zip.immo Open in urlscan Pro
188.40.28.167 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zip.immo/
Effective URL:
https://zip.immo/login
Submission Tags: @phish_report
Submission: On April 25 via api (April 25th 2024, 11:03:09 pm UTC) from FI — Scanned from AU

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 188.40.28.167, located in Germany and belongs to HETZNER-AS, DE. The main domain is zip.immo.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on April 25th 2024. Valid for: a year.

This is the only time zip.immo was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 11	188.40.28.167 188.40.28.167		24940 (HETZNER-AS) (HETZNER-AS)
10	1

11 188.40.28.167 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: www267.your-server.de

zip.immo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	zip.immo 1 redirects zip.immo	1 MB
10	1

	Domain	Requested by
11	zip.immo	1 redirects zip.immo
10	1

This site contains no links.

Subject Issuer	Validity	Valid
zip.immo Encryption Everywhere DV TLS CA - G2	`2024-04-25` - `2025-04-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://zip.immo/login
Frame ID: AB4A3AA43ECE320FFFE2D49561693861
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Immo Zip

Page URL History Show full URLs

http://zip.immo/ HTTP 307
https://zip.immo/ HTTP 302
https://zip.immo/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1364 kB
Transfer

1363 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zip.immo/ HTTP 307
https://zip.immo/ HTTP 302
https://zip.immo/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response zip.immo/ Redirect Chain http://zip.immo/ https://zip.immo/ https://zip.immo/login	10 KB 10 KB	277ms 276ms	Document text/html	188.40.28.167 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://zip.immo/login Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 188.40.28.167 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www267.your-server.de Software Apache / Resource Hash `09520a21807dc8b887c7d46239002763c8fcbe9a91172f148eb00420ac320a41` Request headers Accept-Language en-AU,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Mobile/15E148 Safari/604.1 Response headers cache-control no-store, no-cache, must-revalidate content-type text/html; charset=utf-8 date Thu, 25 Apr 2024 23:03:02 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache Redirect headers cache-control no-store, no-cache, must-revalidate content-length 0 content-type text/html; charset=utf-8 date Thu, 25 Apr 2024 23:03:02 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location https://zip.immo/login pragma no-cache server Apache
GET H2	200	inter.css zip.immo/assets/fonts/inter/	3 KB 3 KB	276ms 275ms	Stylesheet text/css	188.40.28.167 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://zip.immo/assets/fonts/inter/inter.css Requested by Host: zip.immo URL: https://zip.immo/login Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 188.40.28.167 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www267.your-server.de Software Apache / Resource Hash `157a9e160c49868142fa90e206c9da1624dd3519e4bb1702475105aee9272915` Request headers Accept-Language en-AU,en;q=0.9;q=0.9 Referer https://zip.immo/login User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Mobile/15E148 Safari/604.1 Response headers date Thu, 25 Apr 2024 23:03:02 GMT last-modified Wed, 27 Mar 2024 10:12:07 GMT server Apache accept-ranges bytes etag "a23-614a1a3a0ad5e" content-length 2595 content-type text/css
GET H2	200	styles.min.css zip.immo/assets/icons/phosphor/	42 KB 42 KB	277ms 277ms	Stylesheet text/css	188.40.28.167 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://zip.immo/assets/icons/phosphor/styles.min.css Requested by Host: zip.immo URL: https://zip.immo/login Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 188.40.28.167 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www267.your-server.de Software Apache / Resource Hash `d12de488a9bbd61f8cf7f6061eaae52d8e2924747396c8225fd3d0cc6fededf1` Request headers Accept-Language en-AU,en;q=0.9;q=0.9 Referer https://zip.immo/login User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Mobile/15E148 Safari/604.1 Response headers date Thu, 25 Apr 2024 23:03:02 GMT last-modified Wed, 27 Mar 2024 10:12:12 GMT server Apache accept-ranges bytes etag "a79d-614a1a3ec0e67" content-length 42909 content-type text/css
GET H2	200	all.min.css zip.immo/assets/css/ltr/	705 KB 705 KB	277ms 276ms	Stylesheet text/css	188.40.28.167 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://zip.immo/assets/css/ltr/all.min.css Requested by Host: zip.immo URL: https://zip.immo/login Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 188.40.28.167 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www267.your-server.de Software Apache / Resource Hash `ad07b6e82d3ab1f1746235cb88dafdd5ec4a73d9d40d1510e12d89dbfea31282` Request headers Accept-Language en-AU,en;q=0.9;q=0.9 Referer https://zip.immo/login User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Mobile/15E148 Safari/604.1 Response headers date Thu, 25 Apr 2024 23:03:02 GMT last-modified Wed, 27 Mar 2024 10:11:22 GMT server Apache accept-ranges bytes etag "b0286-614a1a0e80424" content-length 721542 content-type text/css
GET H2	200	bootstrap.bundle.min.js Show response zip.immo/assets/js/bootstrap/	79 KB 79 KB	1655ms 1655ms	Script application/javascript	188.40.28.167 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://zip.immo/assets/js/bootstrap/bootstrap.bundle.min.js Requested by Host: zip.immo URL: https://zip.immo/login Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 188.40.28.167 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www267.your-server.de Software Apache / Resource Hash `c4b2394a30fa0e4a23c6b308541353e20872a6fd765ed8fb70e6b402029deb00` Request headers Accept-Language en-AU,en;q=0.9;q=0.9 Referer https://zip.immo/login User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Mobile/15E148 Safari/604.1 Response headers date Thu, 25 Apr 2024 23:03:02 GMT last-modified Wed, 27 Mar 2024 10:12:27 GMT server Apache accept-ranges bytes etag "13a70-614a1a4d13ec3" content-length 80496 content-type application/javascript
GET H2	200	app.js Show response zip.immo/assets/js/	23 KB 23 KB	1656ms 1655ms	Script application/javascript	188.40.28.167 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://zip.immo/assets/js/app.js Requested by Host: zip.immo URL: https://zip.immo/login Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 188.40.28.167 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www267.your-server.de Software Apache / Resource Hash `0bf3cf50555d3def309deee8d1c42fa9e2721da7b2765cb8345f5c5f6a186ae6` Request headers Accept-Language en-AU,en;q=0.9;q=0.9 Referer https://zip.immo/login User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Mobile/15E148 Safari/604.1 Response headers date Thu, 25 Apr 2024 23:03:02 GMT last-modified Wed, 27 Mar 2024 10:11:17 GMT server Apache accept-ranges bytes etag "5bc5-614a1a0a71301" content-length 23493 content-type application/javascript
GET H2	200	Phosphor.ttf zip.immo/assets/icons/phosphor/fonts/	296 KB 296 KB	279ms 278ms	Font font/ttf	188.40.28.167 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://zip.immo/assets/icons/phosphor/fonts/Phosphor.ttf?9jjo3j Requested by Host: zip.immo URL: https://zip.immo/assets/icons/phosphor/styles.min.css Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 188.40.28.167 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www267.your-server.de Software Apache / Resource Hash `f5cb8e3f9a8c625612c7bb076014e8426b18bc5932e7abc587125f6e46cfcca4` Request headers Referer https://zip.immo/assets/icons/phosphor/styles.min.css Origin https://zip.immo Accept-Language en-AU,en;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Mobile/15E148 Safari/604.1 Response headers date Thu, 25 Apr 2024 23:03:04 GMT last-modified Wed, 27 Mar 2024 10:13:11 GMT server Apache accept-ranges bytes etag "49e5c-614a1a77277f1" content-length 302684 content-type font/ttf
GET H2	200	Inter-Regular.woff2 zip.immo/assets/fonts/inter/	97 KB 97 KB	285ms 284ms	Font font/woff2	188.40.28.167 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://zip.immo/assets/fonts/inter/Inter-Regular.woff2?v=3.18 Requested by Host: zip.immo URL: https://zip.immo/assets/fonts/inter/inter.css Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 188.40.28.167 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www267.your-server.de Software Apache / Resource Hash `bed72259a8e25611bfdcd02ae7534bab339f607cbce3b989614fb32a5fb95738` Request headers Referer https://zip.immo/assets/fonts/inter/inter.css Origin https://zip.immo Accept-Language en-AU,en;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Mobile/15E148 Safari/604.1 Response headers date Thu, 25 Apr 2024 23:03:04 GMT last-modified Wed, 27 Mar 2024 10:12:04 GMT server Apache accept-ranges bytes etag "1821c-614a1a37528a7" content-length 98844 content-type font/woff2
GET H2	200	Inter-SemiBold.woff2 zip.immo/assets/fonts/inter/	103 KB 104 KB	284ms 284ms	Font font/woff2	188.40.28.167 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://zip.immo/assets/fonts/inter/Inter-SemiBold.woff2?v=3.18 Requested by Host: zip.immo URL: https://zip.immo/assets/fonts/inter/inter.css Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 188.40.28.167 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www267.your-server.de Software Apache / Resource Hash `d5a91eb1b863ca7543716e4782113a07504de66ece767eda455a33c344cbfefa` Request headers Referer https://zip.immo/assets/fonts/inter/inter.css Origin https://zip.immo Accept-Language en-AU,en;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Mobile/15E148 Safari/604.1 Response headers date Thu, 25 Apr 2024 23:03:04 GMT last-modified Wed, 27 Mar 2024 10:12:05 GMT server Apache accept-ranges bytes etag "19dfc-614a1a383132e" content-length 105980 content-type font/woff2
GET H2	200	favicon.ico zip.immo/	7 KB 7 KB	276ms 276ms	Other text/html	188.40.28.167 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://zip.immo/favicon.ico Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 188.40.28.167 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www267.your-server.de Software Apache / Resource Hash `aafd33e9785999f1fb8fb23b46de67f80414d720458d325b0f2e98a053df8a13` Request headers Accept-Language en-AU,en;q=0.9;q=0.9 Referer https://zip.immo/login User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Mobile/15E148 Safari/604.1 Response headers content-type text/html; charset=utf-8 date Thu, 25 Apr 2024 23:03:04 GMT server Apache

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap function| viewModal

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			zip.immo/	1969-12-31 23:59:59	Name: PHPSESSID Value: 92ddfe7fafc3104d8906a1e78a26e4ea

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://zip.immo/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

zip.immo
188.40.28.167
09520a21807dc8b887c7d46239002763c8fcbe9a91172f148eb00420ac320a41
0bf3cf50555d3def309deee8d1c42fa9e2721da7b2765cb8345f5c5f6a186ae6
157a9e160c49868142fa90e206c9da1624dd3519e4bb1702475105aee9272915
aafd33e9785999f1fb8fb23b46de67f80414d720458d325b0f2e98a053df8a13
ad07b6e82d3ab1f1746235cb88dafdd5ec4a73d9d40d1510e12d89dbfea31282
bed72259a8e25611bfdcd02ae7534bab339f607cbce3b989614fb32a5fb95738
c4b2394a30fa0e4a23c6b308541353e20872a6fd765ed8fb70e6b402029deb00
d12de488a9bbd61f8cf7f6061eaae52d8e2924747396c8225fd3d0cc6fededf1
d5a91eb1b863ca7543716e4782113a07504de66ece767eda455a33c344cbfefa
f5cb8e3f9a8c625612c7bb076014e8426b18bc5932e7abc587125f6e46cfcca4

zip.immo Open in urlscan Pro 188.40.28.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1364 kBTransfer

1363 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

zip.immo Open in urlscan Pro
188.40.28.167 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1364 kB
Transfer

1363 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions