sk-kundencenter.de Open in urlscan Pro
104.21.64.174 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sk-kundencenter.de/
Submission: On November 23 via automatic, source certstream-suspicious (November 23rd 2021, 6:44:12 pm UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 104.21.64.174, located in and belongs to CLOUDFLARENET, US. The main domain is sk-kundencenter.de.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 23rd 2021. Valid for: a year.

This is the only time sk-kundencenter.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address		AS Autonomous System
12	104.21.64.174 104.21.64.174		13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	1

12 104.21.64.174 (None, )

ASN13335 (CLOUDFLARENET, US)

sk-kundencenter.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	sk-kundencenter.de sk-kundencenter.de	1 MB
12	1

	Domain	Requested by
12	sk-kundencenter.de	sk-kundencenter.de
12	1

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-23` - `2022-11-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sk-kundencenter.de/
Frame ID: 170731BCDFE7AD70D5BFCA2A5BC78E7C
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sparkasse: pushTAN neu einrichten | Sparkasse.de

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1056 kB
Transfer

1173 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sk-kundencenter.de/	8 KB 3 KB	143ms 112ms	Document text/html	104.21.64.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sk-kundencenter.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.174 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `95f0f3777bc2f3abc92c572a29a17eee9bd666c95b296b56ce3af3515e8e2995` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 23 Nov 2021 18:44:04 GMT content-type text/html; charset=UTF-8 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsDW8iNB9lvBcPcoC62GseNCRCCIas7Ze1R%2F5jv2V9IMu8Zv6zMWicH7yISFac83lj%2FJ3YzzZC2uMuGOzqGua9xNYOt6vZoMAbfHqQZbP404mMRK0tKpqcW5sog%2Fw7jVsEfUleE%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6b2c8bf4db41c303-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	style.php sk-kundencenter.de/content/css/	10 KB 3 KB	30ms 29ms	Stylesheet text/css	104.21.64.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sk-kundencenter.de/content/css/style.php?s=true Requested by Host: sk-kundencenter.de URL: https://sk-kundencenter.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.174 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `acd36bcf1cb2da4e6ce2cd694737875e308b8d8dca57d0045a2895199cd09906` Request headers Accept-Language de-DE,de;q=0.9 Referer https://sk-kundencenter.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Tue, 23 Nov 2021 18:44:04 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ps7YZStroYVgjuP6UppfOy2gnVsooXIsUFjPQdA2DEkw%2B0KKRxpkU3FSiiXddd0KQhPTV1m08GE5t1evRJK4FEv68kPC0%2Bt4XCl2AV5IQAxHXBhJ1hK9Wl8WSfUkDrTNi%2FPBZeY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 6b2c8bf5ac87c303-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	mobil.php sk-kundencenter.de/content/css/	6 KB 2 KB	48ms 48ms	Stylesheet text/css	104.21.64.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sk-kundencenter.de/content/css/mobil.php?s=true Requested by Host: sk-kundencenter.de URL: https://sk-kundencenter.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.174 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cd80f894710702d3b45ee1d86780105805ed740e50cf33f2bb3e5e8f35b26e73` Request headers Accept-Language de-DE,de;q=0.9 Referer https://sk-kundencenter.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Tue, 23 Nov 2021 18:44:04 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDxi3%2Bnid6wdc8OXwfx%2F3qNcXIEcPw%2BVPqqY0DMEdTBLFPGT1jGEneQLEv1cM9tJp3oOzaVFoUZ5IVmnJzy0Y%2Bfnqwbs9Kw%2BxbIHNB%2BU6uX7ZGbb4k53pL3Mc4m7gQZ3HDxAhQY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 6b2c8bf5ac89c303-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	spk_logo.svg sk-kundencenter.de/content/img/	9 KB 3 KB	78ms 77ms	Image image/svg+xml	104.21.64.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sk-kundencenter.de/content/img/spk_logo.svg Requested by Host: sk-kundencenter.de URL: https://sk-kundencenter.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.174 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `83cefa04d2a8da2960e486e7bf75568edd41484e9b8ef59ced6d8237d474fc76` Request headers Accept-Language de-DE,de;q=0.9 Referer https://sk-kundencenter.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 18:44:04 GMT content-encoding br cf-cache-status MISS last-modified Thu, 15 Jul 2021 23:01:56 GMT server cloudflare etag W/"256f-5c73175216100" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLKjYGTqS%2BkrsG1669XypGNoJhJkvWJJ%2BtJ83aHcjMNcTCQ7Pacj588WWUK7aXABrOTzGHMp1La2kViyRJTIUkkewgkvmTnirPyGqbJxnRqiheVEKLV5P5Dw2wHlKyW2%2B%2F0lpVg%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6b2c8bf5ac8bc303-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	bg1.jpg sk-kundencenter.de/content/img/	968 KB 970 KB	63ms 62ms	Image image/jpeg	104.21.64.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sk-kundencenter.de/content/img/bg1.jpg Requested by Host: sk-kundencenter.de URL: https://sk-kundencenter.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.174 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b135fa8ba0743c0bd08b299fc3d80263a0799ddaee350e68bd59e1f73275e908` Request headers Accept-Language de-DE,de;q=0.9 Referer https://sk-kundencenter.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 18:44:04 GMT cf-cache-status MISS last-modified Fri, 16 Jul 2021 04:30:50 GMT server cloudflare etag "f21f4-5c7360d5e5280" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ra5OKWDr%2FJOzVNrVqyWW%2BnwpEtP8q%2FSUja6aUVN%2FXb8lrN2qeYQGTdb8Rd%2F8gfrkO3Q1CVfMcjGUkuDugSujHXqUU2a5GOPLd98bDuuflrUcqn4JkeSv%2BXsAoqyOPVddvbTWdgI%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6b2c8bf5ac8ec303-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 991732
GET H2	200	check.svg sk-kundencenter.de/content/img/	238 B 515 B	75ms 75ms	Image image/svg+xml	104.21.64.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sk-kundencenter.de/content/img/check.svg Requested by Host: sk-kundencenter.de URL: https://sk-kundencenter.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.174 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3bb5eb8231e8844d47e9cd8b219d96b3eafc819cb348ab5e0ab4f1df9513c455` Request headers Accept-Language de-DE,de;q=0.9 Referer https://sk-kundencenter.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 18:44:04 GMT content-encoding br cf-cache-status MISS last-modified Fri, 16 Jul 2021 05:15:12 GMT server cloudflare etag W/"ee-5c736ac093800" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skPcR8OqdhBhGc5UnZFaiJ%2FgRTKUYqM0zDGSFjZgcc%2BN0JL%2FXSFYUnbQexjjhyCU2AB0%2B2%2FeZMBk%2FbWTFFDDl78K71XvRMQMqiFlDm6nLgc6l2SKaHIOOuw%2FhayURjbliFBa32M%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6b2c8bf5ac8fc303-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	deka.svg sk-kundencenter.de/content/img/	3 KB 2 KB	2781ms 2780ms	Image image/svg+xml	104.21.64.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sk-kundencenter.de/content/img/deka.svg Requested by Host: sk-kundencenter.de URL: https://sk-kundencenter.de/content/css/style.php?s=true Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.174 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5596c01b38fc472e7332186e21056e20833fcc9e6572ab9fa8893f824994f6dd` Request headers Accept-Language de-DE,de;q=0.9 Referer https://sk-kundencenter.de/content/css/style.php?s=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 18:44:06 GMT content-encoding br cf-cache-status MISS last-modified Fri, 16 Jul 2021 02:35:14 GMT server cloudflare etag W/"c2d-5c7346ff35c80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FdRQ806dzZM%2BUejSPGlitQXp12t1%2FE791BCTvIZdD4p2bPdCWVD9d7BifRHXdTWKQ%2BistqOvN2%2BfPTH8XKVJqQlluqNz1ZfgcCHOA20VSngEcBVqYIiBOkWS8WGHXD9MC%2BZ3bU%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6b2c8bf5ff04430f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	lbs.svg sk-kundencenter.de/content/img/	4 KB 2 KB	2784ms 2783ms	Image image/svg+xml	104.21.64.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sk-kundencenter.de/content/img/lbs.svg Requested by Host: sk-kundencenter.de URL: https://sk-kundencenter.de/content/css/style.php?s=true Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.174 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8cd389a404f5909da61c49ec5da925c1fb9accaf92484b7497e26548fc06f083` Request headers Accept-Language de-DE,de;q=0.9 Referer https://sk-kundencenter.de/content/css/style.php?s=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 18:44:06 GMT content-encoding br cf-cache-status MISS last-modified Fri, 16 Jul 2021 02:26:46 GMT server cloudflare etag W/"116f-5c73451abe580" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKIB0b4%2BrorLooTMBNcBB%2BKVdAcedEnnVl3TUfZg0EnRv3qoTpx8v%2Bt5OP6hNdjZGn0%2BS8Wx%2FLqLfZcBqgGHh%2FYhQdUPQPQdyYuCkeb7xtYC734yMGAGAtVYxEbSYSMMOdysVik%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6b2c8bf5ff0f430f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	leasing.svg sk-kundencenter.de/content/img/	13 KB 6 KB	1774ms 1773ms	Image image/svg+xml	104.21.64.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sk-kundencenter.de/content/img/leasing.svg Requested by Host: sk-kundencenter.de URL: https://sk-kundencenter.de/content/css/style.php?s=true Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.174 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `235b10a1f670d6a4974f902898b795b10b0946a8fd3b6c99475d2df720d9c13b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://sk-kundencenter.de/content/css/style.php?s=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 18:44:05 GMT content-encoding br cf-cache-status MISS last-modified Fri, 16 Jul 2021 02:27:22 GMT server cloudflare etag W/"34e2-5c73453d13680" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBl2RSFCnOlOCEYrlZhRZ5%2FlhrPCE3sk3PicQsBXcdvIQfCTyCgzjNE0CyXPK%2BsTrdq4f9A9MtmUi%2BIHD%2B2nFoD5cjbZDEvWB0w8S6R8Ftp2G8kow%2Bsk4CuJulJtOtmCB8cpJac%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6b2c8bf5ff14430f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	versicherung.svg sk-kundencenter.de/content/img/	48 KB 18 KB	1788ms 1787ms	Image image/svg+xml	104.21.64.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sk-kundencenter.de/content/img/versicherung.svg Requested by Host: sk-kundencenter.de URL: https://sk-kundencenter.de/content/css/style.php?s=true Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.174 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b25cdac0d6bb522796e9a24c96360b91e0a65a03e4b71a2b215af91e8afc2caa` Request headers Accept-Language de-DE,de;q=0.9 Referer https://sk-kundencenter.de/content/css/style.php?s=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 18:44:05 GMT content-encoding br cf-cache-status MISS last-modified Fri, 16 Jul 2021 02:27:48 GMT server cloudflare etag W/"bf07-5c734555df100" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GhXQytkoYeQxNGOtVCMvIOq6lRb6ixT0d6OfMvTrKp00Wik4hPgOM8PqngqFXgcYP94RC4KZR4dK%2BSGTXHDVZx6IA%2BVGtXS39hNPjZnJqdQclutxEIpReYOzYANYfn8%2Fc8ZEfc%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6b2c8bf5ff15430f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	sprites.svg sk-kundencenter.de/content/img/	71 KB 16 KB	788ms 788ms	Image image/svg+xml	104.21.64.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sk-kundencenter.de/content/img/sprites.svg Requested by Host: sk-kundencenter.de URL: https://sk-kundencenter.de/content/css/style.php?s=true Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.174 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `76ae60b25983a4ae5b995a5c9d3ff40c4705e5d3232611702db9a339142c6e77` Request headers Accept-Language de-DE,de;q=0.9 Referer https://sk-kundencenter.de/content/css/style.php?s=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 18:44:04 GMT content-encoding br cf-cache-status MISS last-modified Fri, 16 Jul 2021 00:19:52 GMT server cloudflare etag W/"11a28-5c7328bd77a00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsLlbpWkzRyTWOdzosDSoZutpqp9dK3v2pljYdPhjlq0ESU5wCrGd4buT9AlMhpOADDcBMW6QYTAMLlt2gwIR5ZKom4ne5L%2F4Ub4V3hJ2p3%2FQE%2B5%2Fk2nJLyv4aBEz%2BMsuyjXkOg%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6b2c8bf5ff18430f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	spk_rg.woff2 sk-kundencenter.de/content/font/	31 KB 32 KB	2791ms 2791ms	Font font/woff2	104.21.64.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sk-kundencenter.de/content/font/spk_rg.woff2 Requested by Host: sk-kundencenter.de URL: https://sk-kundencenter.de/content/css/style.php?s=true Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.174 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a1526819ed10b3c4d9a1f6e956e673b47f295e58ac66e27391777e58e870331d` Request headers Referer https://sk-kundencenter.de/content/css/style.php?s=true Origin https://sk-kundencenter.de Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 18:44:06 GMT cf-cache-status MISS last-modified Mon, 12 Jul 2021 19:25:34 GMT server cloudflare etag "7c14-5c6f215d1a780" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6521eO9OUM9M3qVx1%2BR0PGg5m6rgdJyCBecO3dJeQJmF4YeKnIlzxGS2tV2qV7TIoyjGif%2BYbIqRI4yST8anNsAH7hjXQaFuiYOG80EhP1KTc2MO1bSJZKQ8lNTp0xld9RTbgyg%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6b2c8bf5ff1b430f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 31764

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sk-kundencenter.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: tfnt9u0i25dlerjdkl0jacvjg7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sk-kundencenter.de
104.21.64.174
235b10a1f670d6a4974f902898b795b10b0946a8fd3b6c99475d2df720d9c13b
3bb5eb8231e8844d47e9cd8b219d96b3eafc819cb348ab5e0ab4f1df9513c455
5596c01b38fc472e7332186e21056e20833fcc9e6572ab9fa8893f824994f6dd
76ae60b25983a4ae5b995a5c9d3ff40c4705e5d3232611702db9a339142c6e77
83cefa04d2a8da2960e486e7bf75568edd41484e9b8ef59ced6d8237d474fc76
8cd389a404f5909da61c49ec5da925c1fb9accaf92484b7497e26548fc06f083
95f0f3777bc2f3abc92c572a29a17eee9bd666c95b296b56ce3af3515e8e2995
a1526819ed10b3c4d9a1f6e956e673b47f295e58ac66e27391777e58e870331d
acd36bcf1cb2da4e6ce2cd694737875e308b8d8dca57d0045a2895199cd09906
b135fa8ba0743c0bd08b299fc3d80263a0799ddaee350e68bd59e1f73275e908
b25cdac0d6bb522796e9a24c96360b91e0a65a03e4b71a2b215af91e8afc2caa
cd80f894710702d3b45ee1d86780105805ed740e50cf33f2bb3e5e8f35b26e73

sk-kundencenter.de Open in urlscan Pro 104.21.64.174 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1056 kBTransfer

1173 kBSize

1 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

1 Cookies

Indicators

sk-kundencenter.de Open in urlscan Pro
104.21.64.174 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1056 kB
Transfer

1173 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!