urlscan.io logo urlscan.io
SecurityTrails logo

timetracking.murbit.at Open in urlscan Pro
78.47.106.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://timetracking.murbit.at/
Effective URL: https://timetracking.murbit.at/en/login
Submission: On August 17 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 6 HTTP transactions. The main IP is 78.47.106.96, located in Germany and belongs to HETZNER-AS, DE. The main domain is timetracking.murbit.at.
TLS certificate: Issued by R3 on August 17th 2021. Valid for: 3 months.
This is the only time timetracking.murbit.at was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 78.47.106.96 24940 (HETZNER-AS)
1 5.132.191.118 47692 (NESSUS)
6 2
Apex Domain
Subdomains		 Transfer
8 murbit.at
timetracking.murbit.at
www.murbit.at
1 MB
6 1
Domain Requested by
7 timetracking.murbit.at 2 redirects timetracking.murbit.at
1 www.murbit.at timetracking.murbit.at
6 2

This site contains no links.

Subject Issuer Validity Valid
timetracking.murbit.at
R3		 2021-08-17 -
2021-11-15		 3 months crt.sh
get.eventbert.com
R3		 2021-07-06 -
2021-10-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://timetracking.murbit.at/en/login
Frame ID: 868DBB68FFECE5BC3F44265E49EC0C76
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://timetracking.murbit.at/ HTTP 302
    https://timetracking.murbit.at/en/homepage HTTP 302
    https://timetracking.murbit.at/en/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

1209 kB
Transfer

1208 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://timetracking.murbit.at/ HTTP 302
    https://timetracking.murbit.at/en/homepage HTTP 302
    https://timetracking.murbit.at/en/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
timetracking.murbit.at/en/
Redirect Chain
  • https://timetracking.murbit.at/
  • https://timetracking.murbit.at/en/homepage
  • https://timetracking.murbit.at/en/login
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://timetracking.murbit.at/en/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.47.106.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
kimai.cloud
Software
nginx /
Resource Hash
5b12b54810d48f4bdd05e74681008335e61895eb2b63045c82401b676a77f939
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
timetracking.murbit.at
:scheme
https
:path
/en/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=q970i6go5cv2ptoi0p97nurvnn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
content-type
text/html; charset=UTF-8
cache-control
max-age=0, must-revalidate, private
date
Tue, 17 Aug 2021 10:46:01 GMT
expires
Tue, 17 Aug 2021 10:46:01 GMT
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
referrer-policy
no-referrer, strict-origin-when-cross-origin
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

server
nginx
content-type
text/html; charset=UTF-8
location
https://timetracking.murbit.at/en/login
set-cookie
PHPSESSID=q970i6go5cv2ptoi0p97nurvnn; path=/; HttpOnly
cache-control
max-age=0, must-revalidate, private
date
Tue, 17 Aug 2021 10:46:01 GMT
expires
Tue, 17 Aug 2021 10:46:01 GMT
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
referrer-policy
no-referrer, strict-origin-when-cross-origin
x-xss-protection
1; mode=block
x-content-type-options
nosniff
app.cf7b7f85.css
timetracking.murbit.at/build/ 		366 KB
367 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timetracking.murbit.at/build/app.cf7b7f85.css
Requested by
Host: timetracking.murbit.at
URL: https://timetracking.murbit.at/en/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.47.106.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
kimai.cloud
Software
nginx /
Resource Hash
82616a1360065743411a7692b3e3701e0f451a78dd70721191166c0379f90714
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/app.cf7b7f85.css
pragma
no-cache
cookie
PHPSESSID=q970i6go5cv2ptoi0p97nurvnn
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
timetracking.murbit.at
referer
https://timetracking.murbit.at/en/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://timetracking.murbit.at/en/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 10:46:01 GMT
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Fri, 21 May 2021 21:34:28 GMT
server
nginx
etag
"60a82764-5b88f"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
374927
x-content-type-options
nosniff
Murbit-Entw-Marker-300x108.png
www.murbit.at/wp-content/uploads/sites/11/2021/06/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.murbit.at/wp-content/uploads/sites/11/2021/06/Murbit-Entw-Marker-300x108.png
Requested by
Host: timetracking.murbit.at
URL: https://timetracking.murbit.at/en/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.132.191.118 , Austria, ASN47692 (NESSUS, AT),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
b4fa58dcb9f6618d22a616deb8135c0b2a65b6b615f9406c545ada0d7fe2769c

Request headers

Referer
https://timetracking.murbit.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 10:46:01 GMT
Last-Modified
Tue, 29 Jun 2021 15:14:33 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"51ad-5c5e91036743c"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
20909
runtime.b8e7bb04.js
timetracking.murbit.at/build/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timetracking.murbit.at/build/runtime.b8e7bb04.js
Requested by
Host: timetracking.murbit.at
URL: https://timetracking.murbit.at/en/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.47.106.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
kimai.cloud
Software
nginx /
Resource Hash
c3b6352133b6258dc2b520ee65a99f59ce8783ef524afa9adfd003d4cffdb4f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/runtime.b8e7bb04.js
pragma
no-cache
cookie
PHPSESSID=q970i6go5cv2ptoi0p97nurvnn
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
timetracking.murbit.at
referer
https://timetracking.murbit.at/en/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://timetracking.murbit.at/en/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 10:46:01 GMT
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Fri, 21 May 2021 21:34:28 GMT
server
nginx
etag
"60a82764-763"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1891
x-content-type-options
nosniff
app.3b90b56b.js
timetracking.murbit.at/build/ 		799 KB
800 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timetracking.murbit.at/build/app.3b90b56b.js
Requested by
Host: timetracking.murbit.at
URL: https://timetracking.murbit.at/en/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.47.106.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
kimai.cloud
Software
nginx /
Resource Hash
3aec8a24bcdc5adf58a1ec082583674473d89bd7b77e83fbee0c193e470fe838
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/app.3b90b56b.js
pragma
no-cache
cookie
PHPSESSID=q970i6go5cv2ptoi0p97nurvnn
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
timetracking.murbit.at
referer
https://timetracking.murbit.at/en/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://timetracking.murbit.at/en/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 10:46:01 GMT
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Fri, 21 May 2021 21:34:28 GMT
server
nginx
etag
"60a82764-c7d34"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
818484
x-content-type-options
nosniff
glyphicons-halflings-regular.be810be3.woff2
timetracking.murbit.at/build/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://timetracking.murbit.at/build/fonts/glyphicons-halflings-regular.be810be3.woff2
Requested by
Host: timetracking.murbit.at
URL: https://timetracking.murbit.at/build/app.cf7b7f85.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.47.106.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
kimai.cloud
Software
nginx /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://timetracking.murbit.at
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=q970i6go5cv2ptoi0p97nurvnn
:path
/build/fonts/glyphicons-halflings-regular.be810be3.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
timetracking.murbit.at
referer
https://timetracking.murbit.at/build/app.cf7b7f85.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://timetracking.murbit.at
Referer
https://timetracking.murbit.at/build/app.cf7b7f85.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 10:46:01 GMT
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Fri, 21 May 2021 21:34:28 GMT
server
nginx
etag
"60a82764-466c"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
18028
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| webpackChunkkimai2 function| jQuery function| $ function| moment function| KimaiWebLoader function| KimaiPaginatedBoxWidget function| KimaiReloadPageWidget function| KimaiCookies

1 Cookies

Domain/Path Name / Value
timetracking.murbit.at/ Name: PHPSESSID
Value: q970i6go5cv2ptoi0p97nurvnn

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block