provinzial-service.de
Open in
urlscan Pro
2a01:4f8:d0a:11f6::2
Malicious Activity!
Public Scan
Submitted URL: http://provinzial-service.de/
Effective URL: https://provinzial-service.de/
Submission: On April 17 via api from NL — Scanned from DE
Effective URL: https://provinzial-service.de/
Submission: On April 17 via api from NL — Scanned from DE
Summary
This website contacted 7 IPs
in 2 countries
across 5 domains to perform 74 HTTP transactions.
The main IP is 2a01:4f8:d0a:11f6::2, located in
Bad Soden-Salmuenster, Germany and
belongs to HETZNER-AS, DE.
The main domain is provinzial-service.de.
TLS certificate: Issued by R3 on March 8th 2024. Valid for: 3 months.
This is the only time provinzial-service.de was scanned on urlscan.io!
TLS certificate: Issued by R3 on March 8th 2024. Valid for: 3 months.
This is the only time provinzial-service.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sparkasse (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 62 | 2a01:4f8:d0a:... 2a01:4f8:d0a:11f6::2 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 5 | 35.244.173.183 35.244.173.183 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:82f::2014 | 15169 (GOOGLE) (GOOGLE) | |
| 3 | 2606:4700:20:... 2606:4700:20::681a:1f0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:827::201b | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 172.217.18.123 172.217.18.123 | 15169 (GOOGLE) (GOOGLE) | |
| 74 | 7 |
62
2a01:4f8:d0a:11f6::2
(Bad Soden-Salmuenster, Germany)
ASN24940 (HETZNER-AS, DE)
ASN24940 (HETZNER-AS, DE)
| provinzial-service.de |
5
35.244.173.183
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 183.173.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 183.173.244.35.bc.googleusercontent.com
| static.heyflow.app |
1
2a00:1450:4001:82f::2014
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| heyflow-serve.ey.r.appspot.com |
3
2606:4700:20::681a:1f0
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| fonts.heyflow.cloud | |
| libs.heyflow.cloud |
2
2a00:1450:4001:827::201b
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| storage.googleapis.com |
1
172.217.18.123
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f27.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f27.1e100.net
| storage.googleapis.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 62 |
provinzial-service.de
provinzial-service.de |
1 MB |
| 5 |
heyflow.app
static.heyflow.app — Cisco Umbrella Rank: 189260 |
63 KB |
| 3 |
googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 361 |
173 KB |
| 3 |
heyflow.cloud
fonts.heyflow.cloud — Cisco Umbrella Rank: 305202 libs.heyflow.cloud |
56 KB |
| 1 |
appspot.com
heyflow-serve.ey.r.appspot.com — Cisco Umbrella Rank: 533470 |
402 KB |
| 74 | 5 |
| Domain | Requested by | |
|---|---|---|
| 62 | provinzial-service.de |
provinzial-service.de
|
| 5 | static.heyflow.app |
provinzial-service.de
static.heyflow.app |
| 3 | storage.googleapis.com |
static.heyflow.app
provinzial-service.de storage.googleapis.com |
| 2 | fonts.heyflow.cloud |
static.heyflow.app
|
| 1 | libs.heyflow.cloud |
provinzial-service.de
|
| 1 | heyflow-serve.ey.r.appspot.com |
static.heyflow.app
|
| 74 | 6 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| b2b.provinzial-service.de |
| handwerkervermittlung.meinzuhauseundich.de |
| www.facebook.com |
| instagram.com |
| meinzuhauseundich.de |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| provinzial-service.de R3 |
2024-03-08 - 2024-06-06 |
3 months | crt.sh |
| static.heyflow.app GTS CA 1D4 |
2024-04-05 - 2024-07-04 |
3 months | crt.sh |
| *.appspot.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
| heyflow.cloud GTS CA 1P5 |
2024-04-13 - 2024-07-12 |
3 months | crt.sh |
| storage.googleapis.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://provinzial-service.de/
Frame ID: 4E8785DD68386EC31FDBB37D7D6F0A0F
Requests: 75 HTTP requests in this frame
Screenshot
Page Title
Startseite - Provinzial ServicePage URL History Show full URLs
-
http://provinzial-service.de/
HTTP 307
https://provinzial-service.de/ Page URL
Detected technologies
WooCommerce
(Ecommerce)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Yoast SEO
(SEO)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://b2b.provinzial-service.de/
Search URL Search Domain Scan URL
URL: https://handwerkervermittlung.meinzuhauseundich.de/
Search URL Search Domain Scan URL
URL: https://www.facebook.com/meinzuhauseundich.de
Search URL Search Domain Scan URL
URL: https://instagram.com/meinzuhauseundich.de?igshid=NzNkNDdiOGI=
Search URL Search Domain Scan URL
URL: https://meinzuhauseundich.de/datenschutzerklaerung/
Title: Datenschutzerklärung
Title: Datenschutzerklärung
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://provinzial-service.de/
HTTP 307
https://provinzial-service.de/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
74 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
provinzial-service.de/ Redirect Chain
|
159 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icomoon.woff
provinzial-service.de/wp-content/themes/salient/css/fonts/ |
21 KB 21 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wpo-minify-header-a17c4955.min.css
provinzial-service.de/wp-content/cache/wpo-minify/1713362139/assets/ |
779 KB 103 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
provinzial-service.de/wp-includes/js/jquery/ |
86 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-migrate.min.js
provinzial-service.de/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.blockUI.min.js
provinzial-service.de/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
add-to-cart.min.js
provinzial-service.de/wp-content/plugins/woocommerce/assets/js/frontend/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js.cookie.min.js
provinzial-service.de/wp-content/plugins/woocommerce/assets/js/js-cookie/ |
2 KB 794 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
woocommerce.min.js
provinzial-service.de/wp-content/plugins/woocommerce/assets/js/frontend/ |
2 KB 718 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
borlabs-cookie-config-de.json.js
provinzial-service.de/wp-content/cache/borlabs-cookie/2/ |
46 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
borlabs-cookie-prioritize.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.min.js
provinzial-service.de/wp-content/themes/salient-child/dist/js/ |
1 KB 424 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
provinzial-service-logo-1.webp
provinzial-service.de/wp-content/uploads/2024/04/ |
30 KB 30 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon_solar-house.svg
provinzial-service.de/wp-content/uploads/2022/09/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon_firmen_solaranlagen.svg
provinzial-service.de/wp-content/uploads/2022/09/ |
14 KB 14 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
webview.js
static.heyflow.app/widget/latest/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wpo-minify-footer-bc2a4d76.min.css
provinzial-service.de/wp-content/cache/wpo-minify/1713362139/assets/ |
145 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sourcebuster.min.js
provinzial-service.de/wp-content/plugins/woocommerce/assets/js/sourcebuster/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
order-attribution.min.js
provinzial-service.de/wp-content/plugins/woocommerce/assets/js/frontend/ |
1 KB 738 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.easing.min.js
provinzial-service.de/wp-content/themes/salient/js/build/third-party/ |
2 KB 811 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.mousewheel.min.js
provinzial-service.de/wp-content/themes/salient/js/build/third-party/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
priority.js
provinzial-service.de/wp-content/themes/salient/js/build/ |
2 KB 715 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
transit.min.js
provinzial-service.de/wp-content/themes/salient/js/build/third-party/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
waypoints.js
provinzial-service.de/wp-content/themes/salient/js/build/third-party/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
imagesLoaded.min.js
provinzial-service.de/wp-content/plugins/salient-portfolio/js/third-party/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hoverintent.min.js
provinzial-service.de/wp-content/themes/salient/js/build/third-party/ |
2 KB 925 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.fancybox.js
provinzial-service.de/wp-content/themes/salient/js/build/third-party/ |
67 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
anime.min.js
provinzial-service.de/wp-content/themes/salient/js/build/third-party/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vivus.min.js
provinzial-service.de/wp-content/themes/salient/js/build/third-party/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
superfish.js
provinzial-service.de/wp-content/themes/salient/js/build/third-party/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
init.js
provinzial-service.de/wp-content/themes/salient/js/build/ |
366 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
touchswipe.min.js
provinzial-service.de/wp-content/plugins/salient-core/js/third-party/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
select2.full.min.js
provinzial-service.de/wp-content/plugins/woocommerce/assets/js/select2/ |
73 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cart-fragments.min.js
provinzial-service.de/wp-content/plugins/woocommerce/assets/js/frontend/ |
3 KB 975 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js_composer_front.min.js
provinzial-service.de/wp-content/plugins/js_composer_salient/assets/js/dist/ |
26 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
borlabs-cookie.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
1 KB 526 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GTM-K9LQNLS.js
provinzial-service.de/wp-content/uploads/borlabs-cookie/ |
266 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
65 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
187.js
static.heyflow.app/widget/latest/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
169.js
static.heyflow.app/widget/latest/ |
18 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
55.js
static.heyflow.app/widget/latest/ |
12 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
269.js
static.heyflow.app/widget/latest/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AdobeStock_367525742.mov.vp9_.webm
provinzial-service.de/wp-content/uploads/2022/10/ |
9 MB 0 |
Media
video/webm |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer_background.svg
provinzial-service.de/wp-content/uploads/2022/09/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Sparkasse_Rg.ttf
provinzial-service.de/wp-content/themes/salient-child/fonts/ |
68 KB 68 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icomoon.woff
provinzial-service.de/wp-content/themes/salient/css/fonts/ |
21 KB 21 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
meinzuhauseundich-rueckruf-service
heyflow-serve.ey.r.appspot.com/ |
1 MB 402 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
init.aeb9d8f0.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
43 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
observer.472990d3.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vue.a50c3feb.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
65 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
borlabs-cookie-box.a32cb0e4.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
52 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_plugin-vue_export-helper.c27b6911.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
91 B 113 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
use-iabtcf-vendors.6dc7b198.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
2 KB 632 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iabtcf.80aff953.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
57 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_commonjsHelpers.187a63f9.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
272 B 187 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
use-iabtcf-purposes.879a2690.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
692 B 362 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
use-special-features.7d80ea81.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
748 B 365 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
x-icon.0dc80929.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
570 B 402 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
base-button.f7e450d7.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
679 B 436 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
base-button.38f38120.min.css
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/css/ |
528 B 165 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
use-iabtcf-legitimate-interests.426acd08.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
2 KB 717 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
borlabs-cookie-box.835a946d.min.css
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/css/ |
5 KB 723 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
borlabs-widget.480072af.min.js
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
1 KB 568 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
provinzial-service.de/ |
755 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Solaranlagen_teaser_hochkant-abgerundet.jpg
provinzial-service.de/wp-content/uploads/2022/10/ |
289 KB 290 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dreamstime_l_239173448-1-1024x657.jpg
provinzial-service.de/wp-content/uploads/2023/03/ |
74 KB 74 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Wallboxen_teaser_hochkant-abgerundet.jpg
provinzial-service.de/wp-content/uploads/2022/10/ |
183 KB 184 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
borlabs-cookie-widget-a.svg
provinzial-service.de/wp-content/plugins/borlabs-cookie/assets/images/ |
4 KB 4 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cropped-PV_MZUI_gruen_rgb_300dpi-32x32.png
provinzial-service.de/wp-content/uploads/2023/11/ |
658 B 744 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon
fonts.heyflow.cloud/ |
472 B 639 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.heyflow.cloud/ |
30 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Sparkasse_web_Rg.css
storage.googleapis.com/heyflow-eu-users/meinzuhauseundich-rueckruf-service/fonts/ |
275 B 532 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cleave-phone.i18n.js
libs.heyflow.cloud/cleavejs/1.6.0/ |
324 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ad7bd40a-82fe-4020-ab42-4792286fb87c.png
storage.googleapis.com/builder.zenflow.de/meinzuhauseundich-rueckruf-service/www/assets/ |
131 KB 132 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
7990ea3c-0dda-4371-a2f4-2bc576789460
storage.googleapis.com/heyflow-eu-users/meinzuhauseundich-rueckruf-service/fonts/ |
41 KB 41 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sparkasse (Banking)80 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| $ function| jQuery object| wc_add_to_cart_params object| woocommerce_params object| borlabsCookieConfig object| root object| url function| gtag object| dataLayer object| BorlabsCookieGtmPackageSentEvents object| webpackChunk_heyflow_widget object| sbjs object| wc_order_attribution object| headerEl object| headerSpaceEl function| Waypoint function| EvEmitter function| imagesLoaded function| anime function| Vivus object| nectarLove object| nectarOptions object| nectar_front_i18n object| nectarDOMInfo object| nectarState object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| embeds object| wc_cart_fragments_params function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox object| Cookies object| BorlabsCookie object| BorlabsCookiePrioritizeHandle object| google_tag_manager object| google_tag_data object| __VUE_INSTANCE_SETTERS__ object| borlabsCookiePrioritized function| __toBorlabsPluginAssetUrl boolean| __VUE__ string| waypointContextKey function| __tcfapi object| vflPrevFocusedElement object| heyflow object| windowConstants object| webpackChunk_heyflow_builder function| filterCSS function| filterXSS function| Cleave function| onLessReady function| flatpickr7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .provinzial-service.de/ | Name: sbjs_migrations Value: 1418474375998%3D1 |
|
| .provinzial-service.de/ | Name: sbjs_current_add Value: fd%3D2024-04-17%2014%3A56%3A58%7C%7C%7Cep%3Dhttps%3A%2F%2Fprovinzial-service.de%2F%7C%7C%7Crf%3D%28none%29 |
|
| .provinzial-service.de/ | Name: sbjs_first_add Value: fd%3D2024-04-17%2014%3A56%3A58%7C%7C%7Cep%3Dhttps%3A%2F%2Fprovinzial-service.de%2F%7C%7C%7Crf%3D%28none%29 |
|
| .provinzial-service.de/ | Name: sbjs_current Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29 |
|
| .provinzial-service.de/ | Name: sbjs_first Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29 |
|
| .provinzial-service.de/ | Name: sbjs_udata Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F124.0.0.0%20Safari%2F537.36 |
|
| .provinzial-service.de/ | Name: sbjs_session Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fprovinzial-service.de%2F |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.heyflow.cloud
heyflow-serve.ey.r.appspot.com
libs.heyflow.cloud
provinzial-service.de
static.heyflow.app
storage.googleapis.com
172.217.18.123
2606:4700:20::681a:1f0
2a00:1450:4001:827::201b
2a00:1450:4001:82f::2014
2a01:4f8:d0a:11f6::2
35.244.173.183
00ba7c0592e851a257da77bf54cd0e3394c6e9275e7c3b756eb7a6217b74477b
03e45a8fa14013dd1a15e971f9c149384cff80af7569550e1b7d206f8d17788c
046a4dc6bad002f02383eaaa3327d040fa27741dc95ee3c31323a27c51642d13
0c9dda6a9043cd5349618f3bf1ffe2ed03d7dff50a58472e1309fa2b8f6a3d89
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
110fc6bd6a2c96f46a21a298144079e0486e7c0b4b052578474b525630a11335
15a71d32b340bf3641581ac5b4f37887b9cb3981477d5886ec5849749c8a36e7
18949282236c58479862223954873f216b247953aaa1fafd5f270cdd304c05e4
2520fe4710515d12257d6b2c7e467333748fa50b6bfc5c7fc44f70ee2c0f7a8a
253da3174fd517b8b572319807f488b09d2d8c73f0a654361b493fd6b72cc3b1
293ce02c8dd7e32b7e88c48bc2db9d5eff1f959a9ca46b0b209c3e9a793b17f7
33eca32cdbdb2fd23a1a8e5dc72bfdcb598c4f5a3806990bf7f00205a1e0de69
35e4f2a2602b96ee20564d2f4398e23084d3d387175b974d3b85e954ab984202
38b45f1a01a97e9dfa94c9c7fa508b571371bc4e2ae828fcae07b8cf4a3cde14
38f3812089d4606e8667570a876cce90d16d7e9753c6a60cdc250cbab34f4a00
3a8b9831ba20e6d9b02e539196b7658036b0f853db0d5b0bdb8bc2e1986c3783
3c9eb9bb1076bbb11745885964334df870bf7eb621daa5e7475a9a5cf4b2e424
3ce9be76f458848a316e79e59b1f08598f7bb71778871a34bd9c469772459728
48e369556efd61eaa0d94641e250a9e4cf287d1fd67af1be760aa79c80b2c342
4f0a4e5ff7378b48f06c23a8ff4e52633c828fee56f2495085eeea5c1a7f8aba
51e15e34f36f4d7babb46ec03bf5bb067735b427d9fe64f3e722ddd163a68370
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5574c1984c536ae12f1d274d2c32c8fe28e2f840600d1443ed6be882c0775530
592acc60b8eea94fc366110175d8406604a609201d6debe5eb008a6debfbdc3b
5cbda29ea5096ac9404c59c77493a2f467d0eb4a27f16c750b61fc0d888dd716
69043caca561604c5d8f500aba975f1c57d6249fbace246a6c000ee85689fdbe
69ec144a4be8d65c3a7b0f4fa0e8f39ed1a5b3a175118390a846454fc165ebd0
6c3a7056ca27a4d4c8758dd5f98a497a75f6fed8d637b575371edb3775abc0c2
6da5d7e7f440a8493a2628da83de4edf1c5e19d40ac0641443787de993c36447
76e90705fd2581059655359d93b52c17f8a7338bec345e3e9294e4b6185987ac
814898da408b4aa90459463755d0cb53ac76700bb7c355bd5ade0aebe25f7290
835a946db9ada5d2eab91e28594271a18219f17441dd737d232010fd4cffa6a0
84c1aba038f08dfdc3715bfe36fc2739dedede64dcd492622ed0261935465402
86a156b80c4342d46aa6bfdf42944e34cd85f5935e38c20bd58445006ca12a96
870690dc50dced95a6113958a87976718617a8f961cb5876c06f24831db6f659
87aa5734e086eebe096a7992d90fe668981a07f35e1eccde21ac1f539819d7a2
881f4e9fde0d4d4bdcf1eae9fd2d68378c5203969e6ceedf59b4e29567f238a9
8882e41626ebc4b7f6f92c02c3e879ced9d61cdd84e2fec6d36c88d3c588b351
8b083f64f2e9e8ac445c730dfce7013cc6449ce155fd1c2f42b60edba4ecb4b1
8bd48083e7e62bab11fbc60c11cba07bd76073d386b5674d69edd96f8dad88c3
8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6
8d739be61dd4a515f7b9d469e3a92dbbe5955963887306fd282078a1aa37c641
927a15aa98b8460422d66206680694b6c10d08753f50600fc29890a8b0ac5f37
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
9d8a587ab4a60001f720cb0833192cccd56e583a8df7774c292acb907d6078fb
a9c8cbcf0ed23e3ec2f71acc45d2c4836a1dd995cce5630964063c7a44b40283
aaebec0ade1a122df531a80206bda2b615ed323058a5136b458f82f499e26a25
abf9e51810564fd1bad243e6f6d46ed1db98d55a5ed03558256e61ff50c57e73
ae9d4312609c1d2a94219585b83f391008c4151677fe80efb863872ab9162785
af6aad45dfea3dad21ae2d7d9b2b44e7ee84ec9b9df016489ec4f003edf1314f
b07268a2093418458ba1a4443e82a6e4bdc4a0d6b6c503e5c8dcc36cc800e37e
b81feaa3095ecae7861ff599e6406f154f69db56b439705dc9d0e3825024d13b
bc75d2bf05221927704d5d29a4ed8e67b6436a2eebc3cd2c83f476ca6875895d
c34ca9c16943f73156b5445abe4683cc36e3fdb7b4298a4a65c561db218f28f3
c4315ef79baf800529d49990bfbb4a7e141d9597a76f63370d88982fdc33f3e4
c962e74a0cd768609b29c247028bd61c3229a50bb3abe908feeaa98962eb0971
ca32ab2bb4222dc75858d886950cf1d2bb79b3757e89d5604368a3e06fdd0db2
cb225cbe89436bb47d3b4486cd9cee63db751cdaf60409f496253ca8be549dae
cb53767b9955bd0f506b7659883522b96b3202031974af4180b3a6f59cdf02da
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620
d2e7489e6c600d5654122ccfdfc9281bb38aa4920d8e49421386e7b4286fbd87
d3ed83a528606677876dd684d2ceca933855614f0d938dc6adf33e4155917145
e2b1007d8b21f97e8aafac87a109266f1500dfddbe895fab6ddd5986a49aba6f
e40c49d2d7cfc035902c7b8471e9736b9a05b2adc59ed919567063676d3b793e
e76fe6217277a81460d4fd8cd2db0bc3f970cfba84187ef7b48beb9ded37f9b9
e9fbf20e214a10f019a6458acd94079d2d83b26aa62108f9f990602733ca113f
ec910172003c91d7f49755177b59fa80d653c0331ca14173e3cf483ee0aa2585
f4a187b53c1e3e58b3ddd40137ed64885aac1082cd532b663f81a2f16732b99f
f59d1770f8e9bc38b5ecb943d9d86e7f8923de8f676b3c06e18e84ad8ca099f8
f67822229200179cf7be1738a5b10f9586a43ebd8227737f4d9136568416cb2f
fdcb39eec676f0d52a9647156d6e1c5e0668ebdbb1060cb8ff89d5b4ab4695e8