gwg-steyr.immotech-austria.at Open in urlscan Pro
88.99.201.101  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response gwg-steyr.immotech-austria.at/	5 KB 3 KB	430ms 26ms	Document text/html	88.99.201.101 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://gwg-steyr.immotech-austria.at/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 88.99.201.101 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www2.indi.systems Software Kestrel / ASP.NET Resource Hash 9194e01e94a2244d746861f243d9a2710ee56d1c9c7d7628fd7a495c2b27e90e Request headers Host gwg-steyr.immotech-austria.at Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Cache-Control no-cache Pragma no-cache Transfer-Encoding chunked Content-Type text/html; charset=utf-8 Content-Encoding gzip Expires -1 Vary Accept-Encoding Server Kestrel Set-Cookie .AspNetCore.Mvc.CookieTempDataProvider=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; samesite=lax .AspNetCore.Session=CfDJ8Ovex%2FaH1jBKlWPmzP%2By8KiQpr7ofXqeqKsk3214KPjewr63gnhMkVmYt%2B4ezNdYYWa0gxkl4OJY%2BCLOor23JZ8XY487nbWg02gso2k%2FCGOWgG284RiKABqwAdtsONchFX7cvxTddkh178z8sQyBv7NQJXqmwdK9m3t9tE99g4Wv; path=/; samesite=lax; httponly Request-Context appId=cid-v1:0987387e-29f4-4d5c-ad26-58a643b7c73d X-Powered-By ASP.NET Date Tue, 13 Jul 2021 07:17:46 GMT
GET H2	200	bootstrap.min.css ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/	118 KB 27 KB	89ms 24ms	Stylesheet text/css	152.199.19.160 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: gwg-steyr.immotech-austria.at URL: https://gwg-steyr.immotech-austria.at/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.19.160 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6C3E) / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://gwg-steyr.immotech-austria.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Jul 2021 07:17:46 GMT content-encoding gzip x-content-type-options nosniff age 21498719 x-cache HIT content-length 27676 x-xss-protection 1; mode=block last-modified Mon, 31 Oct 2016 23:10:18 GMT server ECAcc (mil/6C3E) etag "794840f2cb33d21:0" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	site.css gwg-steyr.immotech-austria.at/css/	3 KB 2 KB	26ms 26ms	Stylesheet text/css	88.99.201.101 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://gwg-steyr.immotech-austria.at/css/site.css?v=DACdI7Q7eurBomkV7t26CCUrtOk-87PdTpGnlylTLWM Requested by Host: gwg-steyr.immotech-austria.at URL: https://gwg-steyr.immotech-austria.at/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 88.99.201.101 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www2.indi.systems Software Kestrel / ASP.NET Resource Hash 0c009d23b43b7aeac1a26915eeddba08252bb4e93ef3b3dd4e91a79729532d63 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host gwg-steyr.immotech-austria.at Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://gwg-steyr.immotech-austria.at/ Cookie .AspNetCore.Session=CfDJ8Ovex%2FaH1jBKlWPmzP%2By8KiQpr7ofXqeqKsk3214KPjewr63gnhMkVmYt%2B4ezNdYYWa0gxkl4OJY%2BCLOor23JZ8XY487nbWg02gso2k%2FCGOWgG284RiKABqwAdtsONchFX7cvxTddkh178z8sQyBv7NQJXqmwdK9m3t9tE99g4Wv Connection keep-alive Referer https://gwg-steyr.immotech-austria.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 07:17:46 GMT Content-Encoding gzip ETag "1d74bcdca972d46" Last-Modified Tue, 18 May 2021 10:08:47 GMT Server Kestrel X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Accept-Ranges bytes Request-Context appId=cid-v1:0987387e-29f4-4d5c-ad26-58a643b7c73d
GET H2	200	d82d911382.js Show response kit.fontawesome.com/	11 KB 4 KB	96ms 79ms	Script text/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/d82d911382.js Requested by Host: gwg-steyr.immotech-austria.at URL: https://gwg-steyr.immotech-austria.at/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2b639147b7e2c4a5f6413933f74db2d6520773968a2743d01149ad01b24cd81 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Origin https://gwg-steyr.immotech-austria.at Referer https://gwg-steyr.immotech-austria.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Jul 2021 07:17:46 GMT content-encoding gzip cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * access-control-max-age 3000 cache-control max-age=60, public, must-revalidate strict-transport-security max-age=31536000; preload cf-ray 66e0bbc84c97dfcb-FRA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id FpFIgsWp4veJIRl7j6oB
GET H/1.1	200 OK	logo.png gwg-steyr.immotech-austria.at/images/	13 KB 13 KB	52ms 25ms	Image image/png	88.99.201.101 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gwg-steyr.immotech-austria.at/images/logo.png Requested by Host: gwg-steyr.immotech-austria.at URL: https://gwg-steyr.immotech-austria.at/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 88.99.201.101 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www2.indi.systems Software Kestrel / ASP.NET Resource Hash edc9734c63df46a1c390dc6d5ecf53c2581f5cfd365740a9a5039f2ba48dd8f6 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host gwg-steyr.immotech-austria.at Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://gwg-steyr.immotech-austria.at/ Cookie .AspNetCore.Session=CfDJ8Ovex%2FaH1jBKlWPmzP%2By8KiQpr7ofXqeqKsk3214KPjewr63gnhMkVmYt%2B4ezNdYYWa0gxkl4OJY%2BCLOor23JZ8XY487nbWg02gso2k%2FCGOWgG284RiKABqwAdtsONchFX7cvxTddkh178z8sQyBv7NQJXqmwdK9m3t9tE99g4Wv Connection keep-alive Referer https://gwg-steyr.immotech-austria.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 07:17:46 GMT Last-Modified Tue, 27 Apr 2021 13:44:37 GMT Server Kestrel X-Powered-By ASP.NET ETag "1d73b6b76b7a445" Content-Type image/png Accept-Ranges bytes Content-Length 13509 Request-Context appId=cid-v1:0987387e-29f4-4d5c-ad26-58a643b7c73d
GET H2	200	jquery-2.2.0.min.js Show response ajax.aspnetcdn.com/ajax/jquery/	84 KB 30 KB	85ms 22ms	Script application/javascript	152.199.19.160 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ajax.aspnetcdn.com/ajax/jquery/jquery-2.2.0.min.js Requested by Host: gwg-steyr.immotech-austria.at URL: https://gwg-steyr.immotech-austria.at/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.19.160 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6BB5) / Resource Hash 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://gwg-steyr.immotech-austria.at Referer https://gwg-steyr.immotech-austria.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Jul 2021 07:17:47 GMT content-encoding gzip x-content-type-options nosniff age 31501663 x-cache HIT content-length 29950 x-xss-protection 1; mode=block last-modified Mon, 31 Oct 2016 23:11:05 GMT server ECAcc (mil/6BB5) etag "808a18ecc33d21:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	bootstrap.min.js Show response ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/	36 KB 13 KB	95ms 35ms	Script application/javascript	152.199.19.160 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js Requested by Host: gwg-steyr.immotech-austria.at URL: https://gwg-steyr.immotech-austria.at/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.19.160 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6C64) / Resource Hash 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://gwg-steyr.immotech-austria.at Referer https://gwg-steyr.immotech-austria.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Jul 2021 07:17:47 GMT content-encoding gzip x-content-type-options nosniff age 29656824 x-cache HIT content-length 13045 x-xss-protection 1; mode=block last-modified Mon, 31 Oct 2016 23:09:59 GMT server ECAcc (mil/6C64) etag "df64de7cb33d21:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	site.min.js Show response gwg-steyr.immotech-austria.at/js/	0 314 B	26ms 26ms	Script application/javascript	88.99.201.101 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://gwg-steyr.immotech-austria.at/js/site.min.js?v=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU Requested by Host: gwg-steyr.immotech-austria.at URL: https://gwg-steyr.immotech-austria.at/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 88.99.201.101 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www2.indi.systems Software Kestrel / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host gwg-steyr.immotech-austria.at Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://gwg-steyr.immotech-austria.at/ Cookie .AspNetCore.Session=CfDJ8Ovex%2FaH1jBKlWPmzP%2By8KiQpr7ofXqeqKsk3214KPjewr63gnhMkVmYt%2B4ezNdYYWa0gxkl4OJY%2BCLOor23JZ8XY487nbWg02gso2k%2FCGOWgG284RiKABqwAdtsONchFX7cvxTddkh178z8sQyBv7NQJXqmwdK9m3t9tE99g4Wv Connection keep-alive Referer https://gwg-steyr.immotech-austria.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Jul 2021 07:17:46 GMT Last-Modified Tue, 18 May 2021 10:08:47 GMT Server Kestrel X-Powered-By ASP.NET ETag "1d74bcdca972180" Content-Type application/javascript Accept-Ranges bytes Content-Length 0 Request-Context appId=cid-v1:0987387e-29f4-4d5c-ad26-58a643b7c73d
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v5.15.3/css/	59 KB 13 KB	46ms 30ms	Fetch text/css	2606:4700:3037::ac43:a12f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=d82d911382 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/d82d911382.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929 Request headers Referer https://gwg-steyr.immotech-austria.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Jul 2021 07:17:47 GMT via 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA50-C1 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Wed, 17 Mar 2021 02:23:57 GMT server cloudflare etag W/"390b4210e10c744c3c597500bcf0b31a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZA3emASnQSnyKkbyb%2Fj273GebL%2FMXxw%2BmvH%2BfcXqLDSzJbPcXcNigJiNOubXD8BHtJ%2Bl2HuKik1ifco496dugjiDxmbVl9yKAIQLpoa%2FrMSO3mKXyjdHElLSeGmWk6o4kQcHUBozYAPey1CM78w%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 66e0bbc8fd78323c-FRA access-control-allow-headers fa-kit-token x-amz-cf-id kJ7dodgO2GhM0oASzdaiqbKSmfv3IyYvloYX2re_hXyzIH89AsACRw==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v5.15.3/css/	26 KB 5 KB	45ms 29ms	Fetch text/css	2606:4700:3037::ac43:a12f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=d82d911382 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/d82d911382.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af Request headers Referer https://gwg-steyr.immotech-austria.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Jul 2021 07:17:47 GMT via 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA50-C1 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Wed, 17 Mar 2021 02:23:57 GMT server cloudflare etag W/"8a99ce81ec2f89fbca03f2c8cf1a3679" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NcXbaP56eJaMXU70vMRD3pQoqsExGLqgV7Efh8ll7n97DDiOAhn8%2BwuELQ1ZDmX2BzroukYuFtX0H1iHb1JbewtB%2BtiKuRaZEBlD5B4cOWbr5KXuczeRPY75nAi7rc%2FDzbrEI7Vp%2B3Z80x%2Fdu9s%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 66e0bbc8fd7a323c-FRA access-control-allow-headers fa-kit-token x-amz-cf-id WB7PcqDQ1VhW0aM6nf33ibf-xMupqUmHpt0EgfR7eGd7F1VwGjpDAQ==
GET H2	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v5.15.3/css/	3 KB 1 KB	47ms 31ms	Fetch text/css	2606:4700:3037::ac43:a12f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=d82d911382 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/d82d911382.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086 Request headers Referer https://gwg-steyr.immotech-austria.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Jul 2021 07:17:47 GMT via 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA50-C1 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Wed, 17 Mar 2021 02:23:57 GMT server cloudflare etag W/"22be82a519ceafc43258d8f58a37fcf5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VSKlECVYOJjIEb%2BsKMax2gJPGFQOVAujlVAmYprESiRJyxHy%2B2zl1jeIC6CXS1w2VlnmYw5FZVtRrrQNoR2HhBrgZpFfpIwq1iewwicF5eR7p7Uc96o4x%2BiaT5v5qMOVFJDvIBdpx6cpIgJ84Tk%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 66e0bbc8fd7c323c-FRA access-control-allow-headers fa-kit-token x-amz-cf-id xhn0hneD_rftphXPqOc1SvDBXJPkCbOipnBBmqWs0Drt9tkx_KopKg==
GET H2	200	ai.2.min.js Show response az416426.vo.msecnd.net/scripts/b/	118 KB 39 KB	29ms 9ms	Script text/javascript	2606:2800:233:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js Requested by Host: gwg-steyr.immotech-austria.at URL: https://gwg-steyr.immotech-austria.at/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8F5B) / Resource Hash 0c80a94d1e75e71c413c0623c6ad64f612a82c2f02d0c05ef7fe61d6e64a6db5 Request headers Referer https://gwg-steyr.immotech-austria.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 13 Jul 2021 07:17:47 GMT content-encoding gzip x-ms-meta-lastmodified 2020-10-07 00:07:47 content-md5 L3LabF0Kf/kyJpKJnhU+Cw== age 1360 x-cache HIT x-ms-meta-aijssdksrc [cdn]/scripts/b/ai.2.6.4.min.js content-length 39194 x-ms-lease-status unlocked last-modified Mon, 12 Jul 2021 16:01:39 GMT server ECAcc (frc/8F5B) x-ms-meta-aijssdkver 2.6.4 etag 0x8D9454E55A6772A vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * x-ms-request-id 8d62663c-001e-0018-4cb4-773712000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control public, max-age=1800, immutable x-ms-version 2009-09-19 expires Tue, 13 Jul 2021 07:47:47 GMT
OPTIONS H2	200	track dc.services.visualstudio.com/v2/	0 0	146ms 65ms	Preflight	40.114.241.141 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Protocol H2 Server 40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,sdk-context Origin https://gwg-steyr.immotech-austria.at User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-methods POST access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context access-control-allow-origin * access-control-max-age 3600 x-content-type-options nosniff date Tue, 13 Jul 2021 07:17:46 GMT content-length 0
POST H2	200	track Show response dc.services.visualstudio.com/v2/	96 B 236 B	3304ms 3303ms	XHR application/json	40.114.241.141 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Requested by Host: az416426.vo.msecnd.net URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a7b447ccb9d333b54168112e9150bb7edda1df30d08efe2a48ed409e95cc1a0a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://gwg-steyr.immotech-austria.at/ Sdk-Context appId User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/json Response headers x-ms-session-id CC27004E-7BF2-46F2-A684-1C1E85B0B275 strict-transport-security max-age=31536000 x-content-type-options nosniff date Tue, 13 Jul 2021 07:17:49 GMT access-control-max-age 3600 content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context content-length 96
OPTIONS H2	200	track dc.services.visualstudio.com/v2/	0 0	26ms 26ms	Preflight	40.114.241.141 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Protocol H2 Server 40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,sdk-context Origin https://gwg-steyr.immotech-austria.at User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-methods POST access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context access-control-allow-origin * access-control-max-age 3600 x-content-type-options nosniff date Tue, 13 Jul 2021 07:18:11 GMT content-length 0
POST H2	200	track Show response dc.services.visualstudio.com/v2/	96 B 163 B	119ms 119ms	XHR application/json	40.114.241.141 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Requested by Host: az416426.vo.msecnd.net URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 31171f9fad40e16d340f76b7abb25de888a68366c215af478df33f5817ba0790 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://gwg-steyr.immotech-austria.at/ Sdk-Context appId User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/json Response headers x-ms-session-id A593DA3D-B393-4D2F-98DB-E6530C06B85F strict-transport-security max-age=31536000 x-content-type-options nosniff date Tue, 13 Jul 2021 07:18:11 GMT access-control-max-age 3600 content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context content-length 96

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| sdkInstance string| aiName object| aisdk string| appInsightsSDK object| appInsights object| FontAwesomeKitConfig object| e function| t object| Microsoft function| $ function| jQuery

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gwg-steyr.immotech-austria.at/	1970-01-20 04:28:16	Name: ai_user Value: YcObWYf1Z89Zww8i0zFlbg|2021-07-13T07:17:47.081Z
			gwg-steyr.immotech-austria.at/	1969-12-31 23:59:59	Name: .AspNetCore.Session Value: CfDJ8Ovex%2FaH1jBKlWPmzP%2By8KiQpr7ofXqeqKsk3214KPjewr63gnhMkVmYt%2B4ezNdYYWa0gxkl4OJY%2BCLOor23JZ8XY487nbWg02gso2k%2FCGOWgG284RiKABqwAdtsONchFX7cvxTddkh178z8sQyBv7NQJXqmwdK9m3t9tE99g4Wv

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
az416426.vo.msecnd.net
dc.services.visualstudio.com
gwg-steyr.immotech-austria.at
ka-f.fontawesome.com
kit.fontawesome.com
152.199.19.160
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3037::ac43:a12f
2606:4700::6812:1634
40.114.241.141
88.99.201.101
0c009d23b43b7aeac1a26915eeddba08252bb4e93ef3b3dd4e91a79729532d63
0c80a94d1e75e71c413c0623c6ad64f612a82c2f02d0c05ef7fe61d6e64a6db5
31171f9fad40e16d340f76b7abb25de888a68366c215af478df33f5817ba0790
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
9194e01e94a2244d746861f243d9a2710ee56d1c9c7d7628fd7a495c2b27e90e
a7b447ccb9d333b54168112e9150bb7edda1df30d08efe2a48ed409e95cc1a0a
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
e2b639147b7e2c4a5f6413933f74db2d6520773968a2743d01149ad01b24cd81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edc9734c63df46a1c390dc6d5ecf53c2581f5cfd365740a9a5039f2ba48dd8f6
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c