urlscan.io logo urlscan.io
SecurityTrails logo

payment.sportkongress.ch Open in urlscan Pro
185.90.38.221  Public Scan

Go To Rescan Add Verdict Report
URL: https://payment.sportkongress.ch/
Submission: On March 27 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 185.90.38.221, located in Switzerland and belongs to FLOW Switzerland, CH. The main domain is payment.sportkongress.ch.
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.
This is the only time payment.sportkongress.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 185.90.38.221 200759 (FLOW Swit...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2
Apex Domain
Subdomains		 Transfer
7 sportkongress.ch
payment.sportkongress.ch
72 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
863 B
8 2
Domain Requested by
7 payment.sportkongress.ch payment.sportkongress.ch
1 fonts.googleapis.com payment.sportkongress.ch
8 2

This site contains links to these domains. Also see Links.

Domain
www.concrete5.org
Subject Issuer Validity Valid
payment.sportkongress.ch
R3		 2023-03-27 -
2023-06-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://payment.sportkongress.ch/
Frame ID: 90444DBDE47EA7B9457B974F6BB5F58F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home :: concrete5

Detected technologies

Overall confidence: 100%
Detected patterns
  • /concrete/js/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

73 kB
Transfer

279 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payment.sportkongress.ch/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payment.sportkongress.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.90.38.221 , Switzerland, ASN200759 (FLOW Switzerland, CH),
Reverse DNS
Software
Apache /
Resource Hash
5a7763413a70f314d82b532df99a4e8654e15320050fccf7f85a6e071069257c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,content-type
Cache-Control
private, must-revalidate
Connection
close
Content-Encoding
gzip
Content-Length
1185
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Mar 2023 11:02:29 GMT
Expires
Mon, 27 Mar 2023 11:12:29 GMT
Permissions-Policy
geolocation=(self), microphone=() camera=()
Referrer-Policy
no-referrer
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding,Origin
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
bootstrap-modified.css
payment.sportkongress.ch/concrete/themes/elemental/css/ 		96 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.sportkongress.ch/concrete/themes/elemental/css/bootstrap-modified.css
Requested by
Host: payment.sportkongress.ch
URL: https://payment.sportkongress.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.90.38.221 , Switzerland, ASN200759 (FLOW Switzerland, CH),
Reverse DNS
Software
Apache /
Resource Hash
0ad6de161e2eff9ef89d05eff53fa5b676fdc64b7a1504d5a857b7ba036e07f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Mon, 27 Mar 2023 11:02:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Connection
close
Content-Length
15459
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Nov 2021 20:30:13 GMT
Server
Apache
ETag
"17f64-5d060f9fb7f40-gzip"
Vary
Accept-Encoding,Origin
Content-Type
text/css
Cache-Control
max-age=604800, public
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=(self), microphone=() camera=()
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization,content-type
Expires
Mon, 03 Apr 2023 11:02:29 GMT
main.css
payment.sportkongress.ch/application/files/cache/css/elemental/ 		39 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.sportkongress.ch/application/files/cache/css/elemental/main.css?ts=1653980391
Requested by
Host: payment.sportkongress.ch
URL: https://payment.sportkongress.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.90.38.221 , Switzerland, ASN200759 (FLOW Switzerland, CH),
Reverse DNS
Software
Apache /
Resource Hash
e2f2e71daefb99d11a5c0a0a6030378a7ae948101b62a7111eb9cceea6af94c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Mon, 27 Mar 2023 11:02:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Connection
close
Content-Length
5534
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer
Last-Modified
Tue, 31 May 2022 06:59:51 GMT
Server
Apache
ETag
"9b20-5e04951b0656b-gzip"
Vary
Accept-Encoding,Origin
Content-Type
text/css
Cache-Control
max-age=604800, public
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=(self), microphone=() camera=()
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization,content-type
Expires
Mon, 03 Apr 2023 11:02:29 GMT
font-awesome.css
payment.sportkongress.ch/concrete/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.sportkongress.ch/concrete/css/font-awesome.css?ccm_nocache=1a72ca0f3692b16db9673a9a89faff0649086c52
Requested by
Host: payment.sportkongress.ch
URL: https://payment.sportkongress.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.90.38.221 , Switzerland, ASN200759 (FLOW Switzerland, CH),
Reverse DNS
Software
Apache /
Resource Hash
ad730bb72b450cdde53dba9ab565bf900399393a068ca3c0ea34e1042e52220e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Mon, 27 Mar 2023 11:02:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Connection
close
Content-Length
7027
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Nov 2021 20:30:13 GMT
Server
Apache
ETag
"78e5-5d060f9fb7f40-gzip"
Vary
Accept-Encoding,Origin
Content-Type
text/css
Cache-Control
max-age=604800, public
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=(self), microphone=() camera=()
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization,content-type
Expires
Mon, 03 Apr 2023 11:02:29 GMT
jquery.js
payment.sportkongress.ch/concrete/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.sportkongress.ch/concrete/js/jquery.js?ccm_nocache=1a72ca0f3692b16db9673a9a89faff0649086c52
Requested by
Host: payment.sportkongress.ch
URL: https://payment.sportkongress.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.90.38.221 , Switzerland, ASN200759 (FLOW Switzerland, CH),
Reverse DNS
Software
Apache /
Resource Hash
29f039e67d7e4cd74b0992f40425ee927f6c295a9f41ef23de07ea85531a7bc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Mon, 27 Mar 2023 11:02:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Connection
close
Content-Length
33812
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Nov 2021 20:30:13 GMT
Server
Apache
ETag
"17be4-5d060f9fb7f40-gzip"
Vary
Accept-Encoding,Origin
Content-Type
application/javascript
Cache-Control
max-age=604800, public
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=(self), microphone=() camera=()
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization,content-type
Expires
Wed, 29 Mar 2023 23:02:29 GMT
picturefill.js
payment.sportkongress.ch/concrete/js/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.sportkongress.ch/concrete/js/picturefill.js?ccm_nocache=1a72ca0f3692b16db9673a9a89faff0649086c52
Requested by
Host: payment.sportkongress.ch
URL: https://payment.sportkongress.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.90.38.221 , Switzerland, ASN200759 (FLOW Switzerland, CH),
Reverse DNS
Software
Apache /
Resource Hash
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Mon, 27 Mar 2023 11:02:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Connection
close
Content-Length
5171
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Nov 2021 20:30:13 GMT
Server
Apache
ETag
"2e1f-5d060f9fb7f40-gzip"
Vary
Accept-Encoding,Origin
Content-Type
application/javascript
Cache-Control
max-age=604800, public
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=(self), microphone=() camera=()
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization,content-type
Expires
Wed, 29 Mar 2023 23:02:29 GMT
css
fonts.googleapis.com/ 		3 KB
863 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:200,400,700,900
Requested by
Host: payment.sportkongress.ch
URL: https://payment.sportkongress.ch/application/files/cache/css/elemental/main.css?ts=1653980391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a1939db62f59419f7fce85a5be293c99c29ec5d561d6c4f6cad13af78b505d12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Mar 2023 11:02:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 11:02:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Mar 2023 11:02:29 GMT
background.png
payment.sportkongress.ch/concrete/themes/elemental/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.sportkongress.ch/concrete/themes/elemental/images/background.png
Requested by
Host: payment.sportkongress.ch
URL: https://payment.sportkongress.ch/application/files/cache/css/elemental/main.css?ts=1653980391
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.90.38.221 , Switzerland, ASN200759 (FLOW Switzerland, CH),
Reverse DNS
Software
Apache /
Resource Hash
25d8761a1038cb395154dd5af98a65212045fd546e01c17f33a234a38549a24c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Mon, 27 Mar 2023 11:02:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
close
Content-Length
1161
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer
Last-Modified
Tue, 09 Nov 2021 20:30:13 GMT
Server
Apache
ETag
"489-5d060f9fb7f40"
Vary
Origin
Content-Type
image/png
Cache-Control
max-age=604800, public
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=(self), microphone=() camera=()
Accept-Ranges
bytes
Access-Control-Allow-Headers
authorization,content-type
Expires
Wed, 26 Apr 2023 11:02:30 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| CCM_DISPATCHER_FILENAME number| CCM_CID boolean| CCM_EDIT_MODE boolean| CCM_ARRANGE_MODE string| CCM_IMAGE_PATH string| CCM_TOOLS_PATH string| CCM_APPLICATION_URL string| CCM_REL string| CCM_ACTIVE_LOCALE function| $ function| jQuery undefined| msViewportStyle object| picturefillCFG function| picturefill

0 Cookies

1 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block