urlscan.io logo urlscan.io
SecurityTrails logo

datensec-volckchek.xyz Open in urlscan Pro
188.114.96.3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://is.gd/2J0RAO
Effective URL: https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Submission: On July 05 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is datensec-volckchek.xyz.
TLS certificate: Issued by E1 on May 19th 2024. Valid for: 3 months.
This is the only time datensec-volckchek.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking) Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 28 188.114.96.3 13335 (CLOUDFLAR...)
1 1 172.67.165.123 13335 (CLOUDFLAR...)
24 1
Apex Domain
Subdomains		 Transfer
22 datensec-volckchek.xyz
datensec-volckchek.xyz
895 KB
6 shturl.xyz
shturl.xyz
8 KB
1 yachthafen.xyz
yachthafen.xyz
508 B
1 is.gd
is.gd — Cisco Umbrella Rank: 130618
329 B
24 4
Domain Requested by
22 datensec-volckchek.xyz 2 redirects datensec-volckchek.xyz
6 shturl.xyz 2 redirects shturl.xyz
1 yachthafen.xyz 1 redirects
1 is.gd 1 redirects
24 4
Subject Issuer Validity Valid
shturl.xyz
WE1		 2024-06-16 -
2024-09-14		 3 months crt.sh
datensec-volckchek.xyz
E1		 2024-05-19 -
2024-08-17		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Frame ID: 29EA3294496BB7AE6CFA33175E2750D9
Requests: 22 HTTP requests in this frame

Frame: https://datensec-volckchek.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
Frame ID: 8CF4386D12DF8A22D7D781B237CB322A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login Online-Banking | Sparkasse

Page URL History Show full URLs

  1. https://is.gd/2J0RAO HTTP 301
    https://shturl.xyz/ikckKrVj Page URL
  2. https://shturl.xyz/cdn-cgi/phish-bypass?atok=AOivStRqi4HjtGpXsxHT0AUncRC3u1EW1YdJ1mleops-172017... HTTP 301
    https://shturl.xyz/ikckKrVj HTTP 302
    https://yachthafen.xyz/yachtfahrer HTTP 307
    https://datensec-volckchek.xyz/?s=430hsayqp4mnh6fsv3hi9sr3yxlzsxp0 HTTP 302
    https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWF... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div class="[^"]*parbase
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

24
Requests

96 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

1
IPs

2
Countries

902 kB
Transfer

3119 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://is.gd/2J0RAO HTTP 301
    https://shturl.xyz/ikckKrVj Page URL
  2. https://shturl.xyz/cdn-cgi/phish-bypass?atok=AOivStRqi4HjtGpXsxHT0AUncRC3u1EW1YdJ1mleops-1720177681-0.0.1.1-%2FikckKrVj HTTP 301
    https://shturl.xyz/ikckKrVj HTTP 302
    https://yachthafen.xyz/yachtfahrer HTTP 307
    https://datensec-volckchek.xyz/?s=430hsayqp4mnh6fsv3hi9sr3yxlzsxp0 HTTP 302
    https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://is.gd/2J0RAO HTTP 301
  • https://shturl.xyz/ikckKrVj
Request Chain 19
  • https://datensec-volckchek.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://datensec-volckchek.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ikckKrVj
shturl.xyz/
Redirect Chain
  • https://is.gd/2J0RAO
  • https://shturl.xyz/ikckKrVj
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shturl.xyz/ikckKrVj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e73724be0f2dec339f95874bccba68151a9c00397a0c19a820e72db54f143f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-ray
89e6e50d5cb54dc6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jul 2024 11:08:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XFHP20GD3zhRvmoT3ZHY9i34KEIOfA3GbiDeB1GAw2p2FMpFu4xCw7K2rNo6lMmGrCQjso8VD%2FqxHOArqVSYToVEtCMibDfXwMIvtURloVKLiZCC%2B2euf1zzNZLY"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
89e6e50bfa2718cd-FRA
content-type
text/html; charset=UTF-8
date
Fri, 05 Jul 2024 11:08:01 GMT
location
https://shturl.xyz/ikckKrVj
server
cloudflare
cf.errors.css
shturl.xyz/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shturl.xyz/cdn-cgi/styles/cf.errors.css
Requested by
Host: shturl.xyz
URL: https://shturl.xyz/ikckKrVj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shturl.xyz/ikckKrVj
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jul 2024 09:57:21 GMT
server
cloudflare
etag
W/"66867201-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
89e6e50dad2b4dc6-FRA
expires
Fri, 05 Jul 2024 13:08:01 GMT
icon-exclamation.png
shturl.xyz/cdn-cgi/images/ 		452 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shturl.xyz/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: shturl.xyz
URL: https://shturl.xyz/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shturl.xyz/cdn-cgi/styles/cf.errors.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:01 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Jul 2024 09:57:21 GMT
server
cloudflare
etag
"66867201-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
89e6e50ddd6e4dc6-FRA
content-length
452
expires
Fri, 05 Jul 2024 13:08:01 GMT
favicon.ico
shturl.xyz/ 		166 B
519 B 		Other
General
Check archive.org
Download Go to
Full URL
https://shturl.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ade9f55a47257de40d40eba8942fc52b177da328ce57a75872b25f753b0494e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shturl.xyz/ikckKrVj
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=86X6WCTpCzgrtJI%2BUijmWbVXelt7Snk196pnnC2tv5pE6aMpf4ylksid8MkNSXQBq3wXRodRQ0S2r3UKZbGbn8Z%2F17i%2BLHPlSPul%2FdBFDmX%2BUCZx2N20HZlmVtL0"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
89e6e50e1db64dc6-FRA
alt-svc
h3=":443"; ma=86400
Primary Request anmeldung.php
datensec-volckchek.xyz/
Redirect Chain
  • https://shturl.xyz/cdn-cgi/phish-bypass?atok=AOivStRqi4HjtGpXsxHT0AUncRC3u1EW1YdJ1mleops-1720177681-0.0.1.1-%2FikckKrVj
  • https://shturl.xyz/ikckKrVj
  • https://yachthafen.xyz/yachtfahrer
  • https://datensec-volckchek.xyz/?s=430hsayqp4mnh6fsv3hi9sr3yxlzsxp0
  • https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
61 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e0eb4342c573081b63b9cc7af5f86e15cb4041ea4b0bcf4f07063454445d51b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://shturl.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
89e6e576e8868f3e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 05 Jul 2024 11:08:18 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mjWrcxMkmWcn%2FWqwAJReke1C8MAGQWLnpIB2F9qt%2BxsFrIwtVvhFxlpNfVibrk4%2FlYtbKTBis1m030DV6Q0LGuNhi%2B2gEwm6sH8xcdZyauzvdimDo2Omd2V%2FnCgBp8pfMGqVWQpbUNck"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
89e6e575cf0f8f3e-FRA
content-type
text/html; charset=UTF-8
date
Fri, 05 Jul 2024 11:08:18 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NK8FnFXi0%2BM4hP1AculWUCUUAe9KgqTG4wHiUs62wOQrz79GNKbUODcYyyt27Oj7MDuLi%2BIZ2OgOBz0jcV0lDWfz9lQtB1xNAkOXjpM0U7OhocLeVhfX%2BsYzjaPz%2BSd%2FNRs5IoqjhkZT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
datensec-volckchek.xyz/src/ 		2 MB
189 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://datensec-volckchek.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bff2bf5fb283195a323aa0994f605e0710397955f82d54d8f4993993a5037d5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1be7e3-5ee86a90893cb-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5bYmfzBV3pjFb24zfRGYCR87Xa7N2qEaWhFhNfq0%2FuRQUqsCrM0pgIj2%2F39ZDn0KCBoxAuk1MtDSI9FTbyjRwhsXZ6I4rvwD7XFrnYhbjYvUeIhQnSmkN1ZF%2ByMgxIjwdMLw74n%2FHsuy"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89e6e577e9df8f3e-FRA
alt-svc
h3=":443"; ma=86400
internetfiliale.min.007ac3aaa8c7e77660499b0a77898638.js
datensec-volckchek.xyz/src/ 		612 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://datensec-volckchek.xyz/src/internetfiliale.min.007ac3aaa8c7e77660499b0a77898638.js
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7771efb0493be3b72af4f72309fbcd3fc797ff5cb68411000809afb7906c2aa2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"98f9e-5ee86a908842a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZWTCYr%2Bc%2FPGxZAIebttiSIhjm1ZnRrhpQWPM%2FaLhg2KKb80K9LBEnEeXMZuqNk14rTC0PkW%2BzBTT41E2zojnhWHEqu9adXKMAGp57kOPlkLAQjZ511hKIJ85mT60tLn2H8u236PJovn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89e6e577e9e18f3e-FRA
alt-svc
h3=":443"; ma=86400
logo_ini.svg
datensec-volckchek.xyz/src/ 		22 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datensec-volckchek.xyz/src/logo_ini.svg
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"58be-5ee86a908a36b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MWCw0qqfJukYqdgyKDK9AMeEGza%2FLnqmfFYYMKJMJSJJValH5i29nsjMTsVvNBw%2Ft9z8SC%2BliOEms8QXWn9JwETSNtrQRZe%2BOc1VQ9p5gDv5Meid6SANlMWsxHZGRtMej3K26sJRcg2x"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
89e6e577e9e48f3e-FRA
alt-svc
h3=":443"; ma=86400
Bildmarke_S-Sparkasse_72px.svg
datensec-volckchek.xyz/src/ 		976 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datensec-volckchek.xyz/src/Bildmarke_S-Sparkasse_72px.svg
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3d0-5ee86a90864ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J2mrKLjK8nLY%2FrjIiygMDxne5Os7c00FD3WvgVR%2FXRTEuF4vO1AOzlmA0OIDvaHEjPaeq%2B%2BZ1wZIorwzCD7n2NUpoj8L5iZSBfSwojQRypjm5i3CG5NL%2BNGDeSzttC%2FMmGLQuBMvpP4r"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
89e6e577e9e68f3e-FRA
alt-svc
h3=":443"; ma=86400
1624599692487.png
datensec-volckchek.xyz/src/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datensec-volckchek.xyz/src/1624599692487.png
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56e9434317dee79ec08a0e26b77be2e4188fafa982f1e9b91d3103574f131b60

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:19 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"145f5-5ee86a90864ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jo0Cmmkt0UNE2Ri1QvYPpLMSA7HXmV69XZE3tDVHmdv6FN1SKCgNXT%2FgZpOsx684w%2BZf3t6rPf99%2B8rn8eHqzucKi7t7MQuZtwV1nBCIxQmIR7Uhaxe6vLq6e%2B7LzC11QssH4CLsV9YF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89e6e5795bf98f3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
83445
1559285204680.jpg
datensec-volckchek.xyz/src/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datensec-volckchek.xyz/src/1559285204680.jpg
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0953b37758ea0fe97892f833b84425dce3e3dee6419374cf439c373b0a159f2e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:19 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c3f7-5ee86a90864ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=72j2M9HdLRXdrnBAwWXN8kINqnwNw52CukMbcq8ns5%2BCsQZAsLLvxehhF%2Ff2o%2Fdfuhz3DX%2B%2Bb%2F53lXZqAi4ayWdV3lADp1Dua%2B6VogPWd%2BcSciUzTrjbce%2FaEhga6yCepUMeMD2c%2FoBP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89e6e5799c668f3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
50167
tdg
datensec-volckchek.xyz/src/ 		45 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datensec-volckchek.xyz/src/tdg
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:19 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2d-5ee86a909206b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OFOUFEIN395BfCqEmqclm%2FKLXMXAvRFHNnMk2mTJcqGjVf5cZSlL7HKspwDU3OYE%2FfeYgH9t6sZhs7%2B%2FeygfGy8A6IFvrmYerA1iJ7%2BGsLUiRDR4yHsmg%2FexGDEUbpVKdIXLvx5w5Sts"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
89e6e57d9a1f8f3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
45
universal_analytics.min.fce01e1aa1583405fd3c179639d0bd13.js
datensec-volckchek.xyz/src/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://datensec-volckchek.xyz/src/universal_analytics.min.fce01e1aa1583405fd3c179639d0bd13.js
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ef9d42dab6b5e3172ec15be7fa5605792b9cd28055eaa9efc29c91eb789da6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:19 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"13358-5ee86a909206b-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3U0zfIl7SePiJ3sA9%2BaW%2BITHXR15psRm%2FnaX%2BHJlLPM1PotIZAbz%2B0MHIqf%2FPR2Fqa4ni%2BDaGFI2nf94KilY5SpFOZIvJHD6NvxKCaefCFVgnhhdupxCgKitNBlmJKm9nbFnzvLH3n8q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89e6e57d9a1c8f3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
27368
logo_ini.svg
datensec-volckchek.xyz/src/ 		22 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datensec-volckchek.xyz/src/logo_ini.svg
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"58be-5ee86a908a36b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MWCw0qqfJukYqdgyKDK9AMeEGza%2FLnqmfFYYMKJMJSJJValH5i29nsjMTsVvNBw%2Ft9z8SC%2BliOEms8QXWn9JwETSNtrQRZe%2BOc1VQ9p5gDv5Meid6SANlMWsxHZGRtMej3K26sJRcg2x"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
89e6e577e9e48f3e-FRA
alt-svc
h3=":443"; ma=86400
Sparkasse_web_Rg.woff
datensec-volckchek.xyz/src/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://datensec-volckchek.xyz/src/fonts/Sparkasse_web_Rg.woff
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Origin
https://datensec-volckchek.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:19 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a200-5ee86a90864ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LY7uXn4JPhH6FqcX0Bt0S%2F9iHTu5tFhvdOkRMUeawJnte4QRFDhd5eM5xV3KCC8bDbYQ8l%2BFz4VL%2Bko1MgCybMq%2FzQuXtDF028x5Mt71ISJb86Osq7tIlrrZN1D6penJCaT316bXOlW8"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89e6e57daa458f3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
41472
pictos-if.woff
datensec-volckchek.xyz/src/fonts/ 		204 KB
205 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://datensec-volckchek.xyz/src/fonts/pictos-if.woff
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee88f0851598c363b9b465dd2606efb934c3357aaed3274d0f4a2e6d40b86951

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Origin
https://datensec-volckchek.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:19 GMT
cf-cache-status
MISS
last-modified
Sat, 31 Dec 2022 12:44:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3309c-5f11f12d8c3a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jwqd9BQ51W%2BcbpJXO5GfPf1HUtEzpz0HP1cv%2BsO%2FGDA43drZrh0xmJY%2FOGhpaYxUrZXWqNQT%2BbX1riyBI%2BO6EfBZ%2B7ftD4Jf65tBh0%2FBqBM3yYpfX5MrXIaRGy8yAX%2BQ4ZPkN17ED5lZ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89e6e57daa478f3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
209052
Sparkasse_web_Md.woff
datensec-volckchek.xyz/src/fonts/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://datensec-volckchek.xyz/src/fonts/Sparkasse_web_Md.woff
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67284df54731fccb0b3c039cbeaab3474c057c5bc95accad964b13ef86eb1c8d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Origin
https://datensec-volckchek.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:19 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7928-5ee86a90864ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frnLYVavD68UDSqEqJgfQgXamtoiedGGrSjfCL6S7qN%2BlwERii%2F9tuLAwT6Y7YeDNejoxUbjfcgUwUxUrIBem5JyiDb8deQJPRv8r%2Foj9auVtiU2Yj7VgFDD6n51q%2FuD5yHIfinHFs6g"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89e6e57daa488f3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
31016
SparkasseHead_web_Rg.woff
datensec-volckchek.xyz/src/fonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://datensec-volckchek.xyz/src/fonts/SparkasseHead_web_Rg.woff
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Origin
https://datensec-volckchek.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:19 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7550-5ee86a90864ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6LrCh5%2B1rFACwZhvKsB8FcbDq0tuAp%2FqdnQW2w0D9G1P7HB9%2F2RwKjvYXLijgMYZxBkoA6q7mN6nJHKssar%2BnAh4G6NG9Hp%2FqN8YTiWFuWwTWdBpXtzpCYEH5l4pGs6OzpkMKxjiRRig"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89e6e57daa4a8f3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
30032
Sparkasse_web_Lt.woff
datensec-volckchek.xyz/src/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://datensec-volckchek.xyz/src/fonts/Sparkasse_web_Lt.woff
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25dd114c2f885924740de83597589835df1a394b84b1cf687585790462f95042

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Origin
https://datensec-volckchek.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:19 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"77cc-5ee86a90864ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2F68dNssb9L4hCE74HolB9u3BWSVInAbTpxZwapb1SeC8KL3RriFkDl6t%2Ftav0%2BWQtERqQ2701ehQTS9zK29K3wXD0f0e99EG8%2FBuZ9VSbD51MT2rHJ1WRb69oUSmR%2FnAgrbwFFCy00g"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89e6e57daa4c8f3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
30668
Sparkasse_web_Bd.woff
datensec-volckchek.xyz/src/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://datensec-volckchek.xyz/src/fonts/Sparkasse_web_Bd.woff
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css
Origin
https://datensec-volckchek.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:19 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"901c-5ee86a90864ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iU1%2FoM9NmKPmf9qddc0Ok7v4TNj0YIpipHi7euml4hW44S%2FFjq9%2B9ZCCcq%2F4DRGLrmjyO2jBTCp0f%2BWzR7G%2B4PZEXB%2FcFOd86wXG7x1OhgJVXDKHDEfB1fZm5Nyg0f1z%2FeZm%2Fiy%2FQcq"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89e6e57daa4d8f3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
36892
main.js
datensec-volckchek.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/ Frame 8CF4
Redirect Chain
  • https://datensec-volckchek.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://datensec-volckchek.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://datensec-volckchek.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7c55bbae3241fcb92eebaba302481595792348c0532f9f63427dcbdba7df71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 05 Jul 2024 11:08:20 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tiV20YxtTaG1r0WMfGiSVeU%2BEyZNAlxFw5sLTH1I7iMxS3bNyBL%2Fyq3O8XD1hD6kFm3UT4f2UjLZGqIAWXSm%2BF6yAz0ZZh4%2BWKMAWzGAF6NYu3oT%2BFELUB1TQ40FIt7UaenLFuvTNZ%2F0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
89e6e5855efb8f3e-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 05 Jul 2024 11:08:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rONRmfrVA7xRvXp%2FgB58He6NUGsWIxRdY%2B7%2BsB3vDDcWaq0e9ecdBuOwHHafUQN%2FzN9KB9gb059ldvnx2dCGjJLCh1vWZwNSUQARN7LpqPldNfzcHQAkzFSrsqdqDHFSqOpVf4IVnsqH"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?
access-control-allow-origin
*
cache-control
max-age: 300, public
cf-ray
89e6e5809f578f3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon1x.ico
datensec-volckchek.xyz/src/ 		1 KB
682 B 		Other
General
Check archive.org
Download Go to
Full URL
https://datensec-volckchek.xyz/src/favicon1x.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b09bfaae201b4b85471fc79e4890ed850374b3751f3dbda255092b1740c4737

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"47e-5ee86a90864ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qGpzj%2F%2F8j4FUJSR1MQADraJDmMCxjR89X4p9C6jmubinTPE8WCndly3%2FEvilhidj29Mi%2FruW8r65lQW08Fr15E8%2BkpIjpovBVLXLbSfL2o9lKe8G%2Bu2mwmG3cUXrpJi%2Ff5yDxtKJUpCW"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
cf-ray
89e6e5855efc8f3e-FRA
alt-svc
h3=":443"; ma=86400
89e6e576e8868f3e
datensec-volckchek.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8CF4 		0
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datensec-volckchek.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/89e6e576e8868f3e
Requested by
Host: datensec-volckchek.xyz
URL: https://datensec-volckchek.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jul 2024 11:08:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z0hq90vxWPBbgmET%2FnbAebng%2FsVF9stWRi3krgFJM4%2BNY8kCkIzlH16xow65E8DpI5u2UsNpXmtJ%2FV9SH14Q8KpTK9jQiPWc6IgFJ8tndlirkTkhAOmaPQcgS3QqZi4q9FpcbQELfBwl"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
89e6e58628078f3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon2x.png
datensec-volckchek.xyz/src/ 		298 B
754 B 		Other
General
Check archive.org
Download Go to
Full URL
https://datensec-volckchek.xyz/src/favicon2x.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d57403a697fb7d9e5090e8958be0325c4ae6d09b72f6d67b9e2a666e6c6be335

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://datensec-volckchek.xyz/anmeldung.php?starten=9BlJHrTdoAqR6CFOLZeGDVg0xnQjIv&shufflUri?=XMU63QSaoGWFte8cE21J
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:08:21 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:03:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"12a-5ee86a90864ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KhLUAHIEwhJPNI9BFX3wfiSoQyIvb8%2FnVxJt314l2nmQNlbzSPZzcBRSdfbPsL3Xu1W0XKx6b4WygETUFKMwS92c2HykUMqZAEgypuFuz6t0aJA661T3UduuYTBlqGaRlXOz%2FB%2FfiMgI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89e6e58688778f3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
298

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking) Generic Cloudflare (Online)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| IF6 function| getQueryParamValue string| IF6_lightbox_closeicon_text function| overlayShow function| overlayClose function| setSessionTimeout function| focusBankingFormularElement function| toggleClassInRows function| SLURI function| moveBContent object| ifLoginHeaderTimer function| refreshClientTimeout function| refreshServerTimeout undefined| startCountdownLayer function| showCountdownLayer function| updateHeaderLoginIfPresent function| tick function| countdownShow function| callBreakHtml object| nbfDatePicker object| nbfTanInput function| selectListBoxItem function| editTeaserRef function| pagenav_statistics_send function| pagenav_statistics function| pagenav_scroll function| pagenav_scroll_window function| $ function| jQuery object| myif object| IF boolean| bcarouselAttached boolean| mkp_switcher

4 Cookies

Domain/Path Name / Value
.is.gd/ Name: __cf_bm
Value: iooW3nV2heLKKwRu_qpw_Jy53AxBcQ4yXE46zECbnn4-1720177681-1.0.1.1-AIMtowy8yN1s0tSyMYUKQ6f7a.iYun5faH4od8uXlJOG8VELTSFdPB8XrTiP7_2qj87rbEaJ1PDnoImjxD8h7w
.shturl.xyz/ Name: __cf_mw_byp
Value: AOivStRqi4HjtGpXsxHT0AUncRC3u1EW1YdJ1mleops-1720177681-0.0.1.1-/ikckKrVj
datensec-volckchek.xyz/ Name: PHPSESSID
Value: alo8at92tnam9lvtonrrh7mesk
.datensec-volckchek.xyz/ Name: cf_clearance
Value: C2zfQPMnJNVoQjDh5zgJBkFiGchv..BnjfPKVba7EBU-1720177700-1.0.1.1-nVLvQsd3MmCHwJ89HrSVawBHZevb4t2sMc7Nj_ep9O3K5YJmogsC6dLPHbobgHFFmkd76CVaokUq6cuZy.a9Kw

1 Console Messages

Source Level URL
Text
network error URL: https://shturl.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

datensec-volckchek.xyz
is.gd
shturl.xyz
yachthafen.xyz
172.67.165.123
188.114.96.3
2606:4700:20::6819:ea35
0953b37758ea0fe97892f833b84425dce3e3dee6419374cf439c373b0a159f2e
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
25dd114c2f885924740de83597589835df1a394b84b1cf687585790462f95042
2b09bfaae201b4b85471fc79e4890ed850374b3751f3dbda255092b1740c4737
2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a
3b7c55bbae3241fcb92eebaba302481595792348c0532f9f63427dcbdba7df71
56e9434317dee79ec08a0e26b77be2e4188fafa982f1e9b91d3103574f131b60
5ade9f55a47257de40d40eba8942fc52b177da328ce57a75872b25f753b0494e
5e0eb4342c573081b63b9cc7af5f86e15cb4041ea4b0bcf4f07063454445d51b
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
67284df54731fccb0b3c039cbeaab3474c057c5bc95accad964b13ef86eb1c8d
7771efb0493be3b72af4f72309fbcd3fc797ff5cb68411000809afb7906c2aa2
7bff2bf5fb283195a323aa0994f605e0710397955f82d54d8f4993993a5037d5
81e73724be0f2dec339f95874bccba68151a9c00397a0c19a820e72db54f143f
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
a9ef9d42dab6b5e3172ec15be7fa5605792b9cd28055eaa9efc29c91eb789da6
d57403a697fb7d9e5090e8958be0325c4ae6d09b72f6d67b9e2a666e6c6be335
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86
ee88f0851598c363b9b465dd2606efb934c3357aaed3274d0f4a2e6d40b86951
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35