live.retteralarm.de Open in urlscan Pro
51.116.154.224 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://am.retteralarm.de/
Effective URL:
https://live.retteralarm.de/admin/Users/login
Submission: On November 23 via automatic, source certstream-suspicious (November 23rd 2022, 8:46:48 am UTC) — Scanned from DE

Summary HTTP 19 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 51.116.154.224, located in Frankfurt am Main, Germany and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is live.retteralarm.de.
TLS certificate: Issued by Thawte RSA CA 2018 on August 22nd 2022. Valid for: a year.

This is the only time live.retteralarm.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 15	51.116.154.224 51.116.154.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2620:1ec:40::45 2620:1ec:40::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
19	4

15 51.116.154.224 (Frankfurt am Main, Germany) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

am.retteralarm.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
live.retteralarm.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:40::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static.retteralarm.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	retteralarm.de 3 redirects am.retteralarm.de live.retteralarm.de static.retteralarm.de	620 KB
1	gstatic.com fonts.gstatic.com	13 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
19	3

	Domain	Requested by
13	live.retteralarm.de	1 redirects live.retteralarm.de static.retteralarm.de
5	static.retteralarm.de	live.retteralarm.de
2	am.retteralarm.de	2 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	static.retteralarm.de
19	5

This site contains links to these domains. Also see Links.

Domain
retteralarm.de

Subject Issuer	Validity	Valid
*.retteralarm.de Thawte RSA CA 2018	`2022-08-22` - `2023-08-22`	a year	crt.sh
static.retteralarm.de DigiCert TLS RSA SHA256 2020 CA1	`2022-09-13` - `2023-09-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://live.retteralarm.de/admin/Users/login
Frame ID: CBD03B6974294BC897D5B1EBD3DB29B7
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RETTERAlarm.de - Administration

Page URL History Show full URLs

https://am.retteralarm.de/ HTTP 302
https://am.retteralarm.de/admin/users/login HTTP 302
https://live.retteralarm.de/admin/Users/logoutMonitor HTTP 302
https://live.retteralarm.de/admin/Users/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

633 kB
Transfer

1002 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://retteralarm.de/registrierung
Title: Registrierung

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://am.retteralarm.de/ HTTP 302
https://am.retteralarm.de/admin/users/login HTTP 302
https://live.retteralarm.de/admin/Users/logoutMonitor HTTP 302
https://live.retteralarm.de/admin/Users/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
live.retteralarm.de/admin/Users/
Redirect Chain

https://am.retteralarm.de/
https://am.retteralarm.de/admin/users/login
https://live.retteralarm.de/admin/Users/logoutMonitor
https://live.retteralarm.de/admin/Users/login

10 KB
3 KB

276ms
276ms

Document
text/html

51.116.154.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.116.154.224 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.4.30 ASP.NET
Resource Hash: 178ad9291cc73da421a3bfff62a88544efd55fbd5976c6b4ac85c3b9b64c0625

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 3127
content-type: text/html; charset=utf-8
date: Wed, 23 Nov 2022 08:46:40 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-powered-by: PHP/7.4.30 ASP.NET

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 23 Nov 2022 08:46:40 GMT
location: https://live.retteralarm.de/admin/Users/login
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.4.30 ASP.NET

GET
H2 200 bootstrap.min.css
live.retteralarm.de/css/ 147 KB
31 KB 24ms
21ms Stylesheet
text/css 51.116.154.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.retteralarm.de/css/bootstrap.min.css
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.116.154.224 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fd4e36989302bb662963aa5612114b262b8500322ee2171ace464e1d56af12c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/admin/Users/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 08:46:40 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 09:28:56 GMT
server: Microsoft-IIS/10.0
etag: "03c3a2e30fbd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 31707

GET
H2 200 font-awesome.css
live.retteralarm.de/css/fontawesome/css/ 39 KB
9 KB 33ms
31ms Stylesheet
text/css 51.116.154.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.retteralarm.de/css/fontawesome/css/font-awesome.css
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.116.154.224 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6081e5ab192226d10d4ccbb32070bd11f65a079467886afb905ee3b9440952e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/admin/Users/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 08:46:40 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 09:28:56 GMT
server: Microsoft-IIS/10.0
etag: "03c3a2e30fbd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 9011

GET
H2 200 jquery-2.2.3.min.js Show response
static.retteralarm.de/static-js/ 84 KB
29 KB 185ms
17ms Script
application/x-javascript 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.retteralarm.de/static-js/jquery-2.2.3.min.js
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2ad77478f8594e99701d9f5960d69da28aaa9cfaf724959fca6137e2db91f7c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 23 Nov 2022 08:46:41 GMT
content-encoding: br
last-modified: Wed, 21 Oct 2020 15:07:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ATn4J06UyaSjW47eT6TYmg==
etag: 0x8D875D30BA331C6
x-azure-ref: 08d19YwAAAAAmlZniaZP5Rrjh+jYNgElvRlJBMjMxMDUwNDE3MDM1ADgwMDMzMDhmLWQwMTgtNDI5MC05ZjZhLWY4ODNkMmVhYTBmNg==
x-cache: TCP_HIT
content-type: application/x-javascript
x-ms-request-id: 03e63cf6-401e-005e-2fc6-fdd3ad000000
x-ms-version: 2009-09-19

GET
H2 200 monitor_login_proccess.js Show response
live.retteralarm.de/js/ 3 KB
1 KB 13ms
12ms Script
application/x-javascript 51.116.154.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.retteralarm.de/js/monitor_login_proccess.js
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.116.154.224 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 678e343638c3a3d92f8b5bae33df9161e4be7af3183d1d0fbb76c161e66fa2a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/admin/Users/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 08:46:40 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 09:29:04 GMT
server: Microsoft-IIS/10.0
etag: "0f0fe3230fbd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1115

GET
H2 200 jquery.validate.min.js Show response
static.retteralarm.de/static-js/ 21 KB
7 KB 177ms
9ms Script
application/x-javascript 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.retteralarm.de/static-js/jquery.validate.min.js
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 324e567d822f75119db0572e091a550f6110883a77b3e8ff87986694ee16b5f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 23 Nov 2022 08:46:41 GMT
content-encoding: br
last-modified: Wed, 21 Oct 2020 15:07:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 0tBwXyt1DfVB3Jt5dCxG7g==
etag: 0x8D875D30B8C227E
x-azure-ref: 08d19YwAAAAA6vRP+AVhHTrBa1GVzfeaxRlJBMjMxMDUwNDE3MDM1ADgwMDMzMDhmLWQwMTgtNDI5MC05ZjZhLWY4ODNkMmVhYTBmNg==
x-cache: TCP_HIT
content-type: application/x-javascript
x-ms-request-id: 380f61f6-b01e-0028-1022-fd59e5000000
x-ms-version: 2009-09-19

GET
H2 200 style.css
live.retteralarm.de/css/admin-login/ 21 KB
6 KB 19ms
18ms Stylesheet
text/css 51.116.154.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.retteralarm.de/css/admin-login/style.css
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.116.154.224 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a9c6da3ce95a2fe5b39596aee10274b43d99aa7b404fd7a67e52888daa15b0e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/admin/Users/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 08:46:40 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 09:28:56 GMT
server: Microsoft-IIS/10.0
etag: "03c3a2e30fbd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 6047

GET
H2 200 AdminLTE.min.css
static.retteralarm.de/static-css/ 121 KB
17 KB 178ms
11ms Stylesheet
text/css 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.retteralarm.de/static-css/AdminLTE.min.css
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7c0fb70034baecfb2ff67aefec6c4ae352289c6b83ec0f90f8468828e9f6293c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 23 Nov 2022 08:46:41 GMT
content-encoding: br
last-modified: Wed, 21 Oct 2020 15:08:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: WdhyaTQHxBAv6P3w20ewvQ==
etag: 0x8D875D32075D0F1
x-azure-ref: 08d19YwAAAACaEK+rt0U3RabgJu77b1xKRlJBMjMxMDUwNDE3MDM1ADgwMDMzMDhmLWQwMTgtNDI5MC05ZjZhLWY4ODNkMmVhYTBmNg==
x-cache: TCP_HIT
content-type: text/css
x-ms-request-id: a9403352-201e-00ac-760c-ff2be4000000
x-ms-version: 2009-09-19

GET
H2 200 logo.png
static.retteralarm.de/static/ 9 KB
9 KB 11ms
10ms Image
image/png 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.retteralarm.de/static/logo.png
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b8f8d8cbfc236493f1e03fd41f2dca14713e9b5e36134ba595f5556a433ce3b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 23 Nov 2022 08:46:41 GMT
last-modified: Thu, 24 Oct 2019 06:57:30 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7584F705E7E0E
x-azure-ref: 08d19YwAAAABJzsR4NFJ1RLSycFxmBSCYRlJBMjMxMDUwNDE3MDM1ADgwMDMzMDhmLWQwMTgtNDI5MC05ZjZhLWY4ODNkMmVhYTBmNg==
x-cache: TCP_HIT
content-type: image/png
x-ms-request-id: f1b79d14-d01e-0001-012c-fe6791000000
x-ms-version: 2009-09-19
content-length: 8867

GET
H2 200 loader.gif
live.retteralarm.de/img/loader/ 21 KB
22 KB 16ms
16ms Image
image/gif 51.116.154.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.retteralarm.de/img/loader/loader.gif
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.116.154.224 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7d066c2f996b7f65f25c0e62529c9884d12c4609cffe5888edacc3c2fec67826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/admin/Users/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 08:46:40 GMT
last-modified: Fri, 18 Nov 2022 09:28:58 GMT
server: Microsoft-IIS/10.0
etag: "0696b2f30fbd81:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 21938

GET
H2 200 cryptojs-aes-new.min.js Show response
live.retteralarm.de/js/cryptojs/ 13 KB
6 KB 16ms
15ms Script
application/x-javascript 51.116.154.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.retteralarm.de/js/cryptojs/cryptojs-aes-new.min.js
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.116.154.224 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a0a28d71883d6791d7feb6c8ba3ca3fb089994f4cf111a34ed78ae803a638c3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/admin/Users/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 08:46:40 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 09:29:04 GMT
server: Microsoft-IIS/10.0
etag: "0f0fe3230fbd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 5999

GET
H2 200 cryptojs-aes-new-format.js Show response
live.retteralarm.de/js/cryptojs/ 2 KB
746 B 13ms
12ms Script
application/x-javascript 51.116.154.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.retteralarm.de/js/cryptojs/cryptojs-aes-new-format.js
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.116.154.224 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b417b23869733aa53bb4343206f26e5871edba04384dacc4d7c5ae10826eb1ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/admin/Users/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 08:46:40 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 09:29:04 GMT
server: Microsoft-IIS/10.0
etag: "0f0fe3230fbd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 703

GET
H2 200 md5.js Show response
live.retteralarm.de/js/admin/RTfingerprint/ 6 KB
3 KB 16ms
15ms Script
application/x-javascript 51.116.154.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.retteralarm.de/js/admin/RTfingerprint/md5.js
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.116.154.224 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0b4cda3c6fefe7c2acafcda51a0db3580add2777e177c727d34a7e5edcafb70a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/admin/Users/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 08:46:40 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 09:29:02 GMT
server: Microsoft-IIS/10.0
etag: "0c3cd3130fbd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 2694

GET
H2 200 jquery.browser-fingerprint-1.1.js Show response
live.retteralarm.de/js/admin/RTfingerprint/ 3 KB
2 KB 16ms
15ms Script
application/x-javascript 51.116.154.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.retteralarm.de/js/admin/RTfingerprint/jquery.browser-fingerprint-1.1.js
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.116.154.224 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 235b2e9be12e40dd99240b9f5fdaeabeef510f8ed5a46eec01e029b488692de4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/admin/Users/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 08:46:40 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 09:29:02 GMT
server: Microsoft-IIS/10.0
etag: "0c3cd3130fbd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1724

GET
H2 200 login.js Show response
live.retteralarm.de/js/admin/users/ 1 KB
770 B 26ms
25ms Script
application/x-javascript 51.116.154.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.retteralarm.de/js/admin/users/login.js
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/admin/Users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.116.154.224 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8648fb61ffb193b7629d31b3321b42b34d249c0194ac05097f63571a4082787c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/admin/Users/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 08:46:40 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 09:29:02 GMT
server: Microsoft-IIS/10.0
etag: "0c3cd3130fbd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 727

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 62ms
23ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic

Requested by

Host: static.retteralarm.de
URL: https://static.retteralarm.de/static-css/AdminLTE.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b178280c0ae3bcd7e86e70ca283f1abfea6206506347cfe0c4f6c95540633d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.retteralarm.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 08:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 08:12:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 08:46:41 GMT

GET
H2 200 login-register.jpg
static.retteralarm.de/static/ 473 KB
473 KB 10ms
10ms Image
image/jpeg 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.retteralarm.de/static/login-register.jpg
Requested by: Host: live.retteralarm.de
URL: https://live.retteralarm.de/css/admin-login/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 708009e194ec52822177e58b8cedb5420a6acbb3e1d4d42053d39a7134747f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live.retteralarm.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 23 Nov 2022 08:46:41 GMT
last-modified: Thu, 24 Oct 2019 06:57:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7584F763C7354
x-azure-ref: 08d19YwAAAAANFKIoGLxmRIUCzH0N4f9aRlJBMjMxMDUwNDE3MDM1ADgwMDMzMDhmLWQwMTgtNDI5MC05ZjZhLWY4ODNkMmVhYTBmNg==
x-cache: TCP_HIT
content-type: image/jpeg
x-ms-request-id: 06dac1dd-601e-003b-57f9-fc7de9000000
x-ms-version: 2009-09-19
content-length: 484271

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 49ms
13ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://live.retteralarm.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:30:55 GMT
x-content-type-options: nosniff
age: 328546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 13:30:55 GMT

POST
H2 200 login_check Show response
live.retteralarm.de/Users/ 31 B
220 B 419ms
418ms XHR
text/html 51.116.154.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.retteralarm.de/Users/login_check
Requested by: Host: static.retteralarm.de
URL: https://static.retteralarm.de/static-js/jquery-2.2.3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.116.154.224 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.4.30, ASP.NET
Resource Hash: bd43bd626e52faed9cc659e2ee5a3d3785a4f4585b8f1e3e80f2f7d0338e2794

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://live.retteralarm.de/admin/Users/login
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 23 Nov 2022 08:46:42 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.4.30, ASP.NET
content-length: 149
vary: Accept-Encoding
content-type: text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
am.retteralarm.de/	1970-01-20 07:40:07	Name: CAKEPHP Value: tkohhibsbjsn49j1b7pippuq87
.am.retteralarm.de/	1969-12-31 23:59:59	Name: ARRAffinity Value: af7da318c1e5bf9dd9c30a4a8caeb251019e64cc76181a15dacb36a1273ad54a
.am.retteralarm.de/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: af7da318c1e5bf9dd9c30a4a8caeb251019e64cc76181a15dacb36a1273ad54a
live.retteralarm.de/	1970-01-20 07:40:07	Name: CAKEPHP Value: lk9roulslrambn1n8mdj72q56i
.live.retteralarm.de/	1969-12-31 23:59:59	Name: ARRAffinity Value: 77ea59c24ef19cbd5bb2fc844969d830dd901f9b434a2fd8768513e7fb2fa59a
.live.retteralarm.de/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 77ea59c24ef19cbd5bb2fc844969d830dd901f9b434a2fd8768513e7fb2fa59a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

am.retteralarm.de
fonts.googleapis.com
fonts.gstatic.com
live.retteralarm.de
static.retteralarm.de
2620:1ec:40::45
2a00:1450:4001:80f::200a
2a00:1450:4001:82f::2003
51.116.154.224
0b4cda3c6fefe7c2acafcda51a0db3580add2777e177c727d34a7e5edcafb70a
178ad9291cc73da421a3bfff62a88544efd55fbd5976c6b4ac85c3b9b64c0625
235b2e9be12e40dd99240b9f5fdaeabeef510f8ed5a46eec01e029b488692de4
2ad77478f8594e99701d9f5960d69da28aaa9cfaf724959fca6137e2db91f7c8
324e567d822f75119db0572e091a550f6110883a77b3e8ff87986694ee16b5f5
6081e5ab192226d10d4ccbb32070bd11f65a079467886afb905ee3b9440952e7
678e343638c3a3d92f8b5bae33df9161e4be7af3183d1d0fbb76c161e66fa2a9
708009e194ec52822177e58b8cedb5420a6acbb3e1d4d42053d39a7134747f47
7c0fb70034baecfb2ff67aefec6c4ae352289c6b83ec0f90f8468828e9f6293c
7d066c2f996b7f65f25c0e62529c9884d12c4609cffe5888edacc3c2fec67826
8648fb61ffb193b7629d31b3321b42b34d249c0194ac05097f63571a4082787c
a0a28d71883d6791d7feb6c8ba3ca3fb089994f4cf111a34ed78ae803a638c3b
a9c6da3ce95a2fe5b39596aee10274b43d99aa7b404fd7a67e52888daa15b0e4
b178280c0ae3bcd7e86e70ca283f1abfea6206506347cfe0c4f6c95540633d33
b417b23869733aa53bb4343206f26e5871edba04384dacc4d7c5ae10826eb1ec
b8f8d8cbfc236493f1e03fd41f2dca14713e9b5e36134ba595f5556a433ce3b7
bd43bd626e52faed9cc659e2ee5a3d3785a4f4585b8f1e3e80f2f7d0338e2794
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
fd4e36989302bb662963aa5612114b262b8500322ee2171ace464e1d56af12c4

live.retteralarm.de Open in urlscan Pro 51.116.154.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

75 %IPv6

3 Domains

5 Subdomains

4 IPs

2 Countries

633 kBTransfer

1002 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

6 Cookies

Indicators

live.retteralarm.de Open in urlscan Pro
51.116.154.224 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

633 kB
Transfer

1002 kB
Size

6
Cookies

19 HTTP transactions
0 data transactions