urlscan.io logo urlscan.io
SecurityTrails logo

domivest.com Open in urlscan Pro
18.193.189.252  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://auth.domivest.com/
Effective URL: https://domivest.com/
Submission: On February 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 13 HTTP transactions. The main IP is 18.193.189.252, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is domivest.com.
TLS certificate: Issued by R3 on December 11th 2022. Valid for: 3 months.
This is the only time domivest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700::6812:f458 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.domivest.com
5    18.193.189.252 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-189-252.eu-central-1.compute.amazonaws.com
domivest.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:8e::720 (United States)

ASN54113 (FASTLY, US)
domivest.imgix.net
1    2a00:1450:400d:808::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
6 domivest.com
auth.domivest.com
domivest.com
151 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 93
20 KB
2 gstatic.com
fonts.gstatic.com
50 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 160
343 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 109
45 KB
1 imgix.net
domivest.imgix.net
160 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 114
1 KB
13 7
Domain Requested by
5 domivest.com domivest.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com domivest.com
1 domivest.imgix.net domivest.com
1 fonts.googleapis.com domivest.com
1 auth.domivest.com 1 redirects
13 8
Subject Issuer Validity Valid
domivest.com
R3		 2022-12-11 -
2023-03-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-06-01 -
2023-07-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://domivest.com/
Frame ID: 664672BD5E839ABABC284C23638ABA70
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Domivest | Dé financier voor beleggers in verhuurde woningen

Page URL History Show full URLs

  1. https://auth.domivest.com/ HTTP 302
    https://domivest.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Page Statistics

13
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

427 kB
Transfer

1020 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.domivest.com/ HTTP 302
    https://domivest.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
domivest.com/
Redirect Chain
  • https://auth.domivest.com/
  • https://domivest.com/
151 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://domivest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.189.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-189-252.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
66c1af761d64c45df3d950692f7ed92dc35967287160fff2f9224baf37c8b2ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 14 Feb 2023 10:36:13 GMT
link
<https://domivest.com>; rel='canonical'
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
all
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=60
cf-cache-status
DYNAMIC
cf-ray
79952950c9af911e-FRA
content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 10:36:12 GMT
location
https://domivest.com/
ot-baggage-auth0-request-id
79952950c9af911e
ot-tracer-sampled
true
ot-tracer-spanid
3867c1544d728c55
ot-tracer-traceid
33c016a35e341c93
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-000000000000000033c016a35e341c93-3867c1544d728c55-01
tracestate
auth0-request-id=79952950c9af911e,auth0=true
vary
Accept, Accept-Encoding
x-auth0-requestid
591ac76cbfdea014de86
x-content-type-options
nosniff
cookieconsent.min.css
domivest.com/cpresources/dde3f89f/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://domivest.com/cpresources/dde3f89f/css/cookieconsent.min.css?v=1669887215
Requested by
Host: domivest.com
URL: https://domivest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.189.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-189-252.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ba3d46c7c8b02b8328dc05d4272b9e0092aaf96333ec315189bd40223cc758ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domivest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 10:36:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 09:33:35 GMT
server
nginx
etag
W/"638874ef-134b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400, public
expires
Wed, 15 Feb 2023 10:36:13 GMT
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:ital@1&family=Montserrat:wght@300;400;600;700&display=swap
Requested by
Host: domivest.com
URL: https://domivest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6cce42cb0c483bfd693ba61d1779bb8e110c0680693df796b70479b074fc8bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domivest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 10:36:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 10:36:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Feb 2023 10:36:13 GMT
main.css
domivest.com/css/ 		286 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://domivest.com/css/main.css?v=1669887120
Requested by
Host: domivest.com
URL: https://domivest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.189.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-189-252.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a65c7b2286f277c435ba2a52d54f02e7c6f4ec27eaa276fdc9fdfe0161ff4dbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domivest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 10:36:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 09:32:00 GMT
server
nginx
etag
W/"63887490-4763f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400, public
expires
Wed, 15 Feb 2023 10:36:13 GMT
Homepage.jpg
domivest.imgix.net/assets/images/Header-images/ 		159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domivest.imgix.net/assets/images/Header-images/Homepage.jpg?auto=compress%2Cformat&crop=focalpoint&fit=crop&fp-x=0.4768&fp-y=0.3866&h=720&q=60&w=1920&s=baaee397cdcf73c5f5c706b3358ca25d
Requested by
Host: domivest.com
URL: https://domivest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
30e161e5f7fcd6f34df5c30b0c065b1cac70b006dd1fa83cab4477f2a74356ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domivest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 10:36:13 GMT
x-content-type-options
nosniff
age
1201621
x-cache
HIT, HIT
x-imgix-id
33af7aaccabd913b2e853be3b036f90b034004e7
cross-origin-resource-policy
cross-origin
content-length
163066
x-served-by
cache-sjc10073-SJC, cache-hhn-etou8220048-HHN
x-imgix-render-farm
02.552
last-modified
Tue, 31 Jan 2023 12:49:11 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
gtm.js
www.googletagmanager.com/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MVJPQGR
Requested by
Host: domivest.com
URL: https://domivest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb0a4a01c7cddd712b45c736504440de7b2894847a7ab7a4a352b1af278b3527
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domivest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 10:36:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45731
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Feb 2023 10:36:13 GMT
cookieconsent.min.js
domivest.com/cpresources/dde3f89f/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domivest.com/cpresources/dde3f89f/js/cookieconsent.min.js?v=1669887215
Requested by
Host: domivest.com
URL: https://domivest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.189.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-189-252.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
eea7d8a9a65626e55bdfe1cbe689eb8edd177bb8063620366709839559edf1b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domivest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 10:36:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 09:33:35 GMT
server
nginx
etag
W/"638874ef-50f0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400, public
expires
Wed, 15 Feb 2023 10:36:13 GMT
main.js
domivest.com/js/ 		175 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domivest.com/js/main.js?v=1669887120
Requested by
Host: domivest.com
URL: https://domivest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.189.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-189-252.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9dc8e40acff1f64db638bf45ca102675011db9e4a1085cfca5578129641373d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domivest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 10:36:13 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 09:32:00 GMT
server
nginx
etag
W/"63887490-2bb53"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400, public
expires
Wed, 15 Feb 2023 10:36:13 GMT
truncated
/ 		309 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65c4ca22f7eed9b9a303483d6d755a33a2252c870abc68de85d4f0f8c4c3f334

Request headers

Referer
Origin
https://domivest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		418 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3542ae1ab15079c6f6c26962c43b30a58f02165ad9a5220518dd62df930cfa73

Request headers

Referer
Origin
https://domivest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		392 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ce220cd39adb55e5e24c1a7888c056657b4f54914a090f5aab405554fb2053e

Request headers

Referer
Origin
https://domivest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		140 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07c2e1cba558c4f8fde89148795a93457722ed98d478a80741c368e00559f19d

Request headers

Referer
Origin
https://domivest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital@1&family=Montserrat:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://domivest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 17:31:44 GMT
x-content-type-options
nosniff
age
320669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 17:31:44 GMT
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital@1&family=Montserrat:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://domivest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 01:10:10 GMT
x-content-type-options
nosniff
age
33963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19780
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Feb 2024 01:10:10 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVJPQGR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://domivest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 09:12:06 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5047
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 14 Feb 2023 11:12:06 GMT
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=367950532&t=pageview&_s=1&dl=https%3A%2F%2Fdomivest.com%2F&ul=en-us&de=UTF-8&dt=Domivest%20%7C%20D%C3%A9%20financier%20voor%20beleggers%20in%20verhuurde%20woningen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1203149015&gjid=184172465&cid=1106579262.1676370974&tid=UA-108342792-1&_gid=904622235.1676370974&_r=1&_slc=1&gtm=45He32d0n81MVJPQGR&z=1392887742
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://domivest.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 10:36:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://domivest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-108342792-1&cid=1106579262.1676370974&jid=1203149015&gjid=184172465&_gid=904622235.1676370974&_u=YEBAAEAAAAAAACAAI~&z=333254845
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://domivest.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 14 Feb 2023 10:36:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://domivest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| interestLevels object| calculator object| dataLayer string| csrfTokenName string| csrfTokenValue string| CRAFT_SITE_ID object| cookieconsent object| webpackChunk number| uidEvent object| bootstrap function| initMap function| markMarker object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
.auth.domivest.com/ Name: __cf_bm
Value: i.FPfuQlTtnaIoFXtIeeTD.WxFYs7UZb0GL012ZF08M-1676370972-0-AbRQC2xRE57nN+wanEoa8FVQ0nzy0qe2pm8gOfxYxUUsnFhnFMvnUX8116SG4EJacGHfszbjxqeeEfaEJggjEgo=
domivest.com/ Name: CRAFT_CSRF_TOKEN
Value: 6e7a4985be18e4725ab2b331b5fa994d90923d9f172d5dce492136297f296bf3a%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22MBxCB_eAHjJrOMsilG0qrInrlrfII1YRu5xwzVi3%22%3B%7D
.domivest.com/ Name: _ga
Value: GA1.2.1106579262.1676370974
.domivest.com/ Name: _gid
Value: GA1.2.904622235.1676370974
.domivest.com/ Name: _gat_UA-108342792-1
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.domivest.com
domivest.com
domivest.imgix.net
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
18.193.189.252
2606:4700::6812:f458
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9b
2a00:1450:400d:808::2008
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::200e
2a04:4e42:8e::720
07c2e1cba558c4f8fde89148795a93457722ed98d478a80741c368e00559f19d
30e161e5f7fcd6f34df5c30b0c065b1cac70b006dd1fa83cab4477f2a74356ef
3542ae1ab15079c6f6c26962c43b30a58f02165ad9a5220518dd62df930cfa73
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ce220cd39adb55e5e24c1a7888c056657b4f54914a090f5aab405554fb2053e
65c4ca22f7eed9b9a303483d6d755a33a2252c870abc68de85d4f0f8c4c3f334
66c1af761d64c45df3d950692f7ed92dc35967287160fff2f9224baf37c8b2ad
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
9dc8e40acff1f64db638bf45ca102675011db9e4a1085cfca5578129641373d9
a65c7b2286f277c435ba2a52d54f02e7c6f4ec27eaa276fdc9fdfe0161ff4dbc
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
ba3d46c7c8b02b8328dc05d4272b9e0092aaf96333ec315189bd40223cc758ba
e6cce42cb0c483bfd693ba61d1779bb8e110c0680693df796b70479b074fc8bb
eea7d8a9a65626e55bdfe1cbe689eb8edd177bb8063620366709839559edf1b0
fb0a4a01c7cddd712b45c736504440de7b2894847a7ab7a4a352b1af278b3527