meinesparksse-bereich.buzz
Open in
urlscan Pro
169.239.128.115
Malicious Activity!
Public Scan
URL:
https://meinesparksse-bereich.buzz/Sparkasse/sign.php
Submission: On March 25 via api from US — Scanned from US
Submission: On March 25 via api from US — Scanned from US
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 12 HTTP transactions.
The main IP is 169.239.128.115, located in
Johannesburg, South Africa and
belongs to ZAPPIE-HOST-AS Zappie Host, US.
The main domain is meinesparksse-bereich.buzz.
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.
This is the only time meinesparksse-bereich.buzz was scanned on urlscan.io!
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.
This is the only time meinesparksse-bereich.buzz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sparkasse (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 12 | 169.239.128.115 169.239.128.115 | 61138 (ZAPPIE-HO...) (ZAPPIE-HOST-AS Zappie Host) | |
| 12 | 1 |
12
169.239.128.115
(Johannesburg, South Africa)
ASN61138 (ZAPPIE-HOST-AS Zappie Host, US)
PTR: rns.za.zappiehost.com
ASN61138 (ZAPPIE-HOST-AS Zappie Host, US)
PTR: rns.za.zappiehost.com
| meinesparksse-bereich.buzz |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
meinesparksse-bereich.buzz
meinesparksse-bereich.buzz |
585 KB |
| 12 | 1 |
| Domain | Requested by | |
|---|---|---|
| 12 | meinesparksse-bereich.buzz |
meinesparksse-bereich.buzz
|
| 12 | 1 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| meinesparksse-bereich.buzz R3 |
2024-03-22 - 2024-06-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://meinesparksse-bereich.buzz/Sparkasse/sign.php
Frame ID: CB08FE8C44E7DAD4C343416A0BA14066
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
Login Online-BankingDetected technologies
Adobe Experience Manager
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <div class="[^"]*parbase
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
sign.php
meinesparksse-bereich.buzz/Sparkasse/ |
56 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
internetfiliale.min.b47b251af0dec64063da2ab15b555e99.css
meinesparksse-bereich.buzz/Sparkasse/assets/ |
3 MB 258 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sparkasse.PNG
meinesparksse-bereich.buzz/Sparkasse/assets/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
spk-logo-druck.png
meinesparksse-bereich.buzz/Sparkasse/assets/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo_rot.svg
meinesparksse-bereich.buzz/Sparkasse/assets/ |
289 B 289 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Bildmarke_S-Sparkasse_72px.svg
meinesparksse-bereich.buzz/Sparkasse/assets/ |
976 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tdg
meinesparksse-bereich.buzz/Sparkasse/assets/ |
45 B 303 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Sparkasse_web_Rg.woff
meinesparksse-bereich.buzz/Sparkasse/assets/ |
24 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pictos-if.woff
meinesparksse-bereich.buzz/Sparkasse/assets/ |
205 KB 206 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Sparkasse_web_Md.woff
meinesparksse-bereich.buzz/Sparkasse/assets/ |
25 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SparkasseHead_web_Rg.woff
meinesparksse-bereich.buzz/Sparkasse/assets/ |
25 KB 26 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Sparkasse_web_Lt.woff
meinesparksse-bereich.buzz/Sparkasse/assets/ |
24 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sparkasse (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| meinesparksse-bereich.buzz/ | Name: PHPSESSID Value: 5jke8rt3fc97gf6d68eqkoe2tc |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
meinesparksse-bereich.buzz
169.239.128.115
0d764d392e1685a777c2740c836285ddf29fc29f29b63c19546baf104c2de3d5
43a2c75ca73d8c1101ff7ae617e6dbc6934e8aa1cd72d64ce50908ac297156cb
4a2b3370e8f79689763db6a390cbf6178fb621e1bd7399fe4e9b960a18b6afb5
5706622f56a9d55053b778d797260c4ff05ce65c3402d0df06b1c5ddf59496a5
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
730e486b4079c22f1746e0c8016ed58a6b88f571cca72eb4b169ee5edc915d90
7b2888ded6c1e95affe8813aaba8fbcd060d774451c10afa71227616e9af159f
88c512d672e3b948041b354c028b14450f0695408640e234c21ae97d106b9362
addffd48c2bb1fe1e4409899c79d5b2beca7d72c4d80575401091f09ab0eae52
b17dfe5048c5b8715e8b8f66ba289ded70997c39b7a475b5d4b801f137be846b
f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35
f738688652ee2e3d6818769400c28e31f34f457c34266a52f9870b3597c6eaec