landseche.cf Open in urlscan Pro
2606:4700:3035::6815:600c  Malicious Activity! Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login.php Show response landseche.cf/sant/	34 KB 12 KB	113ms 39ms	Document text/html	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landseche.cf/sant/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash 1e34eab47ec8bf33407a1d0315b5a4b1a13d3f3d308f71c5dd02d4c8ad92d1d9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 734b498e6d9d9064-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 03 Aug 2022 01:30:19 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQE7YEf11LWbOK0hohsSExLkk8YBh37TdGMlLtcK8t2HFDXZyz4MeLtMJ60fOTo0bNSO7mK%2BwZowgX6%2FwctykdtHK1%2F%2FSFryswQvo5mHhu%2FAMIYrlhjm%2F%2B4YSBe808R%2BNnrtiyHZ%2BEzeUpA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34
GET H2	200	_css_style_3_advisor.min.css landseche.cf/sant/	7 KB 2 KB	35ms 26ms	Stylesheet text/css	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landseche.cf/sant/_css_style_3_advisor.min.css Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2fa0c03fbfbedca78a61ba161bb7254b3e3fdd9279e4b6df9872ac437f03b1a Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT content-encoding br cf-cache-status HIT last-modified Tue, 02 Aug 2022 14:01:26 GMT server cloudflare age 6632 etag W/"62e92e36-1cf3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcZlct%2FF0VywXGEOSfDlNwDZp2Cpsk4dUiZQkKIth3Uwtw6%2FqnEN8euOYrwYVw2rGw0ZJQLSmTQ4Ec9X%2BIgDWys5scmZzR4ZvQCoWEjDIPEsBBq5tq89%2BwprFIQbRh1eYS6qUGz9xDR2PlE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734b498eddd79064-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	DbK3c.css landseche.cf/sant/	0 0	46ms 38ms	Stylesheet text/html	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landseche.cf/sant/DbK3c.css Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKlXGvi58rny67HCjAmsxPp%2BqMwk7IMIiE2iDZSZl4J2sj47yV3CKhXStcwbomsTtMnWkA4Yfvrfmz7DBlNHBTfqmkxwVcUg51sEWQob6LovUGSZZ0FcMkpdjrV0dV3RpM4v9RZRR639hbs%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 734b498edddd9064-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	gain-access-ver-6AC4D55C4DB9F67BE6F207D39F9E8093.css landseche.cf/sant/	990 B 696 B	34ms 26ms	Stylesheet text/css	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landseche.cf/sant/gain-access-ver-6AC4D55C4DB9F67BE6F207D39F9E8093.css Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2f7b524c0f1bb0f494a170784499d935b3bc444ce4d42da8e90929f86e66e4f Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT content-encoding br cf-cache-status HIT last-modified Tue, 02 Aug 2022 14:01:20 GMT server cloudflare age 6753 etag W/"62e92e30-3de" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzPQs5l6a9YbAYv%2FzedO53EBhCCCTeJDUgd6W7%2BPvI8jLPh%2FPlNmbzfePCarGSwpKwSTo5PMMQGO3Vi5jBkI%2F3ML0%2FhPpP4z%2FWF%2B5Oajq6AHlUtLQwq%2BpW%2FqhFQNAXb5OSqxBlwqb6cZELM%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734b498edddf9064-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	modal-window-ver-AEEF53CDE0FC9D41683717E687A34650.css landseche.cf/sant/	4 KB 2 KB	35ms 28ms	Stylesheet text/css	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landseche.cf/sant/modal-window-ver-AEEF53CDE0FC9D41683717E687A34650.css Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cbf85b930b29c243cadf2268b41a2fb2c96d519f72b66b21b543234a469addd Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT content-encoding br cf-cache-status HIT last-modified Tue, 02 Aug 2022 14:01:22 GMT server cloudflare age 6632 etag W/"62e92e32-10c9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDjPW3h0yNTYOzG4sQ8HRUge9t3VOOVt7QIWpQTw36FawzOUJf0NN719bPF8io8UHsOFTuRBTvogOJCozaPa5CV5KIcXYxBcrZvnEGsZAbEiNxokKsT5SdhWizd%2FepY9lEa1%2B8agorhunkY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734b498edde09064-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	_css_style_3_button.min.css landseche.cf/sant/	3 KB 1 KB	45ms 39ms	Stylesheet text/css	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landseche.cf/sant/_css_style_3_button.min.css Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1eda795df747f26a98cf78d128101bcdf0db9f65f7fbf7dc8d316d1d4e94054 Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 02 Aug 2022 14:01:26 GMT server cloudflare etag W/"62e92e36-a1a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Muq798ugPXxAzPUtJ02Kto26NyAdDDAUeR8HOHy3Wjxhzhlx60Xw69O2GOVpwbdF8t0b4v9bgHNftdC3zX%2FONfkMUgIwlKCqt8Shdx0QOYBM1kkKaZHWLmpb2zX%2BmfIv%2BWMEtyJTCf84fQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734b498edde19064-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	topbar.css landseche.cf/sant/	7 KB 2 KB	34ms 28ms	Stylesheet text/css	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landseche.cf/sant/topbar.css Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43d56e4dd5b78e2532dfe9eecc4086f40f11ccebe87820ece48fe31ad4ae6a6d Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT content-encoding br cf-cache-status HIT last-modified Tue, 02 Aug 2022 14:01:25 GMT server cloudflare age 6753 etag W/"62e92e35-1c05" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oX%2BOKddX1FIy46f1xVj1QKGtYpv7p5zi5rMMXU3js7TCEt99lF8DCUf9FBl%2BCBoU%2B5VOPZOxVi21hBcaKrC4g5Z3I5stU%2FIlBFibi5NbXyKZ%2F00MBPmRs9v8JUjwDk8u3%2BK6Shlxma2Boo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734b498edde39064-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	_css_eSmart_logowanie.min.css landseche.cf/sant/	31 KB 7 KB	35ms 30ms	Stylesheet text/css	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landseche.cf/sant/_css_eSmart_logowanie.min.css Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36002f03f39b539d0f02471403408d75eaf9eee565b40bd52b9bf494b1b94172 Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT content-encoding br cf-cache-status HIT last-modified Tue, 02 Aug 2022 14:01:26 GMT server cloudflare age 6632 etag W/"62e92e36-7ded" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCrbSALM8U%2BkG17c6mgB04ccDYSji%2FkJo5ABze23TyzTzw5YJR7aCYQAwM2elbbAuxluYD%2B3eMREtg0a2N%2Bo9126dN2LeBk8b1EbZM5%2FdYNYB1HWnRIdcZXTwLlTvehYWDHBw7UXxi4bIA0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734b498edde49064-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	_css_eSmart_transfer24login.min.css landseche.cf/sant/	0 0	44ms 39ms	Stylesheet text/html	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landseche.cf/sant/_css_eSmart_transfer24login.min.css Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuAnHZz0wAS3uAf4e5%2Bf8N5xFZWaQZncryTDlZ3hCSddeHar5p2saLmzNURILBsB5QOdMEBdzsY3LYxzHOYxD3TIyySAtkcDweCM%2FWlPnFZX9NDolpGB%2BBC75bCujiGKuWmdKwPaf%2BAoJgM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 734b498edde59064-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	santander-font.css landseche.cf/sant/	0 305 B	33ms 29ms	Stylesheet text/css	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landseche.cf/sant/santander-font.css Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6632 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 last-modified Tue, 02 Aug 2022 14:01:23 GMT server cloudflare etag "62e92e33-0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8oltn3ekeKfOXhtDK20GhOiOLA2WVWVs2dIPBvQSeRuM1lBwdIsYlZHk%2BiDjtuFcBzemcwiAvzfICE26XgK%2B6EE3vXqrhrgECLNbhfsIcgt8KmgdAvkOHSq25%2FDLM1MBXybU0dqzJDf9%2F8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 accept-ranges bytes cf-ray 734b498edde69064-FRA
GET H2	200	opensans-font.css landseche.cf/sant/	0 292 B	33ms 29ms	Stylesheet text/css	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landseche.cf/sant/opensans-font.css Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6632 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 last-modified Tue, 02 Aug 2022 14:01:23 GMT server cloudflare etag "62e92e33-0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i48d%2FwOfJPxtdR8RY1J0o10%2B3KwpqKTIm43QNOlJrQL7fW%2BrajycVWxjLT%2FPVyJzzlPmV6peU8B%2Bc897M6JZNKueYkmcfgzGPOawEIqcGbpV2TwEp%2FZLoTr3iUSy55mh9k%2FW0Jk6opxgvsg%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 accept-ranges bytes cf-ray 734b498edde89064-FRA
GET H3	200	santander-red.svg landseche.cf/sant/	5 KB 2 KB	37ms 36ms	Image image/svg+xml	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landseche.cf/sant/santander-red.svg Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15d8a431b2696fb0062931d013ec93c8292fa011b7e0dbd6195a8433f72fce98 Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT content-encoding br cf-cache-status HIT last-modified Tue, 02 Aug 2022 14:01:23 GMT server cloudflare age 2173 etag W/"62e92e33-1382" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPvj%2BtTKXh7xPaEsnw0%2F%2FcfRmJ8HAhYe%2BztmgOLl3HPA5skZggPd225s%2F0roFMDJNrdYPQ0VMl8SQzDkjASd18EuJawTxDkzQXUmJELcrTExHNNMHlRHIZxUZ44mvd8%2FhML7J2aJzKQh%2FeU%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734b498f0eac9091-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	tooltip-icon.svg landseche.cf/sant/	812 B 1017 B	35ms 34ms	Image image/svg+xml	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landseche.cf/sant/tooltip-icon.svg Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00d3cc1b3b7ce5de923a7afcc7e3c485765245561e925ae691efe582d3835844 Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT content-encoding br cf-cache-status HIT last-modified Tue, 02 Aug 2022 14:01:25 GMT server cloudflare age 2173 etag W/"62e92e35-32c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yADDKuLDFRVEeb6qyrNrocOJng5waSO%2B9PNuYWvc9FKtOP%2ByAV%2FcHIlXahxb0PaV5OLCyNdoDOrHaJb%2FiZE7wDFtB8LnVG4p5FYY0tZomU3tmOenvTZlJD0KmgoqNrdVMfjJdc2JN84VbsU%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734b498f0ead9091-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	indicator-ver-75BEEBCC0A276C3974D2524B7F0619E1.gif landseche.cf/sant/	2 KB 3 KB	35ms 34ms	Image image/gif	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landseche.cf/sant/indicator-ver-75BEEBCC0A276C3974D2524B7F0619E1.gif Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48485baac245c2e9b8242855d95adbde719995f5dc7955752c5771452c60b2f8 Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2173 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2273 last-modified Tue, 02 Aug 2022 14:01:21 GMT server cloudflare etag "62e92e31-8e1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEesNQDGhq2V2plYux3N2YamQHohk2FGs5KN7C0ANgeFzQjAcW%2F53mh4nRD%2BshcRdx0Kpo6YS2p1gdfW3%2Fkc1pODL2Nz0Jxs6ZTuyj7MOIbiMYfe%2FRRhAOR05VUtEDyZvFtTkBOuyBcb%2FTY%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 734b498f0eae9091-FRA
GET H3	200	log_question_big.png landseche.cf/sant/	1 KB 2 KB	56ms 55ms	Image image/png	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landseche.cf/sant/log_question_big.png Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0e8f53f5f4bc85cb742136772af03d5f0fb60ad63f3f64d51091410ea468393 Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2173 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1397 last-modified Tue, 02 Aug 2022 14:01:22 GMT server cloudflare etag "62e92e32-575" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfWt1va%2FBqghxXCP50vkuJxJnWlcdBn%2FV%2BTJailjUn13UMFMssVdoTjg66VfRA8qfwmiyJLDGFwBf2uxBtmm9T64hRgqcDpYgP0k07p77Lx8va7nOGHwEV8YRaptuyHreQLgmN8OwlrBX1o%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 734b498f0eb09091-FRA
GET H3	200	log_excl_gray.png landseche.cf/sant/	1 KB 2 KB	57ms 56ms	Image image/png	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landseche.cf/sant/log_excl_gray.png Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f65a399e038c685067b1167da6a4e7c64854be8f240b9e7d80e4762f2dac069 Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2173 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1238 last-modified Tue, 02 Aug 2022 14:01:22 GMT server cloudflare etag "62e92e32-4d6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wc6MqMajtegvwoTeIEOsjIwKBNSHHGcRSw47%2FLdsd%2Fs3OlRreod%2BCIHtddpLEcaIksGINGUKv%2FrcqA429scYBee12WO4D%2BGNgnDzbJG0G6QF1H7JzJSP6nPG8%2FCDMncsL2AJToJ97VdgbEo%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 734b498f0eb19091-FRA
GET H3	200	email-decode.min.js Show response landseche.cf/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	30ms 29ms	Script application/javascript	2606:4700:3035::6815:600c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landseche.cf/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: landseche.cf URL: https://landseche.cf/sant/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://landseche.cf/sant/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:30:19 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 29 Jul 2022 16:49:44 GMT server cloudflare etag W/"62e40fa8-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljj3D1aB8lfNJHvhgQJ18pLQ2fm8II%2FYCTyEWDEjgTY3ZmQQDtPelgADVa0CT52Cu1YyJrdeR2atO%2BU1CBLsm9iTfBAxpkgsAAHYHuen0a6g1mj7sTr7Erwu6eEYTAr2rzvxI3xb5AG078Y%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734b498f0eaa9091-FRA vary Accept-Encoding expires Fri, 05 Aug 2022 01:30:19 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Santander (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			landseche.cf/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2f19df407662ce3eb65ae9faf63b53cf

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://landseche.cf/sant/DbK3c.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://landseche.cf/sant/_css_eSmart_transfer24login.min.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

landseche.cf
2606:4700:3035::6815:600c
00d3cc1b3b7ce5de923a7afcc7e3c485765245561e925ae691efe582d3835844
15d8a431b2696fb0062931d013ec93c8292fa011b7e0dbd6195a8433f72fce98
1e34eab47ec8bf33407a1d0315b5a4b1a13d3f3d308f71c5dd02d4c8ad92d1d9
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2f65a399e038c685067b1167da6a4e7c64854be8f240b9e7d80e4762f2dac069
36002f03f39b539d0f02471403408d75eaf9eee565b40bd52b9bf494b1b94172
43d56e4dd5b78e2532dfe9eecc4086f40f11ccebe87820ece48fe31ad4ae6a6d
48485baac245c2e9b8242855d95adbde719995f5dc7955752c5771452c60b2f8
4cbf85b930b29c243cadf2268b41a2fb2c96d519f72b66b21b543234a469addd
d1eda795df747f26a98cf78d128101bcdf0db9f65f7fbf7dc8d316d1d4e94054
d2fa0c03fbfbedca78a61ba161bb7254b3e3fdd9279e4b6df9872ac437f03b1a
e0e8f53f5f4bc85cb742136772af03d5f0fb60ad63f3f64d51091410ea468393
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2f7b524c0f1bb0f494a170784499d935b3bc444ce4d42da8e90929f86e66e4f