urlscan.io logo urlscan.io
SecurityTrails logo

starten-sie-jetzt.com.de Open in urlscan Pro
45.66.230.76  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://aredlipandanudeshoe.com/horst/?sZI6eBoHYf
Effective URL: https://starten-sie-jetzt.com.de/
Submission: On October 05 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 18 HTTP transactions. The main IP is 45.66.230.76, located in Amsterdam, Netherlands and belongs to AS_DELIS, US. The main domain is starten-sie-jetzt.com.de.
TLS certificate: Issued by R3 on September 21st 2023. Valid for: 3 months.
This is the only time starten-sie-jetzt.com.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Deutsche Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 54.175.187.139 14618 (AMAZON-AES)
3 45.66.230.76 211252 (AS_DELIS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 8
1    54.175.187.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-187-139.compute-1.amazonaws.com
aredlipandanudeshoe.com
3    45.66.230.76 (Amsterdam, Netherlands)

ASN211252 (AS_DELIS, US)
starten-sie-jetzt.com.de
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
626 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
36 KB
3 com.de
starten-sie-jetzt.com.de
847 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
11 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 925
31 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
29 KB
1 aredlipandanudeshoe.com
aredlipandanudeshoe.com
250 B
0 anal-lytics.gay Failed
ww12.anal-lytics.gay Failed
18 8
Domain Requested by
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com starten-sie-jetzt.com.de
www.gstatic.com
www.google.com
3 starten-sie-jetzt.com.de starten-sie-jetzt.com.de
1 fonts.gstatic.com
1 cdnjs.cloudflare.com starten-sie-jetzt.com.de
1 code.jquery.com starten-sie-jetzt.com.de
1 cdn.jsdelivr.net starten-sie-jetzt.com.de
1 aredlipandanudeshoe.com 1 redirects
0 ww12.anal-lytics.gay Failed starten-sie-jetzt.com.de
18 9

This site contains no links.

Subject Issuer Validity Valid
d-bank-check.com.de
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://starten-sie-jetzt.com.de/
Frame ID: EEC33383C1D5BBC33473B7F1634A8B4C
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQnjQoAAAAAAPxbZ5wnejlPUnk0MJRsgC8Q_nW&co=aHR0cHM6Ly9zdGFydGVuLXNpZS1qZXR6dC5jb20uZGU6NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=mbly1ycr9dyt
Frame ID: A8E97FCEBE1441AE52E7036B22D2C76C
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6LeQnjQoAAAAAAPxbZ5wnejlPUnk0MJRsgC8Q_nW
Frame ID: D5B381EC5C91BF3B5C34842ABD2C53C7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bot-Check: Wir überprüfen die Echtheit des Zugriffes

Page URL History Show full URLs

  1. http://aredlipandanudeshoe.com/horst/?sZI6eBoHYf HTTP 302
    https://starten-sie-jetzt.com.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div class="[^"]*parbase
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

18
Requests

94 %
HTTPS

75 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

1580 kB
Transfer

2795 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://aredlipandanudeshoe.com/horst/?sZI6eBoHYf HTTP 302
    https://starten-sie-jetzt.com.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://anal-lytics.gay/pixel/P4rWhkWDR9eFmohF HTTP 0
  • http://ww12.anal-lytics.gay/pixel/P4rWhkWDR9eFmohF

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
starten-sie-jetzt.com.de/
Redirect Chain
  • http://aredlipandanudeshoe.com/horst/?sZI6eBoHYf
  • https://starten-sie-jetzt.com.de/
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://starten-sie-jetzt.com.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.66.230.76 Amsterdam, Netherlands, ASN211252 (AS_DELIS, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
b5f98807d1641bd95c222c2314eed040f3e8d0194172f97fa2db635447f7f639

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2107
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Oct 2023 13:10:33 GMT
Server
nginx/1.14.2
Vary
Accept-Encoding
expires
-1
pragma
no-cache

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 04 Oct 2023 21:24:31 GMT
Keep-Alive
timeout=5, max=100
Location
https://starten-sie-jetzt.com.de
Server
Apache/2.4.38 (Debian)
olea.css
starten-sie-jetzt.com.de/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://starten-sie-jetzt.com.de/css/olea.css
Requested by
Host: starten-sie-jetzt.com.de
URL: https://starten-sie-jetzt.com.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.66.230.76 Amsterdam, Netherlands, ASN211252 (AS_DELIS, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
2307760cc1d2d90094b99c5bc71c476d8ee9d435d31f1de2ee22087364339f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://starten-sie-jetzt.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 13:10:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Sep 2023 11:32:06 GMT
Server
nginx/1.14.2
ETag
"7e1-605a07def3980-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
741
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: starten-sie-jetzt.com.de
URL: https://starten-sie-jetzt.com.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://starten-sie-jetzt.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:10:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3104621
x-jsd-version
5.2.3
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230122-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtpGyXcE8KB26Wrqo%2FBLb%2FefTNurN6eMWEGNehnDUFott2KUU%2FpBVXeXA3HNAOTsRj3QtsS7gbpJqxFlSb4U%2F4MJL5tI6Y%2BGJq8guC8EM3EURTRGfeErG5lnTOgFsmo24pEX9VBPlUUHWGetCIM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8115e7c97caa049f-FRA
jquery-3.6.1.min.js
code.jquery.com/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: starten-sie-jetzt.com.de
URL: https://starten-sie-jetzt.com.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer
https://starten-sie-jetzt.com.de/
Origin
https://starten-sie-jetzt.com.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:10:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1709234
x-cache
HIT, HIT
content-length
30957
x-served-by
cache-lga13629-LGA, cache-fra-eddf8230067-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1696511433.213466,VS0,VE0
etag
W/"28feccc0-15e40"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
27, 183366
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: starten-sie-jetzt.com.de
URL: https://starten-sie-jetzt.com.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7667d41929dbee536024b3381aa9e72c4c711d03c5c75fdf227a0537483bbf99
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://starten-sie-jetzt.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:10:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 05 Oct 2023 13:10:33 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: starten-sie-jetzt.com.de
URL: https://starten-sie-jetzt.com.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://starten-sie-jetzt.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:10:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7379859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10462
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mzfs3xXZNgx1uD90ou5X4y4LJMLFr11wclbJjowCgfK800r3jy%2B%2BfKJJYXgCnnnBiCAhHJIrANwqZj30h1299YeMeNW6r5jRikjTRvAifi1T5KsoXBlsK0UAbgSLs9XzniPWR%2BHX9dRX7jF0wXIi%2BtN7"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8115e7c97fac2c1c-FRA
expires
Tue, 24 Sep 2024 13:10:33 GMT
P4rWhkWDR9eFmohF
ww12.anal-lytics.gay/pixel/
Redirect Chain
  • https://anal-lytics.gay/pixel/P4rWhkWDR9eFmohF
  • http://ww12.anal-lytics.gay/pixel/P4rWhkWDR9eFmohF
0
0
TheBG.jpg
starten-sie-jetzt.com.de/img/ 		842 KB
843 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://starten-sie-jetzt.com.de/img/TheBG.jpg
Requested by
Host: starten-sie-jetzt.com.de
URL: https://starten-sie-jetzt.com.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.66.230.76 Amsterdam, Netherlands, ASN211252 (AS_DELIS, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
108ea472fbc35a815f48cc8318522e42ab0db442ca39a5fed69e52735fd8dadf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://starten-sie-jetzt.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 13:10:33 GMT
Last-Modified
Mon, 18 Sep 2023 11:50:04 GMT
Server
nginx/1.14.2
ETag
"d2951-605a0be303300"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
862545
recaptcha__de.js
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ 		466 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://starten-sie-jetzt.com.de/
Origin
https://starten-sie-jetzt.com.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190978
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 04:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 12:22:26 GMT
anchor
www.google.com/recaptcha/api2/ Frame A8E9 		59 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQnjQoAAAAAAPxbZ5wnejlPUnk0MJRsgC8Q_nW&co=aHR0cHM6Ly9zdGFydGVuLXNpZS1qZXR6dC5jb20uZGU6NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=mbly1ycr9dyt
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
31dbc7b0f5e9d3d43d2a2fec2b1216355bb479f4116ced92e56c788c7c35d750
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4sX6fTvmhKtGQoT_rhYlOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://starten-sie-jetzt.com.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4sX6fTvmhKtGQoT_rhYlOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 13:10:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame A8E9 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQnjQoAAAAAAPxbZ5wnejlPUnk0MJRsgC8Q_nW&co=aHR0cHM6Ly9zdGFydGVuLXNpZS1qZXR6dC5jb20uZGU6NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=mbly1ycr9dyt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 04:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 12:24:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame A8E9 		466 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQnjQoAAAAAAPxbZ5wnejlPUnk0MJRsgC8Q_nW&co=aHR0cHM6Ly9zdGFydGVuLXNpZS1qZXR6dC5jb20uZGU6NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=mbly1ycr9dyt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190978
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 04:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 12:22:26 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame A8E9 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=lLirU0na9roYU3wDDisGJEVT
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQnjQoAAAAAAPxbZ5wnejlPUnk0MJRsgC8Q_nW&co=aHR0cHM6Ly9zdGFydGVuLXNpZS1qZXR6dC5jb20uZGU6NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=mbly1ycr9dyt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fc8116624ca13ea4125db423b0f4bf7cd676ec017003da5be04f40b83e1b2cb6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQnjQoAAAAAAPxbZ5wnejlPUnk0MJRsgC8Q_nW&co=aHR0cHM6Ly9zdGFydGVuLXNpZS1qZXR6dC5jb20uZGU6NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=mbly1ycr9dyt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:10:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 05 Oct 2023 13:10:34 GMT
bframe
www.google.com/recaptcha/api2/ Frame D5B3 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6LeQnjQoAAAAAAPxbZ5wnejlPUnk0MJRsgC8Q_nW
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0c16309f746c6304de868f096f1c06f5d8de2b96250e8dae9a5a021f31a477b7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uJejVR8_wbGEeb4kCfAT_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://starten-sie-jetzt.com.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-uJejVR8_wbGEeb4kCfAT_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 13:10:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame D5B3 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6LeQnjQoAAAAAAPxbZ5wnejlPUnk0MJRsgC8Q_nW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 04:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 12:24:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame D5B3 		466 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6LeQnjQoAAAAAAPxbZ5wnejlPUnk0MJRsgC8Q_nW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190978
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 04:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 12:22:26 GMT
truncated
/ Frame A8E9 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A8E9 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A8E9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 06:02:48 GMT
x-content-type-options
nosniff
age
457669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 07 Oct 2023 06:02:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A8E9 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 06:47:09 GMT
x-content-type-options
nosniff
age
455008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 06:47:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ww12.anal-lytics.gay
URL
http://ww12.anal-lytics.gay/pixel/P4rWhkWDR9eFmohF

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Deutsche Bank (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery function| myFunction function| CheckRecaptcha function| Reload function| setCookie object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_486207

2 Cookies

Domain/Path Name / Value
starten-sie-jetzt.com.de/ Name: XSRF-TOKEN
Value: eyJpdiI6IjNlZGVOQXVSM1Z6dE9tZWJXQ01Hb0E9PSIsInZhbHVlIjoianhGalRQam1NN1VmZmxzVWJENUI0NXVCWDlVay9UM3FYQTc3bFVpcWtBTno5MTh0aW5lWFQwdmpjLytxaWlJZlR0TG9SOHhHTGdld1ZGOFhZTlN1cXN4SE5TOXdyU1orMDVoUEZGeTdRbXRidFZNRHNDaTZ0TENQM0l1Y25hWE0iLCJtYWMiOiJjYmM0YTk1OTQzOGI1MzZhZGUxMDc3NWEyODAzMWVkNGYwYjkwNjU5MjZlMmUyYzA3YjFmMDA1Y2I2MTI0NzkyIiwidGFnIjoiIn0%3D
starten-sie-jetzt.com.de/ Name: laravel_session
Value: eyJpdiI6ImsxUWZwdEg5NFhyMkZ0ZkpxYWpWL0E9PSIsInZhbHVlIjoibE42Mm1kUkZvZkg5TXRxTWpMaGIxUkRVLzdFQk04MDJ2VFhObkFXN3dEdmpGOUsxOWw4eEI4eTM4ekZwRHlGVEpZNjhjd096am5jQmZyMHFoa0xwTEhQN09JZWt6aDB1dnFpeS90dUFOeS80alQrV2x4NHVTUnFkbXBTVkJocVAiLCJtYWMiOiJmOTUwN2Q3ZTdmMWEyOGE2ZWI4MWIxZDgyYjVmODZmNzA0MjgwMjlmOWE3YTZjNTZhNTMzZmNjMjhhYzBlNDE1IiwidGFnIjoiIn0%3D

1 Console Messages

Source Level URL
Text
security error URL: https://starten-sie-jetzt.com.de/
Message:
Mixed Content: The page at 'https://starten-sie-jetzt.com.de/' was loaded over HTTPS, but requested an insecure script 'http://ww12.anal-lytics.gay/pixel/P4rWhkWDR9eFmohF'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aredlipandanudeshoe.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.gstatic.com
starten-sie-jetzt.com.de
ww12.anal-lytics.gay
www.google.com
www.gstatic.com
ww12.anal-lytics.gay
2606:4700::6810:5614
2606:4700::6811:180e
2a00:1450:4001:810::2003
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a04:4e42:200::649
45.66.230.76
54.175.187.139
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c16309f746c6304de868f096f1c06f5d8de2b96250e8dae9a5a021f31a477b7
108ea472fbc35a815f48cc8318522e42ab0db442ca39a5fed69e52735fd8dadf
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2307760cc1d2d90094b99c5bc71c476d8ee9d435d31f1de2ee22087364339f0e
31dbc7b0f5e9d3d43d2a2fec2b1216355bb479f4116ced92e56c788c7c35d750
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
7667d41929dbee536024b3381aa9e72c4c711d03c5c75fdf227a0537483bbf99
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
b5f98807d1641bd95c222c2314eed040f3e8d0194172f97fa2db635447f7f639
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df
fc8116624ca13ea4125db423b0f4bf7cd676ec017003da5be04f40b83e1b2cb6