urlscan.io logo urlscan.io
SecurityTrails logo

privatkunden.webcindario.com Open in urlscan Pro
5.57.226.202  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bc4.io/a96fef0
Effective URL: https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Submission: On August 04 via manual from LB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 15 domains to perform 30 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks, ES. The main domain is privatkunden.webcindario.com.
TLS certificate: Issued by R3 on June 24th 2023. Valid for: 3 months.
This is the only time privatkunden.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Postbank (Banking)

Domain & IP information

1    129.213.198.22 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
bc4.io
1    162.210.96.126 (United States)

ASN32748 (STEADFAST, US)
reseller-hosting-themes.com
10    5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks, ES)
privatkunden.webcindario.com
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2600:9000:2104:f800:13:46b5:7d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.deutsche-bank.de
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
hosting.miarroba.info
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    142.250.184.206 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
fundingchoicesmessages.google.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2600:9000:223c:9800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
10 webcindario.com
privatkunden.webcindario.com
378 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1724
www.google.com — Cisco Umbrella Rank: 3
96 KB
3 deutsche-bank.de
www.deutsche-bank.de — Cisco Umbrella Rank: 224239
53 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 55
21 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 115
5 KB
2 miarroba.info
hosting.miarroba.info
2 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
173 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5576
408 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
4 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1197
642 B
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1256
9 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
63 KB
1 reseller-hosting-themes.com
reseller-hosting-themes.com
138 B
1 bc4.io
bc4.io
460 B
30 15
Domain Requested by
10 privatkunden.webcindario.com 2 redirects privatkunden.webcindario.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 www.deutsche-bank.de privatkunden.webcindario.com
www.deutsche-bank.de
2 fonts.gstatic.com privatkunden.webcindario.com
fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 hosting.miarroba.info privatkunden.webcindario.com
2 pagead2.googlesyndication.com privatkunden.webcindario.com
pagead2.googlesyndication.com
1 www.google.de privatkunden.webcindario.com
1 www.google.com privatkunden.webcindario.com
1 fonts.googleapis.com
1 stats.g.doubleclick.net www.google-analytics.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com www.googletagmanager.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.googletagmanager.com privatkunden.webcindario.com
1 reseller-hosting-themes.com 1 redirects
1 bc4.io 1 redirects
30 17

This site contains no links.

Subject Issuer Validity Valid
*.webcindario.com
R3		 2023-06-24 -
2023-09-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
www.deutsche-bank.de
DigiCert EV RSA CA G2		 2022-11-15 -
2023-11-14		 a year crt.sh
miarroba.info
E1		 2023-06-13 -
2023-09-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
quantserve.com
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Frame ID: D30F8EA04C6F0DBEFDE14006C2A47B95
Requests: 28 HTTP requests in this frame

Frame: https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Frame ID: 16C3EAA1F64006DD1D3CEA849DBD4AF3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
Frame ID: D2C8407570FD56B3B4F6DB71EBAA9A0A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bc4.io/a96fef0 HTTP 301
    https://reseller-hosting-themes.com/wordpress/wp-admin/css/repair/ HTTP 302
    https://privatkunden.webcindario.com/Guten-Tag/ HTTP 302
    https://privatkunden.webcindario.com/Guten-Tag/app/index.php HTTP 302
    https://privatkunden.webcindario.com/Guten-Tag/app/user.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

30
Requests

100 %
HTTPS

78 %
IPv6

15
Domains

17
Subdomains

16
IPs

4
Countries

979 kB
Transfer

2088 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bc4.io/a96fef0 HTTP 301
    https://reseller-hosting-themes.com/wordpress/wp-admin/css/repair/ HTTP 302
    https://privatkunden.webcindario.com/Guten-Tag/ HTTP 302
    https://privatkunden.webcindario.com/Guten-Tag/app/index.php HTTP 302
    https://privatkunden.webcindario.com/Guten-Tag/app/user.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request user.php
privatkunden.webcindario.com/Guten-Tag/app/
Redirect Chain
  • http://bc4.io/a96fef0
  • https://reseller-hosting-themes.com/wordpress/wp-admin/css/repair/
  • https://privatkunden.webcindario.com/Guten-Tag/
  • https://privatkunden.webcindario.com/Guten-Tag/app/index.php
  • https://privatkunden.webcindario.com/Guten-Tag/app/user.php
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
8f07215a23a4910eb229906b28817531fc89e70a9003d65f7ba388f8c1c589d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 04 Aug 2023 10:23:06 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
Webcindario Hosting Service

Redirect headers

content-type
text/html; charset=UTF-8
date
Fri, 04 Aug 2023 10:23:06 GMT
location
user.php
server
nginx
x-powered-by
Webcindario Hosting Service
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0afff3402c812eea053a600106856a8c4ea4f216cb244e68eeab2ccbef8e9a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://privatkunden.webcindario.com/
Origin
https://privatkunden.webcindario.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50564
x-xss-protection
0
server
cafe
etag
10378803152457338611
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 04 Aug 2023 10:23:06 GMT
fonts.css
www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/ 		1 KB
884 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/fonts.css
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:f800:13:46b5:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
adc96b6efe5919552898681732312c97108a36e5d17d1bd20044c09f31b7e43b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.deutsche-bank.de
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, allow-from https://meine.deutsche-bank.de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:23:06 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://*.deutsche-bank.de
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
226
last-modified
Wed, 24 Feb 2021 08:20:14 GMT
server
Apache
db-nickname
VTJGc2RHVmtYMS95WDU0UzRmVFI2VGRLVnBvV2p6UGRkcjFZYmdSWFp4dz0=
etag
"42d-5bc10b44d0b80-gzip"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN, allow-from https://meine.deutsche-bank.de
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
-_2dWfwNAR-1Z6fFPJyFTgJY9Qs02HfDA6XW9GMNd6ILgLJWEXQILQ==
expires
Sat, 03 Aug 2024 10:23:06 GMT
user-style.css
privatkunden.webcindario.com/Guten-Tag/app/res/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://privatkunden.webcindario.com/Guten-Tag/app/res/user-style.css
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
3dc541aa9bb40fe5df53166a1ae584f2df06bc3abf2237e5a46cf77c1d15c3d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/Guten-Tag/app/user.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:23:06 GMT
content-encoding
gzip
last-modified
Thu, 03 Aug 2023 11:25:46 GMT
server
nginx
etag
W/"64cb8eba-c3d"
x-powered-by
Webcindario Hosting Service
vary
Accept-Encoding
content-type
text/css
logo-cut.png
privatkunden.webcindario.com/Guten-Tag/app/res/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privatkunden.webcindario.com/Guten-Tag/app/res/logo-cut.png
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
ed3071781924562c02f648cab6d9decda453e6b57d137a4dded6f85ae7be3901

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/Guten-Tag/app/user.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:23:06 GMT
last-modified
Thu, 03 Aug 2023 11:25:46 GMT
server
nginx
etag
"64cb8eba-70e"
x-powered-by
Webcindario Hosting Service
content-type
image/png
accept-ranges
bytes
content-length
1806
img1.jpg
privatkunden.webcindario.com/Guten-Tag/app/res/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privatkunden.webcindario.com/Guten-Tag/app/res/img1.jpg
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
97fe447ddc107dc8b5f84af5b559f36c71eb2da143a98ef3080014d1f17c994a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/Guten-Tag/app/user.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:23:06 GMT
last-modified
Thu, 03 Aug 2023 11:25:46 GMT
server
nginx
etag
"64cb8eba-b0ef"
x-powered-by
Webcindario Hosting Service
content-type
image/jpeg
accept-ranges
bytes
content-length
45295
jq.js
privatkunden.webcindario.com/Guten-Tag/app/res/ 		287 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privatkunden.webcindario.com/Guten-Tag/app/res/jq.js
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
9d02ee01919145c20b03ee9d3013af7118793dedf5d2c0696a773af90066c953

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/Guten-Tag/app/user.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:23:06 GMT
content-encoding
gzip
last-modified
Thu, 03 Aug 2023 11:25:46 GMT
server
nginx
etag
W/"64cb8eba-47b27"
x-powered-by
Webcindario Hosting Service
vary
Accept-Encoding
content-type
application/javascript
/
hosting.miarroba.info/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hosting.miarroba.info/?__muid=996a829a4376fb2b0968638504aa8bd143bd5579&h=2134867&t=1691144586&k=27f946257ca9c8191748bef6f4cecb66
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f5d2e1d267e7487e78ead0a148e8b6a2dff484b5e6db7dcb364b572a2a8761e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 10:23:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 04 Aug 2023 10:23:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ii2%2B3kl39gNLZEVKcBqtqvxx4NxWIo9ux8FHPcloKjjyM0ry1vL3eIv%2BbkBufmx7kWlpWsJ5ImU%2BqaqmtS%2B%2BpwD0dRJmgoej3tSI%2FjAWtxodixCFWfcNUiVv5ld6Gw0p4ZyLazArW6QG52jJ2EzOP3K%2Fi7w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=iso-8859-1
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache
cf-ray
7f161542184b1957-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		172 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9f8275dba77aaa9b0590caa089e5178ddd70e1edd534aebeab3267fabf9ee71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:23:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64552
x-xss-protection
0
last-modified
Fri, 04 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Aug 2023 10:23:07 GMT
back.jpg
privatkunden.webcindario.com/Guten-Tag/app/res/ 		243 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privatkunden.webcindario.com/Guten-Tag/app/res/back.jpg
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/res/user-style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
8c477933a91763dd80d66840a72f9b25bee4250bc4adb2ec15932d5f6a473ecf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/Guten-Tag/app/res/user-style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:23:06 GMT
last-modified
Thu, 03 Aug 2023 11:25:46 GMT
server
nginx
etag
"64cb8eba-3cbb5"
x-powered-by
Webcindario Hosting Service
content-type
image/jpeg
accept-ranges
bytes
content-length
248757
FrutigerLTW05-55Roman.woff2
www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/FrutigerLTW05-55Roman.woff2
Requested by
Host: www.deutsche-bank.de
URL: https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:f800:13:46b5:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
55cb206a77ff71092c309352fcb5927a389382ae678bab55f85ab13ed6239d31
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.deutsche-bank.de
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, allow-from https://meine.deutsche-bank.de

Request headers

Referer
https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/fonts.css
Origin
https://privatkunden.webcindario.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:23:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors https://*.deutsche-bank.de
via
1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
25764
last-modified
Wed, 24 Feb 2021 08:20:14 GMT
server
Apache
db-nickname
VTJGc2RHVmtYMS95WDU0UzRmVFI2VGRLVnBvV2p6UGRkcjFZYmdSWFp4dz0=
etag
"64a4-5bc10b44d0b80"
vary
Origin
x-frame-options
SAMEORIGIN, allow-from https://meine.deutsche-bank.de
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
eH_0koPHwq2kAKKbLbUKD7NVD80wiLOghbfhIVpu_lTJ9MNXmXshDQ==
expires
Sat, 03 Aug 2024 10:23:06 GMT
FrutigerLTW05-65Bold.woff2
www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/FrutigerLTW05-65Bold.woff2
Requested by
Host: www.deutsche-bank.de
URL: https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:f800:13:46b5:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
be4beee7d867a4c4702b8ab281d1d11884a6b7ae9a5e74aac6b141000cb248de
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.deutsche-bank.de
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, allow-from https://meine.deutsche-bank.de

Request headers

Referer
https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/fonts.css
Origin
https://privatkunden.webcindario.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:23:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors https://*.deutsche-bank.de
via
1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
26008
last-modified
Wed, 24 Feb 2021 08:20:14 GMT
server
Apache
db-nickname
VTJGc2RHVmtYMS9uT1NTdy9BbHRqUFQzNXo5TFhST1dLS1dpSGNsMW1XST0=
etag
"6598-5bc10b44d0b80"
vary
Origin
x-frame-options
SAMEORIGIN, allow-from https://meine.deutsche-bank.de
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
3oav1VaO7Vl50hCIftFzMtdGG_H7qNRZELh_QvDdB5_gIzlZJKAOnw==
expires
Sat, 03 Aug 2024 10:23:06 GMT
607f6b0b381bbc1f64fa027d62891072_cookie.php
hosting.miarroba.info/ Frame 16C3 		46 B
465 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://privatkunden.webcindario.com
Referer
https://privatkunden.webcindario.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f1615436a3b1957-FRA
content-encoding
br
content-type
text/html; charset=iso-8859-1
date
Fri, 04 Aug 2023 10:23:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApT0gGtOBJ33cpHER%2FdVcQm7ALzzzxOq5v3r7RKmqbLjNUsE6%2FaGY63Sq93GBJqzojKxx53Sk1zjtGTpnT17Kuza8NUEKnYYdailz8dXP7uI4YDw7nbrbZ1AQn2jdnWmYmG6ILOJM7xfuII%2FVZhBFi3dXCA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/ 		361 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7294310421616689&plah=privatkunden.webcindario.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13e21d0e802a0bdd1ab3ce0e30fe4f2a2f5d02d2ce17a0b0a43f7cece1dd44df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126343
x-xss-protection
0
server
cafe
etag
2737481799356025187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 04 Aug 2023 10:23:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/ Frame D2C8 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://privatkunden.webcindario.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13111
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 04 Aug 2023 06:44:36 GMT
etag
12368291122986407432
expires
Fri, 18 Aug 2023 06:44:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-7294310421616689
fundingchoicesmessages.google.com/i/ 		150 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7294310421616689?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7294310421616689&plah=privatkunden.webcindario.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
ESF /
Resource Hash
498b808a9eb9f15e6b205c2d458e4c7a4c942a850948e2131908ca80ed1538bf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-puuJUpdUFa1fBb4BiDi7tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:23:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-puuJUpdUFa1fBb4BiDi7tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUR_Lebl-qgOes4Xqpnz3wmtwtbdkT-n6YzdM3J9irSPxG8FXplxFVqve9lKS5BK0J824Gs0JrrhfXJ3_spGHkY7DDYtCU9nN_J2TIbbdjiwrKxp0HpCr01u_21B4emhe2COt_r6w==
fundingchoicesmessages.google.com/f/ 		300 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUR_Lebl-qgOes4Xqpnz3wmtwtbdkT-n6YzdM3J9irSPxG8FXplxFVqve9lKS5BK0J824Gs0JrrhfXJ3_spGHkY7DDYtCU9nN_J2TIbbdjiwrKxp0HpCr01u_21B4emhe2COt_r6w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkxMTQ0NTg3LDU5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wcml2YXRrdW5kZW4ud2ViY2luZGFyaW8uY29tL0d1dGVuLVRhZy9hcHAvdXNlci5waHAiLG51bGwsW1s4LCJGZk9pNzlxUVh6VSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.FfOi79qQXzU.es5.O/d=1/rs=AJlcJMyPWw9bSTyn4em0to0YFci6ZHi36w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
ESF /
Resource Hash
c1e411b115bf427f1f4e299bb21ad9fcf31dc2200bad9a05e66083c03f3a5283
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DhhIVeiRw6KDouEAoKK2zA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:23:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-DhhIVeiRw6KDouEAoKK2zA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 04 Aug 2023 09:49:45 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2002
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 04 Aug 2023 11:49:45 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:23:07 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 11 Aug 2023 10:23:07 GMT
rules-p-d5x2uDVHd7ALE.js
rules.quantcount.com/ 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d60c833406c5cca9095b3cabd40d6f65e486a0a4c0b59105031c9a6e94595f5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:09:44 GMT
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
843
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:55:53 GMT
server
AmazonS3
etag
"ceee564f54e512a948f918e2710eab6e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
8zWFYMnq2IrTB_5DmXpupOowcr6T_t7Nz1lioWB4ULACWMSjpd6DCw==
collect
www.google-analytics.com/j/ 		4 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=934755358&t=pageview&_s=1&dl=https%3A%2F%2Fprivatkunden.webcindario.com%2FGuten-Tag%2Fapp%2Fuser.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABCAAAAC~&jid=326232732&gjid=1488544248&cid=1362177859.1691144588&tid=UA-597118-7&_gid=1775450932.1691144588&_r=1&_slc=1&gtm=45He3820n71T2VG59&z=2006133649
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://privatkunden.webcindario.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 10:23:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://privatkunden.webcindario.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-597118-7&cid=1362177859.1691144588&jid=326232732&gjid=1488544248&_gid=1775450932.1691144588&_u=YEBAAAAACAAAAC~&z=1179637531
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://privatkunden.webcindario.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 04 Aug 2023 10:23:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://privatkunden.webcindario.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		69 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.FfOi79qQXzU.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyPWw9bSTyn4em0to0YFci6ZHi36w/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
45b31a1495525822f49bb56f4186e51cccc201a977ca39eae8f05846a6c62e52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 04 Aug 2023 10:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 04 Aug 2023 10:23:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 04 Aug 2023 10:23:07 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://privatkunden.webcindario.com/
Origin
https://privatkunden.webcindario.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 07:35:16 GMT
x-content-type-options
nosniff
age
10071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 07:35:16 GMT
AGSKWxVtWYTyEHOuYGl56hG5NIfdGibqEEupbuOCVEWviiP30YmW4C7l-1g6BOt1HYvjHaoqzFzmoqDhk2wIGmDO09BZdDVK-bslV8cVaM4z_l7yb0dirWmlIon1b4ubJpYOCqv7dyLoKw==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVtWYTyEHOuYGl56hG5NIfdGibqEEupbuOCVEWviiP30YmW4C7l-1g6BOt1HYvjHaoqzFzmoqDhk2wIGmDO09BZdDVK-bslV8cVaM4z_l7yb0dirWmlIon1b4ubJpYOCqv7dyLoKw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.FfOi79qQXzU.es5.O/d=1/rs=AJlcJMyPWw9bSTyn4em0to0YFci6ZHi36w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Sa-7IE04PEI9GuitDoUHVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://privatkunden.webcindario.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Aug 2023 10:23:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-Sa-7IE04PEI9GuitDoUHVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://privatkunden.webcindario.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-597118-7&cid=1362177859.1691144588&jid=326232732&_u=YEBAAAAACAAAAC~&z=1144642997
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 10:23:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-597118-7&cid=1362177859.1691144588&jid=326232732&_u=YEBAAAAACAAAAC~&z=1144642997
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://privatkunden.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 10:23:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://privatkunden.webcindario.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 00:05:03 GMT
x-content-type-options
nosniff
age
555484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 00:05:03 GMT
fetch.php
privatkunden.webcindario.com/Guten-Tag/panel/ 		1 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privatkunden.webcindario.com/Guten-Tag/panel/fetch.php
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/res/jq.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept
*/*
Referer
https://privatkunden.webcindario.com/Guten-Tag/app/user.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 04 Aug 2023 10:23:08 GMT
content-encoding
gzip
server
nginx
x-powered-by
Webcindario Hosting Service
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
fetch.php
privatkunden.webcindario.com/Guten-Tag/panel/ 		1 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privatkunden.webcindario.com/Guten-Tag/panel/fetch.php
Requested by
Host: privatkunden.webcindario.com
URL: https://privatkunden.webcindario.com/Guten-Tag/app/res/jq.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept
*/*
Referer
https://privatkunden.webcindario.com/Guten-Tag/app/user.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 04 Aug 2023 10:23:10 GMT
content-encoding
gzip
server
nginx
x-powered-by
Webcindario Hosting Service
vary
Accept-Encoding
content-type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Postbank (Banking)

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| dataLayer function| $ function| jQuery string| cd object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| Njc2YmEyNzM3MGQ0MmI4OWxvYWRlcl9qcw== string| Njc2YmEyNzM3MGQ0MmI4OWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_tag_manager string| GoogleAnalyticsObject function| mia_ga object| _qevents function| quantserve function| __qc object| ezt object| _qoptions object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
bc4.io/ Name: reference
Value: 6417930336467241107
.webcindario.com/ Name: __muid
Value: 996a829a4376fb2b0968638504aa8bd143bd5579
privatkunden.webcindario.com/ Name: PHPSESSID
Value: 5426df7ebdfd881c38a632a9f6095147
.privatkunden.webcindario.com/ Name: _ga
Value: GA1.3.1362177859.1691144588
.privatkunden.webcindario.com/ Name: _gid
Value: GA1.3.1775450932.1691144588
.privatkunden.webcindario.com/ Name: _gat_UA-597118-7
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bc4.io
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hosting.miarroba.info
pagead2.googlesyndication.com
privatkunden.webcindario.com
reseller-hosting-themes.com
rules.quantcount.com
secure.quantserve.com
stats.g.doubleclick.net
www.deutsche-bank.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
129.213.198.22
142.250.184.206
162.210.96.126
2600:9000:2104:f800:13:46b5:7d80:93a1
2600:9000:223c:9800:6:44e3:f8c0:93a1
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:801::2002
2a00:1450:4001:801::2008
2a00:1450:4001:809::2004
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9b
2a06:98c1:3121::3
5.57.226.202
0afff3402c812eea053a600106856a8c4ea4f216cb244e68eeab2ccbef8e9a76
13e21d0e802a0bdd1ab3ce0e30fe4f2a2f5d02d2ce17a0b0a43f7cece1dd44df
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88
3dc541aa9bb40fe5df53166a1ae584f2df06bc3abf2237e5a46cf77c1d15c3d6
45b31a1495525822f49bb56f4186e51cccc201a977ca39eae8f05846a6c62e52
498b808a9eb9f15e6b205c2d458e4c7a4c942a850948e2131908ca80ed1538bf
55cb206a77ff71092c309352fcb5927a389382ae678bab55f85ab13ed6239d31
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c477933a91763dd80d66840a72f9b25bee4250bc4adb2ec15932d5f6a473ecf
8f07215a23a4910eb229906b28817531fc89e70a9003d65f7ba388f8c1c589d1
8f5d2e1d267e7487e78ead0a148e8b6a2dff484b5e6db7dcb364b572a2a8761e
97fe447ddc107dc8b5f84af5b559f36c71eb2da143a98ef3080014d1f17c994a
9d02ee01919145c20b03ee9d3013af7118793dedf5d2c0696a773af90066c953
9f8275dba77aaa9b0590caa089e5178ddd70e1edd534aebeab3267fabf9ee71c
adc96b6efe5919552898681732312c97108a36e5d17d1bd20044c09f31b7e43b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
be4beee7d867a4c4702b8ab281d1d11884a6b7ae9a5e74aac6b141000cb248de
c1e411b115bf427f1f4e299bb21ad9fcf31dc2200bad9a05e66083c03f3a5283
d60c833406c5cca9095b3cabd40d6f65e486a0a4c0b59105031c9a6e94595f5a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed3071781924562c02f648cab6d9decda453e6b57d137a4dded6f85ae7be3901
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629