sicher-mobile-volksbank-direkt.xyz Open in urlscan Pro
2606:4700:3030::6818:77f5  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sicher-mobile-volksbank-direkt.xyz/	3 KB 2 KB	726ms 689ms	Document text/html	2606:4700:3030::6818:77f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sicher-mobile-volksbank-direkt.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6818:77f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash da078b546f8ca24e1a36441725f00d954b62fadf8f53478657104a22408ad0d4 Request headers :method GET :authority sicher-mobile-volksbank-direkt.xyz :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 29 Nov 2020 16:17:55 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d4ed788de9d63fdf59d4d8008759b2bd71606666675; expires=Tue, 29-Dec-20 16:17:55 GMT; path=/; domain=.sicher-mobile-volksbank-direkt.xyz; HttpOnly; SameSite=Lax PHPSESSID=cs466uchcrodst8a8fchc3d4q6; path=/ x-powered-by PHP/5.6.40 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache cf-cache-status DYNAMIC cf-request-id 06b664fba00000175a20335000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LxejvuA1c0vUwtD2xvhA8w2VZv98tELszytZo7GYMmsPkk7jsXy%2FnhKTXktX3StopDzVhAVYhV13EnhwFOXq92tIMQENK4PCMXIjUARNECwfnFfB9sAI2Js7BwhZT6GpZeDp%2FqXLWehn%2FtGekZ83"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5f9da43f69ef175a-FRA content-encoding br
GET H2	200	owZe8v6G22WwbBEm0GI1Wnpo5.css sicher-mobile-volksbank-direkt.xyz/	11 KB 3 KB	465ms 464ms	Stylesheet text/css	2606:4700:3030::6818:77f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sicher-mobile-volksbank-direkt.xyz/owZe8v6G22WwbBEm0GI1Wnpo5.css Requested by Host: sicher-mobile-volksbank-direkt.xyz URL: https://sicher-mobile-volksbank-direkt.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6818:77f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash df9f468196bdd2e7604fcb6a004d80147b1b2f5f2fd20551c9a70539205cb033 Request headers Referer https://sicher-mobile-volksbank-direkt.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 29 Nov 2020 16:17:56 GMT content-encoding br cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.6.40 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sVqQmHmV3lwaGt8LFrMC0w5H5%2BilfvbyZtSEZ4PuowZhPnje0ULMHT%2BeF0nnC5lrYPKfvH2Ggx0%2BV5YrHuAEmeA3z2Ip5Xqe879aTQhgqMqcZwBrbEFC7lX4a5JST9fk1DkXVtHKLr4QkIOtgiwo"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5f9da443bc2b175a-FRA cf-request-id 06b664fe580000175ad2226000000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	owU13IVcpE2JTbDejmc.png sicher-mobile-volksbank-direkt.xyz/	4 KB 5 KB	502ms 501ms	Image image/png	2606:4700:3030::6818:77f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sicher-mobile-volksbank-direkt.xyz/owU13IVcpE2JTbDejmc.png Requested by Host: sicher-mobile-volksbank-direkt.xyz URL: https://sicher-mobile-volksbank-direkt.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6818:77f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash 8228666f7b7248efbb90277106bc381310060a5c7e2975264f75925c8d2d43ed Request headers Referer https://sicher-mobile-volksbank-direkt.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma cache date Sun, 29 Nov 2020 16:17:56 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.6.40 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9a2T4PmP7vIcubLiZh7kNwSZXfzPCF%2Fgb1g2gGIBsSzm08JPFRmLEy7OG0QQTLje4XVToGotp%2FGiTISGvH2SNiOxJhis1YJNGAQljD36%2BPBmemzWM1gK%2FOxeViROBFkxj8%2FsX4Hh2hgxQbIGWiN6"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 5f9da443bc2e175a-FRA cf-request-id 06b664fe590000175ad8309000000001 expires Sun, 29 Nov 2020 17:17:56 GMT
GET H2	200	oIQjf8Tk7IYJNLwI6NzZ1Tz.jpg sicher-mobile-volksbank-direkt.xyz/	76 KB 76 KB	465ms 464ms	Image image/jpeg	2606:4700:3030::6818:77f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sicher-mobile-volksbank-direkt.xyz/oIQjf8Tk7IYJNLwI6NzZ1Tz.jpg Requested by Host: sicher-mobile-volksbank-direkt.xyz URL: https://sicher-mobile-volksbank-direkt.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6818:77f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash 0392b2010148a814539651ab0b337ad59c7d65c20e612dd0b25ad3fa41f88053 Request headers Referer https://sicher-mobile-volksbank-direkt.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma cache date Sun, 29 Nov 2020 16:17:56 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.6.40 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6bzhPlejZUQ12f3RFXj2Ba3eSZ%2FNfpos8jZRWcFSgqbt2u9J2upHbVo1%2FS4BN3NnScCl956aw2wOY6ntD5rjwRUj34GqW0DKMxHmw72mrkFPlks3MLc4sgCSgUsj4AyTJaOMFg9%2F7ZzfN39bxUjS"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 5f9da443bc30175a-FRA cf-request-id 06b664fe590000175ada9a1000000001 expires Sun, 29 Nov 2020 17:17:56 GMT
GET H2	200	oNNVlhQSejA6DlTwNT8.png sicher-mobile-volksbank-direkt.xyz/	416 B 765 B	1488ms 1487ms	Image image/png	2606:4700:3030::6818:77f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sicher-mobile-volksbank-direkt.xyz/oNNVlhQSejA6DlTwNT8.png Requested by Host: sicher-mobile-volksbank-direkt.xyz URL: https://sicher-mobile-volksbank-direkt.xyz/owZe8v6G22WwbBEm0GI1Wnpo5.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6818:77f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash c5b872fa66fc0c05f349cb4ca2b9efe201c9b786810ce403379093639f8be0dd Request headers Referer https://sicher-mobile-volksbank-direkt.xyz/owZe8v6G22WwbBEm0GI1Wnpo5.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma cache date Sun, 29 Nov 2020 16:17:57 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.6.40 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JtTicL9trgVCIOsr2e7sElHz39W215Yn%2BInhYkjyVrO5c%2F5fsLjHlAd%2FS9GAK2XWo2ZfMk0XkyLAqdwKwTOtSPZUcXoag7t%2Bs5mQumPhhTZWlGptl%2FjBvImNtLkKpotmLqOmodJjQkyk4nSizOD%2F"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 5f9da446aaf2175a-FRA cf-request-id 06b665002a0000175a15252000000001 expires Sun, 29 Nov 2020 17:17:57 GMT
GET H2	200	oJep6mgze4TZD59OIzDyP.png sicher-mobile-volksbank-direkt.xyz/	199 B 507 B	480ms 480ms	Image image/png	2606:4700:3030::6818:77f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sicher-mobile-volksbank-direkt.xyz/oJep6mgze4TZD59OIzDyP.png Requested by Host: sicher-mobile-volksbank-direkt.xyz URL: https://sicher-mobile-volksbank-direkt.xyz/owZe8v6G22WwbBEm0GI1Wnpo5.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6818:77f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash 77045e6ba6dd51a001227df5fba513f06957554157546bdf634e2de04073ae3c Request headers Referer https://sicher-mobile-volksbank-direkt.xyz/owZe8v6G22WwbBEm0GI1Wnpo5.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma cache date Sun, 29 Nov 2020 16:17:56 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.6.40 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wnuESkIapw8jl%2BFmgKZx2gVkrb14bjbjyuGjzNwSscuPCBkXQ%2BHoqZYz7zGd8mkV20Ab0YtsxeSCg2%2Bz%2FEU6uVPAMUkxs%2Fol32LuMo4QcBJGY0jl5ZZ%2BoOypDIWmZfS%2FQE2L3UK%2FyurVhaWnoYxv"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 5f9da446bb0c175a-FRA cf-request-id 06b66500320000175af1bb5000000001 expires Sun, 29 Nov 2020 17:17:56 GMT
GET H2	200	ovzarbqjT1IDg8JDojRtcR6i.png sicher-mobile-volksbank-direkt.xyz/	206 B 510 B	471ms 470ms	Image image/png	2606:4700:3030::6818:77f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sicher-mobile-volksbank-direkt.xyz/ovzarbqjT1IDg8JDojRtcR6i.png Requested by Host: sicher-mobile-volksbank-direkt.xyz URL: https://sicher-mobile-volksbank-direkt.xyz/owZe8v6G22WwbBEm0GI1Wnpo5.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6818:77f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash c756a9cf8914499689ca9b70f08d482c5121c6712ec2544c14c83bf97a18c4d8 Request headers Referer https://sicher-mobile-volksbank-direkt.xyz/owZe8v6G22WwbBEm0GI1Wnpo5.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma cache date Sun, 29 Nov 2020 16:17:56 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.6.40 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bm1%2F6%2FLsKF1cPub8Xrhn4iBZJRzNR%2BwMDfdCOoMH0W25gUQje9pBltR4iQeOC3sEIXckdE%2FRJ4Aplf%2BsteFcM7KvXrkm1gxm8k4LPZEjWITubhaA5PlXm6P40DBA4s%2FoUoi%2FIDNrcpHfnxt4iJd0"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 5f9da446bb0f175a-FRA cf-request-id 06b66500320000175adfbde000000001 expires Sun, 29 Nov 2020 17:17:56 GMT
GET H2	200	track.php Show response log.hitsteps.net/	40 KB 10 KB	98ms 45ms	Script text/javascript	172.64.128.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://log.hitsteps.net/track.php?code=c1af30703a7909661486789fa4a9e11b Requested by Host: sicher-mobile-volksbank-direkt.xyz URL: https://sicher-mobile-volksbank-direkt.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.128.13 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.11 Resource Hash 95de8b8e27482bb74828ce6ca0c3516cd6fc7283bf0efea4a50bce7c8193d7cf Request headers Referer https://sicher-mobile-volksbank-direkt.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 29 Nov 2020 16:17:56 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.4.11 p3p CP="CAO PSA OUR" cf-request-id 06b66500810000cdabad031000000001 pragma no-cache last-modified Sun, 29 Nov 2020 16:17:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XeDUCUnA9jW5mxLj6ThMiVO91%2FoCotfkJOP7fdpEYfW5s63quD5ZEu8DqaYJqsVZ7XeDXLnlr1d4xfrV0%2FdlwmJvYNv3AbIqcjc%2B25rTGh4i"}],"group":"cf-nel","max_age":604800} content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control max-age=3600, s-max-age=84600 cf-ray 5f9da4473afbcdab-CDG expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	gather.php log.hitsteps.net/	53 B 450 B	72ms 71ms	Image image/gif	172.64.128.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://log.hitsteps.net/gather.php?sid=86370&ui=jr8kvqushg&aid=73575&u=https%3A//sicher-mobile-volksbank-direkt.xyz/&et=1&ti=eBanking%20Private%20Edition%20-%20Volksbank&touchpoints=0&sh=1200&sw=1600&sc=24&wsh=1200&wsw=1600&p=&l=en-US&c=Linux%20x86_64&t=60&ja=1&fv=&MySearch=&uniqueid=&integrity=&ipname=&gdpr=2&Tag=&label=&iTag=&iPage=&utm_source=&src=&jv=0&ca=1&uidn=&hitc=&rev=&goal=&timing=1227&dm=sicher-mobile-volksbank-direkt.xyz&v=0.6360849520254894 Requested by Host: sicher-mobile-volksbank-direkt.xyz URL: https://sicher-mobile-volksbank-direkt.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.128.13 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.11 Resource Hash 39d7a3994f127f43abd8e2e25377f48970f37c0a4d0cbeb55c0631516609ea60 Request headers Referer https://sicher-mobile-volksbank-direkt.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 29 Nov 2020 16:17:56 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.4.11 p3p CP="CAO PSA OUR" cf-request-id 06b66500b30000cdab9309e000000001 pragma no-cache last-modified Sun, 29 Nov 2020 16:17:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rCJrU%2F2sXhGzYd8Vkd5%2FjLMNJOQ6Fs5xFROYTnL%2BQZweALAPEatJcOJOMa5RaoQIXLg1FIiABGJalOgRmUd3pqjhHvvtNJzw415KLy46PH2t"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 cf-ray 5f9da4478ba0cdab-CDG expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	png.php Show response log.hitsteps.net/	294 B 524 B	35ms 35ms	Script text/javascript	172.64.128.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://log.hitsteps.net/png.php?idle=0&aid=73575&sid=86370&temp_uid=jr8kvqushg&lang=auto&bat=100//Adapter//00%3A00//---&aplg=not%20found Requested by Host: log.hitsteps.net URL: https://log.hitsteps.net/track.php?code=c1af30703a7909661486789fa4a9e11b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.128.13 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.11 Resource Hash 92cedc4a98d0d2f737f76314549dbcd3af502daaab543e55871793479bf2cb75 Request headers Referer https://sicher-mobile-volksbank-direkt.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 29 Nov 2020 16:17:57 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.4.11 p3p CP="CAO PSA OUR" cf-request-id 06b665049d0000cdab0138b000000001 pragma no-cache last-modified Sun, 29 Nov 2020 16:17:57 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kYDjoQfo7TkdulvK12J3nH8p7HVeuQCIwFsSmza0BjjhGbklBRCULRO8NY9ZtrxJzrkqet3SY%2FLwKV0JH3YesCSR1g%2BhJgOiukUbRnaioqEN"}],"group":"cf-nel","max_age":604800} content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 cf-ray 5f9da44dca73cdab-CDG expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	png.php Show response log.hitsteps.net/	294 B 533 B	45ms 44ms	Script text/javascript	172.64.128.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://log.hitsteps.net/png.php?idle=0&aid=73575&sid=86370&temp_uid=jr8kvqushg&lang=auto&bat=100//Adapter//00%3A00//---&aplg=not%20found Requested by Host: log.hitsteps.net URL: https://log.hitsteps.net/track.php?code=c1af30703a7909661486789fa4a9e11b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.128.13 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.11 Resource Hash 92cedc4a98d0d2f737f76314549dbcd3af502daaab543e55871793479bf2cb75 Request headers Referer https://sicher-mobile-volksbank-direkt.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 29 Nov 2020 16:18:02 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.4.11 p3p CP="CAO PSA OUR" cf-request-id 06b665184c0000cdabada34000000001 pragma no-cache last-modified Sun, 29 Nov 2020 16:18:02 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TO6o8c5RzKovtvOEIyVF%2BG7fbAvoElQ%2FOHodyzzc9mT4IzsquvRDA4JHa%2FrcUc%2B6xgdurVaoVo0GgEbur%2Fs%2B6Hke%2FkHbidUftMDe%2FxzOEOT2"}],"group":"cf-nel","max_age":604800} content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 cf-ray 5f9da46d4aeecdab-CDG expires Tue, 03 Jul 2001 06:00:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| _hs_getqs function| _hs_setData function| _hs_getData string| ipname_temp string| _hs_uniqueid_temp number| _hs_gdpr_diag function| _hs_checkGDPR string| _hs_bat object| _hs_sysbat string| _hs_adplug string| _hs_a_uid number| _hs_navigator_touchpoints function| _hs_readAdplugin function| _hs_readBattery function| _HSTracker number| _HS_jquery_injected number| HSTracked number| ChatDiv undefined| _HS_body undefined| _HS_html undefined| _HS_dhh undefined| hstc undefined| hstcs undefined| htssc function| _hs_getParmFromHash function| getScript object| hsutube number| hsytindex object| hsutbarr object| hsplayerArray object| hitsteps number| hs_idleTime number| hs_idle number| hs_idles number| hs_timed function| _hsni_addListener function| _hsni_get_href function| _hsni_get_parent function| _hsni_get_target function| _hsni_trackAlinks function| _hsni_noIdle function| _hsni_Idle function| _hsni_mnoIdle function| hs_CheckInactivity function| onYouTubePlayerReady function| onYouTubeIframeAPIReady function| _hs_elementor_video_overlay function| _hs_hash_changed number| aid number| sid string| _hs_api_code_public string| hs_lang number| hs_enable_form number| _hs_noyoutubeapi number| _hs_heatmap_allowed number| _hs_pre_compliance string| _hs_gdpr_compliance_txt string| _hs_gdpr_btn_yes string| _hs_gdpr_btn_no function| _hs_a_giveMeRandom function| _hs_a_readCookie function| _hs_a_writeCookie function| _hs_a_setVal function| _hs_a_getVal function| _hs_bt_toTime object| prm number| nochat number| _hs_youtubeapiloaded number| hs_pingcount number| _hs_gdpr object| img string| hs_rev string| hs_goal string| mysearch string| MySearch string| tag string| Tag string| label string| IPname string| ipname string| _hs_uniqueid string| _hs_integrity string| _hs_last_full_url string| uaddress string| utitle string| uref string| new_url object| battery

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sicher-mobile-volksbank-direkt.xyz/	1969-12-31 23:59:59	Name: _HS_temp_id Value: jr8kvqushg
			sicher-mobile-volksbank-direkt.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: cs466uchcrodst8a8fchc3d4q6
			.sicher-mobile-volksbank-direkt.xyz/	1970-01-19 15:00:58	Name: __cfduid Value: d4ed788de9d63fdf59d4d8008759b2bd71606666675

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

log.hitsteps.net
sicher-mobile-volksbank-direkt.xyz
172.64.128.13
2606:4700:3030::6818:77f5
0392b2010148a814539651ab0b337ad59c7d65c20e612dd0b25ad3fa41f88053
39d7a3994f127f43abd8e2e25377f48970f37c0a4d0cbeb55c0631516609ea60
77045e6ba6dd51a001227df5fba513f06957554157546bdf634e2de04073ae3c
8228666f7b7248efbb90277106bc381310060a5c7e2975264f75925c8d2d43ed
92cedc4a98d0d2f737f76314549dbcd3af502daaab543e55871793479bf2cb75
95de8b8e27482bb74828ce6ca0c3516cd6fc7283bf0efea4a50bce7c8193d7cf
c5b872fa66fc0c05f349cb4ca2b9efe201c9b786810ce403379093639f8be0dd
c756a9cf8914499689ca9b70f08d482c5121c6712ec2544c14c83bf97a18c4d8
da078b546f8ca24e1a36441725f00d954b62fadf8f53478657104a22408ad0d4
df9f468196bdd2e7604fcb6a004d80147b1b2f5f2fd20551c9a70539205cb033