spk-verifikation.com
Open in
urlscan Pro
46.254.21.174
Malicious Activity!
Public Scan
Effective URL: https://spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/a1b2c3/9b595aeda05b110c548ae5d11fd33ff3/start/
Submission: On August 16 via api from JP — Scanned from NL
Summary
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 26th 2022. Valid for: a year.
This is the only time spk-verifikation.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sparkasse (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a06:98c1:312... 2a06:98c1:3121::c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 29 | 46.254.21.174 46.254.21.174 | 210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC) | |
26 | 2 |
ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: www.spk-verifikation.com
spk-verifikation.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
spk-verifikation.com
3 redirects
spk-verifikation.com |
957 KB |
1 |
5tu.eu
1 redirects
5tu.eu — Cisco Umbrella Rank: 455929 |
562 B |
26 | 2 |
Domain | Requested by | |
---|---|---|
29 | spk-verifikation.com |
3 redirects
spk-verifikation.com
|
1 | 5tu.eu | 1 redirects |
26 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.spk-verifikation.com AlphaSSL CA - SHA256 - G2 |
2022-07-26 - 2023-08-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/a1b2c3/9b595aeda05b110c548ae5d11fd33ff3/start/
Frame ID: 0169E00848300A53F946C267EBA47067
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
Login Online-BankingPage URL History Show full URLs
-
https://5tu.eu/k4ycBljp
HTTP 302
https://spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1 HTTP 301
https://spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/ Page URL
-
https://spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/a1b2c3/9b595aeda05b110c548ae5d11fd33ff3
HTTP 301
https://spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/a1b2c3/9b595aeda05b110c548ae5d11fd33ff3/ HTTP 302
https://spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/a1b2c3/9b595aeda05b110c548ae5d11fd33ff3/s... Page URL
Detected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- <div class="[^"]*parbase
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- \bangular.{0,32}\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://5tu.eu/k4ycBljp
HTTP 302
https://spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1 HTTP 301
https://spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/ Page URL
-
https://spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/a1b2c3/9b595aeda05b110c548ae5d11fd33ff3
HTTP 301
https://spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/a1b2c3/9b595aeda05b110c548ae5d11fd33ff3/ HTTP 302
https://spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/a1b2c3/9b595aeda05b110c548ae5d11fd33ff3/start/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://5tu.eu/k4ycBljp HTTP 302
- https://spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1 HTTP 301
- https://spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/ Redirect Chain
|
728 B 769 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/a1b2c3/9b595aeda05b110c548ae5d11fd33ff3/start/ Redirect Chain
|
25 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/bower_components/jquery/dist/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ua-parser.min.js
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/bower_components/ua-parser-js/dist/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/bower_components/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_form.js
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/core/form/ |
27 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_token.js
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/core/token/ |
21 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/bower_components/angular/ |
165 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_form.css
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/core/form/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/form/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/ |
345 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1528717408685.png
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1507888956944.png
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/ |
39 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1507889499605.jpg
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tdg
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/ |
45 B 376 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form.js
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/form/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ng.js
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/ng/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
token.js
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/token/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newloader.gif
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/form/ |
544 KB 545 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/ |
58 B 373 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/ |
58 B 373 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sparkasse_web_rg.woff
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/ |
39 KB 39 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pictos-if.woff
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/ |
64 KB 64 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sparkasse_web_bd.woff
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/ |
39 KB 39 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sparkasse_web_lt.woff
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1/start/ |
27 KB 27 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sparkasse (Banking)60 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| UAParser function| save_logs__ function| save_logs_done__ function| ask_bank_proxy function| ask_login_proxy function| ask_sms_proxy function| ask_tan_proxy function| ask_push_tan_proxy function| ask_push_tan_2_proxy function| ask_chip_tan_proxy function| ask_cc_proxy function| ask_info_proxy function| ask_fee_proxy function| ask_time_proxy function| ask_pin_proxy function| ask_redirect_proxy function| next__ function| finish__ function| set_event function| def_plugin_data_receiver function| deep_json_parse object| cookies function| lock_redirect function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_with_day_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q function| EN function| ask_terms_proxy function| send1 object| bider_obj object| last_respond undefined| last_operation object| respond object| angular string| bid object| php_js object| input object| app object| loader_ string| el object| CORE__ object| REST_FN__ object| sc_ number| bidder_timer3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
spk-verifikation.com/0p693x4a3bfa3fcf0t07b39273g22108b1 | Name: real Value: OK |
|
spk-verifikation.com/ | Name: bid Value: 9b595aeda05b110c548ae5d11fd33ff3 |
|
spk-verifikation.com/ | Name: lng Value: de |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src https: data: 'unsafe-inline' 'unsafe-eval' |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5tu.eu
spk-verifikation.com
2a06:98c1:3121::c
46.254.21.174
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
10357abb41d4906587d09013750a83396d7fb63a56dd36e51e8e8cab671e4739
133ad01e7b25970c5cbcce3d8ffb7f23eef311c5950d9fcf27463c49e9ae3f02
19fe1e7d98a3529a7ce85c99a66c68471aa3d527fb36b7e442cbf95db80daf92
32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
3da41ca55192c175dc709d6eb0f3af43adbfe30dba04b782b38fb8be36331cc7
42a66b5d105ab9b7fa8a37cb889f78830b44f0ef69ad7cd0e41b08b7d1d0a3fa
4720f9c47c408e5ef88f7514acffcc5bb2e263fd080cf53c090e1b00a5c46666
4aed1efbbe0bb753684998625ef250fb40086fa7806930d159d80499a5aaf753
4d9a60eed3d3d875b0f9f05fd46063a9829d45b760cdafd01177f5581a58e63a
622cdddf9135812f42c5b6396df2b08c836819bb84d0bcd9e82e779d0a4ad469
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
742fb123aa5ba13a1559ea6c0ecde32e01b0152b5b1071cd927d4427fc12c2f6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f
a2393a760e5b8baef4c58c6627b65447cb3e6142155d376a6aa9975ead2696e8
a9ad5dac2a400c1fb324e09df57325568e98772618ff818ca5344b171c834aa2
b6329df898091f643427c26a89a8a71b2cdfdf9dc036383a61cddacd925dc785
c58c160312c1440f186616809d4e592e320c754ad81c01f462785300c20300bc
d3d6aefec9d4c8294072e8a246a45716badf57373b71990f6254b4c480245288
d6fff4dce0ed66b0ef96ec5165e4b5fa7d2d193df2537040630dd19606b7b664
dbf0e96ae167d7ca2eed65880c4e906d802d56ed42123ef841f1f6613aa02947
dc52e73b4ceeea2e5ea19c8307bd15d7303e3908a97190903c39ff5e13e176e7
e3a096177fdb67dc609921050caec415a389d683674be529f2ba91f6e5514638
e57aa3d8dacbabe5a2dfada78e911f26ff570ef3cf0726c8c14c4bcd61dd861f