reaktivierung-p.click Open in urlscan Pro
2606:4700:3030::6815:4001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://reaktivierung-p.click/
Submission: On December 30 via api (December 30th 2024, 10:42:52 pm UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3030::6815:4001, located in United States and belongs to CLOUDFLARENET, US. The main domain is reaktivierung-p.click.
TLS certificate: Issued by WE1 on December 30th 2024. Valid for: 3 months.

This is the only time reaktivierung-p.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3030::6815:4001	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3030::6815:5297	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
17	4

8 2606:4700:3030::6815:4001 (United States)

ASN13335 (CLOUDFLARENET, US)

reaktivierung-p.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::6815:5297 (United States)

ASN13335 (CLOUDFLARENET, US)

www.imcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	reaktivierung-p.click reaktivierung-p.click	170 KB
3	gstatic.com fonts.gstatic.com	74 KB
3	imcounter.com www.imcounter.com — Cisco Umbrella Rank: 727498	5 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
17	4

	Domain	Requested by
8	reaktivierung-p.click	reaktivierung-p.click
3	fonts.gstatic.com	fonts.googleapis.com
3	www.imcounter.com	reaktivierung-p.click www.imcounter.com
3	fonts.googleapis.com	reaktivierung-p.click
17	4

This site contains links to these domains. Also see Links.

Domain
www.postfinance.ch

Subject Issuer	Validity	Valid
reaktivierung-p.click WE1	`2024-12-30` - `2025-03-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
imcounter.com WE1	`2024-12-10` - `2025-03-10`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://reaktivierung-p.click/
Frame ID: FDC80B8E197E499ADC98910BABF2F0EC
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PostFinance - E-Finance

Page Statistics

17
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

252 kB
Transfer

712 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.postfinance.ch/en/private/paying-saving/e-banking-apps/postfinance-app.html#/
Title: PostFinance App kennenlernen

Search URL Search Domain Scan URL

URL: https://www.postfinance.ch/de/support/login-sicherheit.html
Title: Support zum Login

Search URL Search Domain Scan URL

URL: https://www.postfinance.ch/de/privat/zahlen-sparen/e-banking-apps/e-finance.html
Title: E-Finance bestellen

Search URL Search Domain Scan URL

URL: https://www.postfinance.ch/de/detail/demo-e-finance-und-loginverfahren.html
Title: Demoversion E-Finance

Search URL Search Domain Scan URL

URL: https://www.postfinance.ch/de/support/login-sicherheit/sicher-unterwegs/rundum-geschuetzt-internet/10-wichtigsten-sicherheitsstandards-fuer-einen-sicheren-umgang-mit-e-finance.html
Title: Verhaltensregeln für E-Finance

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
reaktivierung-p.click/ 1 KB
1 KB 226ms
113ms Document
text/html 2606:4700:3030::6815:4001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://reaktivierung-p.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f1a909ba3e6a12b363c48bdee087ab9643c3b3e7a42163a5a1a91b42fa867b7b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8fa58b87eacadc79-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Mon, 30 Dec 2024 22:42:47 GMT
last-modified: Tue, 24 Dec 2024 23:41:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nFmDrbd96SCc7JiOtaAzRKmFeTYxJp2K%2BXCXh4RUOfysQJsAqpPQM4swE1bXoVlUdi65aloy1vHDZLMlGvvfo3xzumQyG0FMTYF44VF%2FVaZqOtRsnqztE9rqgdoobfUJDQrjPaGvPblrM2j5TTU7SYwFvNE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
x-powered-by: Express

GET
H3 200 index-Cnr9zNNp.js Show response
reaktivierung-p.click/assets/ 353 KB
115 KB 106ms
106ms Script
application/javascript 2606:4700:3030::6815:4001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://reaktivierung-p.click/assets/index-Cnr9zNNp.js
Requested by: Host: reaktivierung-p.click
URL: https://reaktivierung-p.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a6a392eaf8632aecf085852e9a77fda35e75330783ebc1293173bb19719cfee4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://reaktivierung-p.click
Referer: https://reaktivierung-p.click/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"58354-193fb0bb30a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GbbTku0grMDvdwl9lZPMyTjbJZG9GE8jfv9MO0mOQQk4GWnWD1jr7%2BqfRiQTOluI6NI8uwzSGU%2BAsg%2Brt4xb1C1TPRhLmv%2BIaS4EGNychXneztpiRapKwNid%2BmST%2BVcBOUKoVcBMaOsWvo726azzOPZSBIk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fa58b88aaccdc79-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Dec 2024 22:42:47 GMT
last-modified: Tue, 24 Dec 2024 23:41:08 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
server: cloudflare
vary: Accept-Encoding

GET
H3 200 index-BYxacKQA.css
reaktivierung-p.click/assets/ 220 KB
39 KB 130ms
130ms Stylesheet
text/css 2606:4700:3030::6815:4001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://reaktivierung-p.click/assets/index-BYxacKQA.css
Requested by: Host: reaktivierung-p.click
URL: https://reaktivierung-p.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1acb1d72736a7452c55dc503a4141b9bad95d4da55695982e7e6694c22e7b4a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://reaktivierung-p.click
Referer: https://reaktivierung-p.click/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"371e3-193fb0bb30a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RUsJqPAlHz%2FEXXHT%2Btc5vAcxHHcq%2BIang6pBVXWIAzQFwrYhgfGAgoqBaWUsWiwIzz7Vu8T6E16Vfz1er4k092eSwqeTSxRGSVasTKe8%2FgIXm%2BGAyhIuFMtZ7a0tycfaeLIm%2FWxeTC2PAz7%2Fc5615%2FBpwu0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fa58b88aacbdc79-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Dec 2024 22:42:47 GMT
last-modified: Tue, 24 Dec 2024 23:41:08 GMT
content-type: text/css; charset=UTF-8
x-powered-by: Express
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 80ms
29ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: reaktivierung-p.click
URL: https://reaktivierung-p.click/assets/index-BYxacKQA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22c3e32be01d8accada02d536093064df81aa7f0a922dde057e3e5fb8ea240ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://reaktivierung-p.click/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 22:42:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 22:42:48 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 30 Dec 2024 22:41:58 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
714 B 82ms
32ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,200..1000;1,200..1000&display=swap

Requested by

Host: reaktivierung-p.click
URL: https://reaktivierung-p.click/assets/index-BYxacKQA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

931fd5c5effdeb5d513ed2a485ac484db3988f761f1ec4605baf6755b0884e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://reaktivierung-p.click/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 22:42:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 22:42:48 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 30 Dec 2024 22:00:58 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
1 KB 80ms
30ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: reaktivierung-p.click
URL: https://reaktivierung-p.click/assets/index-BYxacKQA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://reaktivierung-p.click/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 22:42:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 22:42:48 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 30 Dec 2024 22:30:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 fcount.php Show response
www.imcounter.com/ 1 KB
1 KB 101ms
64ms Script
application/javascript 2606:4700:3030::6815:5297
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcounter.com/fcount.php?rnd=42504903390

Requested by

Host: reaktivierung-p.click
URL: https://reaktivierung-p.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5297 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77f87bd0f621c725a02dce747d5aca97ba741adf8c9d897916f2977461719e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://reaktivierung-p.click/

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZgrRYYGygxUJmfMj5a%2BJM2BjbxpbBMW8WRnokNjqi3m8UecGnNHqgqZNLVhxCOmXigx9TgjcP0ZGXrrxNyS9oXL9c689pySU3xfVzwqkieJM9sl086bilHTvsTtv1rLoZreqGuAxgrpWoFZ95%2B%2FwA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22006&min_rtt=21868&rtt_var=4700&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4128&recv_bytes=4280&delivery_rate=26584&cwnd=12000&unsent_bytes=0&cid=3d05f03d164b00df&ts=68&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 22:42:48 GMT
content-type: application/javascript
priority: u=3,i=?0
cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8fa58b8a7d4b68f5-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
38 KB 54ms
23ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,200..1000;1,200..1000&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://reaktivierung-p.click
Referer: https://fonts.googleapis.com/

Response headers

age: 567390
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Dec 2025 09:06:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 09:06:18 GMT
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39124
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 59ms
28ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://reaktivierung-p.click
Referer: https://fonts.googleapis.com/

Response headers

age: 567390
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Dec 2025 09:06:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 09:06:18 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 full-logo.png
reaktivierung-p.click/ 8 KB
8 KB 104ms
103ms Image
image/png 2606:4700:3030::6815:4001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reaktivierung-p.click/full-logo.png
Requested by: Host: reaktivierung-p.click
URL: https://reaktivierung-p.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c02492292f208fea575e1ef3061019d9df05b8750a33c32f63ed013877fa4bb0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://reaktivierung-p.click/

Response headers

cf-cache-status: REVALIDATED
etag: W/"1f56-193fb0bb08c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H3qGlNMJy3ZcjZp8WUAKHfGms%2Fl6Fvt9FxPJiHjvCtHpWGx12H6O8sRLadmpa5KLi6z7sH5AoOsyvctqYFFMUQu01nQurAubjTrIGmU1rTKJYwsphPX5NmDE89w2P7lSCQp09RxGWxsG2ADIeL0AzvZQl6U%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Dec 2024 22:42:48 GMT
last-modified: Tue, 24 Dec 2024 23:41:07 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa58b8a5acedc79-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8022
x-powered-by: Express
server: cloudflare

GET
H3 200 eye.png
reaktivierung-p.click/ 750 B
1 KB 105ms
105ms Image
image/png 2606:4700:3030::6815:4001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reaktivierung-p.click/eye.png
Requested by: Host: reaktivierung-p.click
URL: https://reaktivierung-p.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2f54e23b4db01d0dc41e9170ab26f01b9206b578445be2c3abca4411a29b7b95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://reaktivierung-p.click/

Response headers

cf-cache-status: REVALIDATED
etag: W/"2ee-193fb0bb08c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2B8eVTwgEapdkvMN5UfTRvCb%2BZ9zGlRJ52UtDayhPJhHAzqMlVA79Cctg9U9BzvQpnlzJr3BXjj3zttE4pcTq1aaQIrlDEHFJp0xHeghVWS31wz3x08lUdtcYAp%2F5QzpVrkll5Su%2Fc8r3y6L6dQ7qhl0JCw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Dec 2024 22:42:48 GMT
last-modified: Tue, 24 Dec 2024 23:41:07 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa58b8a5acfdc79-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 750
x-powered-by: Express
server: cloudflare

GET
H3 200 q1.png
reaktivierung-p.click/ 2 KB
3 KB 108ms
108ms Image
image/png 2606:4700:3030::6815:4001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reaktivierung-p.click/q1.png
Requested by: Host: reaktivierung-p.click
URL: https://reaktivierung-p.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: bb80217961673f38c4e6089bb31ef1256603042ea6e5ca29291a96d2e7e12e90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://reaktivierung-p.click/

Response headers

cf-cache-status: REVALIDATED
etag: W/"9a9-193fb0bb08d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2BWsnU2Bt3zO6PKGNT27qvSWcQ5jAayb1U6fke5kFgelTz8h9dmEa8whZTc7vtsf2TwuG2kUb2JAbrWHMxrIdoB6kM5n9pVfsVrlFxO6MczRCD7B2aUC8yM4U6of8AD022sGD%2FDOk4F23AqztYpePhOanG4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Dec 2024 22:42:48 GMT
last-modified: Tue, 24 Dec 2024 23:41:07 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa58b8a5ad0dc79-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2473
x-powered-by: Express
server: cloudflare

GET
H3 401 me Show response
reaktivierung-p.click/api/v1/rumman/auth/ 40 B
519 B 66ms
66ms Fetch
application/json 2606:4700:3030::6815:4001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://reaktivierung-p.click/api/v1/rumman/auth/me
Requested by: Host: reaktivierung-p.click
URL: https://reaktivierung-p.click/assets/index-Cnr9zNNp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e686a754c8e0164a757a7e6c93d746e731bf258b157ff23a4ebc978be51b4006

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://reaktivierung-p.click/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: W/"28-g3BIuGDiWFAnyd0fU2R8zqf4Zig"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvbyT4xjYvC%2FBcVJ4nZLBLdVdyOq40kTTba8XE2wRYiBULOWHcYes3aQvG3hjNGBhGmT5O4kZJTvhZ8IteMynDfRfs%2BDSpm4UIR3zZ3ENGxfu6uXg8hz9F3ix1YKITHswrQ1TsQDnDZksB2qM3FVGJzBKQY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8fa58b8a6ad1dc79-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 40
date: Mon, 30 Dec 2024 22:42:48 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: cloudflare

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 45ms
35ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://reaktivierung-p.click
Referer: https://fonts.googleapis.com/

Response headers

age: 566285
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Dec 2025 09:24:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 09:24:43 GMT
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18492
x-xss-protection: 0
server: sffe

GET
H3 200 fcounter.php Show response
www.imcounter.com/ 543 B
985 B 64ms
64ms Script
text/javascript 2606:4700:3030::6815:5297
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcounter.com/fcounter.php?test=1&rnd=33562693&s=trans&id=43886&l=de-DE&u=&w=1600&h=1200

Requested by

Host: www.imcounter.com
URL: https://www.imcounter.com/fcount.php?rnd=42504903390

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5297 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73a8795c13e463ea2732c6df026074f2c9d465ef20000abe37edddcfd08a40f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://reaktivierung-p.click/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TsEKs4ok4PteRMQpl1by%2B4sPK35F1PPKJipG%2F9R4h1z6%2FW0wBEPlQOaYrPR3lOT2PpW222p%2BLBNMwRXdOTzAiJMBps5nylWkPp39ydcllsbi6ddOJEHMj49mXjtIU3XDZQOWS%2BHyy3ag%2BefW2yJiww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8fa58b8aedd068f5-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22072&min_rtt=21868&rtt_var=2765&sent=14&recv=11&lost=0&retrans=0&sent_bytes=5388&recv_bytes=4645&delivery_rate=30707&cwnd=12000&unsent_bytes=0&cid=3d05f03d164b00df&ts=135&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 22:42:48 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript;charset=UTF-8
server: cloudflare
priority: u=3,i=?0

GET
H3 200 imcounter-banner-blue.gif
www.imcounter.com/CIncludes/img/ 2 KB
3 KB 31ms
31ms Image
image/gif 2606:4700:3030::6815:5297
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcounter.com/CIncludes/img/imcounter-banner-blue.gif

Requested by

Host: reaktivierung-p.click
URL: https://reaktivierung-p.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5297 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa1b7aabf21d2a9f5a1bdd8678751c95120b788deae1847d535843c9713f281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://reaktivierung-p.click/

Response headers

cf-cache-status: HIT
etag: "656c8f94-83d"
age: 2994
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WV2VS9XhPubn4n3UnULvtsn5XDQcvkvYZ43YyTv7Sa3RtxfYjhHd1gdudx%2Bijck6v4Spwrtr8yIt9sZ6Eib2zWyde%2BGn6aIn9Zt2JQGDEk%2Fd%2FDh7TtCFJiKTWVMbWVT13JoXaUJAy7oOeSLI%2Bko3nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22068&min_rtt=21868&rtt_var=2082&sent=16&recv=12&lost=0&retrans=0&sent_bytes=6420&recv_bytes=5011&delivery_rate=15100&cwnd=12000&unsent_bytes=0&cid=3d05f03d164b00df&ts=168&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 30 Dec 2024 22:42:48 GMT
content-type: image/gif
last-modified: Sun, 03 Dec 2023 14:24:20 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa58b8b5dee68f5-FRA
accept-ranges: bytes
content-length: 2109
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo.png
reaktivierung-p.click/ 2 KB
2 KB 106ms
106ms Other
image/png 2606:4700:3030::6815:4001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://reaktivierung-p.click/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74a2e805d52457ef4ad63a293549c591fa49d292abdfd3a5d61bc99707033617

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://reaktivierung-p.click/

Response headers

cf-cache-status: REVALIDATED
etag: W/"731-193fb0bb08c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2B7akqUEPbUG34J0tXmcIQI2z7HSp4UzPsQo9xV8N0F7qJkcAJrgBaUD40DCrhwIHbluSpauOflLvRfgS3QoA1kOEiktIumQ7kH56SPeK3BC1fWGNAFHo%2BUHtCSAq%2B9ddBw9GBJXgTW5%2BVTHuOPjGjdnqHw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Dec 2024 22:42:48 GMT
last-modified: Tue, 24 Dec 2024 23:41:07 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fa58b8b8ad5dc79-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1841
x-powered-by: Express
server: cloudflare

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://reaktivierung-p.click/api/v1/rumman/auth/me Message: Failed to load resource: the server responded with a status of 401 ()
recommendation	verbose	URL: https://reaktivierung-p.click/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
reaktivierung-p.click
www.imcounter.com
2606:4700:3030::6815:4001
2606:4700:3030::6815:5297
2a00:1450:4001:80e::200a
2a00:1450:4001:81d::2003
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1acb1d72736a7452c55dc503a4141b9bad95d4da55695982e7e6694c22e7b4a0
22c3e32be01d8accada02d536093064df81aa7f0a922dde057e3e5fb8ea240ff
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
2f54e23b4db01d0dc41e9170ab26f01b9206b578445be2c3abca4411a29b7b95
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
5aa1b7aabf21d2a9f5a1bdd8678751c95120b788deae1847d535843c9713f281
73a8795c13e463ea2732c6df026074f2c9d465ef20000abe37edddcfd08a40f8
74a2e805d52457ef4ad63a293549c591fa49d292abdfd3a5d61bc99707033617
77f87bd0f621c725a02dce747d5aca97ba741adf8c9d897916f2977461719e66
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
931fd5c5effdeb5d513ed2a485ac484db3988f761f1ec4605baf6755b0884e78
a6a392eaf8632aecf085852e9a77fda35e75330783ebc1293173bb19719cfee4
bb80217961673f38c4e6089bb31ef1256603042ea6e5ca29291a96d2e7e12e90
c02492292f208fea575e1ef3061019d9df05b8750a33c32f63ed013877fa4bb0
e686a754c8e0164a757a7e6c93d746e731bf258b157ff23a4ebc978be51b4006
f1a909ba3e6a12b363c48bdee087ab9643c3b3e7a42163a5a1a91b42fa867b7b

reaktivierung-p.click Open in urlscan Pro 2606:4700:3030::6815:4001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

17 Requests

100 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

252 kBTransfer

712 kBSize

0 Cookies

5 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

reaktivierung-p.click Open in urlscan Pro
2606:4700:3030::6815:4001 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

252 kB
Transfer

712 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions