support.krischislett.com Open in urlscan Pro
88.198.95.157 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://support.krischislett.com/
Submission: On December 09 via automatic, source certstream-suspicious (December 9th 2021, 12:36:01 pm UTC) — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 18 HTTP transactions. The main IP is 88.198.95.157, located in Germany and belongs to HETZNER-AS, DE. The main domain is support.krischislett.com.
TLS certificate: Issued by R3 on December 9th 2021. Valid for: 3 months.

This is the only time support.krischislett.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	88.198.95.157 88.198.95.157	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
4	49.12.98.0 49.12.98.0	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
18	4

8 88.198.95.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-95-157.clients.your-server.de

support.krischislett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
getscreen.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 49.12.98.0 (Birkenheide, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.0.98.12.49.clients.your-server.de

st.getscreen.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	getscreen.me st.getscreen.me getscreen.me	183 KB
4	gstatic.com fonts.gstatic.com	181 KB
4	krischislett.com support.krischislett.com	47 KB
2	googleapis.com fonts.googleapis.com	2 KB
18	4

	Domain	Requested by
4	fonts.gstatic.com	fonts.googleapis.com
4	getscreen.me	support.krischislett.com getscreen.me
4	st.getscreen.me	support.krischislett.com getscreen.me
4	support.krischislett.com	support.krischislett.com
2	fonts.googleapis.com	support.krischislett.com getscreen.me
18	5

This site contains no links.

Subject Issuer	Validity	Valid
support.krischislett.com R3	`2021-12-09` - `2022-03-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.getscreen.me Sectigo RSA Domain Validation Secure Server CA	`2021-03-24` - `2022-04-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://support.krischislett.com/
Frame ID: ADE26A437D26EC5E7372BF71EDA30E4D
Requests: 9 HTTP requests in this frame

Frame: https://getscreen.me/de/invite/widget?preview=1
Frame ID: 5938EAE274C4F44861B3A02809327754
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Support KrisChislett

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

414 kB
Transfer

656 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
support.krischislett.com/ 2 KB
1 KB 255ms
18ms Document
text/html 88.198.95.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.krischislett.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.95.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-95-157.clients.your-server.de
Software: /
Resource Hash: d5c83069238bf90184203e02497d4d3dffdfa6ecc00bf0b5b1d6dce4bfdaa64f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
content-length: 1027
date: Thu, 09 Dec 2021 12:35:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 132ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700&subset=cyrillic

Requested by

Host: support.krischislett.com
URL: https://support.krischislett.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

794ae58eab84a9f7b8d4f0ea14c9d94ad124f40be9cde1c70aaf9262d575e9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://support.krischislett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 11:33:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Dec 2021 12:35:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Dec 2021 12:35:57 GMT

GET
H2 200 join-ts1de1638866080.css
support.krischislett.com/visor/css/ 95 KB
2 KB 12ms
11ms Stylesheet
text/css 88.198.95.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.krischislett.com/visor/css/join-ts1de1638866080.css
Requested by: Host: support.krischislett.com
URL: https://support.krischislett.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.95.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-95-157.clients.your-server.de
Software: /
Resource Hash: bfa53490f679bf9df52ae647a5a0c91b3908a58540edcfaa8a44793d7f1b2ba5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://support.krischislett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:35:57 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 08:34:40 GMT
cache-control: public, max-age=31536000, immutable
content-length: 2367
vary: Accept-Encoding
content-type: text/css; charset=utf-8

GET
H2 200 join-ts1de1638866079.js Show response
support.krischislett.com/visor/js/ 94 KB
32 KB 13ms
12ms Script
application/javascript 88.198.95.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.krischislett.com/visor/js/join-ts1de1638866079.js
Requested by: Host: support.krischislett.com
URL: https://support.krischislett.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.95.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-95-157.clients.your-server.de
Software: /
Resource Hash: f19ccb2dee3a78db2336031ee06265c0dd125491ade5071d8a1d76bacd6db52b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://support.krischislett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:35:57 GMT
content-encoding: gzip
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK st.js Show response
st.getscreen.me/ 69 KB
69 KB 69ms
22ms Script
application/javascript 49.12.98.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.getscreen.me/st.js
Requested by: Host: support.krischislett.com
URL: https://support.krischislett.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.98.0 Birkenheide, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.98.12.49.clients.your-server.de
Software: nginx/1.19.2 /
Resource Hash: b66335ce160ca0b5dd1d331df4abcd45a9bcd0064b4d0f4fe7cc7d5b186ed5ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://support.krischislett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:35:57 GMT
Referrer-Policy: origin
Last-Modified: Sat, 22 Aug 2020 08:35:21 GMT
Server: nginx/1.19.2
ETag: "5f40d8c9-1131c"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70428

GET
H2 200 widget Show response
getscreen.me/de/invite/ Frame 5938 1 KB
1 KB 53ms
16ms Document
text/html 88.198.95.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://getscreen.me/de/invite/widget?preview=1
Requested by: Host: support.krischislett.com
URL: https://support.krischislett.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.95.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-95-157.clients.your-server.de
Software: /
Resource Hash: 1bf1902db2052c86c55f10bb507dd1b38ea56d17bf76f3319426d25825b7dc57

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://support.krischislett.com/

Response headers

content-encoding: gzip
content-type: text/html
content-length: 777
date: Thu, 09 Dec 2021 12:35:57 GMT

GET
H2 200 favicon.ico
support.krischislett.com/ 11 KB
11 KB 11ms
11ms Image
image/x-icon 88.198.95.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.krischislett.com/favicon.ico?t=28817de5491aac00bab3dc831dceeed339ef9fe536ebad20bcc8f058b10afd29f01d7
Requested by: Host: support.krischislett.com
URL: https://support.krischislett.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.95.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-95-157.clients.your-server.de
Software: /
Resource Hash: a5f92d414e635de9b57cb1f2f8ceafeb154864416d5d9671239be776ee7bc8fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://support.krischislett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:35:57 GMT
content-lenght: 11240
content-type: image/x-icon

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 46 KB
46 KB 173ms
85ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://support.krischislett.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 03:56:06 GMT
x-content-type-options: nosniff
age: 117591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46988
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 03:56:06 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 44 KB
45 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://support.krischislett.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:07:29 GMT
x-content-type-options: nosniff
age: 145708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 20:07:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5938 4 KB
630 B 48ms
46ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700&subset=cyrillic

Requested by

Host: getscreen.me
URL: https://getscreen.me/de/invite/widget?preview=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

794ae58eab84a9f7b8d4f0ea14c9d94ad124f40be9cde1c70aaf9262d575e9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://getscreen.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 12:05:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Dec 2021 12:35:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Dec 2021 12:35:57 GMT

GET
H2 200 code-ts1de1638866112.css
getscreen.me/widget/css/invite/ Frame 5938 4 KB
1 KB 12ms
11ms Stylesheet
text/css 88.198.95.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://getscreen.me/widget/css/invite/code-ts1de1638866112.css
Requested by: Host: getscreen.me
URL: https://getscreen.me/de/invite/widget?preview=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.95.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-95-157.clients.your-server.de
Software: /
Resource Hash: 826ee15ff1b4747275bcf2cd6e6b2953a60e78d5ac7cd10f427f4a8d5065126a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://getscreen.me/de/invite/widget?preview=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:35:57 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 08:35:12 GMT
cache-control: public, max-age=31536000, immutable
content-length: 1222
vary: Accept-Encoding
content-type: text/css; charset=utf-8

GET
H2 200 jquery-3.4.1.min.js Show response
getscreen.me/common/js/ Frame 5938 86 KB
30 KB 23ms
22ms Script
application/javascript 88.198.95.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://getscreen.me/common/js/jquery-3.4.1.min.js
Requested by: Host: getscreen.me
URL: https://getscreen.me/de/invite/widget?preview=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.95.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-95-157.clients.your-server.de
Software: /
Resource Hash: 412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://getscreen.me/de/invite/widget?preview=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:35:57 GMT
content-encoding: gzip
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 code-ts1de1638866112.js Show response
getscreen.me/widget/js/invite/ Frame 5938 38 KB
12 KB 13ms
13ms Script
application/javascript 88.198.95.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://getscreen.me/widget/js/invite/code-ts1de1638866112.js
Requested by: Host: getscreen.me
URL: https://getscreen.me/de/invite/widget?preview=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.95.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-95-157.clients.your-server.de
Software: /
Resource Hash: 6247bb4438cc1c984938c00ce1670e63ff4a45a8222409d1b57b4e0617126edc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://getscreen.me/de/invite/widget?preview=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:35:57 GMT
content-encoding: gzip
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK st.p
st.getscreen.me/ 43 B
284 B 41ms
41ms Image
image/gif 49.12.98.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.getscreen.me/st.p?action_name=Support%20KrisChislett&send_image=1&idsite=1&rec=1&r=400326&h=12&m=35&s=57&url=https%3A%2F%2Fsupport.krischislett.com%2F&_id=52861e6c5ec0bbd8&_idts=1639053358&_idvc=1&_idn=1&_refts=0&_viewts=1639053358&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=18&pv_id=T7Z6V9
Requested by: Host: support.krischislett.com
URL: https://support.krischislett.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.98.0 Birkenheide, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.98.12.49.clients.your-server.de
Software: nginx/1.19.2 / PHP/7.4.9
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://support.krischislett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:35:57 GMT
Referrer-Policy: origin
Server: nginx/1.19.2
X-Powered-By: PHP/7.4.9
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive

GET
H/1.1 200
OK st.js Show response
st.getscreen.me/ Frame 5938 69 KB
69 KB 13ms
12ms Script
application/javascript 49.12.98.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.getscreen.me/st.js
Requested by: Host: getscreen.me
URL: https://getscreen.me/de/invite/widget?preview=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.98.0 Birkenheide, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.98.12.49.clients.your-server.de
Software: nginx/1.19.2 /
Resource Hash: b66335ce160ca0b5dd1d331df4abcd45a9bcd0064b4d0f4fe7cc7d5b186ed5ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://getscreen.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:35:57 GMT
Referrer-Policy: origin
Last-Modified: Sat, 22 Aug 2020 08:35:21 GMT
Server: nginx/1.19.2
ETag: "5f40d8c9-1131c"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70428

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame 5938 44 KB
44 KB 93ms
92ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://getscreen.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:07:29 GMT
x-content-type-options: nosniff
age: 145708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 20:07:29 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame 5938 46 KB
46 KB 115ms
114ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://getscreen.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 03:56:06 GMT
x-content-type-options: nosniff
age: 117591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46988
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 03:56:06 GMT

GET
H/1.1 200
OK st.p
st.getscreen.me/ Frame 5938 43 B
284 B 37ms
37ms Image
image/gif 49.12.98.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.getscreen.me/st.p?action_name=Getscreen.me&send_image=1&idsite=1&rec=1&r=990805&h=12&m=35&s=57&url=https%3A%2F%2Fgetscreen.me%2Fde%2Finvite%2Fwidget%3Fpreview%3D1&urlref=https%3A%2F%2Fsupport.krischislett.com%2F&_id=a8422b0fd128953b&_idts=1639053358&_idvc=1&_idn=1&_refts=1639053358&_viewts=1639053358&_ref=https%3A%2F%2Fsupport.krischislett.com%2F&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=16&pv_id=WVUT9j
Requested by: Host: getscreen.me
URL: https://getscreen.me/de/invite/widget?preview=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.98.0 Birkenheide, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.98.12.49.clients.your-server.de
Software: nginx/1.19.2 / PHP/7.4.9
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://getscreen.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:35:57 GMT
Referrer-Policy: origin
Server: nginx/1.19.2
X-Powered-By: PHP/7.4.9
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.getscreen.me/	1970-02-25 11:17:33	Name: llu Value: UuEFhDE3TqwBIBe8EC0HMzclkoO7vBdGCi9wLeSpDNljurmfG4RKVwkc5I8gIBeBf7bc4543eed7399084cd1cfc317ba73a1639053357
support.krischislett.com/	1970-01-20 08:43:28	Name: _pk_id.1.fb17 Value: 52861e6c5ec0bbd8.1639053358.1.1639053358.1639053358.
support.krischislett.com/	1970-01-19 23:17:35	Name: _pk_ses.1.fb17 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
getscreen.me
st.getscreen.me
support.krischislett.com
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
49.12.98.0
88.198.95.157
1bf1902db2052c86c55f10bb507dd1b38ea56d17bf76f3319426d25825b7dc57
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6247bb4438cc1c984938c00ce1670e63ff4a45a8222409d1b57b4e0617126edc
794ae58eab84a9f7b8d4f0ea14c9d94ad124f40be9cde1c70aaf9262d575e9bc
826ee15ff1b4747275bcf2cd6e6b2953a60e78d5ac7cd10f427f4a8d5065126a
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
a5f92d414e635de9b57cb1f2f8ceafeb154864416d5d9671239be776ee7bc8fe
b66335ce160ca0b5dd1d331df4abcd45a9bcd0064b4d0f4fe7cc7d5b186ed5ff
bfa53490f679bf9df52ae647a5a0c91b3908a58540edcfaa8a44793d7f1b2ba5
d5c83069238bf90184203e02497d4d3dffdfa6ecc00bf0b5b1d6dce4bfdaa64f
f19ccb2dee3a78db2336031ee06265c0dd125491ade5071d8a1d76bacd6db52b

support.krischislett.com Open in urlscan Pro 88.198.95.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

18 Requests

100 %HTTPS

50 %IPv6

4 Domains

5 Subdomains

4 IPs

1 Countries

414 kBTransfer

656 kBSize

3 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

3 Cookies

Indicators

support.krischislett.com Open in urlscan Pro
88.198.95.157 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

414 kB
Transfer

656 kB
Size

3
Cookies

18 HTTP transactions
0 data transactions