold.biz/formmail/v4136/ 		750 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.leibold.biz/formmail/v4136/formmail_v4.php?action=captcha&id=547134&now=1724010064704
Requested by
Host: data.leibold.biz
URL: https://data.leibold.biz/formular/NeueMitarbeiter.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.136.173 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd15418.kasserver.com
Software
Apache /
Resource Hash
8564d2d6296b6f53e362fa68f535698c1487b6469d8882988ef9ed9df53c6b18

Request headers

Referer
https://data.leibold.biz/formular/NeueMitarbeiter.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 18 Aug 2024 19:41:04 GMT
content-disposition
filename="captcha.png"
server
Apache
vary
User-Agent
content-type
image/png
favicon.ico
data.leibold.biz/ 		196 B
246 B 		Other
General
Check archive.org
Download Go to
Full URL
https://data.leibold.biz/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.136.173 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd15418.kasserver.com
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer
https://data.leibold.biz/formular/NeueMitarbeiter.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 19:41:04 GMT
server
Apache
content-length
196
content-type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| addHiddenField function| GetCookie function| str_replace function| refreshCaptcha function| SetCookieValues function| SetCookies number| $varCaptchaOK function| validateCaptcha function| chkFormular function| inIframe function| openDialog

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://data.leibold.biz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()