ssl-user-aktiv-de.click Open in urlscan Pro
44.234.3.221  Malicious Activity! Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ssl-user-aktiv-de.click/	11 KB 4 KB	1653ms 386ms	Document text/html	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ssl-user-aktiv-de.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash a488b47ce2256f37c495a5081c891804296122ad92f424751f4316e3ce06dcc1 Security Headers Name Value X-Frame-Options sameorigin Request headers Accept-Language de-DE,de;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 04 Apr 2022 16:30:59 GMT etag W/"624b1c96-2b68" last-modified Mon, 04 Apr 2022 16:28:06 GMT server openresty vary Accept-Encoding x-cache BYPASS x-frame-options sameorigin x-service pixie-wordpress
GET H2	200	main-immowelt.css ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/	16 KB 3 KB	737ms 736ms	Stylesheet text/css	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash fc9cf17873c0f77e749220aa7cae48795a173120a0607309a43796ce05f77e16 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma public date Mon, 04 Apr 2022 16:30:59 GMT content-encoding gzip last-modified Mon, 04 Apr 2022 16:26:56 GMT server openresty etag W/"624b1c50-3f16" vary Accept-Encoding x-cache BYPASS content-type text/css cache-control max-age=315360000, public x-service pixie-wordpress expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	navigation.js Show response ssl-user-aktiv-de.click/navigation.immowelt.org/v1/MINIMAL/0/	45 KB 10 KB	378ms 377ms	Script application/javascript	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ssl-user-aktiv-de.click/navigation.immowelt.org/v1/MINIMAL/0/navigation.js Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash cd7d700baf2198c05ab347b4ac3c1e853d5285caf8c8dad911049d440963544a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma public date Mon, 04 Apr 2022 16:30:59 GMT content-encoding gzip last-modified Mon, 04 Apr 2022 16:26:50 GMT server openresty etag W/"624b1c4a-b3e8" vary Accept-Encoding x-cache BYPASS content-type application/javascript; charset=UTF-8 cache-control max-age=315360000, public x-service pixie-wordpress expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	utag.js Show response ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/	2 KB 1 KB	737ms 736ms	Script application/javascript	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/utag.js Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash 1c952b451d0431b3afb9305054445f44bee630b74e5df7364dabfeee7d58d7d4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma public date Mon, 04 Apr 2022 16:30:59 GMT content-encoding gzip last-modified Mon, 04 Apr 2022 16:26:58 GMT server openresty etag W/"624b1c52-63d" vary Accept-Encoding x-cache BYPASS content-type application/javascript; charset=UTF-8 cache-control max-age=315360000, public x-service pixie-wordpress expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	enterprise3b11.js Show response ssl-user-aktiv-de.click/www.google.com/recaptcha/	974 B 912 B	378ms 377ms	Script application/javascript	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ssl-user-aktiv-de.click/www.google.com/recaptcha/enterprise3b11.js?render=6Le75mgaAAAAAP4-ibcH7P7VKbOF3j1gPoF0zPsw Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash 1d10c06996088255cf26a4490fdec500ffbd60de3118465914f92bc78ad87ebe Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma public date Mon, 04 Apr 2022 16:30:59 GMT content-encoding gzip last-modified Mon, 04 Apr 2022 16:26:46 GMT server openresty etag W/"624b1c46-3ce" vary Accept-Encoding x-cache BYPASS content-type application/javascript; charset=UTF-8 cache-control max-age=315360000, public x-service pixie-wordpress expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	logo_immowelt.svg cdnglobal.immowelt.org/global-assets/4.0.1/legacy/0/images/	4 KB 2 KB	579ms 176ms	Image image/svg+xml	23.205.244.86 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdnglobal.immowelt.org/global-assets/4.0.1/legacy/0/images/logo_immowelt.svg Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.244.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-244-86.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash 23938eb4314413660e24c2a78dd20ae6bfeff839962ebea8ab2a19dee5ae226a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 16:31:00 GMT content-encoding br vary Accept-Encoding server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 1450 last-modified Mon, 17 Jan 2022 21:14:02 GMT server Akamai Resource Optimizer etag "12a36ea277732f464361d90291ad3224:1584713245.120842" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2470791, max-age=8640000 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET H2	200	icon-teaser-magnify.svg cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/icons-iw/	2 KB 1 KB	579ms 177ms	Image image/svg+xml	23.205.244.86 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/icons-iw/icon-teaser-magnify.svg Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.244.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-244-86.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash 95b6af6df04ea28daee05d78c1de48f9b386294a6a87503b9eae94d3e8ceff70 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 16:31:00 GMT content-encoding br vary Accept-Encoding server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 841 last-modified Thu, 10 Mar 2022 10:08:55 GMT server Akamai Resource Optimizer etag "4b6938455aa3d71d0405b5a67e1d5e38:1646906388.103718" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=3001670, max-age=8640000 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET H2	200	icon-teaser-arrows.svg cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/icons-iw/	2 KB 1 KB	580ms 179ms	Image image/svg+xml	23.205.244.86 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/icons-iw/icon-teaser-arrows.svg Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.244.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-244-86.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash 667e25b67585a8da45125ea470976ef8ae9df1b8c9413388b32fc7a45549b632 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 16:31:00 GMT content-encoding br vary Accept-Encoding server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 835 last-modified Thu, 10 Mar 2022 10:06:03 GMT server Akamai Resource Optimizer etag "c8551e0ed6f820f4be47c4ad37c67330:1646906388.102818" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=3002681, max-age=8640000 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET H2	200	main-immowelt.js Show response ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/	21 KB 8 KB	345ms 345ms	Script application/javascript	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.js Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash 62f0725b77869c47f9efdf097a64f9b335677f16bc1fc88829a6dac5c06e4eae Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma public date Mon, 04 Apr 2022 16:31:00 GMT content-encoding gzip last-modified Mon, 04 Apr 2022 16:26:56 GMT server openresty etag W/"624b1c50-55e5" vary Accept-Encoding x-cache BYPASS content-type application/javascript; charset=UTF-8 cache-control max-age=315360000, public x-service pixie-wordpress expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/	359 KB 142 KB	532ms 165ms	Script text/javascript	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__en.js Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/www.google.com/recaptcha/enterprise3b11.js?render=6Le75mgaAAAAAP4-ibcH7P7VKbOF3j1gPoF0zPsw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5eea1c9406e22225635f46d7ddde71a450b2337a7cd0b25ff834aef95734258 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ssl-user-aktiv-de.click/ Origin https://ssl-user-aktiv-de.click Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 15:34:47 GMT content-encoding gzip x-content-type-options nosniff age 3373 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 144576 x-xss-protection 0 last-modified Mon, 28 Mar 2022 04:22:14 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Apr 2023 15:34:47 GMT
GET H2	200	minimal-0-header.css cdnglobal.immowelt.org/navigation-ui/aa895189f75a733d719fc5f2409b0b218494d36b/css/	1006 B 662 B	574ms 173ms	Stylesheet text/css	23.205.244.86 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdnglobal.immowelt.org/navigation-ui/aa895189f75a733d719fc5f2409b0b218494d36b/css/minimal-0-header.css Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/navigation.immowelt.org/v1/MINIMAL/0/navigation.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.244.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-244-86.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash 8c643cf092aae00273e2163a89a756093f1a44bb79acefc0421f2d164806498a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 16:31:00 GMT content-encoding br vary Accept-Encoding server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 292 last-modified Wed, 16 Feb 2022 09:27:19 GMT server Akamai Resource Optimizer etag "1c83ab44fb80e33960d085b8e11f163c:1645002906.703701" access-control-max-age 86400 access-control-allow-methods GET,POST content-type text/css access-control-allow-origin * cache-control max-age=1098499, max-age=8640000 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET H2	200	logo_immowelt.svg cdnglobal.immowelt.org/global-assets/4.3.0/legacy/0/images/	4 KB 2 KB	120ms 114ms	Image image/svg+xml	23.205.244.86 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdnglobal.immowelt.org/global-assets/4.3.0/legacy/0/images/logo_immowelt.svg Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.244.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-244-86.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash 23938eb4314413660e24c2a78dd20ae6bfeff839962ebea8ab2a19dee5ae226a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 16:31:04 GMT content-encoding br vary Accept-Encoding server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 1450 last-modified Sat, 05 Feb 2022 01:23:53 GMT server Akamai Resource Optimizer etag "12a36ea277732f464361d90291ad3224:1616750426.02394" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2468135, max-age=8640000 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET H2	200	minimal-0-footer.css cdnglobal.immowelt.org/navigation-ui/aa895189f75a733d719fc5f2409b0b218494d36b/css/	463 B 522 B	573ms 175ms	Stylesheet text/css	23.205.244.86 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdnglobal.immowelt.org/navigation-ui/aa895189f75a733d719fc5f2409b0b218494d36b/css/minimal-0-footer.css Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/navigation.immowelt.org/v1/MINIMAL/0/navigation.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.244.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-244-86.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash 82f4ee0332972e2ff06e0a60eb98a465865e88e0fbd24ba2a03a4114dfe68fa0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 16:31:00 GMT content-encoding br vary Accept-Encoding server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 151 last-modified Wed, 16 Feb 2022 09:19:11 GMT server Akamai Resource Optimizer etag "b2a529235bf5f9f985043c8cc9174af6:1645002906.696531" access-control-max-age 86400 access-control-allow-methods GET,POST content-type text/css access-control-allow-origin * cache-control max-age=1098499, max-age=8640000 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET H2	200	minimal-0-footer.js Show response cdnglobal.immowelt.org/navigation-ui/aa895189f75a733d719fc5f2409b0b218494d36b/	2 KB 1 KB	122ms 116ms	Script application/x-javascript	23.205.244.86 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdnglobal.immowelt.org/navigation-ui/aa895189f75a733d719fc5f2409b0b218494d36b/minimal-0-footer.js Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/navigation.immowelt.org/v1/MINIMAL/0/navigation.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.244.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-244-86.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash b80362eb6311ca21a05ad6f71ad69a678e89336e262501f377cb0ac50e7a95b6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 16:31:04 GMT content-encoding br vary Accept-Encoding server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 944 last-modified Wed, 16 Feb 2022 09:22:57 GMT server Akamai Resource Optimizer etag "7316bd6b3bc5951fe377b6d9d828defd:1645002906.64392" access-control-max-age 86400 access-control-allow-methods GET,POST content-type application/x-javascript access-control-allow-origin * cache-control max-age=1098495, max-age=8640000 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET H2	200	info.svg ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/message/	1 KB 2 KB	1242ms 1242ms	Image image/svg+xml	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/message/info.svg Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash d8dad0acd6c42020e67b97ef553087a4b2bfe84a4b03150376f403cf4406648b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma public date Mon, 04 Apr 2022 16:31:00 GMT last-modified Mon, 04 Apr 2022 16:28:04 GMT server openresty etag "624b1c94-5e0" x-cache BYPASS content-type image/svg+xml cache-control max-age=315360000, public x-service pixie-wordpress accept-ranges bytes content-length 1504 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	eye_off.svg ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/	748 B 1014 B	1242ms 1242ms	Image image/svg+xml	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/eye_off.svg Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash c9b195475a3f38e0828aded7ea31494e35f49052b44644f9718d4946e81c8f63 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma public date Mon, 04 Apr 2022 16:31:00 GMT last-modified Mon, 04 Apr 2022 16:27:47 GMT server openresty etag "624b1c83-2ec" x-cache BYPASS content-type image/svg+xml cache-control max-age=315360000, public x-service pixie-wordpress accept-ranges bytes content-length 748 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	arrow-right.svg ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/	801 B 1 KB	1243ms 1242ms	Image image/svg+xml	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/arrow-right.svg Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash 451770ba091160eee511e9e1ad0ec7681f8d1849614081afa350c8093e9828f2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma public date Mon, 04 Apr 2022 16:31:00 GMT last-modified Mon, 04 Apr 2022 16:27:47 GMT server openresty etag "624b1c83-321" x-cache BYPASS content-type image/svg+xml cache-control max-age=315360000, public x-service pixie-wordpress accept-ranges bytes content-length 801 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	lock.svg ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/	2 KB 2 KB	1243ms 1242ms	Image image/svg+xml	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/lock.svg Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash ff5a7ccafdf5655b806f5fc619bd47fb43e9858021a5d72e742dd5f647e8ffee Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma public date Mon, 04 Apr 2022 16:31:00 GMT last-modified Mon, 04 Apr 2022 16:27:48 GMT server openresty etag "624b1c84-6c9" x-cache BYPASS content-type image/svg+xml cache-control max-age=315360000, public x-service pixie-wordpress accept-ranges bytes content-length 1737 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	login-default-lgm.jpg ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/teaser/	132 KB 133 KB	1242ms 1241ms	Image image/jpeg	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/teaser/login-default-lgm.jpg Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash eee230b896f349558bb52c66ffe6d2428452a5f0de5860fc3ac57c3e161bfb5a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma public date Mon, 04 Apr 2022 16:31:00 GMT last-modified Mon, 04 Apr 2022 16:27:54 GMT server openresty etag "624b1c8a-210f0" x-cache BYPASS content-type image/jpeg cache-control max-age=315360000, public x-service pixie-wordpress accept-ranges bytes content-length 135408 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	OpenSans-Light.woff2 ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/fonts/	45 KB 45 KB	655ms 654ms	Font font/woff2	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/fonts/OpenSans-Light.woff2 Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash 1e2ca939c8ea6e474d75968c821c6b0e9a7d326dab593bb97478012372b20617 Security Headers Name Value X-Frame-Options sameorigin Request headers Referer https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css Origin https://ssl-user-aktiv-de.click Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 16:31:00 GMT last-modified Mon, 04 Apr 2022 16:27:23 GMT server openresty etag "624b1c6b-b34c" x-frame-options sameorigin x-cache BYPASS content-type font/woff2 x-service pixie-wordpress accept-ranges bytes content-length 45900
GET H2	200	OpenSans-Regular.woff2 ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/fonts/	46 KB 46 KB	1260ms 1259ms	Font font/woff2	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/fonts/OpenSans-Regular.woff2 Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash 4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3 Security Headers Name Value X-Frame-Options sameorigin Request headers Referer https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css Origin https://ssl-user-aktiv-de.click Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 16:31:00 GMT last-modified Mon, 04 Apr 2022 16:27:32 GMT server openresty etag "624b1c74-b7a8" x-frame-options sameorigin x-cache BYPASS content-type font/woff2 x-service pixie-wordpress accept-ranges bytes content-length 47016
GET H2	200	OpenSans-Bold.woff2 ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/fonts/	46 KB 46 KB	965ms 965ms	Font font/woff2	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/fonts/OpenSans-Bold.woff2 Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f Security Headers Name Value X-Frame-Options sameorigin Request headers Referer https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css Origin https://ssl-user-aktiv-de.click Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 16:31:00 GMT last-modified Mon, 04 Apr 2022 16:27:04 GMT server openresty etag "624b1c58-b654" x-frame-options sameorigin x-cache BYPASS content-type font/woff2 x-service pixie-wordpress accept-ranges bytes content-length 46676
GET H2	200	OpenSans-Semibold.woff2 ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/fonts/	62 KB 62 KB	1260ms 1260ms	Font font/woff2	44.234.3.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/fonts/OpenSans-Semibold.woff2 Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.234.3.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-3-221.us-west-2.compute.amazonaws.com Software openresty / Resource Hash df0231affb521137bf135898b6ce4c2ce59a79e3e23068a673868366c7ac68bb Security Headers Name Value X-Frame-Options sameorigin Request headers Referer https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/main-immowelt.css Origin https://ssl-user-aktiv-de.click Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 16:31:00 GMT last-modified Mon, 04 Apr 2022 16:27:36 GMT server openresty etag "624b1c78-f8f0" x-frame-options sameorigin x-cache BYPASS content-type font/woff2 x-service pixie-wordpress accept-ranges bytes content-length 63728
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/immoweltgroup/web.immowelt.secure/prod/	68 KB 17 KB	327ms 113ms	Script application/x-javascript	95.101.184.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/immoweltgroup/web.immowelt.secure/prod/utag.js Requested by Host: ssl-user-aktiv-de.click URL: https://ssl-user-aktiv-de.click/cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a95-101-184-165.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 890c854c674c0633497371ce0c40334e94215950ff0fc036fd9452a010c899df Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 16:31:04 GMT content-encoding gzip last-modified Tue, 28 Dec 2021 16:20:18 GMT server AkamaiNetStorage etag "5703561d2a46bb03cb9e799c3d2e288b:1640708418.784236" vary Accept-Encoding content-type application/x-javascript cache-control max-age=300 accept-ranges bytes content-length 16730 expires Mon, 04 Apr 2022 16:36:04 GMT
GET H2	200	anchor Show response www.google.com/recaptcha/enterprise/ Frame 1ECD	7 KB 2 KB	455ms 159ms	Document text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le75mgaAAAAAP4-ibcH7P7VKbOF3j1gPoF0zPsw&co=aHR0cHM6Ly9zc2wtdXNlci1ha3Rpdi1kZS5jbGljazo0NDM.&hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=gw55wae3f7wf Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 8c81e67c4cc9b77ccb89f3e8e687bdb83c93ced4003bf9994169559da0df1224 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-BvETfxTxxRXpQPIw+Z0NwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssl-user-aktiv-de.click/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=0 content-encoding gzip content-length 1042 content-security-policy script-src 'report-sample' 'nonce-BvETfxTxxRXpQPIw+Z0NwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 04 Apr 2022 16:31:01 GMT expires Mon, 04 Apr 2022 16:31:01 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame 1ECD	51 KB 24 KB	596ms 282ms	Stylesheet text/css	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le75mgaAAAAAP4-ibcH7P7VKbOF3j1gPoF0zPsw&co=aHR0cHM6Ly9zc2wtdXNlci1ha3Rpdi1kZS5jbGljazo0NDM.&hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=gw55wae3f7wf Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 13:43:11 GMT content-encoding gzip x-content-type-options nosniff age 10071 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 28 Mar 2022 04:22:14 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Apr 2023 13:43:11 GMT
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame 1ECD	359 KB 141 KB	588ms 275ms	Script text/javascript	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le75mgaAAAAAP4-ibcH7P7VKbOF3j1gPoF0zPsw&co=aHR0cHM6Ly9zc2wtdXNlci1ha3Rpdi1kZS5jbGljazo0NDM.&hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=gw55wae3f7wf Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5eea1c9406e22225635f46d7ddde71a450b2337a7cd0b25ff834aef95734258 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 15:34:47 GMT content-encoding gzip x-content-type-options nosniff age 3375 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 144576 x-xss-protection 0 last-modified Mon, 28 Mar 2022 04:22:14 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Apr 2023 15:34:47 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 1ECD	2 KB 2 KB	223ms 223ms	Image image/png	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Thu, 31 Mar 2022 19:40:09 GMT x-content-type-options nosniff age 334254 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Thu, 07 Apr 2022 19:40:09 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 1ECD	15 KB 15 KB	115ms 114ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le75mgaAAAAAP4-ibcH7P7VKbOF3j1gPoF0zPsw&co=aHR0cHM6Ly9zc2wtdXNlci1ha3Rpdi1kZS5jbGljazo0NDM.&hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=gw55wae3f7wf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Tue, 29 Mar 2022 17:06:41 GMT x-content-type-options nosniff age 516262 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 29 Mar 2023 17:06:41 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Immowelt (Real Estate)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| navigationUI function| __CE_installPolyfill object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| utag_data object| recaptcha object| closure_lm_743537 boolean| utag_condload object| utag boolean| __tealium_twc_switch object| tealiumCmpIntegration object| utag_cfg_ovrd

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://ssl-user-aktiv-de.click/ Message: Mixed Content: The page at 'https://ssl-user-aktiv-de.click/' was loaded over HTTPS, but requested an insecure element 'http://cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/icons-iw/icon-teaser-magnify.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ssl-user-aktiv-de.click/ Message: Mixed Content: The page at 'https://ssl-user-aktiv-de.click/' was loaded over HTTPS, but requested an insecure element 'http://cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/icons-iw/icon-teaser-arrows.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ssl-user-aktiv-de.click/(Line 259) Message: Mixed Content: The page at 'https://ssl-user-aktiv-de.click/' was loaded over HTTPS, but requested an insecure element 'http://cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/icons-iw/icon-teaser-magnify.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ssl-user-aktiv-de.click/(Line 259) Message: Mixed Content: The page at 'https://ssl-user-aktiv-de.click/' was loaded over HTTPS, but requested an insecure element 'http://cdnglobal.immowelt.org/signin-ui/799406dd56a4aab5331eabff9c9fe3f5aea302b4/images/icons/icons-iw/icon-teaser-arrows.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnglobal.immowelt.org
fonts.gstatic.com
ssl-user-aktiv-de.click
tags.tiqcdn.com
www.google.com
www.gstatic.com
23.205.244.86
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2004
44.234.3.221
95.101.184.165
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c952b451d0431b3afb9305054445f44bee630b74e5df7364dabfeee7d58d7d4
1d10c06996088255cf26a4490fdec500ffbd60de3118465914f92bc78ad87ebe
1e2ca939c8ea6e474d75968c821c6b0e9a7d326dab593bb97478012372b20617
23938eb4314413660e24c2a78dd20ae6bfeff839962ebea8ab2a19dee5ae226a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
451770ba091160eee511e9e1ad0ec7681f8d1849614081afa350c8093e9828f2
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
62f0725b77869c47f9efdf097a64f9b335677f16bc1fc88829a6dac5c06e4eae
667e25b67585a8da45125ea470976ef8ae9df1b8c9413388b32fc7a45549b632
82f4ee0332972e2ff06e0a60eb98a465865e88e0fbd24ba2a03a4114dfe68fa0
890c854c674c0633497371ce0c40334e94215950ff0fc036fd9452a010c899df
8c643cf092aae00273e2163a89a756093f1a44bb79acefc0421f2d164806498a
8c81e67c4cc9b77ccb89f3e8e687bdb83c93ced4003bf9994169559da0df1224
95b6af6df04ea28daee05d78c1de48f9b386294a6a87503b9eae94d3e8ceff70
a488b47ce2256f37c495a5081c891804296122ad92f424751f4316e3ce06dcc1
b80362eb6311ca21a05ad6f71ad69a678e89336e262501f377cb0ac50e7a95b6
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
c9b195475a3f38e0828aded7ea31494e35f49052b44644f9718d4946e81c8f63
cd7d700baf2198c05ab347b4ac3c1e853d5285caf8c8dad911049d440963544a
d8dad0acd6c42020e67b97ef553087a4b2bfe84a4b03150376f403cf4406648b
df0231affb521137bf135898b6ce4c2ce59a79e3e23068a673868366c7ac68bb
eee230b896f349558bb52c66ffe6d2428452a5f0de5860fc3ac57c3e161bfb5a
f5eea1c9406e22225635f46d7ddde71a450b2337a7cd0b25ff834aef95734258
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fc9cf17873c0f77e749220aa7cae48795a173120a0607309a43796ce05f77e16
ff5a7ccafdf5655b806f5fc619bd47fb43e9858021a5d72e742dd5f647e8ffee