Submitted URL: http://login-ciam.aetkasmart.de/
Effective URL: https://login.aetkasmart.de/sso/UI/Login?service=login
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On December 10 via api from IT — Scanned from DE

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3200::120:0:501, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.aetkasmart.de.
TLS certificate: Issued by WE1 on November 23rd 2024. Valid for: 3 months.
This is the only time login.aetkasmart.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:320... 13335 (CLOUDFLAR...)
1 6 2a06:98c1:320... 13335 (CLOUDFLAR...)
2 2600:1901:0:5... 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.131 15169 (GOOGLE)
1 2600:1901:0:c... 396982 (GOOGLE-CL...)
1 35.190.14.188 15169 (GOOGLE)
1 2600:1901:0:2... 396982 (GOOGLE-CL...)
2 2600:1901:0:7... 396982 (GOOGLE-CL...)
15 9
Apex Domain
Subdomains
Transfer
7 usercentrics.eu
app.usercentrics.eu — Cisco Umbrella Rank: 8924
api.usercentrics.eu — Cisco Umbrella Rank: 6334
aggregator.service.usercentrics.eu — Cisco Umbrella Rank: 6659
graphql.usercentrics.eu — Cisco Umbrella Rank: 14645
247 KB
7 aetkasmart.de
login-ciam.aetkasmart.de
login.aetkasmart.de
23 KB
1 gstatic.com
fonts.gstatic.com
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
85 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
15 5
Domain Requested by
6 login.aetkasmart.de 1 redirects login.aetkasmart.de
3 app.usercentrics.eu login.aetkasmart.de
app.usercentrics.eu
2 graphql.usercentrics.eu app.usercentrics.eu
1 aggregator.service.usercentrics.eu app.usercentrics.eu
1 api.usercentrics.eu app.usercentrics.eu
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com login.aetkasmart.de
1 fonts.googleapis.com login.aetkasmart.de
1 login-ciam.aetkasmart.de 1 redirects
15 9

This site contains links to these domains. Also see Links.

Domain
mein.aetkasmart.de
www.aetkasmart.de
Subject Issuer Validity Valid
login.aetkasmart.de
WE1
2024-11-23 -
2025-02-21
3 months crt.sh
app.usercentrics.eu
WR3
2024-11-30 -
2025-02-28
3 months crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
api.usercentrics.eu
WR3
2024-11-29 -
2025-02-27
3 months crt.sh
aggregator.service.usercentrics.eu
WR3
2024-11-05 -
2025-02-03
3 months crt.sh
graphql.usercentrics.eu
WR3
2024-11-09 -
2025-02-07
3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.aetkasmart.de/sso/UI/Login?service=login
Frame ID: FF834AF78BAFFC581392DAB1B8CB042B
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

Mein aetkaSMART

Page URL History Show full URLs

  1. http://login-ciam.aetkasmart.de/ HTTP 307
    https://login-ciam.aetkasmart.de/ HTTP 301
    https://login.aetkasmart.de/ HTTP 301
    https://login.aetkasmart.de/sso/UI/Login?service=login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

15
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

9
Subdomains

9
IPs

2
Countries

375 kB
Transfer

1594 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://login-ciam.aetkasmart.de/ HTTP 307
    https://login-ciam.aetkasmart.de/ HTTP 301
    https://login.aetkasmart.de/ HTTP 301
    https://login.aetkasmart.de/sso/UI/Login?service=login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Login
login.aetkasmart.de/sso/UI/
Redirect Chain
  • http://login-ciam.aetkasmart.de/
  • https://login-ciam.aetkasmart.de/
  • https://login.aetkasmart.de/
  • https://login.aetkasmart.de/sso/UI/Login?service=login
10 KB
3 KB
Document
General
Full URL
https://login.aetkasmart.de/sso/UI/Login?service=login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3200::120:0:501 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80e73eeda3f3c7664422f18840d16a257232654194c5bacae91a51147f378b6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

am_client_type
genericHTML
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8efdadd09e1c2bc5-FRA
content-encoding
br
content-language
de
content-type
text/html;charset=UTF-8
cross-origin-embedder-policy
same-origin
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-origin
date
Tue, 10 Dec 2024 13:46:04 GMT
expires
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8efdadd05de52bc5-FRA
content-type
text/html; charset=iso-8859-1
date
Tue, 10 Dec 2024 13:46:04 GMT
location
https://login.aetkasmart.de/sso/UI/Login?service=login
server
cloudflare
login.css
login.aetkasmart.de/sso/XUI/css/aetkasmart/
19 KB
4 KB
Stylesheet
General
Full URL
https://login.aetkasmart.de/sso/XUI/css/aetkasmart/login.css
Requested by
Host: login.aetkasmart.de
URL: https://login.aetkasmart.de/sso/UI/Login?service=login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3200::120:0:501 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5753950397f576eabf3885438c08c59b26026f1188554256b94513ca93b3745d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.aetkasmart.de/sso/UI/Login?service=login

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"19607-1645446984000-gzip"
x-content-type-options
nosniff
date
Tue, 10 Dec 2024 13:46:04 GMT
content-type
text/css
last-modified
Mon, 21 Feb 2022 12:36:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=2592000
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8efdadd10e7e2bc5-FRA
cross-origin-embedder-policy
same-origin
accept-ranges
bytes
content-length
4115
x-xss-protection
1; mode=block
server
cloudflare
main.js
app.usercentrics.eu/latest/
25 KB
8 KB
Script
General
Full URL
https://app.usercentrics.eu/latest/main.js
Requested by
Host: login.aetkasmart.de
URL: https://login.aetkasmart.de/sso/UI/Login?service=login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c33a649699a0dba95a5914251da89c9a6439c07cad273e1138245c012169738b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.aetkasmart.de/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=VY37eA==, md5=6USDVr2pbiWsNP1u0Rtzig==
etag
"e9448356bda96e25ac34fd6ed11b738a"
age
45658
x-goog-stored-content-encoding
gzip
expires
Wed, 11 Dec 2024 01:05:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7809
date
Tue, 10 Dec 2024 01:05:06 GMT
last-modified
Tue, 18 Oct 2022 12:52:57 GMT
content-type
application/javascript
x-guploader-uploadid
AFiumC6X1uFzP1vwts5422vEVyio9uUmA_ywyBB3Ce2Uz2FQa3BdOg7P2zM41AJQOkqWS1D80fgkirU
strict-transport-security
max-age=7776000
cache-control
public, max-age=86400, no-transform
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-version
2.18.1
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1666097577450067
content-length
7809
server
UploadServer
logo.png
login.aetkasmart.de/sso/XUI/Image/aetkasmart/
15 KB
15 KB
Image
General
Full URL
https://login.aetkasmart.de/sso/XUI/Image/aetkasmart/logo.png
Requested by
Host: login.aetkasmart.de
URL: https://login.aetkasmart.de/sso/UI/Login?service=login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3200::120:0:501 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e3e85f87fb97f7628eafa331dbfab0d0fb7cfb3d3531642970a6d7a6622140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.aetkasmart.de/sso/UI/Login?service=login

Response headers

cf-cache-status
DYNAMIC
etag
W/"15308-1645446984000"
x-content-type-options
nosniff
date
Tue, 10 Dec 2024 13:46:04 GMT
content-type
image/png
last-modified
Mon, 21 Feb 2022 12:36:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=2592000
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8efdadd10e7f2bc5-FRA
cross-origin-embedder-policy
same-origin
accept-ranges
bytes
content-length
15308
x-xss-protection
1; mode=block
server
cloudflare
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed
Requested by
Host: login.aetkasmart.de
URL: https://login.aetkasmart.de/sso/XUI/css/aetkasmart/login.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e59223c1e86160249987055462b9c3533080f22829239522004cc784456f3ec0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.aetkasmart.de/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 13:46:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 13:46:04 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 10 Dec 2024 13:20:27 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bundle.js
app.usercentrics.eu/latest/
1 MB
225 KB
Script
General
Full URL
https://app.usercentrics.eu/latest/bundle.js
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
39e0136306d0dfd62d513db4eb0d2ea1a831ff00edf00446de67b031e6a6b9b1
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.aetkasmart.de/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=dNeQCQ==, md5=Zs9KjfdqVjTrCldr8ZezyQ==
etag
"66cf4a8df76a5634eb0a576bf197b3c9"
age
56770
x-goog-stored-content-encoding
gzip
expires
Tue, 10 Dec 2024 21:59:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
230157
date
Mon, 09 Dec 2024 21:59:54 GMT
last-modified
Tue, 18 Oct 2022 12:52:57 GMT
content-type
application/javascript
x-guploader-uploadid
AFiumC4jCHcFxfimIrFDYRbin8-D42PwZ-2qjp0GTxo5zk8Yc6ppO1RW6DSeZDWim0h4VQQ9
strict-transport-security
max-age=7776000
cache-control
public, max-age=86400, no-transform
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-version
2.18.1
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1666097577382615
content-length
230157
server
UploadServer
gtm.js
www.googletagmanager.com/
245 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TJJ6D9T
Requested by
Host: login.aetkasmart.de
URL: https://login.aetkasmart.de/sso/UI/Login?service=login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
046a0e584b2120c33d19e8f5fcb073a528c54699d33db1cb79ec8297ebe9e810
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.aetkasmart.de/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 10 Dec 2024 13:46:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 13:46:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 10 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
85867
x-xss-protection
0
server
Google Tag Manager
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.aetkasmart.de
Referer
https://fonts.googleapis.com/

Response headers

age
48029
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 00:25:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:25:35 GMT
last-modified
Wed, 18 Oct 2023 17:53:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20824
x-xss-protection
0
server
sffe
de.json
api.usercentrics.eu/settings/sJPmDEfPP/latest/
29 KB
9 KB
Fetch
General
Full URL
https://api.usercentrics.eu/settings/sJPmDEfPP/latest/de.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
026f6f08136b8db07e801b27eab2bfb1ab591b485092e4b7699572603fd4b8b2
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.aetkasmart.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=B4ZyvA==, md5=hjE6+CmtH1aFEn3l/hjfnQ==
etag
"86313af829ad1f5685127de5fe18df9d"
x-goog-stored-content-encoding
gzip
expires
Tue, 10 Dec 2024 13:47:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
9074
x-client-geo-location
DE,DENW
date
Tue, 10 Dec 2024 13:46:04 GMT
last-modified
Mon, 01 Jul 2024 14:15:17 GMT
vary
Accept-Encoding
content-type
application/json
x-guploader-uploadid
AFiumC5zKINl4CtiIyzK0cC-85a3W4wLCYVl5fWvXfuFn0n3F2S9S8WLm8WsOsaE0p7RsyXaE4Fq-MeOGA
strict-transport-security
max-age=7776000
cache-control
public, max-age=1800, s-maxage=60
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1719843317312477
content-length
9074
server
UploadServer
1px.png
app.usercentrics.eu/session/
489 B
551 B
Image
General
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=sJPmDEfPP
Requested by
Host: login.aetkasmart.de
URL: https://login.aetkasmart.de/sso/UI/Login?service=login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.aetkasmart.de/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
etag
"3702ada73b8951017b8451cbd6a96523"
age
925
x-goog-stored-content-encoding
gzip
expires
Tue, 10 Dec 2024 14:00:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
522
date
Tue, 10 Dec 2024 13:30:39 GMT
last-modified
Fri, 08 May 2020 09:06:13 GMT
content-type
image/png
x-guploader-uploadid
AFiumC6RMi53gXGMwlzLe5hpXOp_pMvhPYNeELJ9SwYcDpxmAdRA8Z4NhHdG7Dtnn5yOMB1p
strict-transport-security
max-age=7776000
cache-control
public,max-age=1800,no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1588928773413784
content-length
522
server
UploadServer
favicon.ico
login.aetkasmart.de/sso/XUI/Image/aetkasmart/
1 KB
518 B
Other
General
Full URL
https://login.aetkasmart.de/sso/XUI/Image/aetkasmart/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3200::120:0:501 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d38477f4cd1f21292c9a7d0a855439a10a262e24aa50f1c01d69ac24233a6c51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.aetkasmart.de/sso/UI/Login?service=login

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"1406-1645446984000-gzip"
x-content-type-options
nosniff
date
Tue, 10 Dec 2024 13:46:04 GMT
content-type
image/x-icon
last-modified
Mon, 21 Feb 2022 12:36:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=2592000
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8efdadd26f7a2bc5-FRA
cross-origin-embedder-policy
same-origin
accept-ranges
bytes
content-length
418
x-xss-protection
1; mode=block
server
cloudflare
favicon.ico
login.aetkasmart.de/sso/XUI/Image/aetkasmart/
1 KB
0
Other
General
Full URL
https://login.aetkasmart.de/sso/XUI/Image/aetkasmart/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3200::120:0:501 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d38477f4cd1f21292c9a7d0a855439a10a262e24aa50f1c01d69ac24233a6c51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.aetkasmart.de/sso/UI/Login?service=login

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"1406-1645446984000-gzip"
x-content-type-options
nosniff
date
Tue, 10 Dec 2024 13:46:04 GMT
content-type
image/x-icon
last-modified
Mon, 21 Feb 2022 12:36:24 GMT
vary
Accept-Encoding
cache-control
public, max-age=2592000
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8efdadd26f7a2bc5-FRA
cross-origin-embedder-policy
same-origin
accept-ranges
bytes
content-length
418
x-xss-protection
1; mode=block
server
cloudflare
de
aggregator.service.usercentrics.eu/aggregate/
13 KB
3 KB
Fetch
General
Full URL
https://aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.17.45,BJ59EidsWQ@25.7.28,HkocEodjb7@52.11.41
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:256b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
71bfc9bb7618f5ede821001680678a53a04a07fb8646838f63ae2aab7ea0f156

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.aetkasmart.de/

Response headers

cache-control
public,max-age=2592000
content-encoding
br
etag
"1oq50uk"
age
14599
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3272
date
Tue, 10 Dec 2024 09:42:45 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, accept-encoding
server
Google Frontend
graphql
graphql.usercentrics.eu/
0
0
Preflight
General
Full URL
https://graphql.usercentrics.eu/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7903:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://login.aetkasmart.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 10 Dec 2024 13:46:04 GMT
strict-transport-security
max-age=7776000
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
graphql
graphql.usercentrics.eu/
280 B
323 B
Fetch
General
Full URL
https://graphql.usercentrics.eu/graphql
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7903:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/ Express
Resource Hash
3308668b2a3548ef67191652faf2fb437fe709770b590126016401f072ee2796
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

X-Request-ID
94f3ddcd-639c-4c5e-a8c5-5c984715d7fd
Access-Control-Allow-Origin
*
Referer
https://login.aetkasmart.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

strict-transport-security
max-age=7776000
content-encoding
gzip
etag
W/"118-9gCCwITMm3Ne0wTZHDQkMYqSGUU"
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 13:46:04 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-powered-by
Express

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| usercentrics object| inlineErrorCodes object| dataLayer function| DataLayerHelper object| tousercentrics function| lodash object| google_tag_manager object| google_tag_data

5 Cookies

Domain/Path Name / Value
login.aetkasmart.de/sso Name: JSESSIONID
Value: 2F9573E0B2784EA82A71CA5342206D8D
login.aetkasmart.de/ Name: lorip-o2-p-fmo
Value: !KveZr90ZeowOeW4+cgk3xWMZB/TfDs8Q+hEFBbfmLdNvBRLJibbpNuf6OcEzQ3um8kAhmQdtbYODHgA=
.login.aetkasmart.de/ Name: __cf_bm
Value: ukWoDZV0OzDlWh1xILhSczwqrUWxrgfH5uz_ETsTp8I-1733838364-1.0.1.1-J.U6FS1xAA80aaQvbpC2Sqy23ziSNiMnxwJhOOInIx8yDac7i_4AKMoOcUZMkNC9zN.eZzUJCxR3.byMnkK.Ww
login.aetkasmart.de/ Name: AMAuthCookie
Value: AQIC5wM2LY4SfczeWeuOw2C54At-V0r2ae7nL6YZY_OciGM.*AAJTSQACMDIAAlNLABQtNDMyOTMyOTA1ODY3MjUxNTcyNwACUzEAAA..*
login.aetkasmart.de/ Name: amlbcookie
Value: 02

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://login.aetkasmart.de/sso/UI/Login?service=login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block