urlscan.io logo urlscan.io
SecurityTrails logo

kartenabrechnung.com.de Open in urlscan Pro
2606:4700:3035::6815:5e62  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kartenabrechnung.com.de/
Effective URL: https://kartenabrechnung.com.de/login.php?id=4067849
Submission: On March 11 via manual from ES — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3035::6815:5e62, located in United States and belongs to CLOUDFLARENET, US. The main domain is kartenabrechnung.com.de.
TLS certificate: Issued by GTS CA 1P5 on February 11th 2024. Valid for: 3 months.
This is the only time kartenabrechnung.com.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lufthansa (Transportation)

Domain & IP information

IP Address AS Autonomous System
4 25 2606:4700:303... 13335 (CLOUDFLAR...)
2 158.69.119.97 16276 (OVH)
1 2a04:4e42:600... 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
36 6
25    2606:4700:3035::6815:5e62 (United States)

ASN13335 (CLOUDFLARENET, US)
kartenabrechnung.com.de
2    158.69.119.97 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns522187.ip-158-69-119.net
srv15666.cloudfilt.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
5    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
25 com.de
kartenabrechnung.com.de
458 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
449 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
46 KB
2 cloudfilt.com
srv15666.cloudfilt.com
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
24 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
79 KB
36 6
Domain Requested by
25 kartenabrechnung.com.de 4 redirects kartenabrechnung.com.de
5 www.google.com kartenabrechnung.com.de
www.gstatic.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
2 fonts.gstatic.com www.google.com
2 srv15666.cloudfilt.com kartenabrechnung.com.de
srv15666.cloudfilt.com
1 cdn.jsdelivr.net kartenabrechnung.com.de
1 code.jquery.com kartenabrechnung.com.de
36 7

This site contains no links.

Subject Issuer Validity Valid
kartenabrechnung.com.de
GTS CA 1P5		 2024-02-11 -
2024-05-11		 3 months crt.sh
*.cloudfilt.com
TrustSign RSA DV CA		 2023-08-31 -
2024-08-30		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh

This page contains 3 frames:

Primary Page: https://kartenabrechnung.com.de/login.php?id=4067849
Frame ID: 9481E0EB6DAF4045DF6E11981C31455C
Requests: 23 HTTP requests in this frame

Frame: https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Frame ID: 0D423DF628921461D7E2DE946BC6E9DB
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfFLkUjAAAAAOWPKP_IAcjxlaLe4arC06l11CwX&co=aHR0cHM6Ly9rYXJ0ZW5hYnJlY2hudW5nLmNvbS5kZTo0NDM.&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=kzgi5k9eul1w
Frame ID: D4D267E49E4D56B41127F906DBCC81AF
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online-Kartenkonto

Page URL History Show full URLs

  1. https://kartenabrechnung.com.de/ Page URL
  2. https://kartenabrechnung.com.de/unlock.php HTTP 302
    https://kartenabrechnung.com.de/miles.php?pwd=miles HTTP 302
    https://kartenabrechnung.com.de/login.php?id=4067849 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

36
Requests

94 %
HTTPS

83 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

1056 kB
Transfer

3712 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kartenabrechnung.com.de/ Page URL
  2. https://kartenabrechnung.com.de/unlock.php HTTP 302
    https://kartenabrechnung.com.de/miles.php?pwd=miles HTTP 302
    https://kartenabrechnung.com.de/login.php?id=4067849 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Request Chain 8
  • https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
kartenabrechnung.com.de/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b0d118ea33720bf3d7bd819f5e61c10f0095b64609b9e9bd65c0ecea2594a51

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8629f6ade81d3a3d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 11 Mar 2024 07:52:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQR6uCMnOy5g6VD0VdFPe%2F24aYYn7lOKCmlPSMFTPF9nOIqKXd3QzdPFdY2JCf0wbCPTY6II3WG1KtllrNKrr8JRyl6NEtVlRurvojb87fm6lLmnd%2BhBWX0EwRBqMul%2B8ZZsYXsa7r15Kj1%2FoJ9pNRJQ6QZf%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
loading.svg
kartenabrechnung.com.de/ 		2 KB
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kartenabrechnung.com.de/loading.svg
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e23e8daedbe3babf164bc48b06e3c86afa1516e888c1c4c3c5eb182a01b125

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Sep 2023 21:16:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
58033
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDoYURG2DJ65jLdd0FdmuiMK9DuhKaJ0gC7dStV%2B44gQn7kKa4%2Byiq%2Fpt1B3XqcR27EqrVRRSpxhqqn7x5TI7Yblrz4XDK00MGTIC4P3eRthbQnstlt8XNPE8sa%2FUMDxziNaWZs6q2QiZEqo9xrQwqCWWCRySw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8629f6b70b5f3a3d-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 17 Mar 2024 15:44:59 GMT
rocket-loader.min.js
kartenabrechnung.com.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Mar 2024 17:52:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e75beb-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJ0I1Tuu32OcDkx92XBibvRZq3lF8t%2F0f47zEoASqzEczScx4GSj4GdcojSph7FGL1S%2FesyoMo%2BU4hydo8RX1c0hWYDR14BycbH0bhLOXALUtBU7rjTOqQyT1ylXeLuCvN77ITCBSWc51tit6e81YfGOR3dy3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8629f6b70b613a3d-FRA
expires
Wed, 13 Mar 2024 07:52:12 GMT
analyz.js
srv15666.cloudfilt.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srv15666.cloudfilt.com/analyz.js?render=YUNulUDqHL1GyZbyICqh
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
158.69.119.97 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns522187.ip-158-69-119.net
Software
Apache /
Resource Hash
6368cc556f7a4dd805419876595124529cdf9320debfa07f5627ff0165136c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Mar 2024 07:52:13 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Upgrade
h2
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Upgrade, Keep-Alive
Keep-Alive
timeout=5, max=10000
Content-Length
937
Expires
Sat, 26 Jul 1997 05:00:00 GMT
jquery-3.3.1.js
code.jquery.com/ 		265 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.js
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:12 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
15341329
x-cache
HIT, HIT
content-length
80268
x-served-by
cache-lga21980-LGA, cache-fra-eddf8230064-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1710143533.789455,VS0,VE0
etag
W/"28feccc0-42587"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
10089, 33580
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
96143aab250f8314c5bcfec700306d1004501bde5c93210745d756f12618d6f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 11 Mar 2024 07:52:12 GMT
main.js
kartenabrechnung.com.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/ Frame 0D42
Redirect Chain
  • https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Protocol
H3
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fd3af9191186bd365314565b33df12365b38f4ed72057733455295a5a72959a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BWdKCeDfRUhKGz7MRHO6a0xDefexHJ2A%2FiGTreoJYyjZRPStBJlQYplXSrkVppwD1240H04S1yXjYb6%2Fjlf3OezaOaVEYKbjzOgB2kY7UE5ux8578v7P48h5KD82d%2Bker2isKQhuj35iyz0MSvbpbV12MCTVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8629f6b7a8af9a35-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 11 Mar 2024 07:52:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76FsdB8bFusfUNI8hv24qIc1gA9hDWFt4X6WsQZDNRfTvnaCtNSb6tY7170SvE8yeHSZkzftfWBD668vcah7qoO5GBQjgjgzY0A2DMT%2F%2FTvmu3scvFJhTiTpHMhqI5jh5rYq7Tll0yGaHC2cTrFDNOL1gycQDA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
cache-control
max-age=300, public
cf-ray
8629f6b75bae3a3d-FRA
alt-svc
h3=":443"; ma=86400
8629f6ade81d3a3d
kartenabrechnung.com.de/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0D42 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/h/b/jsd/r/8629f6ade81d3a3d
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 11 Mar 2024 07:52:12 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FgzJvyDgazWBawSLXZfU%2BZbdD1gJ0NPNIvspGaWBCyes3c6DaR2fmTJ4SdczzdXZlKAOkBK7Q9e10y5%2BKPwmuziCAH9ddgIcQKYXwo2NP4i3KllX%2B%2BnhuiEa7zrHiSauv9fHqyTtlTrQ%2BRzOyKlqHHuqv2rig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8629f6b8494e9a35-FRA
alt-svc
h3=":443"; ma=86400
main.js
kartenabrechnung.com.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/ Frame 0D42
Redirect Chain
  • https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Protocol
H3
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cb3cd03d4c577f73d794d3207189fc7e02b3701e4b132fd561ef44325d7cc14
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:13 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehdRLJlXatSe2d5phcoFdvdWGMP9rzlqUm4cMH8MmoikoaBuyeEDOJPjxdT98CroHil6yWlflT1MkA4Smo1kK3gypicb3rEZWraPqGcb2QpqjTSVzqWQZlsgPcAsYT5tTANdJGU8pFlepdDvA30n4SFth8SIkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8629f6b949fc9a35-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 11 Mar 2024 07:52:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlwFnJZ1713jbmrACvFE98Fdlg%2Fr0MPRVr6V748x%2BdVsDOiA4hZNoW0QL6tKFfIN9gMetevbww10H5iEsSvMcgpHFfTlbkB5Yp78pQ7Gf5swth2AJVyx2VXHsP%2F68e0fJXhafg%2Bjla%2BRaiNQYYwbmlZIF%2BmGoA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8629f6b899789a35-FRA
alt-svc
h3=":443"; ma=86400
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ 		494 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kartenabrechnung.com.de/
Origin
https://kartenabrechnung.com.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200579
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Mar 2025 07:16:54 GMT
8629f6ade81d3a3d
kartenabrechnung.com.de/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0D42 		0
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/h/b/jsd/r/8629f6ade81d3a3d
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 11 Mar 2024 07:52:13 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1u7nbtiwqK8wxZrulcQOQKlO0HL2Gf2QM2YU%2BSjt%2FDQpMeuP7aVjLtk3GCdOf8irgbf6bF5IKr6boDdPa0364h7ssu1Kh8%2F0sVY2M%2BO09wwXrfq7cQu9zGdctBcRr%2BFGgPNq4giQtmmUOWmiW029yEiqu9uTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8629f6ba1aab9a35-FRA
alt-svc
h3=":443"; ma=86400
analyzC.js
srv15666.cloudfilt.com/ 		0
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://srv15666.cloudfilt.com/analyzC.js?render=YUNulUDqHL1GyZbyICqh&url=https%3A%2F%2Fkartenabrechnung.com.de%2F&ln=en-US&sch=1200&scw=1600&pln=3&lnn=2&bv=Chrome%20122&hl=false
Requested by
Host: srv15666.cloudfilt.com
URL: https://srv15666.cloudfilt.com/analyz.js?render=YUNulUDqHL1GyZbyICqh
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
158.69.119.97 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns522187.ip-158-69-119.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-transform
Date
Mon, 11 Mar 2024 07:52:13 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=9999
Content-Length
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame D4D2 		45 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfFLkUjAAAAAOWPKP_IAcjxlaLe4arC06l11CwX&co=aHR0cHM6Ly9rYXJ0ZW5hYnJlY2hudW5nLmNvbS5kZTo0NDM.&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=kzgi5k9eul1w
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
433d36a6ff58e044cf4084542b97843888fc700e591c831881bae10237c841b5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--3eWmfbQfCtZbtTDoKnifg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kartenabrechnung.com.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--3eWmfbQfCtZbtTDoKnifg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Mar 2024 07:52:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame D4D2 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfFLkUjAAAAAOWPKP_IAcjxlaLe4arC06l11CwX&co=aHR0cHM6Ly9rYXJ0ZW5hYnJlY2hudW5nLmNvbS5kZTo0NDM.&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=kzgi5k9eul1w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 22:44:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Mar 2025 22:44:40 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame D4D2 		494 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfFLkUjAAAAAOWPKP_IAcjxlaLe4arC06l11CwX&co=aHR0cHM6Ly9rYXJ0ZW5hYnJlY2hudW5nLmNvbS5kZTo0NDM.&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=kzgi5k9eul1w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200579
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Mar 2025 07:16:54 GMT
oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js
www.google.com/js/bg/ Frame D4D2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfFLkUjAAAAAOWPKP_IAcjxlaLe4arC06l11CwX&co=aHR0cHM6Ly9rYXJ0ZW5hYnJlY2hudW5nLmNvbS5kZTo0NDM.&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=kzgi5k9eul1w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 08:57:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
514489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6931
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Mar 2025 08:57:24 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D4D2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 03:45:28 GMT
x-content-type-options
nosniff
age
533205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 12 Mar 2024 03:45:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D4D2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfFLkUjAAAAAOWPKP_IAcjxlaLe4arC06l11CwX&co=aHR0cHM6Ly9rYXJ0ZW5hYnJlY2hudW5nLmNvbS5kZTo0NDM.&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=kzgi5k9eul1w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:32:19 GMT
x-content-type-options
nosniff
age
562794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Mar 2025 19:32:19 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D4D2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfFLkUjAAAAAOWPKP_IAcjxlaLe4arC06l11CwX&co=aHR0cHM6Ly9rYXJ0ZW5hYnJlY2hudW5nLmNvbS5kZTo0NDM.&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=kzgi5k9eul1w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 14:26:30 GMT
x-content-type-options
nosniff
age
321943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Mar 2025 14:26:30 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame D4D2 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfFLkUjAAAAAOWPKP_IAcjxlaLe4arC06l11CwX&co=aHR0cHM6Ly9rYXJ0ZW5hYnJlY2hudW5nLmNvbS5kZTo0NDM.&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=kzgi5k9eul1w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfFLkUjAAAAAOWPKP_IAcjxlaLe4arC06l11CwX&co=aHR0cHM6Ly9rYXJ0ZW5hYnJlY2hudW5nLmNvbS5kZTo0NDM.&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=kzgi5k9eul1w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 11 Mar 2024 07:52:13 GMT
reload
www.google.com/recaptcha/api2/ Frame D4D2 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LfFLkUjAAAAAOWPKP_IAcjxlaLe4arC06l11CwX
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
84095fcc914dd60fde0e6ffa27e267fd46232138c89377e7ace758329a592386
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfFLkUjAAAAAOWPKP_IAcjxlaLe4arC06l11CwX&co=aHR0cHM6Ly9rYXJ0ZW5hYnJlY2hudW5nLmNvbS5kZTo0NDM.&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=kzgi5k9eul1w
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 11 Mar 2024 07:52:14 GMT
Primary Request login.php
kartenabrechnung.com.de/
Redirect Chain
  • https://kartenabrechnung.com.de/unlock.php
  • https://kartenabrechnung.com.de/miles.php?pwd=miles
  • https://kartenabrechnung.com.de/login.php?id=4067849
76 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/login.php?id=4067849
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1fb387758811d38af284e2d5cde669fe53dc038efd01ec8aa36f8f7f74050ad

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://kartenabrechnung.com.de
Referer
https://kartenabrechnung.com.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8629f6c1f9319a35-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 11 Mar 2024 07:52:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5R5puIHE30bFLlZ%2B9pjq5iRGTlVbeWbDjrWepRbgcwg49F6ZJNkntzRd5y6F5AyUslwnZcKu8Oje9AojRCXcEOFex8GUfTDrriNeyS%2BG%2BpP7LpBz6r7goa1Vk9ziizWrHkJX4A60YUzh02DsMPnhb1swDXV46Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8629f6c188fd9a35-FRA
content-type
text/html; charset=UTF-8
date
Mon, 11 Mar 2024 07:52:14 GMT
location
login.php?id=4067849
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2StB6AlGGxJtAcnk%2F9LwKYpM5tfgaru9%2Fv%2FNieHS1KHLSklzSwSMBrlkzDhHK%2B3DDtJ%2FH0Shv4iGWxCA7VfBb%2F1%2B%2BLPP4aZK%2B5Q4MYhlQU96g210TtiBEW%2BKtjiQn5o5X98HMfn9yrfmrIZcIqQp14F%2FggntA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-turbo-charged-by
LiteSpeed
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/login.php?id=4067849
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8999205
x-jsd-version
5.0.2
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230115-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rt7ziXfs7sCkGT9lby0HS%2BMfnGpnumfOxcOb5xHXYkEJTdJ8wTlpjZsIZyobe8FGEk39tljk5PBe2uzY7a4rart66vszERYybH1pv36t0XOvDJ8rGJCHb8lFVQbo%2BtK1pLw8TPSfCAi8MP19cEY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8629f6c2e8ed19ab-FRA
nicepage.css
kartenabrechnung.com.de/ 		1 MB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/nicepage.css
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/login.php?id=4067849
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34dd65e12628f8213d228ee104a438227acf767e03dc8a7843f17e01164378

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/login.php?id=4067849
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 Oct 2023 12:12:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D60ymaLjjV%2Fc%2BF2bKWxXEJaY7l14c39K4KvJ7Bii8r%2BQUwQFbUlaa3zGzpuHIubgKeMh%2BdzPf3PcV6d8BxylXRE28%2FkPjqs2hrjTiW081YdUxhg28yeWKjyCFhx8lWgobOngKtHjxJ9m3ix9n84eOQSzbLOSeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8629f6c2698b9a35-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 07:52:14 GMT
Login.css
kartenabrechnung.com.de/ 		2 KB
990 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/Login.css
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/login.php?id=4067849
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a64f3df415f27d24563a8ac378a7186b1266c89e1a0f9d673581b04b01e9694c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/login.php?id=4067849
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 Oct 2023 12:12:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYsCd%2Fl4xh8yNJvhyEslj5KHHFiRG7Z9UsR5embOwKXNv5qPmo9iSXxkFTSdEHGVNr5eGoq%2BdZ4DN26JwMmL2ThnptoKp4RhoC4gkTC0%2Bz%2BoyBP%2FnoszFuNAEpioCX%2F%2BNBdmodnvB8Hr9KtYRsFNSa%2BfocD%2F7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8629f6c2698c9a35-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 07:52:14 GMT
Capturedcran2023-09-09050851.png
kartenabrechnung.com.de/images/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kartenabrechnung.com.de/images/Capturedcran2023-09-09050851.png
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/login.php?id=4067849
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca361f8ee1fd72f990e9ea19ec631d6b0a64f1e2202899e941653e793d10a863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/login.php?id=4067849
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Oct 2023 06:33:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CweXadVwzY0%2Fak0ekbsaG8ecmINxE3%2BeTqSmgZRrV%2BZhhf8OKbWCoPWVY0tb26ZmSAsLSoFtxRB6gq%2BL2LIv7q3B%2FhU2pU%2BX3ow7VJvXfocrFXI9gq7kMW85%2FN4%2BGsBccLQ1IkvjMvAdBUBT1LX975GH3jNYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8629f6c2698d9a35-FRA
alt-svc
h3=":443"; ma=86400
content-length
50686
expires
Mon, 18 Mar 2024 07:52:14 GMT
Capturedcran2023-09-09053131.png
kartenabrechnung.com.de/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kartenabrechnung.com.de/images/Capturedcran2023-09-09053131.png
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/login.php?id=4067849
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93775c7230ae15070219957f40ff1692496b1488bc4c2df0244d5f3d30df00d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/login.php?id=4067849
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Oct 2023 06:33:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dF4REANlarZ8eYKjyT5TIircH%2F1FL7uEE%2Fm8Y5PfvZk0heF96bYd%2FoSPMqNBQLrE%2FUR1Q%2B0UyyoDB89e9MGS35ockN772uGN71l08%2FNjSk32o8WBQaTJjgTuHPtpUe9%2B%2Fyw0ANi%2BGNM6RfLAR0FLWDC%2BK3pxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8629f6c269909a35-FRA
alt-svc
h3=":443"; ma=86400
content-length
21594
expires
Mon, 18 Mar 2024 07:52:14 GMT
Capturedcran2023-09-09055213.png
kartenabrechnung.com.de/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kartenabrechnung.com.de/images/Capturedcran2023-09-09055213.png
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/login.php?id=4067849
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dfefd24a6f4f64027adf06dee40bf3f7f246c24ad0d5df8eb8106ba3a1d0160

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/login.php?id=4067849
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Oct 2023 06:33:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bp%2BZDG8otSyCt77RT8jRBnHndi42e8DzBn6MLWKNcvNjfYyexC2RsoC0oiEEYYhWyOMUGzhA%2FI7o5MB2SDdm2GmidHKUSYxqnFmW8E%2BQGW6pf6OYCmismF%2B3CeRqjqsK03MwIEwRnZ%2BLyZyEUXIfKRCIazxqnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8629f6c269919a35-FRA
alt-svc
h3=":443"; ma=86400
content-length
46222
expires
Mon, 18 Mar 2024 07:52:14 GMT
rocket-loader.min.js
kartenabrechnung.com.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/login.php?id=4067849
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/login.php?id=4067849
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Mar 2024 17:52:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e75beb-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anWaNXP0SJxp2cmcb9zU2UM8tHdst%2Fq4gmVy%2B1CwJjAR8zDZAuHKdZS6vCSMIX1e8Tk3zSAnw6R2t1nekhwmPn8Y%2BEUaK%2FJN%2FlqnNtgAAC4ppJ580uTCD65rbAclMK7LVckrGPgfazDXAf7T%2BXyppoB7iL28Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8629f6c269929a35-FRA
expires
Wed, 13 Mar 2024 07:52:14 GMT
normal.woff2
kartenabrechnung.com.de/cf-fonts/s/montserrat/5.0.16/latin/700/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/cf-fonts/s/montserrat/5.0.16/latin/700/normal.woff2
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/login.php?id=4067849
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad

Request headers

Referer
https://kartenabrechnung.com.de/login.php?id=4067849
Origin
https://kartenabrechnung.com.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhiU4%2FreQK2ykxi7D5edhh1ypNVs%2F4NivqKg1xUCutGGRPMbBG%2FqCuLxrSaugnyye4KKnCORWu3qCmxwFDS3NZ%2FoqiTgxq9jqT4F8MxkqX71pRnkx0UJDaN3hYcWpEKhVgn%2BX4fn4ygr6Kxn8AUMpaV2OFz2Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8629f6c3aa4a9a35-FRA
alt-svc
h3=":443"; ma=86400
content-length
15240
normal.woff2
kartenabrechnung.com.de/cf-fonts/s/lato/5.0.18/latin/400/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/cf-fonts/s/lato/5.0.18/latin/400/normal.woff2
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/login.php?id=4067849
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Request headers

Referer
https://kartenabrechnung.com.de/login.php?id=4067849
Origin
https://kartenabrechnung.com.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0dfPyPg9mWiSIThpHxamPOBweMEDrHVn8doKTlYGyyzIme805wGQ4wGQ5CNQprlF7N%2F7iXVFiPGFFGac9%2FLdRIx0AVVR6EfhxqNBzUV5UNpgtEkFp2iKcvgr6zwlOh%2BXi9836todfsf1ZZb6iowJRrZ%2BX0m%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8629f6c3aa4b9a35-FRA
alt-svc
h3=":443"; ma=86400
content-length
23580
normal.woff2
kartenabrechnung.com.de/cf-fonts/s/lato/5.0.18/latin/700/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/cf-fonts/s/lato/5.0.18/latin/700/normal.woff2
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/login.php?id=4067849
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Request headers

Referer
https://kartenabrechnung.com.de/login.php?id=4067849
Origin
https://kartenabrechnung.com.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQzuh%2FlYMSvJt9wfGwyhpYA7WOdG6CGt7kw0rf9uCZFhKsK0ya2AZBK3yoTvmemQU6FJfYrwIQLaAWX0LHdssQv9b%2BBnRj3%2BZ71Y3HeH6v%2FvIbs9UYUJjQSYHIz1uoZLqhH8tbnFSMDopAXjliLba6aQC2IDSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8629f6c3aa4c9a35-FRA
alt-svc
h3=":443"; ma=86400
content-length
23040
normal.woff2
kartenabrechnung.com.de/cf-fonts/s/open-sans/5.0.20/latin/400/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/cf-fonts/s/open-sans/5.0.20/latin/400/normal.woff2
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/login.php?id=4067849
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Request headers

Referer
https://kartenabrechnung.com.de/login.php?id=4067849
Origin
https://kartenabrechnung.com.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V39wWeudk3itVn%2F6rKW%2B2FjCGKQV1DdPAg24lSx3XIaezIn0cC5P2LIkoyQ5Br%2FnHQcnU3PjnZSLvmqbk4BmfBqlXX8SNoKRseqMnQpX%2B8HwD%2Bwl1HKTHsT%2B3RM8s%2BPAzdsatYWn4M55E2c6ZBW0NMB%2B45KASQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8629f6c3aa4d9a35-FRA
alt-svc
h3=":443"; ma=86400
content-length
18664
nicepage.js
kartenabrechnung.com.de/ 		47 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/nicepage.js
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/login.php?id=4067849
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 Oct 2023 12:12:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xS%2BQsJfHudQaP4kk%2BrPFRDcUqzBNBqXKj6GeLH9%2BtmCVAp26X4jzgUJdiY1God%2FYkoIuh5ODk0Ye4jeiSh4D8s3vy4LlotM1MT5Mz9eiGGb%2BrcmFT0gqjQwinAMD38lf0DqSq03zDUtCenromTGSz78qPkFcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=3600
x-turbo-charged-by
LiteSpeed
cf-ray
8629f6c3ba4f9a35-FRA
alt-svc
h3=":443"; ma=86400
jquery.js
kartenabrechnung.com.de/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/jquery.js
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/login.php?id=4067849
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 Oct 2023 12:12:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XY3dsGn%2FOfssbGEOdI47Q5s4rfnB%2Brtq9KhYTLDXWx7w6QIONCDH0hU2aEKFLM7hwNLpA5TJsary3u5JD1m5OhC%2FlehJ7ncnN%2BDWktXJmuSZwlEBsPDpDg6d5RoNAMoR6a61X5DYGBkw91pkfwf%2F7%2BpN%2F1cvBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=3600
x-turbo-charged-by
LiteSpeed
cf-ray
8629f6c3ba509a35-FRA
alt-svc
h3=":443"; ma=86400
nicepage.js
kartenabrechnung.com.de/ 		294 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kartenabrechnung.com.de/nicepage.js
Requested by
Host: kartenabrechnung.com.de
URL: https://kartenabrechnung.com.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5e62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5428fa22d10d5498ec138ba393f24aa11076ff95e0692a1bddd1e4dd93fc6aeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kartenabrechnung.com.de/login.php?id=4067849
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:52:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
cf-polished
origSize=300884
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 18 Oct 2023 12:12:30 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qme3UjNiIHQ6838uCkqKvR5vX%2BwrYOpUZRdkUMx0DCMZRU84wug%2FwNA88cyk9XDf2jwihllMpyrnHzGknWvo5wKbyf%2BlLA5zBJWpd8vmNNbHkEnxq0rrMOrS8A9jtMSQW0NVgGouhOcLZDLgcHGt4qMPPqLSXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=3600
x-turbo-charged-by
LiteSpeed
cf-ray
8629f6c43aa49a35-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lufthansa (Transportation)

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR boolean| __cfRLUnblockHandlers function| $ function| jQuery object| cssBgParser function| ResponsiveMenu function| MailChimpForm object| bootstrap function| loadMapsContent function| mapIframeApiReady object| MapsLoader function| Lightbox object| Utility object| skrollr function| Waypoint function| WaypointAdapter function| _npStickyStack function| _npInitMenuLink function| AnimationInfo object| AnimationEventScroll function| AnimationEventSlider object| WillChangeHint function| AnimationFactory function| CountUp undefined| uAnimation object| _npScrollAnchor function| _npScrollSpyInit function| ImageZoom function| _npHorizontalLayoutSlider function| TabsControl function| _npTabsInit object| lazySizes object| _npLazyImages object| lazySizesConfig function| _npDialogsInit function| _npAccordionInit function| setImmediate function| clearImmediate object| sha256 function| _npAuthInit object| CountryList function| signRequestAnimFrame object| _responsive

3 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AI0kreIBXD18GJZgeqRRx9djzlG9BmAfNRIJMpH1cQTgJMrGtqWKzBtlrCAvcB8MEHJiX7nN4FTDLrt8GSb_rcY
.kartenabrechnung.com.de/ Name: cf_clearance
Value: qrF3PEhXE2Hf8aMVfmbkN0didHTrKopCUBesp.PQAf0-1710143533-1.0.1.1-_nrWzCI8GrNnYuel5khTdb9xraU2z21ihrF4ym.n22Os9yon9TQp3SKMm2qZxfIuM4tDF_vqLEYovL.v4SXsbA
kartenabrechnung.com.de/ Name: PHPSESSID
Value: 3e9d4c6d0ebe574fdc6664c5f4b5eb6b

1 Console Messages

Source Level URL
Text
other warning URL: https://kartenabrechnung.com.de/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
fonts.gstatic.com
kartenabrechnung.com.de
srv15666.cloudfilt.com
www.google.com
www.gstatic.com
158.69.119.97
2606:4700:3035::6815:5e62
2606:4700::6810:5814
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2003
2a04:4e42:600::649
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
24e23e8daedbe3babf164bc48b06e3c86afa1516e888c1c4c3c5eb182a01b125
3dfefd24a6f4f64027adf06dee40bf3f7f246c24ad0d5df8eb8106ba3a1d0160
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
433d36a6ff58e044cf4084542b97843888fc700e591c831881bae10237c841b5
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
4b0d118ea33720bf3d7bd819f5e61c10f0095b64609b9e9bd65c0ecea2594a51
5428fa22d10d5498ec138ba393f24aa11076ff95e0692a1bddd1e4dd93fc6aeb
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cb3cd03d4c577f73d794d3207189fc7e02b3701e4b132fd561ef44325d7cc14
6368cc556f7a4dd805419876595124529cdf9320debfa07f5627ff0165136c1a
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
84095fcc914dd60fde0e6ffa27e267fd46232138c89377e7ace758329a592386
8fd3af9191186bd365314565b33df12365b38f4ed72057733455295a5a72959a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93775c7230ae15070219957f40ff1692496b1488bc4c2df0244d5f3d30df00d6
96143aab250f8314c5bcfec700306d1004501bde5c93210745d756f12618d6f0
a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0
a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad
a64f3df415f27d24563a8ac378a7186b1266c89e1a0f9d673581b04b01e9694c
a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687
c1fb387758811d38af284e2d5cde669fe53dc038efd01ec8aa36f8f7f74050ad
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ca361f8ee1fd72f990e9ea19ec631d6b0a64f1e2202899e941653e793d10a863
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf34dd65e12628f8213d228ee104a438227acf767e03dc8a7843f17e01164378
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d