meine-immoentwickler.de Open in urlscan Pro
85.13.137.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://meine-immoentwickler.de/
Effective URL:
https://meine-immoentwickler.de/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On August 04 via api (August 4th 2023, 6:11:39 pm UTC) from DE — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 3 domains to perform 15 HTTP transactions. The main IP is 85.13.137.223, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is meine-immoentwickler.de.
TLS certificate: Issued by R3 on June 4th 2023. Valid for: 3 months.

This is the only time meine-immoentwickler.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	85.13.137.223 85.13.137.223	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
4	2606:4700:10:... 2606:4700:10::6816:166e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2010	15169 (GOOGLE) (GOOGLE)
2	172.217.18.16 172.217.18.16	15169 (GOOGLE) (GOOGLE)
1	34.76.160.62 34.76.160.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
15	7

2 85.13.137.223 (Germany) 1 redirects

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd52416.kasserver.com

meine-immoentwickler.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:166e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.landbot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.16 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f16.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.76.160.62 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.160.76.34.bc.googleusercontent.com

welcome.landbot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

identitytoolkit.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 467 identitytoolkit.googleapis.com — Cisco Umbrella Rank: 6923 firestore.googleapis.com — Cisco Umbrella Rank: 2210	30 KB
5	landbot.io cdn.landbot.io — Cisco Umbrella Rank: 81915 welcome.landbot.io — Cisco Umbrella Rank: 166841	464 KB
2	meine-immoentwickler.de 1 redirects meine-immoentwickler.de	692 B
15	3

	Domain	Requested by
4	identitytoolkit.googleapis.com	cdn.landbot.io
4	cdn.landbot.io	meine-immoentwickler.de cdn.landbot.io
3	storage.googleapis.com	cdn.landbot.io
2	firestore.googleapis.com	cdn.landbot.io
2	meine-immoentwickler.de	1 redirects
1	welcome.landbot.io	cdn.landbot.io
15	6

This site contains no links.

Subject Issuer	Validity	Valid
meine-immoentwickler.de R3	`2023-06-04` - `2023-09-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-19` - `2023-12-19`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
welcome.landbot.io R3	`2023-08-02` - `2023-10-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
edgecert.googleapis.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://meine-immoentwickler.de/
Frame ID: 9D3D6EBEE045963686FD9474FDE8235A
Requests: 8 HTTP requests in this frame

Frame: https://cdn.landbot.io/assets/fonts/Roboto/fonts.css
Frame ID: ACC5B2E0B57A41258A7EB30649AD57A6
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Landbot | Convert a Landing Page into a Chatbot

Page URL History Show full URLs

http://meine-immoentwickler.de/ HTTP 301
https://meine-immoentwickler.de/ Page URL

Page Statistics

15
Requests

100 %
HTTPS

57 %
IPv6

3
Domains

6
Subdomains

7
IPs

3
Countries

494 kB
Transfer

1686 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://meine-immoentwickler.de/ HTTP 301
https://meine-immoentwickler.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
meine-immoentwickler.de/
Redirect Chain

http://meine-immoentwickler.de/
https://meine-immoentwickler.de/

572 B
438 B

82ms
25ms

Document
text/html

85.13.137.223
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://meine-immoentwickler.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.137.223 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd52416.kasserver.com
Software: Apache /
Resource Hash: 387cbb73152c9953c3f50c542b51aa3966f943b51282110c06f495fa478b96ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 295
content-type: text/html
date: Fri, 04 Aug 2023 18:11:34 GMT
etag: "23c-5eca7a93643f8-br"
last-modified: Fri, 04 Nov 2022 16:35:26 GMT
server: Apache
vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Content-Length: 240
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 04 Aug 2023 18:11:34 GMT
Keep-Alive: timeout=2, max=1000
Location: https://meine-immoentwickler.de/
Server: Apache

GET
H2 200 landbot-3.0.0.js Show response
cdn.landbot.io/landbot-3/ 2 MB
438 KB 82ms
28ms Script
application/javascript 2606:4700:10::6816:166e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.landbot.io/landbot-3/landbot-3.0.0.js

Requested by

Host: meine-immoentwickler.de
URL: https://meine-immoentwickler.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:166e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

725d974bd5c2a796a098fb2985557f2188df306c86a5cd6555261aa3513585dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meine-immoentwickler.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:11:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 243
x-guploader-uploadid: ADPycdtVdYzkTeeC5GWMST9WDW1sBf_UqJPphwRke4PIxRHKdoiQiDvMEMaQvxcpIq7N8zYxJMgpa59Rr_UyzFdtIrjm1w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 17 Jul 2023 10:00:07 GMT
server: cloudflare
etag: W/"5182ef157b55234cfea2c8b09481161a"
vary: Accept-Encoding
x-goog-hash: crc32c=zKf4rw==, md5=UYLvFXtVI0z+osiwlIEWGg==
x-goog-generation: 1689588007647380
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 458299
cf-ray: 7f18c37ec91d2bce-FRA
expires: Fri, 04 Aug 2023 19:07:31 GMT

GET
H2 200 index.json Show response
storage.googleapis.com/landbot.pro/v3/H-1329454-ST2941CGHL51W843/ 6 KB
7 KB 245ms
132ms Fetch
application/json 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/landbot.pro/v3/H-1329454-ST2941CGHL51W843/index.json?ts=1691172695119
Requested by: Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2d9a7eb05f47af5aee4f7872fddaf5fca43dcd338aa9b4a40b4447adcd21465f

Request headers

Accept: application/json
Referer: https://meine-immoentwickler.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:11:35 GMT
x-guploader-uploadid: ADPycdsPcSb0YIovduSD6ZJGdIdA7O1nPgvtw1SBh5DS5nBi_6ASCSiXNuJmpRMKQ3iz-1D6qYIdXx0B7opUtnalmVodWA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6104
last-modified: Sat, 22 Jul 2023 00:27:59 GMT
server: UploadServer
etag: "749e97ec7a2ffa59b36c818af43fe1b4"
x-goog-generation: 1689985679194682
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=pDBWbw==, md5=dJ6X7Hov+lmzbIGK9D/htA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: no-store
x-goog-stored-content-length: 6104
accept-ranges: bytes
expires: Sat, 03 Aug 2024 18:11:35 GMT

GET
H2 200 fonts.css
cdn.landbot.io/assets/fonts/Roboto/ Frame ACC5 9 KB
1 KB 22ms
21ms Stylesheet
text/css 2606:4700:10::6816:166e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.landbot.io/assets/fonts/Roboto/fonts.css

Requested by

Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:166e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

513d7933f4712c75b5862d346a4a46544df2d2adbec1339b64d4a5fd3e849ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meine-immoentwickler.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:11:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3046
x-guploader-uploadid: ADPycdv_pll0Tx4o-pkfcmXSUSii9mieBgQ2VgZHxoSnItmHDQylcnYDFV1IzDF8PAjySDrnrL41Xz36dmI2zhO-RMipP9IMRcHh
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 06 Jun 2023 13:09:25 GMT
server: cloudflare
etag: W/"344ce1b0464b77b087ffb7de8ddc2899"
vary: Accept-Encoding
x-goog-hash: crc32c=Jo76TQ==, md5=NEzhsEZLd7CH/7fejdwomQ==
x-goog-generation: 1686056965048775
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 787
cf-ray: 7f18c382ae822bce-FRA
expires: Fri, 04 Aug 2023 18:20:49 GMT

GET
H2 200 YRXQ80YC69NEMKQ7A6X6BO2W9P3TVATJ.png
storage.googleapis.com/media.landbot.io/38842/channels/ Frame ACC5 17 KB
17 KB 1513ms
103ms Image
image/png 172.217.18.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/media.landbot.io/38842/channels/YRXQ80YC69NEMKQ7A6X6BO2W9P3TVATJ.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.16 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f16.1e100.net
Software: UploadServer /
Resource Hash: 1327a8f13d73c6597258349eb3af49fa5d07d29059c19192960486d3d79b2b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meine-immoentwickler.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:11:36 GMT
age: 0
x-guploader-uploadid: ADPycds9-R-_IfZK06ABBih1DrGLTfEP4CcJS2j-1KDfGQNzVQvmPGu2QpMuETdA8OhRhNsZhtvZgWK0B8SIr5Ga0DmxIvUqu5VW
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16953
last-modified: Thu, 22 Jun 2023 09:46:42 GMT
server: UploadServer
etag: "74c8debfd0fb936546edc1bcf64270a7"
x-goog-generation: 1687427202689473
x-goog-hash: crc32c=AxVgcA==, md5=dMjev9D7k2VG7cG89kJwpw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 16953
accept-ranges: bytes
content-type: image/png
expires: Fri, 04 Aug 2023 19:11:36 GMT

POST
H2 201 / Show response
welcome.landbot.io/webchat/auth/H-1329454-ST2941CGHL51W843/ 2 KB
2 KB 301ms
81ms Fetch
application/json 34.76.160.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://welcome.landbot.io/webchat/auth/H-1329454-ST2941CGHL51W843/

Requested by

Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.76.160.62 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.160.76.34.bc.googleusercontent.com

Software

Resource Hash

ce4a51f4f517cf43e39c1645fc13db3353f87346491d6b6dc7c6ec2ec909e856

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://meine-immoentwickler.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:11:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
allow: GET, POST, HEAD, OPTIONS
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 1821

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
cdn.landbot.io/assets/fonts/Roboto/ Frame ACC5 11 KB
11 KB 70ms
50ms Font
font/woff2 2606:4700:10::6816:166e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.landbot.io/assets/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: cdn.landbot.io
URL: https://cdn.landbot.io/assets/fonts/Roboto/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:166e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.landbot.io/assets/fonts/Roboto/fonts.css
Origin: https://meine-immoentwickler.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:11:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ADPycdsJkQHJ-7kBhrt33cbknOj_3sMv8qcgvnwu3AP66IZSpbf60gZUOcExUBXGTD-pZ5LYkm-0UqWe3J2X6rEbaVDcjACy36dZ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 05 Jul 2023 12:06:27 GMT
server: cloudflare
etag: W/"679c8d7fb9f668d4c6a4b817125a562e"
vary: Accept-Encoding
x-goog-hash: crc32c=qbEasQ==, md5=Z5yNf7n2aNTGpLgXElpWLg==
x-goog-generation: 1688558787205479
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 11063
cf-ray: 7f18c3831eae9007-FRA
expires: Fri, 04 Aug 2023 19:11:35 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
cdn.landbot.io/assets/fonts/Roboto/ Frame ACC5 11 KB
11 KB 78ms
59ms Font
font/woff2 2606:4700:10::6816:166e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.landbot.io/assets/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: cdn.landbot.io
URL: https://cdn.landbot.io/assets/fonts/Roboto/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:166e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.landbot.io/assets/fonts/Roboto/fonts.css
Origin: https://meine-immoentwickler.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:11:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ADPycdslqptKperGEBrJILYWWAxKGB7BchGvp5bC_RlPZWKo3uNeOVG80_pAV0L1yetMR87hSM6Qo6ihjtcysDTOHWt1cdMtgV5y
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 05 Jul 2023 12:06:27 GMT
server: cloudflare
etag: W/"1cc5ed1744bab5370749c242e07fd53b"
vary: Accept-Encoding
x-goog-hash: crc32c=sLlR+Q==, md5=HMXtF0S6tTcHScJC4H/VOw==
x-goog-generation: 1688558787747125
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 11051
cf-ray: 7f18c3831eaf9007-FRA
expires: Fri, 04 Aug 2023 19:11:35 GMT

POST
H2 200 accounts:signInWithCustomToken Show response
identitytoolkit.googleapis.com/v1/ 1 KB
1 KB 166ms
166ms Fetch
application/json 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o

Requested by

Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecb0f35663724411a90bb2da10eda4470ac413cf546e13ff0d3ef4132501d5aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Firebase-gmpid: 1:918494355153:web:d67e2dcbb1f0779f276ff0
Referer
X-Client-Version: Chrome/JsCore/9.22.2/FirebaseCore-web
accept-language: de-DE,de;q=0.9
X-Firebase-Client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTIgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjEyIGZpcmUtanMvIGZpcmUtanMtYWxsLWFwcC85LjIyLjIgZmlyZS1hdXRoLzAuMjMuMiBmaXJlLWF1dGgtZXNtMjAxNy8wLjIzLjIgZmlyZS1mc3QvMy4xMi4yIGZpcmUtZnN0LWVzbTIwMTcvMy4xMi4yIiwiZGF0ZXMiOlsiMjAyMy0wOC0wNCJdfV19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://meine-immoentwickler.de
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 981
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 accounts:signInWithCustomToken
identitytoolkit.googleapis.com/v1/ Frame 0
0 253ms
137ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version,x-firebase-client,x-firebase-gmpid
Access-Control-Request-Method: POST
Origin: https://meine-immoentwickler.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version,x-firebase-client,x-firebase-gmpid
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://meine-immoentwickler.de
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 04 Aug 2023 18:11:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 accounts:lookup Show response
identitytoolkit.googleapis.com/v1/ 292 B
297 B 175ms
174ms Fetch
application/json 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://identitytoolkit.googleapis.com/v1/accounts:lookup?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o

Requested by

Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

061c30ef03c988008ecf35322e54ecb84d7cddd80b308ba7b0e7139ccab1dc61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Firebase-gmpid: 1:918494355153:web:d67e2dcbb1f0779f276ff0
Referer
X-Client-Version: Chrome/JsCore/9.22.2/FirebaseCore-web
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://meine-immoentwickler.de
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 accounts:lookup
identitytoolkit.googleapis.com/v1/ Frame 0
0 137ms
137ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://identitytoolkit.googleapis.com/v1/accounts:lookup?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version,x-firebase-gmpid
Access-Control-Request-Method: POST
Origin: https://meine-immoentwickler.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version,x-firebase-gmpid
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://meine-immoentwickler.de
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 04 Aug 2023 18:11:36 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 54 B
457 B 191ms
86ms Fetch
text/plain 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Ffirestore-helloumi%2Fdatabases%2F(default)&RID=35196&CVER=22&X-HTTP-Session-Id=gsessionid&zx=n7smrz6ihn6z&t=1

Requested by

Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cbc6c893da4cf1d76937ecc11517dc2022806ccc09921ab52f0d503d895577d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://meine-immoentwickler.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 04 Aug 2023 18:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-client-wire-protocol: h2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://meine-immoentwickler.de
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
cache-control: private
access-control-allow-credentials: true
x-http-session-id: 27aYfAKE4NGXptHQQWtxL6GhEcxm6ERyvQWbhBWlqsQ

GET
H2 200 ECVATX2QAR1RVF3YDSQ3I1ARQVS27ZEH.jpeg
storage.googleapis.com/media.landbot.io/38842/channels/ Frame ACC5 4 KB
4 KB 425ms
112ms Image
image/jpeg 172.217.18.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/media.landbot.io/38842/channels/ECVATX2QAR1RVF3YDSQ3I1ARQVS27ZEH.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.16 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f16.1e100.net
Software: UploadServer /
Resource Hash: 26e0ad5cd611c87fdc0c1992afe38467b86c31e98aa3c13aacb4acd48ab97ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meine-immoentwickler.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:11:36 GMT
age: 0
x-guploader-uploadid: ADPycdsckLScgbIVpvGM-wEFd-rJd1JXeLHrMh2mBxoov3dMV-YY9WfWiYiMUDyNK8ZNa1QYiKo7cF9PjsD1anwtlBOhrWkmCASQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3856
last-modified: Thu, 03 Nov 2022 11:09:04 GMT
server: UploadServer
etag: "bdb8f67441938f12e55d5b1714c22b7e"
x-goog-generation: 1667473744863632
x-goog-hash: crc32c=w6yrQA==, md5=vbj2dEGTjxLlXVsXFMIrfg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3856
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 04 Aug 2023 19:11:36 GMT

GET
H2 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 413 B
0 131ms
130ms Fetch
text/plain 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=27aYfAKE4NGXptHQQWtxL6GhEcxm6ERyvQWbhBWlqsQ&VER=8&database=projects%2Ffirestore-helloumi%2Fdatabases%2F(default)&RID=rpc&SID=YjGAWfnfaRjdWIBfw2yzrA&AID=0&CI=0&TYPE=xmlhttp&zx=ifbgj54xjai&t=1

Requested by

Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meine-immoentwickler.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Referer, origin
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://meine-immoentwickler.de
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.landbot.io
firestore.googleapis.com
identitytoolkit.googleapis.com
meine-immoentwickler.de
storage.googleapis.com
welcome.landbot.io
172.217.18.16
2606:4700:10::6816:166e
2a00:1450:4001:801::200a
2a00:1450:4001:810::200a
2a00:1450:4001:830::2010
34.76.160.62
85.13.137.223
061c30ef03c988008ecf35322e54ecb84d7cddd80b308ba7b0e7139ccab1dc61
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
1327a8f13d73c6597258349eb3af49fa5d07d29059c19192960486d3d79b2b48
26e0ad5cd611c87fdc0c1992afe38467b86c31e98aa3c13aacb4acd48ab97ab4
2d9a7eb05f47af5aee4f7872fddaf5fca43dcd338aa9b4a40b4447adcd21465f
387cbb73152c9953c3f50c542b51aa3966f943b51282110c06f495fa478b96ca
513d7933f4712c75b5862d346a4a46544df2d2adbec1339b64d4a5fd3e849ac3
725d974bd5c2a796a098fb2985557f2188df306c86a5cd6555261aa3513585dc
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
8cbc6c893da4cf1d76937ecc11517dc2022806ccc09921ab52f0d503d895577d
ce4a51f4f517cf43e39c1645fc13db3353f87346491d6b6dc7c6ec2ec909e856
ecb0f35663724411a90bb2da10eda4470ac413cf546e13ff0d3ef4132501d5aa

meine-immoentwickler.de Open in urlscan Pro 85.13.137.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

100 %HTTPS

57 %IPv6

3 Domains

6 Subdomains

7 IPs

3 Countries

494 kBTransfer

1686 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

meine-immoentwickler.de Open in urlscan Pro
85.13.137.223 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

57 %
IPv6

3
Domains

6
Subdomains

7
IPs

3
Countries

494 kB
Transfer

1686 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions