de-sparkasse-datenabnahme.xyz Open in urlscan Pro
2606:4700:3034::6815:28a8 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://daytoyear.com/wzufgweiurtweidghiweufhzuwehfiuwegr.php
Effective URL:
https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY
Submission: On April 19 via api (April 19th 2024, 11:37:26 am UTC) from HU — Scanned from DE

Summary HTTP 17 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3034::6815:28a8, located in United States and belongs to CLOUDFLARENET, US. The main domain is de-sparkasse-datenabnahme.xyz.
TLS certificate: Issued by GTS CA 1P5 on March 8th 2024. Valid for: 3 months.

This is the only time de-sparkasse-datenabnahme.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	209.145.49.186 209.145.49.186	40021 (NL-811-40021) (NL-811-40021)
1 1	172.67.196.63 172.67.196.63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:303... 2606:4700:3034::6815:28a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	172.67.187.115 172.67.187.115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2

1 209.145.49.186 (United States) 1 redirects

ASN40021 (NL-811-40021, US)
PTR: server22.swiftlyserver.com

daytoyear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.196.63 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wedlegal.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:28a8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

de-sparkasse-datenabnahme.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.67.187.115 (United States)

ASN13335 (CLOUDFLARENET, US)

de-sparkasse-datenabnahme.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	de-sparkasse-datenabnahme.xyz 1 redirects de-sparkasse-datenabnahme.xyz	891 KB
1	wedlegal.xyz 1 redirects wedlegal.xyz	509 B
1	daytoyear.com 1 redirects daytoyear.com	267 B
17	3

	Domain	Requested by
18	de-sparkasse-datenabnahme.xyz	1 redirects de-sparkasse-datenabnahme.xyz
1	wedlegal.xyz	1 redirects
1	daytoyear.com	1 redirects
17	3

This site contains links to these domains. Also see Links.

Domain
module.foerde-sparkasse.de
blog.foerde-sparkasse.de
www.facebook.com
twitter.com
www.youtube.com
www.xing.com
www.tiktok.com
termin.foerde-sparkasse.de
www.studiale.de
www.sparkassen-shop.de

Subject Issuer	Validity	Valid
de-sparkasse-datenabnahme.xyz GTS CA 1P5	`2024-03-08` - `2024-06-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY
Frame ID: 40B2830A1AEE807CDA405022C02265E2
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Online-Banking | Sparkasse

Page URL History Show full URLs

https://daytoyear.com/wzufgweiurtweidghiweufhzuwehfiuwegr.php HTTP 302
https://wedlegal.xyz/zentra HTTP 307
https://de-sparkasse-datenabnahme.xyz/?s=u6hyo295ldt7eroyps1mgt6zjpvaukfs HTTP 302
https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBf... Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*parbase

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

17
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

891 kB
Transfer

3060 kB
Size

1
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://module.foerde-sparkasse.de/de/home/ihre-sparkasse/podcast.html?n=true&stref=hnav
Title: Podcast

Search URL Search Domain Scan URL

URL: https://blog.foerde-sparkasse.de/
Title: Ihre Sparkasse hautnahBlog der Sparkasse

Search URL Search Domain Scan URL

URL: https://www.facebook.com/foerdesparkasse
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/foerdesparkasse
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcKZYqFLnRp9bmhEPbkytXA
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.xing.com/company/foerdesparkasse
Title: Xing

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@foerdesparkasse
Title: TikTok

Search URL Search Domain Scan URL

URL: http://termin.foerde-sparkasse.de/
Title: Beratungstermin vereinbaren

Search URL Search Domain Scan URL

URL: https://www.studiale.de/
Title: Studiale

Search URL Search Domain Scan URL

URL: https://www.sparkassen-shop.de/foerde-sparkasse/?_ga=2.141694002.1491539779.1620378309-163821152.1620378309
Title: Sparkassen-Shop

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://daytoyear.com/wzufgweiurtweidghiweufhzuwehfiuwegr.php HTTP 302
https://wedlegal.xyz/zentra HTTP 307
https://de-sparkasse-datenabnahme.xyz/?s=u6hyo295ldt7eroyps1mgt6zjpvaukfs HTTP 302
https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request anmeldung.php Show response de-sparkasse-datenabnahme.xyz/ Redirect Chain https://daytoyear.com/wzufgweiurtweidghiweufhzuwehfiuwegr.php https://wedlegal.xyz/zentra https://de-sparkasse-datenabnahme.xyz/?s=u6hyo295ldt7eroyps1mgt6zjpvaukfs https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY	60 KB 9 KB	274ms 273ms	Document text/html	2606:4700:3034::6815:28a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:28a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `85ab3462e1b68b508a597e80ad0e5b8c9106b460978e5e9e259ddb8a554743ad` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 876c9a27682c0408-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 19 Apr 2024 11:37:21 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dd793Eov3%2B5vLmZ6xhiWMuobG%2B6LAHBUEyAwx5qbyNiiDczWf%2BiiBKKCdV18UXVnKT2uUwqajGHZHNzAGlaXjSIPlKma834qXZwEv4URe%2FiszkwE0m14K072XD7rms17%2BCeElA8Jz7IpUKiQOUyd4efzRaEl%2BXBpZgbuZQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 876c9a263f030408-FRA content-type text/html; charset=UTF-8 date Fri, 19 Apr 2024 11:37:21 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHoXFYYngDiD4HBHDEvBk7K61f3xwr%2F3nqVcgdQZLDSO0nb8OEflyss2R9mx3Sd9ijr3BUKwz5VH2xmLqzIsxarlhyvRWds7q1tcU%2BRUZzjQ87ZZnrz1EyGBCyOJNeVV4rpHXndBUzPYG03rf7oPtFpOoM0IRI4vhDWd4w%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css de-sparkasse-datenabnahme.xyz/src/	2 MB 185 KB	342ms 342ms	Stylesheet text/css	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-datenabnahme.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Requested by Host: de-sparkasse-datenabnahme.xyz URL: https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7bff2bf5fb283195a323aa0994f605e0710397955f82d54d8f4993993a5037d5` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:22 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1be7e3-5ee86a90893cb-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z3sdbyp4W0YhwacTIxi%2BbtttH9zCfJdrQ8CdXnLumu5KCBpZ1jrFUREHSY1u%2FMD9cNAPR8YctFn8%2BiduGzlFbDoR8as%2F0vuSXC%2BW65ROt7kPb7YZbwLzg%2FxL9awIjlI3gmLhxQu4Oa%2BkvN2oL3A7Ig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 876c9a2919eb0408-FRA alt-svc h3=":443"; ma=86400
GET H3	200	internetfiliale.min.007ac3aaa8c7e77660499b0a77898638.js Show response de-sparkasse-datenabnahme.xyz/src/	612 KB 153 KB	494ms 493ms	Script application/javascript	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-datenabnahme.xyz/src/internetfiliale.min.007ac3aaa8c7e77660499b0a77898638.js Requested by Host: de-sparkasse-datenabnahme.xyz URL: https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7771efb0493be3b72af4f72309fbcd3fc797ff5cb68411000809afb7906c2aa2` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:22 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"98f9e-5ee86a908842a-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ROZlf5rSgHI4hpQL05lJinU7czgQvAworjw%2BIbxvtMwCkoBkx%2B1n%2BmOOTmgwOAM3R2926kskkG%2BT%2BrUL93z%2B0Ss0w%2F%2B0oNt1I%2BslJKOMyUKXnjQj5JBNJABTXxeB0VezjL31EqO699pqWPUPK1VU8A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 876c9a2919ee0408-FRA alt-svc h3=":443"; ma=86400
GET H3	200	logo_ini.svg de-sparkasse-datenabnahme.xyz/src/	22 KB 9 KB	248ms 248ms	Image image/svg+xml	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://de-sparkasse-datenabnahme.xyz/src/logo_ini.svg Requested by Host: de-sparkasse-datenabnahme.xyz URL: https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:22 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"58be-5ee86a908a36b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ouLPBc8FIolIdr8hMlj2ZGBfHaFZJ3uRPscl6k12RIigPNXkmsF1gaHfewLz4UmKIqOpYpmkBgd%2FonU006qc5U%2FIV64jU%2Fy1Yrzde%2B5pTGRY4kjM8KqA8VdA08gEtAua9bU9QeToAZCkbS2eXyT8oQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 876c9a2919f00408-FRA alt-svc h3=":443"; ma=86400
GET H3	200	Bildmarke_S-Sparkasse_72px.svg de-sparkasse-datenabnahme.xyz/src/	976 B 904 B	185ms 185ms	Image image/svg+xml	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://de-sparkasse-datenabnahme.xyz/src/Bildmarke_S-Sparkasse_72px.svg Requested by Host: de-sparkasse-datenabnahme.xyz URL: https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:22 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3d0-5ee86a90864ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h0n61tTwNg5CX41pXr%2FlieEztytNMjSXL7%2BHNr4ROn80dbY%2BrHBt%2BeBsDqIDR%2Fk7Po%2BrhEY78V8yuY2Exm7qd5KAb3GYxxS45H%2BLpKX8l8cYJyXdvOkrNFG%2F9%2F9fr7mopCjmm8H6OtxManGv%2FIVATw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 876c9a2919f10408-FRA alt-svc h3=":443"; ma=86400
GET H3	200	1624599692487.png de-sparkasse-datenabnahme.xyz/src/	81 KB 82 KB	344ms 343ms	Image image/png	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://de-sparkasse-datenabnahme.xyz/src/1624599692487.png Requested by Host: de-sparkasse-datenabnahme.xyz URL: https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `56e9434317dee79ec08a0e26b77be2e4188fafa982f1e9b91d3103574f131b60` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:22 GMT cf-cache-status REVALIDATED last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "145f5-5ee86a90864ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tb9CAglfpIxQc1jxgVaEDbzwe9BjEyKBQMD1UifF7tPE%2BB3JTsbnoE204bjnDiLaW7B%2BYMrXCMSiAlK3IHCFbzIrdiWftYLxULzF%2BoTnhe0wnaWzPtOA%2F9YMwLm4kBUYFeCMGoUse54nKm%2FjxKeylw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 876c9a2a4b350408-FRA alt-svc h3=":443"; ma=86400 content-length 83445
GET H3	200	1559285204680.jpg de-sparkasse-datenabnahme.xyz/src/	49 KB 49 KB	283ms 283ms	Image image/jpeg	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://de-sparkasse-datenabnahme.xyz/src/1559285204680.jpg Requested by Host: de-sparkasse-datenabnahme.xyz URL: https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0953b37758ea0fe97892f833b84425dce3e3dee6419374cf439c373b0a159f2e` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:22 GMT cf-cache-status MISS last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "c3f7-5ee86a90864ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gcVKjqoGbftqePt8zPdJd2zNEe%2FredOrFYikJEECWbW9Bfqhn3WevrdxUkLTFS3aOc9JzZrnI9kiLbADeZiM9Fdt%2FZqJdHEgDxT48ElKRUPYGXJR7qqjTszLBN5EArjn5JXcJwO9khcDNWyHi3mzVQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 876c9a2aabb00408-FRA alt-svc h3=":443"; ma=86400 content-length 50167
GET H3	200	tdg de-sparkasse-datenabnahme.xyz/src/	45 B 492 B	175ms 175ms	Image image/gif	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://de-sparkasse-datenabnahme.xyz/src/tdg Requested by Host: de-sparkasse-datenabnahme.xyz URL: https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:22 GMT cf-cache-status DYNAMIC last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2d-5ee86a909206b" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAzbAmZN1OLz3FhjdCwxX9diIUwEf5EkGb0eKEUBt98d8%2B8xbx6BwvFpjH3w68lGa6H%2FIOtM%2FwhjryZEpEYJmG6sOeJIn577WLVI%2BPZ%2BlF2QOG7AhYYHVNROhfWW8BE%2Bdz5etFF%2Fxt9n9Q6%2BiMbEeg%3D%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 876c9a2cbdd90408-FRA alt-svc h3=":443"; ma=86400 content-length 45
GET H3	200	universal_analytics.min.fce01e1aa1583405fd3c179639d0bd13.js Show response de-sparkasse-datenabnahme.xyz/src/	77 KB 28 KB	263ms 263ms	Script application/javascript	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-datenabnahme.xyz/src/universal_analytics.min.fce01e1aa1583405fd3c179639d0bd13.js Requested by Host: de-sparkasse-datenabnahme.xyz URL: https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a9ef9d42dab6b5e3172ec15be7fa5605792b9cd28055eaa9efc29c91eb789da6` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:22 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"13358-5ee86a909206b-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VbAaVIVjri2qbijihKvGr5qT223BQ9xz3wz06XZLz1Cv9mES0VGn63LykfxZ9w7fLFUolk0YMIIvtubpCDMaz7T1Z%2BvsinDtpk9m0QQtNkKYV05s%2Bs3edbSeJ3PvcBZTEY8OT6EStEX9oMwnmLH7iw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 876c9a2c9db40408-FRA alt-svc h3=":443"; ma=86400
GET H3	200	Sparkasse_web_Rg.woff de-sparkasse-datenabnahme.xyz/src/fonts/	41 KB 41 KB	193ms 192ms	Font font/woff	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-datenabnahme.xyz/src/fonts/Sparkasse_web_Rg.woff Requested by Host: de-sparkasse-datenabnahme.xyz URL: https://de-sparkasse-datenabnahme.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451` Request headers Referer https://de-sparkasse-datenabnahme.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://de-sparkasse-datenabnahme.xyz Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:22 GMT cf-cache-status REVALIDATED last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "a200-5ee86a90864ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cDj%2FiEBVgR8poZIOjB9ZDntCwMzVC%2Br0v5cXvQOBH%2FxE9jUSBypRqmRZxlQfKZ7ExPYExVYLhEHwY0wP%2FSZqd4HJhlFjZ%2BiaYIpZQRMzFrBuipJOQgeeuXn9EUOqlh2mU6tsgZaIgHAd0WDkIbmhaQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 876c9a2cddfc0408-FRA alt-svc h3=":443"; ma=86400 content-length 41472
GET H3	200	pictos-if.woff de-sparkasse-datenabnahme.xyz/src/fonts/	204 KB 205 KB	297ms 296ms	Font font/woff	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-datenabnahme.xyz/src/fonts/pictos-if.woff Requested by Host: de-sparkasse-datenabnahme.xyz URL: https://de-sparkasse-datenabnahme.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ee88f0851598c363b9b465dd2606efb934c3357aaed3274d0f4a2e6d40b86951` Request headers Referer https://de-sparkasse-datenabnahme.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://de-sparkasse-datenabnahme.xyz Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:22 GMT cf-cache-status MISS last-modified Sat, 31 Dec 2022 12:44:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3309c-5f11f12d8c3a8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VQX8n97VVBwtUcn9l7mWC3b0X9VZRxCAZ1WZGhPf5YAyowsHEX3Z0JXATT%2BiBHEGBTdsUzviSKj7t2vytEIxJuI%2Buv5u6aXXUYUSa74fbhJHzv41YXuYcgN6IAnndS4ls9AYsu4T8kCNpYmBydLGxQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 876c9a2cddfe0408-FRA alt-svc h3=":443"; ma=86400 content-length 209052
GET H3	200	Sparkasse_web_Md.woff de-sparkasse-datenabnahme.xyz/src/fonts/	30 KB 31 KB	186ms 185ms	Font font/woff	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-datenabnahme.xyz/src/fonts/Sparkasse_web_Md.woff Requested by Host: de-sparkasse-datenabnahme.xyz URL: https://de-sparkasse-datenabnahme.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `67284df54731fccb0b3c039cbeaab3474c057c5bc95accad964b13ef86eb1c8d` Request headers Referer https://de-sparkasse-datenabnahme.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://de-sparkasse-datenabnahme.xyz Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:22 GMT cf-cache-status REVALIDATED last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "7928-5ee86a90864ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbaOr4hPN5pf4N2nZ%2B%2B4tk3SmkXz07jLyDzInRn0C4tUxsQBvuTtShm5mxsrhvoDIoLyna7s9kHXIoh7B4hjVbC8d0Gr6KObHGh%2FSxjNPZ7xvecaf%2Be7%2FlZ7Y2UbWC%2FCp3e4ssJlxD2Z1irkBZ0f4Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 876c9a2cde000408-FRA alt-svc h3=":443"; ma=86400 content-length 31016
GET H3	200	SparkasseHead_web_Rg.woff de-sparkasse-datenabnahme.xyz/src/fonts/	29 KB 30 KB	202ms 201ms	Font font/woff	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-datenabnahme.xyz/src/fonts/SparkasseHead_web_Rg.woff Requested by Host: de-sparkasse-datenabnahme.xyz URL: https://de-sparkasse-datenabnahme.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86` Request headers Referer https://de-sparkasse-datenabnahme.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://de-sparkasse-datenabnahme.xyz Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:22 GMT cf-cache-status REVALIDATED last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "7550-5ee86a90864ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ed0%2FaM58bTHcwiF0t45weXepDg2JVKwdK0CI1C3EfrX1GwOrj%2FxwZ76iR5ovI1KonQIlNdU1CxQOAOB43od7Rxd8gqQLgEjhWjvZ3IvLRgonafEAA5Zc6%2BjI4NpU3w9CzLjAQsxHEu85dMMm%2BS0i4g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 876c9a2cde010408-FRA alt-svc h3=":443"; ma=86400 content-length 30032
GET H3	200	Sparkasse_web_Lt.woff de-sparkasse-datenabnahme.xyz/src/fonts/	30 KB 30 KB	183ms 182ms	Font font/woff	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-datenabnahme.xyz/src/fonts/Sparkasse_web_Lt.woff Requested by Host: de-sparkasse-datenabnahme.xyz URL: https://de-sparkasse-datenabnahme.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `25dd114c2f885924740de83597589835df1a394b84b1cf687585790462f95042` Request headers Referer https://de-sparkasse-datenabnahme.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://de-sparkasse-datenabnahme.xyz Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:22 GMT cf-cache-status REVALIDATED last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "77cc-5ee86a90864ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lo%2BtelW67dZp5eKtLk9lz7Jl7LuUhIimwWITGXtU6sYlMoKPY5WLkUtpYQwDqF%2FutlzCWtYcC5UdacqV8yBUCygL8m8nrQl0St7SqM6rXDKl0MyTKFb7%2BmHA8scBEfUSkoTZ019leEjhLNmvPFI4mw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 876c9a2cde050408-FRA alt-svc h3=":443"; ma=86400 content-length 30668
GET H3	200	Sparkasse_web_Bd.woff de-sparkasse-datenabnahme.xyz/src/fonts/	36 KB 37 KB	183ms 183ms	Font font/woff	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-datenabnahme.xyz/src/fonts/Sparkasse_web_Bd.woff Requested by Host: de-sparkasse-datenabnahme.xyz URL: https://de-sparkasse-datenabnahme.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002` Request headers Referer https://de-sparkasse-datenabnahme.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://de-sparkasse-datenabnahme.xyz Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:22 GMT cf-cache-status REVALIDATED last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "901c-5ee86a90864ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAVGi3Duw2gq1Av5Cbk%2FcOb18b2nxHOK1RDvYZ%2FJogr58e8EEkw1izU97zrZ%2BhQAGEHo28iSqRqzJa2tgf%2BF%2BBxDDzp9DYfB149LKuU9OVePYVwP0KSJbK0%2Fg8YVqA80FzQB5zIFPOGUruZRAPiUdA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 876c9a2cde080408-FRA alt-svc h3=":443"; ma=86400 content-length 36892
GET H3	200	favicon1x.ico de-sparkasse-datenabnahme.xyz/src/	1 KB 693 B	176ms 175ms	Other image/vnd.microsoft.icon	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-datenabnahme.xyz/src/favicon1x.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2b09bfaae201b4b85471fc79e4890ed850374b3751f3dbda255092b1740c4737` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:23 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"47e-5ee86a90864ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WqFORNiVwYNXeXDHztlVAqCl4rJDkUL7JceV8ULrTLDZvHHLhG6XwsKKzF3aRApbpT6iVoLsGnfHL2Mdxeoz444ZV1p6dehNleR5AFFHCUhEZv2Yq32zKMLaMVsEWZ%2FVAhEicfitcJjsxT0nBDTUVw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon cache-control max-age=14400 cf-ray 876c9a2f586b0408-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon2x.png de-sparkasse-datenabnahme.xyz/src/	298 B 778 B	174ms 174ms	Other image/png	172.67.187.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-datenabnahme.xyz/src/favicon2x.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.187.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d57403a697fb7d9e5090e8958be0325c4ae6d09b72f6d67b9e2a666e6c6be335` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://de-sparkasse-datenabnahme.xyz/anmeldung.php?starten=0PNQIqGpU61Ck9zyHWcsTuB5Z7Vot4&shufflUri?=o9DOw82gdnBfNLk6uApY User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 19 Apr 2024 11:37:23 GMT cf-cache-status REVALIDATED last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "12a-5ee86a90864ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y9%2F%2FXBcyY3R7bcOg8w2ygBEojIfz3GM17zgRDj537hpsspni2%2FbFyybbPzkSJVxiHquGfEa7KVG1t0Q4%2FCCWTCHwMtHQKkhzqD4ifTg%2BW9eSurj49l1%2Brubnpyq5AlHUftydwo9Sb%2BluZeqs8X%2BT3A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 876c9a3079a40408-FRA alt-svc h3=":443"; ma=86400 content-length 298

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			de-sparkasse-datenabnahme.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: frqv08ctd9kjr9j076hpibjnmd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

daytoyear.com
de-sparkasse-datenabnahme.xyz
wedlegal.xyz
172.67.187.115
172.67.196.63
209.145.49.186
2606:4700:3034::6815:28a8
0953b37758ea0fe97892f833b84425dce3e3dee6419374cf439c373b0a159f2e
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
25dd114c2f885924740de83597589835df1a394b84b1cf687585790462f95042
2b09bfaae201b4b85471fc79e4890ed850374b3751f3dbda255092b1740c4737
2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a
56e9434317dee79ec08a0e26b77be2e4188fafa982f1e9b91d3103574f131b60
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
67284df54731fccb0b3c039cbeaab3474c057c5bc95accad964b13ef86eb1c8d
7771efb0493be3b72af4f72309fbcd3fc797ff5cb68411000809afb7906c2aa2
7bff2bf5fb283195a323aa0994f605e0710397955f82d54d8f4993993a5037d5
85ab3462e1b68b508a597e80ad0e5b8c9106b460978e5e9e259ddb8a554743ad
a9ef9d42dab6b5e3172ec15be7fa5605792b9cd28055eaa9efc29c91eb789da6
d57403a697fb7d9e5090e8958be0325c4ae6d09b72f6d67b9e2a666e6c6be335
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86
ee88f0851598c363b9b465dd2606efb934c3357aaed3274d0f4a2e6d40b86951
f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35

de-sparkasse-datenabnahme.xyz Open in urlscan Pro 2606:4700:3034::6815:28a8 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

25 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

891 kBTransfer

3060 kBSize

1 Cookies

10 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

33 JavaScript Global Variables

1 Cookies

Indicators

de-sparkasse-datenabnahme.xyz Open in urlscan Pro
2606:4700:3034::6815:28a8 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

891 kB
Transfer

3060 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!