obiwan.sturmlan.net Open in urlscan Pro
46.4.195.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://corona-incentives.de/
Effective URL:
http://obiwan.sturmlan.net/admin/index.php
Submission: On December 11 via automatic, source certstream-suspicious (December 11th 2020, 8:23:01 am UTC)

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 46.4.195.1, located in Germany and belongs to HETZNER-AS, DE. The main domain is obiwan.sturmlan.net.

This is the only time obiwan.sturmlan.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 11	46.4.195.1 46.4.195.1		24940 (HETZNER-AS) (HETZNER-AS)
9	1

11 46.4.195.1 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: obiwan.sturmlan.net

corona-incentives.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
obiwan.sturmlan.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	sturmlan.net 1 redirects obiwan.sturmlan.net	88 KB
1	corona-incentives.de 1 redirects corona-incentives.de	79 B
9	2

	Domain	Requested by
10	obiwan.sturmlan.net	1 redirects obiwan.sturmlan.net
1	corona-incentives.de	1 redirects
9	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://obiwan.sturmlan.net/admin/index.php
Frame ID: 545BAE66845FED519611008D545B0B74
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://corona-incentives.de/ HTTP 301
http://obiwan.sturmlan.net/ HTTP 302
http://obiwan.sturmlan.net/admin/index.php Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

9
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

88 kB
Transfer

88 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://corona-incentives.de/ HTTP 301
http://obiwan.sturmlan.net/ HTTP 302
http://obiwan.sturmlan.net/admin/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set index.php Show response obiwan.sturmlan.net/admin/ Redirect Chain https://corona-incentives.de/ http://obiwan.sturmlan.net/ http://obiwan.sturmlan.net/admin/index.php	3 KB 2 KB	65ms 64ms	Document text/html	46.4.195.1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://obiwan.sturmlan.net/admin/index.php Protocol HTTP/1.1 Server 46.4.195.1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS obiwan.sturmlan.net Software nginx / PHP/5.5.26 Resource Hash `cfa77ebf7b4924c9354fbc0a1d24c4c8a88b53284253857051aca5030822bd42` Request headers Host obiwan.sturmlan.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx Date Fri, 11 Dec 2020 08:22:46 GMT Content-Type text/html; charset=ISO-8859-1 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/5.5.26 Set-Cookie PHPSESSID=9df646468908a9f8e0ef4a83021b6995; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Content-Encoding gzip Redirect headers Server nginx Date Fri, 11 Dec 2020 08:22:46 GMT Content-Type text/html Content-Length 0 Connection keep-alive X-Powered-By PHP/5.5.26 Location /admin/index.php
GET H/1.1	200 OK	scripte.js Show response obiwan.sturmlan.net/javascripts/	20 KB 20 KB	38ms 37ms	Script application/x-javascript	46.4.195.1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://obiwan.sturmlan.net/javascripts/scripte.js Requested by Host: obiwan.sturmlan.net URL: http://obiwan.sturmlan.net/admin/index.php Protocol HTTP/1.1 Server 46.4.195.1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS obiwan.sturmlan.net Software nginx / Resource Hash `f63699503c3837b8023f57eab5e3ef722075144639b1316348093e3909ad5a5e` Request headers Referer http://obiwan.sturmlan.net/admin/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 11 Dec 2020 08:22:46 GMT Last-Modified Mon, 02 Sep 2019 07:50:42 GMT Server nginx ETag "4fe1-5918d3a889880" Content-Type application/x-javascript Connection keep-alive Accept-Ranges bytes Content-Length 20449
GET H/1.1	200 OK	style.css obiwan.sturmlan.net/css/	27 KB 27 KB	75ms 57ms	Stylesheet text/css	46.4.195.1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://obiwan.sturmlan.net/css/style.css Requested by Host: obiwan.sturmlan.net URL: http://obiwan.sturmlan.net/admin/index.php Protocol HTTP/1.1 Server 46.4.195.1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS obiwan.sturmlan.net Software nginx / Resource Hash `b2cb9a4df4a2031ec667cb296b79024a31f6dac1f9e1627d465c43a6cca3a347` Request headers Referer http://obiwan.sturmlan.net/admin/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 11 Dec 2020 08:22:46 GMT Last-Modified Mon, 04 Apr 2016 08:37:03 GMT Server nginx ETag "6a1a-52fa4a20609c0" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 27162
GET H/1.1	200 OK	blind.gif obiwan.sturmlan.net/images/	43 B 277 B	38ms 37ms	Image image/gif	46.4.195.1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://obiwan.sturmlan.net/images/blind.gif Requested by Host: obiwan.sturmlan.net URL: http://obiwan.sturmlan.net/admin/index.php Protocol HTTP/1.1 Server 46.4.195.1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS obiwan.sturmlan.net Software nginx / Resource Hash `548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87` Request headers Referer http://obiwan.sturmlan.net/admin/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 11 Dec 2020 08:22:46 GMT Last-Modified Mon, 11 Jan 2010 09:55:55 GMT Server nginx ETag "2b-47ce08b1880c0" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 43
GET H/1.1	200 OK	background_content.jpg obiwan.sturmlan.net/images/	21 KB 22 KB	39ms 37ms	Image image/jpeg	46.4.195.1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://obiwan.sturmlan.net/images/background_content.jpg Requested by Host: obiwan.sturmlan.net URL: http://obiwan.sturmlan.net/admin/index.php Protocol HTTP/1.1 Server 46.4.195.1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS obiwan.sturmlan.net Software nginx / Resource Hash `2a5cadeda476cc8ba92cd1b95d9a7594423c8a5084e780a66ee33a94d8e42cd2` Request headers Referer http://obiwan.sturmlan.net/admin/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 11 Dec 2020 08:22:46 GMT Last-Modified Mon, 11 Jan 2010 09:55:55 GMT Server nginx ETag "55f2-47ce08b1880c0" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 22002
GET H/1.1	200 OK	background_blau.gif obiwan.sturmlan.net/images/	892 B 1 KB	39ms 38ms	Image image/gif	46.4.195.1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://obiwan.sturmlan.net/images/background_blau.gif Requested by Host: obiwan.sturmlan.net URL: http://obiwan.sturmlan.net/admin/index.php Protocol HTTP/1.1 Server 46.4.195.1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS obiwan.sturmlan.net Software nginx / Resource Hash `72bd60266a0ef4c064e9bf3e6f512c83a4e1e66ed7514b0cbb29845094197b0a` Request headers Referer http://obiwan.sturmlan.net/admin/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 11 Dec 2020 08:22:46 GMT Last-Modified Mon, 11 Jan 2010 09:55:55 GMT Server nginx ETag "37c-47ce08b1880c0" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 892
GET H/1.1	200 OK	background_Leiste.gif obiwan.sturmlan.net/images/	15 KB 15 KB	72ms 53ms	Image image/gif	46.4.195.1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://obiwan.sturmlan.net/images/background_Leiste.gif Requested by Host: obiwan.sturmlan.net URL: http://obiwan.sturmlan.net/admin/index.php Protocol HTTP/1.1 Server 46.4.195.1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS obiwan.sturmlan.net Software nginx / Resource Hash `23f7f26bbba4f831beff92d2daa3564a9983905e94952fac203f9c62f8f6af17` Request headers Referer http://obiwan.sturmlan.net/admin/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 11 Dec 2020 08:22:46 GMT Last-Modified Mon, 11 Jan 2010 09:55:55 GMT Server nginx ETag "3c78-47ce08b1880c0" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 15480
GET H/1.1	200 OK	bg_input.gif obiwan.sturmlan.net/images/	146 B 381 B	75ms 57ms	Image image/gif	46.4.195.1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://obiwan.sturmlan.net/images/bg_input.gif Requested by Host: obiwan.sturmlan.net URL: http://obiwan.sturmlan.net/css/style.css Protocol HTTP/1.1 Server 46.4.195.1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS obiwan.sturmlan.net Software nginx / Resource Hash `852b2a1779f73783a1e8ad15cd7fbab2b6c105974f39156e5285bc173a2d652b` Request headers Referer http://obiwan.sturmlan.net/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 11 Dec 2020 08:22:46 GMT Last-Modified Mon, 11 Jan 2010 09:55:55 GMT Server nginx ETag "92-47ce08b1880c0" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 146
GET H/1.1	200 OK	background_grau.gif obiwan.sturmlan.net/images/	43 B 277 B	70ms 52ms	Image image/gif	46.4.195.1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://obiwan.sturmlan.net/images/background_grau.gif Requested by Host: obiwan.sturmlan.net URL: http://obiwan.sturmlan.net/css/style.css Protocol HTTP/1.1 Server 46.4.195.1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS obiwan.sturmlan.net Software nginx / Resource Hash `840f46f9e5c70ac4f3f1b984da5981b1c42cb320f35a88fc529980ecc2421e29` Request headers Referer http://obiwan.sturmlan.net/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 11 Dec 2020 08:22:46 GMT Last-Modified Mon, 11 Jan 2010 09:55:55 GMT Server nginx ETag "2b-47ce08b1880c0" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 43

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			obiwan.sturmlan.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9df646468908a9f8e0ef4a83021b6995

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

corona-incentives.de
obiwan.sturmlan.net
46.4.195.1
23f7f26bbba4f831beff92d2daa3564a9983905e94952fac203f9c62f8f6af17
2a5cadeda476cc8ba92cd1b95d9a7594423c8a5084e780a66ee33a94d8e42cd2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
72bd60266a0ef4c064e9bf3e6f512c83a4e1e66ed7514b0cbb29845094197b0a
840f46f9e5c70ac4f3f1b984da5981b1c42cb320f35a88fc529980ecc2421e29
852b2a1779f73783a1e8ad15cd7fbab2b6c105974f39156e5285bc173a2d652b
b2cb9a4df4a2031ec667cb296b79024a31f6dac1f9e1627d465c43a6cca3a347
cfa77ebf7b4924c9354fbc0a1d24c4c8a88b53284253857051aca5030822bd42
f63699503c3837b8023f57eab5e3ef722075144639b1316348093e3909ad5a5e

obiwan.sturmlan.net Open in urlscan Pro 46.4.195.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

88 kBTransfer

88 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

obiwan.sturmlan.net Open in urlscan Pro
46.4.195.1 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

88 kB
Transfer

88 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions