uniquedreamfighters.com Open in urlscan Pro
103.14.236.170 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html
Submission: On February 06 via automatic, source openphish (February 6th 2024, 2:05:37 am UTC) — Scanned from SG

Summary HTTP 18 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 103.14.236.170, located in Singapore and belongs to M1NET-SG-AP M1 NET LTD, SG. The main domain is uniquedreamfighters.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 4th 2024. Valid for: 3 months.

This is the only time uniquedreamfighters.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Immowelt (Real Estate)

Domain & IP information

	IP Address	AS Autonomous System
11	103.14.236.170 103.14.236.170	17547 (M1NET-SG-...) (M1NET-SG-AP M1 NET LTD)
7	173.223.86.221 173.223.86.221	16625 (AKAMAI-AS) (AKAMAI-AS)
18	2

11 103.14.236.170 (Singapore)

ASN17547 (M1NET-SG-AP M1 NET LTD, SG)
PTR: server1.xamasglobal.com

uniquedreamfighters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 173.223.86.221 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-86-221.deploy.static.akamaitechnologies.com

cdnglobal.immowelt.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	uniquedreamfighters.com uniquedreamfighters.com	408 KB
7	immowelt.org cdnglobal.immowelt.org — Cisco Umbrella Rank: 258410	9 KB
18	2

	Domain	Requested by
11	uniquedreamfighters.com	uniquedreamfighters.com
7	cdnglobal.immowelt.org	uniquedreamfighters.com
18	2

This site contains links to these domains. Also see Links.

Domain
www.immowelt.de
immowelt.de

Subject Issuer	Validity	Valid
uniquedreamfighters.com cPanel, Inc. Certification Authority	`2024-02-04` - `2024-05-04`	3 months	crt.sh
*.immowelt.org DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html
Frame ID: 8A1970DDF71D42C7E141423B838643F7
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | Immowelt

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

417 kB
Transfer

421 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.immowelt.de/

Search URL Search Domain Scan URL

URL: http://www.immowelt.de/

Search URL Search Domain Scan URL

URL: https://immowelt.de/zugangsdaten/passwort/vergessen?signin=target%3Dmeinbereich%26path%3D%252Fredirect%26agent%3DWEB
Title: Passwort vergessen?

Search URL Search Domain Scan URL

URL: http://immowelt.de/registrieren?signin=target%3Dmeinbereich%26path%3D%252Fredirect
Title: Jetzt kostenfrei registrieren

Search URL Search Domain Scan URL

URL: http://immowelt.de/immoweltag/datenschutz
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://www.immowelt.de/immoweltag/agb
Title: AGB

Search URL Search Domain Scan URL

URL: https://www.immowelt.de/immoweltag/datenschutz
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.immowelt.de/immoweltag/impressum
Title: Impressum

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.html Show response uniquedreamfighters.com/immo2/signin.immowelt.de/	10 KB 10 KB	37ms 6ms	Document text/html	103.14.236.170 M1NET-SG-AP M1 NE...
General Check archive.org Show headers Download Go to Full URL https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.14.236.170 , Singapore, ASN17547 (M1NET-SG-AP M1 NET LTD, SG), Reverse DNS server1.xamasglobal.com Software Apache / Resource Hash `0072a7581c974451bb34d2cb84566dca7fe85af903a6bf913b4fb81d4fc5cf28` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 10205 Content-Type text/html Date Tue, 06 Feb 2024 02:05:32 GMT Keep-Alive timeout=5, max=100 Last-Modified Tue, 23 Jan 2024 13:08:10 GMT Server Apache
GET H/1.1	200 OK	main-immowelt.css uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/	16 KB 16 KB	6ms 5ms	Stylesheet text/css	103.14.236.170 M1NET-SG-AP M1 NE...
General Check archive.org Show headers Download Go to Full URL https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.14.236.170 , Singapore, ASN17547 (M1NET-SG-AP M1 NET LTD, SG), Reverse DNS server1.xamasglobal.com Software Apache / Resource Hash `7ed2f70842e0d45280ac4926fdf7f4c2ac99b2bbe770b449b68de05203b62440` Request headers accept-language zh-SG,zh;q=0.9 Referer https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 02:05:32 GMT Last-Modified Thu, 06 Jul 2023 11:58:40 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 16583
GET H/1.1	200 OK	navigation.js Show response uniquedreamfighters.com/immo2/navigation.immowelt.org/v1/MINIMAL/0/	45 KB 45 KB	13ms 5ms	Script application/javascript	103.14.236.170 M1NET-SG-AP M1 NE...
General Check archive.org Show headers Download Go to Full URL https://uniquedreamfighters.com/immo2/navigation.immowelt.org/v1/MINIMAL/0/navigation.js Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.14.236.170 , Singapore, ASN17547 (M1NET-SG-AP M1 NET LTD, SG), Reverse DNS server1.xamasglobal.com Software Apache / Resource Hash `485fcb7db5c3ee1f69056394634c9d75eecf877b7b9cec7c0a2596ff35b80920` Request headers accept-language zh-SG,zh;q=0.9 Referer https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 02:05:32 GMT Last-Modified Fri, 07 Jul 2023 11:03:08 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 46056
GET H2	200	logo_immowelt_blank.svg cdnglobal.immowelt.org/global-assets/4.0.1/legacy/0/images/	4 KB 2 KB	275ms 39ms	Image image/svg+xml	173.223.86.221 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdnglobal.immowelt.org/global-assets/4.0.1/legacy/0/images/logo_immowelt_blank.svg Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.223.86.221 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-223-86-221.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash `23938eb4314413660e24c2a78dd20ae6bfeff839962ebea8ab2a19dee5ae226a` Request headers accept-language zh-SG,zh;q=0.9 Referer https://uniquedreamfighters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 02:05:32 GMT content-encoding br server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1707185132965_388559140_94726653_50_1206_34_0_219";dur=1 content-length 1450 last-modified Wed, 06 Dec 2023 18:23:17 GMT server Akamai Resource Optimizer etag "12a36ea277732f464361d90291ad3224:1584713245.070642" vary Accept-Encoding access-control-max-age 86400 content-type image/svg+xml access-control-allow-origin * access-control-allow-methods GET,POST cache-control max-age=5126369, max-age=8640000 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET H2	200	icon-teaser-magnify.svg cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/icons/icons-iw/	2 KB 1 KB	277ms 41ms	Image image/svg+xml	173.223.86.221 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/icons/icons-iw/icon-teaser-magnify.svg Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.223.86.221 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-223-86-221.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash `95b6af6df04ea28daee05d78c1de48f9b386294a6a87503b9eae94d3e8ceff70` Request headers accept-language zh-SG,zh;q=0.9 Referer https://uniquedreamfighters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 02:05:32 GMT content-encoding br server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1707185132965_388559140_94726651_72_1247_34_0_219";dur=1 content-length 841 last-modified Mon, 05 Feb 2024 13:34:29 GMT server Akamai Resource Optimizer etag "4b6938455aa3d71d0405b5a67e1d5e38:1697004585.387258" vary Accept-Encoding access-control-max-age 86400 content-type image/svg+xml access-control-allow-origin * access-control-allow-methods GET,POST cache-control max-age=5148198, max-age=8640000 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET H2	200	icon-teaser-arrows.svg cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/icons/icons-iw/	2 KB 1 KB	279ms 67ms	Image image/svg+xml	173.223.86.221 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/icons/icons-iw/icon-teaser-arrows.svg Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.223.86.221 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-223-86-221.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash `667e25b67585a8da45125ea470976ef8ae9df1b8c9413388b32fc7a45549b632` Request headers accept-language zh-SG,zh;q=0.9 Referer https://uniquedreamfighters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 02:05:32 GMT content-encoding br server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1707185132965_388559140_94726652_74_1232_34_0_219";dur=1 content-length 835 last-modified Mon, 05 Feb 2024 08:48:55 GMT server Akamai Resource Optimizer etag "c8551e0ed6f820f4be47c4ad37c67330:1697004585.382783" vary Accept-Encoding access-control-max-age 86400 content-type image/svg+xml access-control-allow-origin * access-control-allow-methods GET,POST cache-control max-age=5148198, max-age=8640000 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET H2	200	minimal-0-header.css cdnglobal.immowelt.org/navigation-ui/89bd584411c4c86d5e21fa94e5a5b50d5b120311/css/	1006 B 718 B	247ms 37ms	Stylesheet text/css	173.223.86.221 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdnglobal.immowelt.org/navigation-ui/89bd584411c4c86d5e21fa94e5a5b50d5b120311/css/minimal-0-header.css Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/navigation.immowelt.org/v1/MINIMAL/0/navigation.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.223.86.221 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-223-86-221.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash `8c643cf092aae00273e2163a89a756093f1a44bb79acefc0421f2d164806498a` Request headers accept-language zh-SG,zh;q=0.9 Referer https://uniquedreamfighters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 02:05:32 GMT content-encoding br server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1707185132922_388559140_94726647_31_1717_34_38_255";dur=1 content-length 292 last-modified Wed, 10 Jan 2024 14:30:38 GMT server Akamai Resource Optimizer etag "1c83ab44fb80e33960d085b8e11f163c:1704556668.056818" vary Accept-Encoding access-control-max-age 86400 content-type text/css access-control-allow-origin * access-control-allow-methods GET,POST cache-control max-age=4962111, max-age=8640000 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET H2	200	logo_immowelt.svg cdnglobal.immowelt.org/global-assets/4.3.0/legacy/0/images/	4 KB 2 KB	250ms 40ms	Image image/svg+xml	173.223.86.221 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdnglobal.immowelt.org/global-assets/4.3.0/legacy/0/images/logo_immowelt.svg Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.223.86.221 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-223-86-221.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash `23938eb4314413660e24c2a78dd20ae6bfeff839962ebea8ab2a19dee5ae226a` Request headers accept-language zh-SG,zh;q=0.9 Referer https://uniquedreamfighters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 02:05:32 GMT content-encoding br server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1707185132965_388559140_94726654_50_1208_34_0_146";dur=1 content-length 1450 last-modified Tue, 16 Jan 2024 03:23:48 GMT server Akamai Resource Optimizer etag "12a36ea277732f464361d90291ad3224:1616750426.02394" vary Accept-Encoding access-control-max-age 86400 content-type image/svg+xml access-control-allow-origin * access-control-allow-methods GET,POST cache-control max-age=4751889, max-age=8640000 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET H2	200	minimal-0-footer.css cdnglobal.immowelt.org/navigation-ui/89bd584411c4c86d5e21fa94e5a5b50d5b120311/css/	463 B 578 B	246ms 38ms	Stylesheet text/css	173.223.86.221 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdnglobal.immowelt.org/navigation-ui/89bd584411c4c86d5e21fa94e5a5b50d5b120311/css/minimal-0-footer.css Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/navigation.immowelt.org/v1/MINIMAL/0/navigation.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.223.86.221 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-223-86-221.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash `82f4ee0332972e2ff06e0a60eb98a465865e88e0fbd24ba2a03a4114dfe68fa0` Request headers accept-language zh-SG,zh;q=0.9 Referer https://uniquedreamfighters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 02:05:32 GMT content-encoding br server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1707185132962_388559140_94726648_31_1704_34_38_255";dur=1 content-length 151 last-modified Wed, 17 Jan 2024 09:41:09 GMT server Akamai Resource Optimizer etag "b2a529235bf5f9f985043c8cc9174af6:1705407845.782231" vary Accept-Encoding access-control-max-age 86400 content-type text/css access-control-allow-origin * access-control-allow-methods GET,POST cache-control max-age=4962111, max-age=8640000 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET H2	200	minimal-0-footer.js Show response cdnglobal.immowelt.org/navigation-ui/89bd584411c4c86d5e21fa94e5a5b50d5b120311/	2 KB 1 KB	39ms 36ms	Script application/x-javascript	173.223.86.221 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdnglobal.immowelt.org/navigation-ui/89bd584411c4c86d5e21fa94e5a5b50d5b120311/minimal-0-footer.js Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/navigation.immowelt.org/v1/MINIMAL/0/navigation.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.223.86.221 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-223-86-221.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash `000445d12d9235c469e3fe9caa91d2c44876bed1d97615912c927f0c56baa50b` Request headers accept-language zh-SG,zh;q=0.9 Referer https://uniquedreamfighters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 02:05:33 GMT content-encoding br server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1707185133004_388559140_94726665_20_1365_34_0_146";dur=1 content-length 945 last-modified Mon, 22 Jan 2024 04:40:10 GMT server Akamai Resource Optimizer etag "7c6a89b6e7fee833f81729fef45724d7:1705407845.75472" vary Accept-Encoding access-control-max-age 86400 content-type application/x-javascript access-control-allow-origin * access-control-allow-methods GET,POST cache-control max-age=4962110, max-age=8640000 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET H/1.1	200 OK	9c511efd92044f6f6dbf.svg uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/	748 B 993 B	8ms 5ms	Image image/svg+xml	103.14.236.170 M1NET-SG-AP M1 NE...
General Check archive.org Show headers Download Go to Show image Full URL https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/9c511efd92044f6f6dbf.svg Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.14.236.170 , Singapore, ASN17547 (M1NET-SG-AP M1 NET LTD, SG), Reverse DNS server1.xamasglobal.com Software Apache / Resource Hash `c9b195475a3f38e0828aded7ea31494e35f49052b44644f9718d4946e81c8f63` Request headers accept-language zh-SG,zh;q=0.9 Referer https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 02:05:32 GMT Last-Modified Thu, 06 Jul 2023 11:58:40 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 748
GET H/1.1	200 OK	5cdd20e6900e0ca47d80.svg uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/	801 B 1 KB	7ms 4ms	Image image/svg+xml	103.14.236.170 M1NET-SG-AP M1 NE...
General Check archive.org Show headers Download Go to Show image Full URL https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/5cdd20e6900e0ca47d80.svg Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.14.236.170 , Singapore, ASN17547 (M1NET-SG-AP M1 NET LTD, SG), Reverse DNS server1.xamasglobal.com Software Apache / Resource Hash `451770ba091160eee511e9e1ad0ec7681f8d1849614081afa350c8093e9828f2` Request headers accept-language zh-SG,zh;q=0.9 Referer https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 02:05:32 GMT Last-Modified Thu, 06 Jul 2023 11:58:40 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 801
GET H/1.1	200 OK	8fa38303f99cf0518547.svg uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/	2 KB 2 KB	33ms 7ms	Image image/svg+xml	103.14.236.170 M1NET-SG-AP M1 NE...
General Check archive.org Show headers Download Go to Show image Full URL https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/8fa38303f99cf0518547.svg Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.14.236.170 , Singapore, ASN17547 (M1NET-SG-AP M1 NET LTD, SG), Reverse DNS server1.xamasglobal.com Software Apache / Resource Hash `ff5a7ccafdf5655b806f5fc619bd47fb43e9858021a5d72e742dd5f647e8ffee` Request headers accept-language zh-SG,zh;q=0.9 Referer https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 02:05:32 GMT Last-Modified Thu, 06 Jul 2023 11:58:40 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1737
GET H/1.1	200 OK	864e5120f57decbc804c.jpg uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/	132 KB 132 KB	35ms 9ms	Image image/jpeg	103.14.236.170 M1NET-SG-AP M1 NE...
General Check archive.org Show headers Download Go to Show image Full URL https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/864e5120f57decbc804c.jpg Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.14.236.170 , Singapore, ASN17547 (M1NET-SG-AP M1 NET LTD, SG), Reverse DNS server1.xamasglobal.com Software Apache / Resource Hash `eee230b896f349558bb52c66ffe6d2428452a5f0de5860fc3ac57c3e161bfb5a` Request headers accept-language zh-SG,zh;q=0.9 Referer https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 02:05:32 GMT Last-Modified Thu, 06 Jul 2023 11:58:40 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 135408
GET H/1.1	200 OK	0c36eafde177ab546868.woff2 uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/	45 KB 45 KB	19ms 12ms	Font font/woff2	103.14.236.170 M1NET-SG-AP M1 NE...
General Check archive.org Show headers Download Go to Full URL https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/0c36eafde177ab546868.woff2 Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.14.236.170 , Singapore, ASN17547 (M1NET-SG-AP M1 NET LTD, SG), Reverse DNS server1.xamasglobal.com Software Apache / Resource Hash `1e2ca939c8ea6e474d75968c821c6b0e9a7d326dab593bb97478012372b20617` Request headers Referer https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css Origin https://uniquedreamfighters.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 02:05:32 GMT Last-Modified Thu, 06 Jul 2023 11:58:40 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 45900
GET H/1.1	200 OK	967e123ad65de8c5d5c4.woff2 uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/	46 KB 46 KB	12ms 5ms	Font font/woff2	103.14.236.170 M1NET-SG-AP M1 NE...
General Check archive.org Show headers Download Go to Full URL https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/967e123ad65de8c5d5c4.woff2 Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.14.236.170 , Singapore, ASN17547 (M1NET-SG-AP M1 NET LTD, SG), Reverse DNS server1.xamasglobal.com Software Apache / Resource Hash `4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3` Request headers Referer https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css Origin https://uniquedreamfighters.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 02:05:32 GMT Last-Modified Thu, 06 Jul 2023 11:58:40 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 47016
GET H/1.1	200 OK	1a12317389afca44fc29.woff2 uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/	46 KB 46 KB	15ms 8ms	Font font/woff2	103.14.236.170 M1NET-SG-AP M1 NE...
General Check archive.org Show headers Download Go to Full URL https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/1a12317389afca44fc29.woff2 Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.14.236.170 , Singapore, ASN17547 (M1NET-SG-AP M1 NET LTD, SG), Reverse DNS server1.xamasglobal.com Software Apache / Resource Hash `c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f` Request headers Referer https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css Origin https://uniquedreamfighters.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 02:05:32 GMT Last-Modified Thu, 06 Jul 2023 11:58:40 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 46676
GET H/1.1	200 OK	fb9fdde61d631c58d46c.woff2 uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/	62 KB 62 KB	16ms 8ms	Font font/woff2	103.14.236.170 M1NET-SG-AP M1 NE...
General Check archive.org Show headers Download Go to Full URL https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/fb9fdde61d631c58d46c.woff2 Requested by Host: uniquedreamfighters.com URL: https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.14.236.170 , Singapore, ASN17547 (M1NET-SG-AP M1 NET LTD, SG), Reverse DNS server1.xamasglobal.com Software Apache / Resource Hash `df0231affb521137bf135898b6ce4c2ce59a79e3e23068a673868366c7ac68bb` Request headers Referer https://uniquedreamfighters.com/immo2/cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/main-immowelt.css Origin https://uniquedreamfighters.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 02:05:32 GMT Last-Modified Thu, 06 Jul 2023 11:58:40 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 63728

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Immowelt (Real Estate)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| navigationUI function| __CE_installPolyfill

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html Message: Mixed Content: The page at 'https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html' was loaded over HTTPS, but requested an insecure element 'http://cdnglobal.immowelt.org/global-assets/4.0.1/legacy/0/images/logo_immowelt_blank.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html Message: Mixed Content: The page at 'https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html' was loaded over HTTPS, but requested an insecure element 'http://cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/icons/icons-iw/icon-teaser-magnify.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html Message: Mixed Content: The page at 'https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html' was loaded over HTTPS, but requested an insecure element 'http://cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/icons/icons-iw/icon-teaser-arrows.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html(Line 187) Message: Mixed Content: The page at 'https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html' was loaded over HTTPS, but requested an insecure element 'http://cdnglobal.immowelt.org/global-assets/4.0.1/legacy/0/images/logo_immowelt_blank.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html(Line 225) Message: Mixed Content: The page at 'https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html' was loaded over HTTPS, but requested an insecure element 'http://cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/icons/icons-iw/icon-teaser-magnify.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html(Line 225) Message: Mixed Content: The page at 'https://uniquedreamfighters.com/immo2/signin.immowelt.de/index.html' was loaded over HTTPS, but requested an insecure element 'http://cdnglobal.immowelt.org/signin-ui/4ea57237727ccb2940892364908fb740108ad38f/images/icons/icons-iw/icon-teaser-arrows.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnglobal.immowelt.org
uniquedreamfighters.com
103.14.236.170
173.223.86.221
000445d12d9235c469e3fe9caa91d2c44876bed1d97615912c927f0c56baa50b
0072a7581c974451bb34d2cb84566dca7fe85af903a6bf913b4fb81d4fc5cf28
1e2ca939c8ea6e474d75968c821c6b0e9a7d326dab593bb97478012372b20617
23938eb4314413660e24c2a78dd20ae6bfeff839962ebea8ab2a19dee5ae226a
451770ba091160eee511e9e1ad0ec7681f8d1849614081afa350c8093e9828f2
485fcb7db5c3ee1f69056394634c9d75eecf877b7b9cec7c0a2596ff35b80920
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
667e25b67585a8da45125ea470976ef8ae9df1b8c9413388b32fc7a45549b632
7ed2f70842e0d45280ac4926fdf7f4c2ac99b2bbe770b449b68de05203b62440
82f4ee0332972e2ff06e0a60eb98a465865e88e0fbd24ba2a03a4114dfe68fa0
8c643cf092aae00273e2163a89a756093f1a44bb79acefc0421f2d164806498a
95b6af6df04ea28daee05d78c1de48f9b386294a6a87503b9eae94d3e8ceff70
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
c9b195475a3f38e0828aded7ea31494e35f49052b44644f9718d4946e81c8f63
df0231affb521137bf135898b6ce4c2ce59a79e3e23068a673868366c7ac68bb
eee230b896f349558bb52c66ffe6d2428452a5f0de5860fc3ac57c3e161bfb5a
ff5a7ccafdf5655b806f5fc619bd47fb43e9858021a5d72e742dd5f647e8ffee

uniquedreamfighters.com Open in urlscan Pro 103.14.236.170 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

417 kBTransfer

421 kBSize

0 Cookies

8 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

6 Console Messages

Indicators

uniquedreamfighters.com Open in urlscan Pro
103.14.236.170 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

417 kB
Transfer

421 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!