leinenlos-berlin.onlinebuchung.software
Open in
urlscan Pro
85.13.128.58
Public Scan
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On May 19 via api from IT — Scanned from IT
Summary
TLS certificate: Issued by R3 on May 18th 2024. Valid for: 3 months.
This is the only time leinenlos-berlin.onlinebuchung.software was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 85.13.128.58 85.13.128.58 | 34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68) | |
10 | 1 |
ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd47300.kasserver.com
leinenlos-berlin.onlinebuchung.software |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
onlinebuchung.software
leinenlos-berlin.onlinebuchung.software |
483 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
10 | leinenlos-berlin.onlinebuchung.software |
leinenlos-berlin.onlinebuchung.software
|
10 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
aninova.eu |
Subject Issuer | Validity | Valid | |
---|---|---|---|
leinenlos-berlin.onlinebuchung.software R3 |
2024-05-18 - 2024-08-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://leinenlos-berlin.onlinebuchung.software/login.php?url=%2Fkundenbereich%2F
Frame ID: 09D15B7791D238723DF7BD78C7FA3D82
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Anmeldung zum BuchungsportalDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Datenschutzerklärung
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.php
leinenlos-berlin.onlinebuchung.software/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
leinenlos-berlin.onlinebuchung.software/css/ |
152 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
leinenlos-berlin.onlinebuchung.software/resource/fontawesome/css/ |
58 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-slim.min.js
leinenlos-berlin.onlinebuchung.software/assets/js/vendor/ |
68 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
leinenlos-berlin.onlinebuchung.software/js/ |
57 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin.css
leinenlos-berlin.onlinebuchung.software/css/ |
1 KB 531 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_header.png
leinenlos-berlin.onlinebuchung.software/resource/mail/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-show-password.js
leinenlos-berlin.onlinebuchung.software/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
001.jpg
leinenlos-berlin.onlinebuchung.software/resource/backgrounds/ |
393 KB 393 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
leinenlos-berlin.onlinebuchung.software/ |
34 KB 7 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| bootstrap1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
leinenlos-berlin.onlinebuchung.software/ | Name: PHPSESSID Value: 1bb0802c5716ff2b27725286b41a2799 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=172800 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
leinenlos-berlin.onlinebuchung.software
85.13.128.58
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
179fbcfacefe27e6ed620a9d397bcffe24735e045059dfef2861096da97c750d
2c2ccfbe7389f52f76a1c69e6ee66e3ca254582cd7f738b9187413afea6d099d
2c306c27095243b3ecf7ea0d46686b194dc4ae2527d6df2df878094d49b18371
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
905c5012ed179703d9625310391af13daca95d24cf2f6c2166f4468477371cf0
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
9d752ceeb01845a7913b78324b28e0cdaf7737b144727dd9dcce00867c204807
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
f2697f2792ec571c76fa4ff9a1306ae395e75820783768fb2c78062ed2efdccf