2024-sparkassen-online.xyz Open in urlscan Pro
2606:4700:3030::ac43:b569 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://us.lhlh3.ru.com/huzrgwehoirfpuzwezigbfhjoweiufgzuwehfiweugfzuwe.php
Effective URL:
https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Submission: On June 14 via manual (June 14th 2024, 12:23:47 pm UTC) from IN — Scanned from DE

Summary HTTP 19 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3030::ac43:b569, located in United States and belongs to CLOUDFLARENET, US. The main domain is 2024-sparkassen-online.xyz.
TLS certificate: Issued by E5 on June 11th 2024. Valid for: 3 months.

This is the only time 2024-sparkassen-online.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	69.49.245.29 69.49.245.29	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1 1	172.67.202.45 172.67.202.45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:303... 2606:4700:3030::ac43:b569	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 19	172.67.181.105 172.67.181.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2

1 69.49.245.29 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 69-49-245-29.webhostbox.net

us.lhlh3.ru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.202.45 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

haltedurch.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:b569 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

2024-sparkassen-online.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.67.181.105 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

2024-sparkassen-online.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	2024-sparkassen-online.xyz 2 redirects 2024-sparkassen-online.xyz	895 KB
1	haltedurch.xyz 1 redirects haltedurch.xyz	514 B
1	ru.com 1 redirects us.lhlh3.ru.com	228 B
19	3

	Domain	Requested by
21	2024-sparkassen-online.xyz	2 redirects 2024-sparkassen-online.xyz
1	haltedurch.xyz	1 redirects
1	us.lhlh3.ru.com	1 redirects
19	3

This site contains links to these domains. Also see Links.

Domain
module.foerde-sparkasse.de
blog.foerde-sparkasse.de
www.facebook.com
twitter.com
www.youtube.com
www.xing.com
www.tiktok.com
termin.foerde-sparkasse.de
www.studiale.de
www.sparkassen-shop.de

Subject Issuer	Validity	Valid
2024-sparkassen-online.xyz E5	`2024-06-11` - `2024-09-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Frame ID: E0AED7C08DDE2A86A50A0E51E3C6CC9D
Requests: 17 HTTP requests in this frame

Frame: https://2024-sparkassen-online.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: 3E37005936D863528C6067EE0CB46932
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Online-Banking | Sparkasse

Page URL History Show full URLs

http://us.lhlh3.ru.com/huzrgwehoirfpuzwezigbfhjoweiufgzuwehfiweugfzuwe.php HTTP 307
https://us.lhlh3.ru.com/huzrgwehoirfpuzwezigbfhjoweiufgzuwehfiweugfzuwe.php HTTP 302
https://haltedurch.xyz/spu HTTP 307
https://2024-sparkassen-online.xyz/?s=h34iceca7wb3x8k6r9ri3tnys1gpeh4y HTTP 302
https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1... Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*parbase

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

19
Requests

95 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

894 kB
Transfer

3068 kB
Size

2
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://module.foerde-sparkasse.de/de/home/ihre-sparkasse/podcast.html?n=true&stref=hnav
Title: Podcast

Search URL Search Domain Scan URL

URL: https://blog.foerde-sparkasse.de/
Title: Ihre Sparkasse hautnahBlog der Sparkasse

Search URL Search Domain Scan URL

URL: https://www.facebook.com/foerdesparkasse
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/foerdesparkasse
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcKZYqFLnRp9bmhEPbkytXA
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.xing.com/company/foerdesparkasse
Title: Xing

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@foerdesparkasse
Title: TikTok

Search URL Search Domain Scan URL

URL: http://termin.foerde-sparkasse.de/
Title: Beratungstermin vereinbaren

Search URL Search Domain Scan URL

URL: https://www.studiale.de/
Title: Studiale

Search URL Search Domain Scan URL

URL: https://www.sparkassen-shop.de/foerde-sparkasse/?_ga=2.141694002.1491539779.1620378309-163821152.1620378309
Title: Sparkassen-Shop

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://us.lhlh3.ru.com/huzrgwehoirfpuzwezigbfhjoweiufgzuwehfiweugfzuwe.php HTTP 307
https://us.lhlh3.ru.com/huzrgwehoirfpuzwezigbfhjoweiufgzuwehfiweugfzuwe.php HTTP 302
https://haltedurch.xyz/spu HTTP 307
https://2024-sparkassen-online.xyz/?s=h34iceca7wb3x8k6r9ri3tnys1gpeh4y HTTP 302
https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://2024-sparkassen-online.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://2024-sparkassen-online.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request anmeldung.php Show response
2024-sparkassen-online.xyz/
Redirect Chain

http://us.lhlh3.ru.com/huzrgwehoirfpuzwezigbfhjoweiufgzuwehfiweugfzuwe.php
https://us.lhlh3.ru.com/huzrgwehoirfpuzwezigbfhjoweiufgzuwehfiweugfzuwe.php
https://haltedurch.xyz/spu
https://2024-sparkassen-online.xyz/?s=h34iceca7wb3x8k6r9ri3tnys1gpeh4y
https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA

61 KB
9 KB

109ms
108ms

Document
text/html

2606:4700:3030::ac43:b569
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b569 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8516cb75d22acc9a4c03554aba5684907a0e9879401a5ff6f90733d8b1e0bc82

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 893a4b0ae97c65cd-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 14 Jun 2024 12:23:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZYEFXovEZ%2BCzkfHDdO8Ly2qAp1YQijC4RDAQF5aWmJsw3CG60u%2FwFY62WarjKHBAayfV4W0%2F0HaVomFXNGTpzrVNte1aoam09CYYzlmQodlqwV6BI8lyupxYHocHgGQ6HZwq8Kmn%2B%2F1k5XQ9EXRNfAir%2FLoeOEduA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 893a4b09dfbf65cd-FRA
content-type: text/html; charset=UTF-8
date: Fri, 14 Jun 2024 12:23:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4y4LER4TNDXw93VhYy%2F6KMDFSlx7Lb81Y5USeGCQHV5z%2Bv8dBS5omDiFxpUdgwQOCuYDSBmLh4mqk4y9TpNT0Ol%2FhUskG%2Fle9KSno3nAmGbdOlZptRgciVyxFccptKPqsco6GRUosjb27b1lNaYa7TdKSn3BSfQtkA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
2024-sparkassen-online.xyz/src/ 2 MB
189 KB 220ms
219ms Stylesheet
text/css 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2024-sparkassen-online.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bff2bf5fb283195a323aa0994f605e0710397955f82d54d8f4993993a5037d5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:42 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1be7e3-5ee86a90893cb-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fQPiyPGZbfXf2loIT0yXRM1ClgQTf15dNTHowkIvn%2BVyVt%2FJjuv0XfWw7dReSYRtQ1DQ4DRrWrx5ULgrGLoHh4uvYpzrckzPylQCcjw2%2FvqzOrlHQAlLgZI%2Fc23f4phmyqp0I%2FaOz6EmvWcuyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 893a4b0b9a861e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 internetfiliale.min.007ac3aaa8c7e77660499b0a77898638.js Show response
2024-sparkassen-online.xyz/src/ 612 KB
148 KB 200ms
199ms Script
application/javascript 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2024-sparkassen-online.xyz/src/internetfiliale.min.007ac3aaa8c7e77660499b0a77898638.js
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7771efb0493be3b72af4f72309fbcd3fc797ff5cb68411000809afb7906c2aa2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:42 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "98f9e-5ee86a908842a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UMupOFETjhiplbuSI2Dn5pGZ9bb4JOqcu7wHXdC0PDL5H3kFFY8ZHzZROomBM1SX8CyBTKHEc7Yx7WOrnsoDtTJrU%2FyreaYsLgfJBAcUbSQdiez4iNuSqgCGzOt4bx8nBkkyPpWiSe4FHJmHqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 893a4b0baa891e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo_ini.svg
2024-sparkassen-online.xyz/src/ 22 KB
9 KB 183ms
182ms Image
image/svg+xml 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2024-sparkassen-online.xyz/src/logo_ini.svg
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"58be-5ee86a908a36b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sle1Sv79rCs9c6zdqjjENnt6%2B6Q%2BWqRyfavoiKQva5936hZX5KbW5HtWaEVkC3sRV%2FPsWop9Qj1ymd7wikPO4WAPPmABtAglKCQuWTGv1pGTgDr3pd2zkVnRKcVw4xLoI72sAQKWGVkTfaFEtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 893a4b0baa8a1e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Bildmarke_S-Sparkasse_72px.svg
2024-sparkassen-online.xyz/src/ 976 B
887 B 153ms
152ms Image
image/svg+xml 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2024-sparkassen-online.xyz/src/Bildmarke_S-Sparkasse_72px.svg
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3d0-5ee86a90864ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dS6CxpzNmW0EtXs0VPoi68mTkMQYCGKKglAkTzcstDtYLw%2Bur3nf5R9H9M9NAT%2F5Eb15Ld1x34gssitT%2BxPjy12HmQFg0EqZwhhI%2Bf%2F0l2pmXP1zCGxzs65brbeWJLFGJiXyhd8FK8oINmIgYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 893a4b0baa8b1e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 1624599692487.png
2024-sparkassen-online.xyz/src/ 81 KB
82 KB 220ms
220ms Image
image/png 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2024-sparkassen-online.xyz/src/1624599692487.png
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56e9434317dee79ec08a0e26b77be2e4188fafa982f1e9b91d3103574f131b60

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:43 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "145f5-5ee86a90864ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AwReMWZ7X2jG9gmCEHUfAFyTpRkREas9uHKJYA%2FgSzXJlh70H1J%2B5NwNG7%2FlZR3H1iz13C4amd7t6b0crEA33M3EQqtRYBe77GWXtPt6OBDBEgHImaW46iUBzdfdPCBkgjAgXUBeaU4ACsqP1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 893a4b0c9bdc1e6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 83445

GET
H3 200 1559285204680.jpg
2024-sparkassen-online.xyz/src/ 49 KB
49 KB 240ms
240ms Image
image/jpeg 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2024-sparkassen-online.xyz/src/1559285204680.jpg
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0953b37758ea0fe97892f833b84425dce3e3dee6419374cf439c373b0a159f2e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:43 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c3f7-5ee86a90864ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MbGSR2EPMbrNg1Y48oVsMVrIlCp1K%2FutVsJXVzAMjif6TBaZ%2BbzO29aL%2B5RptN24dcgAGxxDWDixpO%2BFWgovUI6V5PclMx1gcDclcpHTIAFMoH5TYleYmOzs9pI7YiKb%2FspOLE4lU0kTEFBsVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 893a4b0ccc1d1e6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 50167

GET
H3 200 tdg
2024-sparkassen-online.xyz/src/ 45 B
482 B 132ms
132ms Image
image/gif 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2024-sparkassen-online.xyz/src/tdg
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:43 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2d-5ee86a909206b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aQdtasXWwFW8MEpbxjlKlDQFja%2FubesccSFCNHHvpVgQ6%2BQTMYbYwXvbkOLQm5aUMsuYE3OAqTu4ZY8aFpMPxkNGDaPbQzta0VWM7VoBMm1I9NRt6%2BGCwH67RWoEvJAKUXU3L5yA1j9mPOPzUg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 893a4b0ddd5f1e6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 45

GET
H3 200 universal_analytics.min.fce01e1aa1583405fd3c179639d0bd13.js Show response
2024-sparkassen-online.xyz/src/ 77 KB
27 KB 214ms
213ms Script
application/javascript 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2024-sparkassen-online.xyz/src/universal_analytics.min.fce01e1aa1583405fd3c179639d0bd13.js
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9ef9d42dab6b5e3172ec15be7fa5605792b9cd28055eaa9efc29c91eb789da6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "13358-5ee86a909206b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISbzmmDy%2Bw78Hx0kJs6SD%2FcsO1ISCNtDAQge9MOKGG3Mqi4t30BHvgNlof68jQyJ6NJTfFFLVK0k2Mb2Is7q0Qp7q8GaSxxOsLH%2BOSla8JIw8hdz0hOd5mrzmn5VaxlSHWeeUT4tXaaa4YNZhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 893a4b0ddd5e1e6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27368

GET
H3 200 Sparkasse_web_Rg.woff
2024-sparkassen-online.xyz/src/fonts/ 41 KB
41 KB 213ms
212ms Font
font/woff 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2024-sparkassen-online.xyz/src/fonts/Sparkasse_web_Rg.woff
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Origin: https://2024-sparkassen-online.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:43 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a200-5ee86a90864ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QstsPC84CUWG9a0bSypc0j3ZmwYRrREdosAQttDjJSbVBlFZhdIdq4Mv3hAQOP%2BqlBuwj9feS07iOU5c5C%2FwNInIhy03CqbQTHy0L1aHEJSAtfsgF7Fhq%2Bdxt0iP3iht5E8odWNQqbgaVbIcRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 893a4b0dfd831e6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 41472

GET
H3 200 pictos-if.woff
2024-sparkassen-online.xyz/src/fonts/ 204 KB
205 KB 245ms
244ms Font
font/woff 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2024-sparkassen-online.xyz/src/fonts/pictos-if.woff
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee88f0851598c363b9b465dd2606efb934c3357aaed3274d0f4a2e6d40b86951

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Origin: https://2024-sparkassen-online.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:43 GMT
cf-cache-status: MISS
last-modified: Sat, 31 Dec 2022 12:44:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3309c-5f11f12d8c3a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Os9XO%2FLXqyHsGai0HT%2FqK3%2FlB6r9pqa4AnBjAreUAsO9NEJGzfFa%2BTE3O7Sy2U9YUJ4gSd9zdNWr2uWCq0VwVQ%2FGX%2FdeP3kaVaiBAtCKXnVUZ0zdrz1bNJ8VmGhyu%2Fursc3922k3nyJn18p21Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 893a4b0dfd841e6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 209052

GET
H3 200 Sparkasse_web_Md.woff
2024-sparkassen-online.xyz/src/fonts/ 30 KB
31 KB 219ms
218ms Font
font/woff 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2024-sparkassen-online.xyz/src/fonts/Sparkasse_web_Md.woff
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67284df54731fccb0b3c039cbeaab3474c057c5bc95accad964b13ef86eb1c8d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Origin: https://2024-sparkassen-online.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:43 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7928-5ee86a90864ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwZz%2BB9o2nlh5qUfO%2B5eyFOmiu4bywpDje5Wa7t%2BPBwX8AHvHjwS5I12kUFA5b5%2Fqaw5wkz6wR2IBTiSR%2ByIK%2FNnITfFx5gbIy3VFybqc6DxpPqTFgT3CW4cxapp0yc0XWgXLvvOgL2UWLFgsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 893a4b0dfd871e6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31016

GET
H3 200 SparkasseHead_web_Rg.woff
2024-sparkassen-online.xyz/src/fonts/ 29 KB
30 KB 163ms
163ms Font
font/woff 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2024-sparkassen-online.xyz/src/fonts/SparkasseHead_web_Rg.woff
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Origin: https://2024-sparkassen-online.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:43 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7550-5ee86a90864ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sNCWTNvfgiBBm3Jbp4j9eqvGWDPl2Q9QXqmmCcpsTZK1NRiQp97JHDyQXcd1f%2BmMDgK%2FC0BZZJnY1dlAo2SalkUvrdesgIwW6MgD27SkC4RXOfFNpRn%2FMsrZ3GcnFOrQX3e%2FDE0JY0%2BnbeX1gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 893a4b0dfd881e6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30032

GET
H3 200 Sparkasse_web_Lt.woff
2024-sparkassen-online.xyz/src/fonts/ 30 KB
30 KB 196ms
195ms Font
font/woff 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2024-sparkassen-online.xyz/src/fonts/Sparkasse_web_Lt.woff
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25dd114c2f885924740de83597589835df1a394b84b1cf687585790462f95042

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Origin: https://2024-sparkassen-online.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:43 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "77cc-5ee86a90864ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HjyxWOvqo1z2DTZ2GddSkxrClHDZfvX4okeUGpIc%2F2DADly3ZOt1ozMxn5XJhxAqJqZu%2F%2FKodZWvz2zeytZfJXjPw1RXaGOee6VMe8lV0TmNB9N%2BkAyeB6TlGPayhQ4Yeu6Mb9N1ctkuGJdn9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 893a4b0dfd8a1e6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30668

GET
H3 200 Sparkasse_web_Bd.woff
2024-sparkassen-online.xyz/src/fonts/ 36 KB
36 KB 181ms
181ms Font
font/woff 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2024-sparkassen-online.xyz/src/fonts/Sparkasse_web_Bd.woff
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Origin: https://2024-sparkassen-online.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:43 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "901c-5ee86a90864ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KX4LWfq4XB0MQGmGHlBq1zK%2Fa8VVmfVcA3IM0IIDhxMWWJ6bUa9B0Qp68oclmnxralr1W8PFgNa6YnzEh45ocPABZAiv9UJAd39qSbmox86%2BsTxKQmwEUAGbBTvIVtz2p%2BsNggAS4D0Ug8%2BkVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 893a4b0dfd8c1e6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36892

GET
H3

200

main.js Show response
2024-sparkassen-online.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame 3E37
Redirect Chain

https://2024-sparkassen-online.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://2024-sparkassen-online.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

8 KB
4 KB

18ms
17ms

Script
application/javascript

172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2024-sparkassen-online.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

Requested by

Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA

Protocol

Server

172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0b6fa06f29b7b1f55548ba583568002f303cc4115033ef6ba3bdc44ea57493e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 14 Jun 2024 12:23:43 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6FRsk49epR3QuWlNq0as7entUYmF6s5k%2FITtkrpCXflgFdjjhY8Q%2FesR1Fi0iF%2BkG4UyMI6XD6exVamW0ePKgIwxsv62XFFdYAHSCM7wW9M4YScwqC7NcgPcGYfMycwdyY8kPpIdLPbVUjbPSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 893a4b0f9faa1e6c-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 14 Jun 2024 12:23:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wGZK3TnIQ5kVx8NUSjMMNd8V%2BgIPXk2wykZ86D2VHbNCSKIdSxSr0d6pzZk0qwOYFh%2BWOoubiRicGMQ3%2FQJVGqcYIQFpy%2BrbXj8ah%2BZwhwkDZmIyBdfp%2FqbCwWfIYJVUwTYUGBgKUq5YDTO6tw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 893a4b0f4f261e6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 893a4b0ae97c65cd Show response
2024-sparkassen-online.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3E37 0
710 B 39ms
39ms XHR
text/plain 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2024-sparkassen-online.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/893a4b0ae97c65cd
Requested by: Host: 2024-sparkassen-online.xyz
URL: https://2024-sparkassen-online.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Jun 2024 12:23:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBYcx%2FwJGgwG%2BO0sZwt3O4PsiJwst6FgCl4hwdEyV26u1g1RR9Q3U5uDPEERCF4AL%2F2ywb1Kb4nc%2BODAx1tz8nKcr3MNbpB7IU0Pa36LO6Y07Z6EfoBSxNGCWIp12SUZpWaO32W3rkCp5oduVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 893a4b1008651e6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 favicon1x.ico
2024-sparkassen-online.xyz/src/ 1 KB
689 B 131ms
131ms Other
image/vnd.microsoft.icon 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2024-sparkassen-online.xyz/src/favicon1x.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b09bfaae201b4b85471fc79e4890ed850374b3751f3dbda255092b1740c4737

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"47e-5ee86a90864ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZzZBynECYjyEKArlK%2Fb0pKZ9XOnIWzz%2F6gfWGYYwQxhI26RoYp433Xz7Ee8Vg1BEu3xEQPlfGPNLiaY5Byv2g5bknzKZIanmfXNwljAFjst2z%2FGpVARu0GSTqyIV1mlllF%2FkljTQQpUbF22cBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=14400
cf-ray: 893a4b1079011e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon2x.png
2024-sparkassen-online.xyz/src/ 298 B
771 B 139ms
139ms Other
image/png 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2024-sparkassen-online.xyz/src/favicon2x.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d57403a697fb7d9e5090e8958be0325c4ae6d09b72f6d67b9e2a666e6c6be335

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2024-sparkassen-online.xyz/anmeldung.php?starten=hlZXeQEqJdRo6mvNb1H3LB425Oi9Fc&shufflUri?=4lL7RnPH2Kp1FQZtDSgA
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:23:43 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 12:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "12a-5ee86a90864ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXkceCLcwAFpxzNrNBIkWIYz%2FFZ%2BBWrdPKo%2Bc%2B0b3qn%2FSBkPHSbSHl5ijWyWsDb2T8fkVzOI%2FKOO6wUjal%2F6Y1yA1VSMyjrfaithlUmU%2FWn2h1jmYus%2FQm07PL1C4sNaHbQpgk3g4j71NNCneQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 893a4b115a371e6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 298

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			2024-sparkassen-online.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: br0u8thjqir15k7n73g8a9l90m
			.2024-sparkassen-online.xyz/	1970-01-21 06:05:03	Name: cf_clearance Value: 3EaArry6t7pcXmI3Sze66bjWZmsryVYDpL5xDje4CF8-1718367823-1.0.1.1-ctoJ9bmJFVO.dPPne.LIwXz.Ood7_ImixhQ9aHa0zwdRiczYop2LmLfFS7jnxKxswewtZlhz1H0zzCgN3IWGdg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2024-sparkassen-online.xyz
haltedurch.xyz
us.lhlh3.ru.com
172.67.181.105
172.67.202.45
2606:4700:3030::ac43:b569
69.49.245.29
0953b37758ea0fe97892f833b84425dce3e3dee6419374cf439c373b0a159f2e
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
25dd114c2f885924740de83597589835df1a394b84b1cf687585790462f95042
2b09bfaae201b4b85471fc79e4890ed850374b3751f3dbda255092b1740c4737
2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a
56e9434317dee79ec08a0e26b77be2e4188fafa982f1e9b91d3103574f131b60
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
67284df54731fccb0b3c039cbeaab3474c057c5bc95accad964b13ef86eb1c8d
7771efb0493be3b72af4f72309fbcd3fc797ff5cb68411000809afb7906c2aa2
7bff2bf5fb283195a323aa0994f605e0710397955f82d54d8f4993993a5037d5
8516cb75d22acc9a4c03554aba5684907a0e9879401a5ff6f90733d8b1e0bc82
a9ef9d42dab6b5e3172ec15be7fa5605792b9cd28055eaa9efc29c91eb789da6
d57403a697fb7d9e5090e8958be0325c4ae6d09b72f6d67b9e2a666e6c6be335
e0b6fa06f29b7b1f55548ba583568002f303cc4115033ef6ba3bdc44ea57493e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86
ee88f0851598c363b9b465dd2606efb934c3357aaed3274d0f4a2e6d40b86951
f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35

2024-sparkassen-online.xyz Open in urlscan Pro 2606:4700:3030::ac43:b569 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

95 %HTTPS

25 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

894 kBTransfer

3068 kBSize

2 Cookies

10 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

37 JavaScript Global Variables

2 Cookies

Indicators

2024-sparkassen-online.xyz Open in urlscan Pro
2606:4700:3030::ac43:b569 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

894 kB
Transfer

3068 kB
Size

2
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!