urlscan.io logo urlscan.io
SecurityTrails logo

papple.jkniest.de Open in urlscan Pro
78.46.252.161  Public Scan

Go To Rescan Add Verdict Report
URL: https://papple.jkniest.de/login
Submission Tags: @phishunt_io
Submission: On September 06 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 78.46.252.161, located in Germany and belongs to HETZNER-AS, DE. The main domain is papple.jkniest.de.
TLS certificate: Issued by R3 on September 6th 2021. Valid for: 3 months.
This is the only time papple.jkniest.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 78.46.252.161 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 4
Apex Domain
Subdomains		 Transfer
3 jkniest.de
papple.jkniest.de
190 KB
2 googleapis.com
fonts.googleapis.com
1 KB
1 gstatic.com
fonts.gstatic.com
27 KB
6 3
Domain Requested by
3 papple.jkniest.de papple.jkniest.de
2 fonts.googleapis.com papple.jkniest.de
1 fonts.gstatic.com fonts.googleapis.com
6 3

This site contains no links.

Subject Issuer Validity Valid
papple.jkniest.de
R3		 2021-09-06 -
2021-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://papple.jkniest.de/login
Frame ID: 78E2742B6F5C2F30DED637117BEFCF75
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Papple Staging

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

6
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

219 kB
Transfer

742 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
papple.jkniest.de/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://papple.jkniest.de/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
78.46.252.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.161.252.46.78.clients.your-server.de
Software
nginx /
Resource Hash
fd52733a165cfc123db64b915a5daa8acda37b17c0ac85fc4ac11cc6c8149c79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
papple.jkniest.de
:scheme
https
:path
/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server
nginx
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
date
Mon, 06 Sep 2021 06:52:16 GMT
set-cookie
XSRF-TOKEN=eyJpdiI6IkZaM3VkNUl1Zkc1VnZYZ1pwN2dYc3c9PSIsInZhbHVlIjoiMzVsZ1NTc29SL2NTV1BuSmo1NHA0cW13Sk8vbHhEVUcvVDBxNFhxT2ZHK3lWYlp3Y1dkM2g3akE1dHV3aEZGc242bTVFZzlMY1RHbnVtMUUvV28wREVrZ2FISWdXT3R1S2s4ZEU0TklHQ2g2bFZ2bldRRDBpeWJ5U1dlSVBBZGgiLCJtYWMiOiI3YzNiMWNjZWY3NmQ2OWQ5ZjhmMDE3NmM3YjkzYTZkMjc3ZTQzOGNhZjQ4YmNlOWNhOWRjYWViMTIwZjFjOWZlIn0%3D; expires=Mon, 06-Sep-2021 08:52:16 GMT; Max-Age=7200; path=/; samesite=lax papple_staging_session=eyJpdiI6IjM5bEM4VGRKQVczSGx0SHhYbjAvc1E9PSIsInZhbHVlIjoic2FOU0ZLci81ankvY1R1dkZGRTkrNi9wYjVxcjlVMDJuMWVpTzFpM0NYd1BPSmxESTN2YWcvZC93L21RQzBOTGZVN3pQN1R4MHY0VkYrWXJtaU5xeXg0TVNwTTRadDVUamFZOG9yb1RzOXhwNVVGY0xYSkJkUEVWbjRSV3kxbmMiLCJtYWMiOiJlZGQ0ODVmNmNhOWZlYTVmNTFmMDBhNjJjMzIxZTI0Mjk1YzcyZGEyYmM1MWViNmYzNjJlNWUwNmJkNTk5MGJiIn0%3D; expires=Mon, 06-Sep-2021 08:52:16 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip
css
fonts.googleapis.com/ 		5 KB
692 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:400,600,700
Requested by
Host: papple.jkniest.de
URL: https://papple.jkniest.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d42f042ed608b6961fa3d30ecbf836e83c9f107e6aebe828e7fb8cafaa98b16e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://papple.jkniest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 06:30:18 GMT
server
ESF
date
Mon, 06 Sep 2021 06:52:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Sep 2021 06:52:16 GMT
app.css
papple.jkniest.de/css/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://papple.jkniest.de/css/app.css?id=d1325858c66ec41de920
Requested by
Host: papple.jkniest.de
URL: https://papple.jkniest.de/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
78.46.252.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.161.252.46.78.clients.your-server.de
Software
nginx /
Resource Hash
e89b43d00bcb37bd47bed46bbb60565a35082e779e22cb7e25ed67df3743dcd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/app.css?id=d1325858c66ec41de920
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IkZaM3VkNUl1Zkc1VnZYZ1pwN2dYc3c9PSIsInZhbHVlIjoiMzVsZ1NTc29SL2NTV1BuSmo1NHA0cW13Sk8vbHhEVUcvVDBxNFhxT2ZHK3lWYlp3Y1dkM2g3akE1dHV3aEZGc242bTVFZzlMY1RHbnVtMUUvV28wREVrZ2FISWdXT3R1S2s4ZEU0TklHQ2g2bFZ2bldRRDBpeWJ5U1dlSVBBZGgiLCJtYWMiOiI3YzNiMWNjZWY3NmQ2OWQ5ZjhmMDE3NmM3YjkzYTZkMjc3ZTQzOGNhZjQ4YmNlOWNhOWRjYWViMTIwZjFjOWZlIn0%3D; papple_staging_session=eyJpdiI6IjM5bEM4VGRKQVczSGx0SHhYbjAvc1E9PSIsInZhbHVlIjoic2FOU0ZLci81ankvY1R1dkZGRTkrNi9wYjVxcjlVMDJuMWVpTzFpM0NYd1BPSmxESTN2YWcvZC93L21RQzBOTGZVN3pQN1R4MHY0VkYrWXJtaU5xeXg0TVNwTTRadDVUamFZOG9yb1RzOXhwNVVGY0xYSkJkUEVWbjRSV3kxbmMiLCJtYWMiOiJlZGQ0ODVmNmNhOWZlYTVmNTFmMDBhNjJjMzIxZTI0Mjk1YzcyZGEyYmM1MWViNmYzNjJlNWUwNmJkNTk5MGJiIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
papple.jkniest.de
referer
https://papple.jkniest.de/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://papple.jkniest.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 06:52:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 18 Jul 2021 12:27:43 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"60f41e3f-85b7"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
app.js
papple.jkniest.de/js/ 		668 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://papple.jkniest.de/js/app.js?id=6eb6bfb14afd37818821
Requested by
Host: papple.jkniest.de
URL: https://papple.jkniest.de/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
78.46.252.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.161.252.46.78.clients.your-server.de
Software
nginx /
Resource Hash
23526a54b54e194e41957266f896378742f47172fb1527eb912d4755e216bec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/app.js?id=6eb6bfb14afd37818821
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IkZaM3VkNUl1Zkc1VnZYZ1pwN2dYc3c9PSIsInZhbHVlIjoiMzVsZ1NTc29SL2NTV1BuSmo1NHA0cW13Sk8vbHhEVUcvVDBxNFhxT2ZHK3lWYlp3Y1dkM2g3akE1dHV3aEZGc242bTVFZzlMY1RHbnVtMUUvV28wREVrZ2FISWdXT3R1S2s4ZEU0TklHQ2g2bFZ2bldRRDBpeWJ5U1dlSVBBZGgiLCJtYWMiOiI3YzNiMWNjZWY3NmQ2OWQ5ZjhmMDE3NmM3YjkzYTZkMjc3ZTQzOGNhZjQ4YmNlOWNhOWRjYWViMTIwZjFjOWZlIn0%3D; papple_staging_session=eyJpdiI6IjM5bEM4VGRKQVczSGx0SHhYbjAvc1E9PSIsInZhbHVlIjoic2FOU0ZLci81ankvY1R1dkZGRTkrNi9wYjVxcjlVMDJuMWVpTzFpM0NYd1BPSmxESTN2YWcvZC93L21RQzBOTGZVN3pQN1R4MHY0VkYrWXJtaU5xeXg0TVNwTTRadDVUamFZOG9yb1RzOXhwNVVGY0xYSkJkUEVWbjRSV3kxbmMiLCJtYWMiOiJlZGQ0ODVmNmNhOWZlYTVmNTFmMDBhNjJjMzIxZTI0Mjk1YzcyZGEyYmM1MWViNmYzNjJlNWUwNmJkNTk5MGJiIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
papple.jkniest.de
referer
https://papple.jkniest.de/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://papple.jkniest.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 06:52:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 13:35:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"60eee81b-a702b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		5 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mulish:wght@400;700&family=Poppins:wght@700;800&display=swap
Requested by
Host: papple.jkniest.de
URL: https://papple.jkniest.de/css/app.css?id=d1325858c66ec41de920
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d3383c051cf8ca91117f5e114202d138c6951e765f0cd389d6c67307918ca04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://papple.jkniest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 06:52:16 GMT
server
ESF
date
Mon, 06 Sep 2021 06:52:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Sep 2021 06:52:16 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v5/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v5/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;700&family=Poppins:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://papple.jkniest.de
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 08:26:59 GMT
x-content-type-options
nosniff
age
167117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 16:57:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Sep 2022 08:26:59 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| webpackChunk object| __SENTRY__ function| Pusher object| TreemapSquared function| SVG function| addResizeListener function| removeResizeListener object| Apex object| Echo object| Alpine

2 Cookies

Domain/Path Name / Value
papple.jkniest.de/ Name: papple_staging_session
Value: eyJpdiI6IjM5bEM4VGRKQVczSGx0SHhYbjAvc1E9PSIsInZhbHVlIjoic2FOU0ZLci81ankvY1R1dkZGRTkrNi9wYjVxcjlVMDJuMWVpTzFpM0NYd1BPSmxESTN2YWcvZC93L21RQzBOTGZVN3pQN1R4MHY0VkYrWXJtaU5xeXg0TVNwTTRadDVUamFZOG9yb1RzOXhwNVVGY0xYSkJkUEVWbjRSV3kxbmMiLCJtYWMiOiJlZGQ0ODVmNmNhOWZlYTVmNTFmMDBhNjJjMzIxZTI0Mjk1YzcyZGEyYmM1MWViNmYzNjJlNWUwNmJkNTk5MGJiIn0%3D
papple.jkniest.de/ Name: XSRF-TOKEN
Value: eyJpdiI6IkZaM3VkNUl1Zkc1VnZYZ1pwN2dYc3c9PSIsInZhbHVlIjoiMzVsZ1NTc29SL2NTV1BuSmo1NHA0cW13Sk8vbHhEVUcvVDBxNFhxT2ZHK3lWYlp3Y1dkM2g3akE1dHV3aEZGc242bTVFZzlMY1RHbnVtMUUvV28wREVrZ2FISWdXT3R1S2s4ZEU0TklHQ2g2bFZ2bldRRDBpeWJ5U1dlSVBBZGgiLCJtYWMiOiI3YzNiMWNjZWY3NmQ2OWQ5ZjhmMDE3NmM3YjkzYTZkMjc3ZTQzOGNhZjQ4YmNlOWNhOWRjYWViMTIwZjFjOWZlIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block