urlscan.io logo urlscan.io
SecurityTrails logo

unserskb.info Open in urlscan Pro
2606:4700:3036::ac43:c540  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://9os.li/ZoDYn
Effective URL: https://unserskb.info/
Submission: On April 18 via api from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3036::ac43:c540, located in United States and belongs to CLOUDFLARENET, US. The main domain is unserskb.info.
TLS certificate: Issued by GTS CA 1P5 on April 17th 2023. Valid for: 3 months.
This is the only time unserskb.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 147.135.254.28 16276 (OVH)
1 1 195.210.46.30 48716 (PSKZ-ALA)
1 14 2606:4700:303... 13335 (CLOUDFLAR...)
13 1
Apex Domain
Subdomains		 Transfer
14 unserskb.info
unserskb.info
391 KB
1 n9.kz
n9.kz
701 B
1 9os.li
9os.li
497 B
13 3
Domain Requested by
14 unserskb.info 1 redirects unserskb.info
1 n9.kz 1 redirects
1 9os.li 1 redirects
13 3

This site contains no links.

Subject Issuer Validity Valid
unserskb.info
GTS CA 1P5		 2023-04-17 -
2023-07-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://unserskb.info/
Frame ID: 73341517878D41DA19C2B568727C1BCF
Requests: 10 HTTP requests in this frame

Frame: https://unserskb.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
Frame ID: 42DF3913264E970FAA0A90DCF18584D1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login Online-Banking

Page URL History Show full URLs

  1. https://9os.li/ZoDYn HTTP 301
    https://n9.kz/zjbz HTTP 301
    https://unserskb.info/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div class="[^"]*parbase

Page Statistics

13
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

1
IPs

3
Countries

390 kB
Transfer

811 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://9os.li/ZoDYn HTTP 301
    https://n9.kz/zjbz HTTP 301
    https://unserskb.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://unserskb.info/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://unserskb.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
unserskb.info/
Redirect Chain
  • https://9os.li/ZoDYn
  • https://n9.kz/zjbz
  • https://unserskb.info/
20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://unserskb.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10cd5155f75ae16f65aeca6f15fede1296054a33bba80bb5faeb2d170a111107

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b9df41c0c1237d8-FRA
content-encoding
br
content-type
text/html
date
Tue, 18 Apr 2023 15:31:14 GMT
last-modified
Mon, 10 Apr 2023 15:02:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiUfajj8zBo2BRKeqmZfbzvXjT%2BBZj2gGb4M37swmZSBphf78HuIG6zfsJpf2H9wTKk3LAAfvqdKi2PHQta6%2Fe8FOsE17ocFGZ2WFejXKtyriRYxM6W8Vw%2F6dvCi1y58L8ldHR%2Bt%2FU6AbMur"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Tue, 18 Apr 2023 15:31:13 GMT
location
https://unserskb.info/
server
nginx
x-content-type-options
nosniff
x-powered-by
PleskLin
internetfiliale.min.css
unserskb.info/assets/css/ 		252 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unserskb.info/assets/css/internetfiliale.min.css
Requested by
Host: unserskb.info
URL: https://unserskb.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abae6fa9fcfd1e58abd1f9cc178877d2df6595023689627f267a5ced41501c25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unserskb.info/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Apr 2023 15:31:14 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 10 Apr 2023 15:02:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3f07d-5f8fca9b703f8-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITPhC9HQgQWZ%2BvgRnYrbJm6I0neXtP9PySnUnI4yEllLeR4kwb5e%2F62rBgmfFcGCrTr5uDw083wvEHRJmLUKDcdag1Jy1zN%2FAChY4IfF56VUv8O5IWonGuSEVPD4rdZK1%2Fiz4dnQMSEW1Ms3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7b9df41e1f2b37d8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
internetfiliale.min.js
unserskb.info/assets/js/ 		265 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unserskb.info/assets/js/internetfiliale.min.js
Requested by
Host: unserskb.info
URL: https://unserskb.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec03532fc81cad8dd80f2ad2a20d21a7dce522b9ad0c4fd9ee63f0c2cc22ffa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unserskb.info/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Apr 2023 15:31:14 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 10 Apr 2023 15:02:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4240a-5f8fca9de334b-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPVxBqiQy31hEseYZFm7g1ft8PiEMK0%2FF%2BCTGWOJXvWBQ%2FPiJ%2FmAiiuy1AcrhzMeVco%2BXecU1S4yQ7UqLrFemK7LL5OS2Nmx7WFm6RiAgrivjT1XULkDqQCKUyDWV6cZ0eH8WtmPrYW7gGjN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7b9df41e1f2f37d8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo-desktop.png
unserskb.info/assets/img/logo/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unserskb.info/assets/img/logo/logo-desktop.png
Requested by
Host: unserskb.info
URL: https://unserskb.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86d3b0404f5625e18c816cd0b0e714bd12161fbb8fc6b8fbfbd15bf56fcaf21a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unserskb.info/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Apr 2023 15:31:15 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Apr 2023 15:02:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5ab4-5f8fca9d25c05"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXKyz9Ml5aTONChHDNJlsF1gxPmrlmYrtcXHyxVuIGnXtwJIFzB6NzPJ%2Baw4i717gIFqECV1GIzn1dfcLOYyZ%2FFMqevLNvKILcgW%2BYpfTJB4xs9cYTIBRkLd91oJRyDuoLL0XMaWRGvyZdzU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b9df42129785c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23220
logo-mobile.png
unserskb.info/assets/img/logo/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unserskb.info/assets/img/logo/logo-mobile.png
Requested by
Host: unserskb.info
URL: https://unserskb.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56d0040efaab8fe82c7784daa43fd3d3def1fd971e7930e6f6030e37c968bc3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unserskb.info/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Apr 2023 15:31:15 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Apr 2023 15:02:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5b6a-5f8fca9d2f846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Jq8fMGhS7bzkXx7xV69Iq0uA7yEHNHbv7T86qM5%2B21ZFjj2Q65KUMC35Zhf59J1139WyKenrx1cqYCs9jRTviP%2FVCCgDArvIrYeSuQehCDIe54lh2u75eoBSPwvVDkZm%2BhXhWq5npl0Ni1p"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b9df4226b855c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23402
logo-onlyprint.png
unserskb.info/assets/img/logo/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unserskb.info/assets/img/logo/logo-onlyprint.png
Requested by
Host: unserskb.info
URL: https://unserskb.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
179b288f2244bb113628a24b223e2fae917208428bbf2c865f9f991de6cfc25c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unserskb.info/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Apr 2023 15:31:15 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Apr 2023 15:02:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b392-5f8fca9d4bd66"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvzrMQaHZ1tOBX2DKXDGyWXfvFqJ9M2PoWunIMkuLYERMlPD1SFToFIrr7%2Bz6VXw073Q4%2Bck8BTzfM7knwwqf2iUJB0Bt%2F4bZCcB7%2FjM5OGhzhs%2FjaGDoSUqR5JidIvRdlHwProG8R1llemO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b9df422abd55c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45970
pictos-if.woff
unserskb.info/assets/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unserskb.info/assets/fonts/pictos-if.woff
Requested by
Host: unserskb.info
URL: https://unserskb.info/assets/css/internetfiliale.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56666c32c5c048a791e99fafef70d3791d6d5c6d350771ffbb4e2119df335f03

Request headers

Referer
https://unserskb.info/assets/css/internetfiliale.min.css
Origin
https://unserskb.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Apr 2023 15:31:15 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 10 Apr 2023 15:02:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"be24-5f8fca9bd6c9b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5MbG2umXszq7sw9I4vk5Th76fOZC%2FWl4Pg9njsaWSVXlupUL5tFM141kOZqNkjlKFxqmz0RPPscYTh149wUtXZZ0cKdFB37Va7UNtsig8ZIK3vI%2Bdn3CBxy%2BN3IJ5iBv%2Bwc9X7JTDtGUlFw"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b9df422bbf95c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48676
Sparkasse_web_Rg.woff
unserskb.info/assets/fonts/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unserskb.info/assets/fonts/Sparkasse_web_Rg.woff
Requested by
Host: unserskb.info
URL: https://unserskb.info/assets/css/internetfiliale.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ad5dac2a400c1fb324e09df57325568e98772618ff818ca5344b171c834aa2

Request headers

Referer
https://unserskb.info/assets/css/internetfiliale.min.css
Origin
https://unserskb.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Apr 2023 15:31:15 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Apr 2023 15:02:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9a44-5f8fca9d0a685"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCegYAu0SWcTjSFUgJ4pv05HO%2FRzUaEBplnhG5dWsc8Fw7DP%2FBDxApcrlzM9o%2BZ31YMqKQbxu%2BYDSfcZp4RgR9D41OBMcWTNCe5mor2HYLudsMswhHKJVcpx1xyOaG5FEGHQAoEj4wVSvLUU"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b9df422bbfe5c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39492
Sparkasse_web_Bd.woff
unserskb.info/assets/fonts/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unserskb.info/assets/fonts/Sparkasse_web_Bd.woff
Requested by
Host: unserskb.info
URL: https://unserskb.info/assets/css/internetfiliale.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3a096177fdb67dc609921050caec415a389d683674be529f2ba91f6e5514638

Request headers

Referer
https://unserskb.info/assets/css/internetfiliale.min.css
Origin
https://unserskb.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Apr 2023 15:31:15 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Apr 2023 15:02:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9b38-5f8fca9c878c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQJzvYfiJWihD%2FYpEISSAmSMGqU6ehr8bdaPAXb1s6495APz4%2FM7bQAQxdgZCAW%2Fg6GpokOgGQ9%2BS7Xl9tBp7iVSsRD4lyoSksKMQl3oVpK9mjCEzgWF63Hl0ElF8CLWEYdL7fhpueNAWv8x"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b9df422bc015c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39736
Sparkasse_web_Lt.woff
unserskb.info/assets/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unserskb.info/assets/fonts/Sparkasse_web_Lt.woff
Requested by
Host: unserskb.info
URL: https://unserskb.info/assets/css/internetfiliale.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
133ad01e7b25970c5cbcce3d8ffb7f23eef311c5950d9fcf27463c49e9ae3f02

Request headers

Referer
https://unserskb.info/assets/css/internetfiliale.min.css
Origin
https://unserskb.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Apr 2023 15:31:15 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Apr 2023 15:02:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6aec-5f8fca9cc0302"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iX5DF41PLwQ2cs%2F%2B2MUwapup6SYKT4l5Tm9alt1%2FFeanM1g1ME5L8YX%2B0HWzxRfwSr3RXPuz0uRrmnv8uu16QOuyJZdOv5%2BrtpyoHpdzWtw%2BDnO7cN4jDrq9RweHO87IFggbw9%2BeG2ZKFbql"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b9df422bc035c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27372
invisible.js
unserskb.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/ Frame 42DF
Redirect Chain
  • https://unserskb.info/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://unserskb.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unserskb.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
Requested by
Host: unserskb.info
URL: https://unserskb.info/
Protocol
H3
Server
2606:4700:3036::ac43:c540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a8b265109589c6b7bb3b9a05ea15d2d84b7bffee70acf0f00e564edcc70703
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Apr 2023 15:31:15 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbvjMIVo5Tl%2F1HpWbDQ7oHK4AqkiSdC%2FVXoruBOmynep%2F7ChLYpPqfUiuZpM3JyX4aAFmtsSwspNsYBqiQwX366TWnHgrZOhZu1I7suGDmwlqoXFzs39fdgqqctIqB0nbi79%2BZPdCz7Wy9IU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7b9df4233c8c5c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Tue, 18 Apr 2023 15:31:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqt7F93ckF8mM3EFyULrcqAI9E6BTR77hqejbAX5jkwiF9uGqKEbBS3OITraoVJuqkNvmK02Q6G%2FTJ5MubG7bwU1oqCZGasGx76DAt1KsKgu5xFh3YzJODItXbb%2FSkSOxCHOr3nm9jy3a876"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7b9df4230c615c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
unserskb.info/cdn-cgi/challenge-platform/h/b/scripts/ Frame 42DF 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://unserskb.info/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: unserskb.info
URL: https://unserskb.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e169d51b8c203a524bb59aa6e2519192d99f7dd103dac8d96d25338c43ec403
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Apr 2023 15:31:15 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAe7702P27aKPRokmzZQyaUKoikVPanYHfHvEAkk7lPC40gVx2RzSgNThqC31bCQqHzyI0L43IKSfCnIyyEo8yEeAdoCgrGnWsq6ZlAwc12pfsMKAXFcFWS1EQJn9zXsohQ8IqicUf8zhzOW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7b9df4236ce95c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7b9df41c0c1237d8
unserskb.info/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 42DF 		2 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://unserskb.info/cdn-cgi/challenge-platform/h/b/cv/result/7b9df41c0c1237d8
Requested by
Host: unserskb.info
URL: https://unserskb.info/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

date
Tue, 18 Apr 2023 15:31:15 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLO6U1t7tLEVDHMhYmKnmyjYUrjGbEl42C0HsSBor2WvvNbWBTQQRqsflBwqI7%2FDItp87HSNpYQcHsbDHMiQsZLwrEGwtwxi9FWg5HTzgoW5vUrFejNJcr05n%2F%2BxX8yWr6pRUck7voMKntS%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b9df4258fe95c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| IF6 function| getQueryParamValue string| IF6_lightbox_closeicon_text function| overlayShow function| overlayClose function| SLURI function| editTeaserRef function| pagenav_statistics_send function| pagenav_statistics function| pagenav_scroll function| pagenav_scroll_window function| $ function| jQuery object| IF object| button

5 Cookies

Domain/Path Name / Value
9os.li/ Name: PHPSESSID
Value: v8t9qmjce4v15362vk2s25l802
9os.li/ Name: short_21728
Value: 1
n9.kz/ Name: XSRF-TOKEN
Value: eyJpdiI6IlBBTDFTNjNnbnJBTGVueGE4TUMvSWc9PSIsInZhbHVlIjoiNy9zeXVrZTBvVURLRGE2MW5WSVpVQ2dWcVBrSWI2RkIwVE84WlVhdFp1eFZqV0JzWXJWeWdqTEpCa0F6Y0hjaSIsIm1hYyI6IjVlZGZlYzU1OWM3ZGFhOGY5YzY5OTk3Mzc5N2JiMTBmMTVlMjQ0MzMxOWZiYzYxY2JjNjM5ODdmMTc5OGZiODAifQ%3D%3D
n9.kz/ Name: n9_session
Value: eyJpdiI6IjVLalBTWnhPd0FYdnErUENBeGQrQ3c9PSIsInZhbHVlIjoiZkxXcXRTTE1ZS2RSNWJPb3dLdHZPUlJyOFRINFBwYmdpdWlINTVHTlowK2R5WGRSc08zT0kyZzRLMnZ0YWJRbyIsIm1hYyI6IjAwMDU5ODQ4NmFkZWFhZmI4M2JlYjU5OTVkNTU1NGMwNTY2ODBhYTkxY2VmZjA2MGUzZTc0NWQwNzBkNjJmYjUifQ%3D%3D
.unserskb.info/ Name: __cf_bm
Value: zF0jVwUt9Oltp9AOMZ_h8VjrWDdmximvbLqkRZkp27Q-1681831875-0-AZGhG9sFMLmV6PHNmw/HyFLA7ylHaZTqSIaA5qkt9oS4eqHfAsut9ApI5/kYvu7cqd/O6dZXWs151AL1eDeV7MKb03wIHPSvNoGAUi8lNXhW