![](/screenshots/9b81d193-b660-4d72-8e93-a26fea268b93.png)
runelie.net
Open in
urlscan Pro
45.61.136.109
Malicious Activity!
Public Scan
Submission: On April 06 via automatic, source openphish — Scanned from DE
Summary
This is the only time runelie.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sparkasse (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 45.61.136.109 45.61.136.109 | 399629 (BLNWX) (BLNWX) | |
8 | 62.181.151.235 62.181.151.235 | 15790 (FINANZINF...) (FINANZINFORMATIK-AS-OST) | |
1 | 62.181.151.19 62.181.151.19 | 15790 (FINANZINF...) (FINANZINFORMATIK-AS-OST) | |
29 | 4 |
ASN15790 (FINANZINFORMATIK-AS-OST, DE)
module.berliner-sparkasse.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
runelie.net
runelie.net |
3 MB |
9 |
berliner-sparkasse.de
www.berliner-sparkasse.de — Cisco Umbrella Rank: 373272 module.berliner-sparkasse.de — Cisco Umbrella Rank: 593140 |
746 KB |
29 | 2 |
Domain | Requested by | |
---|---|---|
20 | runelie.net |
runelie.net
|
8 | www.berliner-sparkasse.de |
runelie.net
|
1 | module.berliner-sparkasse.de |
runelie.net
|
29 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.berliner-sparkasse.de QuoVadis Europe EV SSL CA G1 |
2021-07-06 - 2022-07-01 |
a year | crt.sh |
module.berliner-sparkasse.de QuoVadis Europe EV SSL CA G1 |
2021-07-07 - 2022-07-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://runelie.net/
Frame ID: 5A2F0716376405EC2B6DE71D2446B13A
Requests: 30 HTTP requests in this frame
Screenshot
![](/screenshots/9b81d193-b660-4d72-8e93-a26fea268b93.png)
Page Title
Internet-Filiale - Berliner SparkasseDetected technologies
Detected patterns
- <div class="[^"]*parbase
- /etc/clientlibs/
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
Title: Online-AssistentinLinda
Search URL Search Domain Scan URL
Title: Wichtige Telefonnummern
Search URL Search Domain Scan URL
Title: Live-Chat
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Youtube
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Investieren geht jetzt automatisch Ab 25 Euro monatlich oder 1.000 Euro einmalig bei bevestor Geld anlegen.
Search URL Search Domain Scan URL
Title: Fernweh? Kreditkarte nicht vergessen! Jetzt mit Kreditkarte Ihren nächsten Urlaub buchen und 6 % Erstattung auf den Reisepreis erhalten.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Weitere Telefonnummern
Search URL Search Domain Scan URL
Title: Online-Assistentin Linda
Search URL Search Domain Scan URL
Title: S-Privatkredit
Search URL Search Domain Scan URL
Title: BörsenCenter
Search URL Search Domain Scan URL
Title: Newsletter
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
runelie.net/ |
64 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
internetfiliale.min.71a6be2a7a29289c1587c1755772e49b.css
runelie.net/etc/clientlibs/myif/master/base/ |
1 MB 1 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
internetfiliale.min.0d513efcfee47388aae9120e70bf28ef.js
runelie.net/etc/clientlibs/myif/master/base/ |
428 KB 428 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spk-logo-desktop.png
runelie.net/content/dam/myif/berliner-sk/work/bilder/logos/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spk-logo-mobile.png
runelie.net/content/dam/myif/berliner-sk/work/bilder/logos/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spk-logo-druck.png
runelie.net/content/dam/myif/berliner-sk/work/bilder/logos/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1647515015852.jpg
www.berliner-sparkasse.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_c0e3/teaserref1.epimgref.jpg/ |
26 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1647514868424.png
www.berliner-sparkasse.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_c0e3/teaserref2.epimgref.png/ |
60 KB 61 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1647937496873.jpg
www.berliner-sparkasse.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_c0e3/teaserref3.epimgref.jpg/ |
13 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1593680801301.jpg
runelie.net/content/myif/berliner-sk/work/filiale/de/home/_jcr_content/homepagearea/parsys/imagebox12_a17a/image.img.jpg/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1593680857084.jpg
runelie.net/content/myif/berliner-sk/work/filiale/de/home/_jcr_content/homepagearea/parsys/imagebox12_f7b8/image.img.jpg/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp_kursleiste.js
runelie.net/etc/clientlibs/myif/berliner-sk/sfp/wp_kursleiste/js/ |
175 KB 175 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chatbot_linda_link.min.9bfc6871279a843ee09c7d56edc23da4.js
runelie.net/etc/clientlibs/myif/berliner-sk/sfp/ |
486 KB 486 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1645722457672.png
runelie.net/content/myif/berliner-sk/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_547e/image.img.png/ |
164 KB 164 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1645722367798.png
runelie.net/content/myif/berliner-sk/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_69a9/image.img.png/ |
83 KB 83 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1645722435706.png
runelie.net/content/myif/berliner-sk/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award/image.img.png/ |
153 KB 153 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tdg
module.berliner-sparkasse.de/if/services/ |
45 B 981 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
universal_analytics.min.fce01e1aa1583405fd3c179639d0bd13.js
runelie.net/etc/clientlibs/myif/berliner-sk/sfp/ |
77 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Sparkasse_web_Rg.woff
runelie.net/etc/clientlibs/myif/master/base/internetfiliale/fonts/ |
41 KB 41 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pictos-if.woff
runelie.net/etc/clientlibs/myif/master/base/internetfiliale/fonts/ |
139 KB 140 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Sparkasse_web_Bd.woff
runelie.net/etc/clientlibs/myif/master/base/internetfiliale/fonts/ |
36 KB 36 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SparkasseHead_web_Rg.woff
runelie.net/etc/clientlibs/myif/master/base/internetfiliale/fonts/ |
29 KB 30 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kursleiste
runelie.net/content/myif/berliner-sk/work/filiale/de/home/misc/vps/gate/_jcr_content.bin/wp_infos/ |
564 B 392 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linda.svg
runelie.net/etc/clientlibs/myif/berliner-sk/sfp/chatbot_linda_link/images/ |
564 B 564 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1645793693509.jpg
www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref1.epimgref.res1920.jpg/ |
126 KB 127 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1646396395773.jpg
www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref2.epimgref.res1920.jpg/ |
86 KB 87 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1647010338755.jpg
www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref3.epimgref.res1920.jpg/ |
166 KB 167 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1647937519359.jpg
www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref4.epimgref.res1920.jpg/ |
42 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1647010626353.jpg
www.berliner-sparkasse.de/de/home/_jcr_content/opener/openerref5.epimgref.res1920.jpg/ |
220 KB 221 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sparkasse (Banking)44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored object| IF6 function| getQueryParamValue string| IF6_lightbox_closeicon_text function| overlayShow function| overlayClose function| focusBankingFormularElement function| toggleClassInRows function| SLURI function| moveBContent object| ifLoginHeaderTimer function| refreshClientTimeout function| refreshServerTimeout undefined| startCountdownLayer function| showCountdownLayer function| updateHeaderLoginIfPresent function| tick function| setSessionTimeout function| countdownShow function| callBreakHtml object| nbfDatePicker object| nbfTanInput function| selectListBoxItem function| editTeaserRef function| pagenav_statistics_send function| pagenav_statistics function| pagenav_scroll function| pagenav_scroll_window function| $ function| jQuery object| myif object| IF object| elements object| Kursleiste object| chatbot_linda_link object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill boolean| bcarouselAttached0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
module.berliner-sparkasse.de
runelie.net
www.berliner-sparkasse.de
45.61.136.109
62.181.151.19
62.181.151.235
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
1a507891e1673fb220bf22079e66bf62bba550a0805f488f19794a651d580298
25f042d00f4ce4bcff027d7b7e5c3874e48de1393b3c6172f4775b4ced48c3bc
2c8ad4232288d4f239a40a93ea9b12ee9357b82154a3f1c2acb5437162ae274b
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
4d3ffb3a2f8f02f61ec05d699c232ef210212bec6b835bb0f424b203f4cf047f
4ee8c165fb61504359d2c40e08ecdb8486cb2bd1f1c92744f7ed22b35fca5ba5
6057133b0dee90dced2e0c69b179c803617aa93776aadaf3b9a139b2c4318136
605f2c9da07ec25f302dc9094c17557b90e7b1ddf900e9895a24524c2abd8b35
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
6307e650c6cd51633ef2e9d9528ef4a163d3b9432f7d5ceb3e7fd2c61fe5a95f
84798913afc7420e1087ff7c0a0c5b39937ddd430b67bf96561ffbaed9e77b14
869c970c5fe68f73ff9ec79fffe6449049e9ea32e07ffebdae75b8694e0182f3
92a47005456ffc3265cfb02b76cfb77edf109347cd59ef3c755aec4ffd4e8e85
9fc079f008c549dc77a0f98417359484d8e6bc9c978bfbff1d22ce6fa032b43d
b3c3d5760bc1dde176b5e85d09ad1acc0d6236f184919340dfb1a14e3a544eb6
b84750cc5a395288fcfd0cf42e3a60d6135e2f14db83fce05e97e5abacc2f9b4
ba8f72b8dc32be40379fddb8b5f3eace9e3d556d4496b1be7922371f99d5826f
bb484da47d90cf16f6bf52d630db276f794f5c7f300abed00c0e82d46881bbf3
c016ca9bd3f6c9421dbf69dc4c84b69f391259389cf43fe741effbf30526936e
ca7790436b9e9c5b04c082370a2c14ea074233b00056c855a741150ea3b7c648
cd3c85f5d4d13734160b83bc759dac23bfd35b1cbf5092fc36515105e9321712
d86fa09a2f9764c54486f84bb248963c9f074897cc923b794dbad6c661ddff10
da963d7fddc419a437fbb155582d6ede79f6046c6f62608ea8106398c3035c91
e3796adb8ea41080c93c80f54c3a4cc306c460929275d96c0892cf78d329bbcd
e5ac8e759fa4c223873b7994ffca0738022b38286d017b30e8c731931b1f0f0d
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86
ed5eca6b5379ae8ab86f231978a0de040c24604a6bb4822f88a190d16ed41f08