urlscan.io logo urlscan.io
SecurityTrails logo

kspb.info Open in urlscan Pro
2606:4700:3033::6815:4835  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://urlbit.co/HuaFZZrH
Effective URL: https://kspb.info/de/home/login-online-banking.html
Submission: On April 03 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3033::6815:4835, located in United States and belongs to CLOUDFLARENET, US. The main domain is kspb.info.
TLS certificate: Issued by GTS CA 1P5 on April 3rd 2023. Valid for: 3 months.
This is the only time kspb.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

IP Address AS Autonomous System
3 18.66.97.129 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.14 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 1 67.199.248.11 396982 (GOOGLE-CL...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 75.101.225.211 14618 (AMAZON-AES)
1 1 52.203.110.195 14618 (AMAZON-AES)
18 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.85.1.81 20546 (SOPRADO-ANY)
1 195.140.53.169 9099 (FINANZINF...)
41 12
3    18.66.97.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-129.fra56.r.cloudfront.net
urlbit.co
2    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.97.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-14.fra56.r.cloudfront.net
api.urlbit.co
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
6    2606:4700:3032::6815:211c (United States)

ASN13335 (CLOUDFLARENET, US)
shre.ink
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    75.101.225.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-225-211.compute-1.amazonaws.com
api.shre.ink
1    52.203.110.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-110-195.compute-1.amazonaws.com
rebrand.ly
18    2606:4700:3033::6815:4835 (United States)

ASN13335 (CLOUDFLARENET, US)
kspb.info
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    185.85.1.81 (Germany)

ASN20546 (SOPRADO-ANY, DE)
PTR: ip-185-85-1-81.ax5z.com
www.sparkasse.de
1    195.140.53.169 (Germany)

ASN9099 (FINANZINFORMATIK-AS-NORD, DE)
module.sparkasse-saarbruecken.de
Apex Domain
Subdomains		 Transfer
18 kspb.info
kspb.info
699 KB
7 shre.ink
shre.ink
api.shre.ink
167 KB
4 urlbit.co
urlbit.co
api.urlbit.co
315 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201
149 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2284
266 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
155 KB
1 sparkasse-saarbruecken.de
module.sparkasse-saarbruecken.de
982 B
1 sparkasse.de
www.sparkasse.de — Cisco Umbrella Rank: 228146
604 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
1 rebrand.ly
rebrand.ly — Cisco Umbrella Rank: 69715
179 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 5486
226 B
41 11
Domain Requested by
18 kspb.info shre.ink
kspb.info
urlbit.co
6 shre.ink urlbit.co
shre.ink
3 securepubads.g.doubleclick.net shre.ink
securepubads.g.doubleclick.net
3 urlbit.co urlbit.co
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com urlbit.co
shre.ink
1 module.sparkasse-saarbruecken.de kspb.info
1 www.sparkasse.de kspb.info
1 fonts.googleapis.com shre.ink
1 rebrand.ly 1 redirects
1 api.shre.ink shre.ink
1 bit.ly 1 redirects
1 api.urlbit.co urlbit.co
41 13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
urlbit.co
Amazon RSA 2048 M02		 2023-02-23 -
2023-09-29		 7 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
api.urlbit.co
Amazon RSA 2048 M01		 2023-02-24 -
2023-10-09		 7 months crt.sh
shre.ink
Cloudflare Inc ECC CA-3		 2023-03-02 -
2024-03-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
api.shre.ink
Amazon RSA 2048 M01		 2023-03-03 -
2024-04-01		 a year crt.sh
*.kspb.info
GTS CA 1P5		 2023-04-03 -
2023-07-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
www.sparkasse.de
D-TRUST SSL Class 3 CA 1 EV 2009		 2022-10-10 -
2023-05-30		 8 months crt.sh
module.sparkasse-saarbruecken.de
QuoVadis Europe EV SSL CA G1		 2022-08-01 -
2023-08-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://kspb.info/de/home/login-online-banking.html
Frame ID: 14369A0CBB8A6A6D902A6CBAF1FA350A
Requests: 38 HTTP requests in this frame

Frame: https://kspb.info/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680537600
Frame ID: C649AC4439ED8711CEBE6C3D8B7A3DA1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login Online-Banking

Page URL History Show full URLs

  1. https://urlbit.co/HuaFZZrH Page URL
  2. https://bit.ly/3m1d2kU HTTP 301
    https://shre.ink/kM4u Page URL
  3. https://rebrand.ly/brand-diebt6 HTTP 301
    https://kspb.info/de/home/login-online-banking.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div class="[^"]*parbase
  • /etc/clientlibs/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

41
Requests

95 %
HTTPS

46 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

1488 kB
Transfer

4626 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urlbit.co/HuaFZZrH Page URL
  2. https://bit.ly/3m1d2kU HTTP 301
    https://shre.ink/kM4u Page URL
  3. https://rebrand.ly/brand-diebt6 HTTP 301
    https://kspb.info/de/home/login-online-banking.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://bit.ly/3m1d2kU HTTP 301
  • https://shre.ink/kM4u

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
HuaFZZrH
urlbit.co/ 		992 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://urlbit.co/HuaFZZrH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59a65f77587b0ed0b294f67ca64865f2f111b48ed5f631003d3fda1a55a1a48f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
38215
content-length
992
content-type
text/html
date
Mon, 03 Apr 2023 06:33:25 GMT
etag
"c168ee035a80fbcfdd18d6693e7851c0"
last-modified
Tue, 07 Mar 2023 15:55:54 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-id
dT1IDTm-rFMWHbnMqr2Gnifc5LRmGD6eoPuC6bw-Ss5NEcLKCWsZqA==
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
js
www.googletagmanager.com/gtag/ 		221 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YNHG8YYX8Z
Requested by
Host: urlbit.co
URL: https://urlbit.co/HuaFZZrH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8be270db3a4f811ff9ce298bdbc3938ef30674193be267164b0ba39a17d7efd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://urlbit.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79165
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 03 Apr 2023 17:10:20 GMT
main.b9c20696.js
urlbit.co/static/js/ 		1 MB
284 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urlbit.co/static/js/main.b9c20696.js
Requested by
Host: urlbit.co
URL: https://urlbit.co/HuaFZZrH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7ff621558a8c3b58d7375090ebe6544e0e6d145eaacb2f2b6f9c44ee5c96eed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://urlbit.co/HuaFZZrH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 00:33:07 GMT
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 15:55:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
59834
etag
W/"0d0c1416e334c4208f6414452c9410be"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
tTwi5P7s55dsYLUQXKlVoerIaFiqc4d5bjV7BXdMzck8Q4TmcoPyQA==
main.06ffedac.css
urlbit.co/static/css/ 		256 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://urlbit.co/static/css/main.06ffedac.css
Requested by
Host: urlbit.co
URL: https://urlbit.co/HuaFZZrH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5752aa19ce173c5cf0d68e5fe90bb5ebb8ccdb726669becd5e0fcdf837e52f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://urlbit.co/HuaFZZrH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 08:49:05 GMT
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 15:55:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
30076
etag
W/"13130a46cfd2ee6799de8dbbaab069e7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
LmR6hhIkR4aweUmSbd1JVH9Vsmfb_xNxhG2eL9HLyd5ayqRaK__SLQ==
HuaFZZrH
api.urlbit.co/v1/links/ 		275 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.urlbit.co/v1/links/HuaFZZrH
Requested by
Host: urlbit.co
URL: https://urlbit.co/static/js/main.b9c20696.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-14.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://urlbit.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:20 GMT
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amzn-trace-id
Root=1-642b087c-429b11785221d30055de0991;Sampled=0;lineage=70f38cfd:0
x-amzn-requestid
3f4ae53e-2d63-49eb-9abb-35e9770847b2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-apigw-id
Cz5DfEEpoAMFuWA=
content-length
275
x-amz-cf-id
Tt5_WojH_oPIwRUWkXCuwjEj0tQ1g8nFxGw7ixIyBK1r0rmZdiM2Ig==
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YNHG8YYX8Z&gtm=45je33t0&_p=1161685773&cid=1193855309.1680541820&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680541820&sct=1&seg=0&dl=https%3A%2F%2Furlbit.co%2FHuaFZZrH&dt=URLbit%20%7C%20Best%20free%20URL%20shortener&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YNHG8YYX8Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://urlbit.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Apr 2023 17:10:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://urlbit.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
kM4u
shre.ink/
Redirect Chain
  • https://bit.ly/3m1d2kU
  • https://shre.ink/kM4u
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shre.ink/kM4u
Requested by
Host: urlbit.co
URL: https://urlbit.co/static/js/main.b9c20696.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:211c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8d106006e9c65e2e9192aa3852e8ca9506984b7ed89940cfbfaeb84cc0e08d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://urlbit.co/HuaFZZrH
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b22ecadf841903d-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 03 Apr 2023 17:10:21 GMT
link
</_nuxt/70e253c.js>; rel="preload"; as=script, </_nuxt/8f8988a.js>; rel="preload"; as=script, </_nuxt/48403f5.js>; rel="preload"; as=script, </_nuxt/7920c1d.js>; rel="preload"; as=script
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9hxqisDsF8dsirvkucY9ur2BAaaKrGEOBHAqL%2B8nDyFoUHH%2BEEfIt0JysABWoSnkjSvm%2Bn%2FuaIMomc1Q6%2FrASKgfvXx7oLtJ9GN%2BBlDj2owciDCIOG0mY1DoM3U5mCCONj6Wjq1Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
108
content-type
text/html; charset=utf-8
date
Mon, 03 Apr 2023 17:10:21 GMT
location
https://shre.ink/kM4u
server
nginx
via
1.1 google
collect
region1.google-analytics.com/g/ 		0
0
70e253c.js
shre.ink/_nuxt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shre.ink/_nuxt/70e253c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:211c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9032ab886a442930a17bd528238616ebd63a6d63712c4b2eda518f84cb2fe4cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/kM4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"b9d5e4ca5b05b27a76e251b4e0ac7c3d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOE87C1%2FuxQWDhUmx2CEQL5AGVJbZvZqpXyZXzl8WL7XkcAEsS7vYToxhu2EXiTgENavW%2FZO5Rz1KCzYIDZJ%2B505fcnrXaT5%2BwnL4iqVDW%2FR3ojnmRr3Q25m7lZMFQu%2FZ67w2A%2F88A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
x-robots-tag
noindex
cf-ray
7b22ecae78d9903d-FRA
8f8988a.js
shre.ink/_nuxt/ 		251 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shre.ink/_nuxt/8f8988a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:211c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f696a6194a7c208a54b467d45f76580b9f03f9132150241bb4aa67f476bca6ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/kM4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4008
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"965ffe91122d55f56ff3749b8935aba6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfJQAV0EfxShjOCpGEXY7jbJaNPhv%2FKtQcQBikRWE8PflMAcCanPRAk%2B5h8bAowocgUC8a1pHfEO8voHcc60nadIYM8ssb1HnE4xxE9%2BD9xtGf3k5TXo4cQCZFZXON3dLpTZGZrw0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
x-robots-tag
noindex
cf-ray
7b22ecae78da903d-FRA
48403f5.js
shre.ink/_nuxt/ 		203 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shre.ink/_nuxt/48403f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:211c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
055ebfa8368e99942256a553ef6f5ed45b4eae0e6bd62de36459e7eb3377f163
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/kM4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4924
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"fccda9f24a1919668cd403b71fc239e7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpzFx40CeUkfiwAQyR9nKRBAZdwmj3TrYY3ZSoGsOLKWv7P9wnxqanyFFPpJcWbkqhngVuXygWuOkhb%2FaCynCQWDhPQQ%2BFW83a72UZAI0%2B8P3zBL%2F9v8k%2FcBemDMKRQAZX47VI4NkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
x-robots-tag
noindex
cf-ray
7b22ecae78de903d-FRA
7920c1d.js
shre.ink/_nuxt/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shre.ink/_nuxt/7920c1d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:211c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b9eb573734e1d1346e1c66cd2342c41612a53e5b1bcf30dd97c57090958679
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/kM4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2241
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7b09177f3f7e1f3cd623315b88906c2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kgs6yRHJF%2Ba%2FPVUiVyvMRZi%2FgybmWXoKaYmYW9P9vL6Mk2Vrlzg%2Bg3b28joSiagVZrsVU4rawWWXmUYeMobAl76DCKx5n2NImNWO6rhp0YWgxBDg2AWksmqa7zH8RzLDsQk2PXG0GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
x-robots-tag
noindex
cf-ray
7b22ecae78df903d-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: shre.ink
URL: https://shre.ink/kM4u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ca1bc5cac4ca158d953556b2cb361893e7fb1434ade7dbd5094773cdbeeb978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25710
x-xss-protection
0
server
cafe
etag
534 / 19450 / m202303280101 / config-hash: 8099576212240570919
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 03 Apr 2023 17:10:21 GMT
cd52b4e.js
shre.ink/_nuxt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shre.ink/_nuxt/cd52b4e.js
Requested by
Host: shre.ink
URL: https://shre.ink/_nuxt/70e253c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:211c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3af6d3d6078e73686473d771702059ee76520e1e9734d98b9c5bc3b2e6bd290
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/kM4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"44f0211ab10bd1064ad426c087ae8870"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slg%2BlRqJeZzhsN%2B5qXZWBr7KvVIpJSuQtMI%2F2cNOMc3yrb38iGZWOu1ty%2FzcjUCW%2FPAqgj5bFVdHUvlqw5fRP2bZt9TrQf6%2BCEobx2QWy3Iz5RBgedijPpajQKxDQ6dp0oXMksvTOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
x-robots-tag
noindex
cf-ray
7b22ecaeec9037e0-FRA
js
www.googletagmanager.com/gtag/ 		221 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1B3H44VW9G&l=dataLayer
Requested by
Host: shre.ink
URL: https://shre.ink/_nuxt/48403f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f5c73be20f1c843f720e46556edcca1bd93810cd4fa39f19f413113ac43f8fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79262
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 03 Apr 2023 17:10:21 GMT
kM4u
api.shre.ink/url/ 		45 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.shre.ink/url/kM4u
Requested by
Host: shre.ink
URL: https://shre.ink/_nuxt/8f8988a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.225.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-225-211.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://shre.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
https://shre.ink
date
Mon, 03 Apr 2023 17:10:21 GMT
content-length
45
vary
origin
apigw-requestid
Cz5Dqj4AIAMEVdQ=
content-type
application/json
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303280101/ 		397 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2f95610260cf64dd25b8eae0f74d5794e3609a8854cc78532dc3e796ce3d83d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
6625
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126061
x-xss-protection
0
server
cafe
etag
16234491604082075955
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 02 Apr 2024 15:19:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		62 B
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shre.ink
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d51f2f5c06746f399d43b6e6548b072f1ad74f9f42fef3f9a17f54aadd33aa5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52
x-xss-protection
0
expires
Mon, 03 Apr 2023 17:10:21 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1B3H44VW9G&gtm=45je33t0&_p=431502656&cid=202525960.1680541821&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=1&sid=1680541821&sct=1&seg=0&dl=https%3A%2F%2Fshre.ink%2FkM4u&dr=https%3A%2F%2Furlbit.co%2F&dt=Encurtador%20de%20link%20gr%C3%A1tis%20%7C%20URL%20Gr%C3%A1tis&en=scroll&_fv=1&_nsi=1&_ss=1&ep.debug_mode=false&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1B3H44VW9G&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Apr 2023 17:10:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shre.ink
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request login-online-banking.html
kspb.info/de/home/
Redirect Chain
  • https://rebrand.ly/brand-diebt6
  • https://kspb.info/de/home/login-online-banking.html
30 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kspb.info/de/home/login-online-banking.html
Requested by
Host: shre.ink
URL: https://shre.ink/_nuxt/48403f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ac15950866ee0236b6692f178f0ea8a48e02b278e55ff6077e5ab2de38fb060

Request headers

Referer
https://shre.ink/kM4u
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7b22ecb4e9d8927a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 03 Apr 2023 17:10:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzMZPk4csPhy8EQrnSlRNkcW59XOT7i4s9d9nqAQ8maSf1RCfnIFhAyoEtL4QefwGoybZfJIAP5ilkdeEG%2FzgukjWTjuhF77M%2BcoeEknsyHxoSN5lZSC8HmzXK58Ja15KhJ6MKFqres%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store
content-length
0
date
Mon, 03 Apr 2023 17:10:22 GMT
engine
Rebrandly.redirect, version 2.1
expires
-1
location
https://kspb.info/de/home/login-online-banking.html
strict-transport-security
max-age=15552000
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&family=Montserrat:wght@600;700&display=swap
Requested by
Host: shre.ink
URL: https://shre.ink/_nuxt/8f8988a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 03 Apr 2023 17:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 17:10:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Apr 2023 17:10:21 GMT
collect
region1.google-analytics.com/g/ 		0
0
main.css
kspb.info/assets/css/ 		887 KB
123 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kspb.info/assets/css/main.css
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99af8e594d8bfa3d207ac886b8d3a90d2dcbd00d6aebf71edb4600e5566810eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 13 Jun 2021 00:23:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"ddb08-5c49abf5b6980-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6kvz3poDTPrONdWA0LvELIKyRBR2Ee1TOAYrNT6cF4Zef35ORopFGyeF0o0wbbgBmVN2JCqJJblz2s%2B%2FG24EQCfZ106pK4syBLIu4DXtGW6NrW2lVBLO0thXH4QCJZOWJEMGhaqtsk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7b22ecb73d7d927a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.js
kspb.info/assets/js/ 		410 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kspb.info/assets/js/main.js
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
718c7b48061d85027c2841f24a700ca4dcf020dd78aab3276acdc99cfc5608bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 11 Jun 2021 16:13:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6698a-5c47fcb48f480-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvVLBowPh43HX4rd4aJzqaFG02SS6J9W4fC%2Fl25CAoTQ2QJwB8Jzh%2Fhu0ZTR1o3LzbItNKV9%2Bxmf6u7NPvFrGkddN3sTxRIwK5UlpFCnY1a26CE0PV4dOqrqHk%2F0WnegbRk%2FZXhKBoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7b22ecb73d7f927a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
spk-logo-desktop.png
kspb.info/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/assets/images/spk-logo-desktop.png
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b064f5dcd4f7e7624dbfddb11cf0b647b7e35d29397fa928d64d540eb59532c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
cf-cache-status
HIT
last-modified
Fri, 11 Jun 2021 21:25:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1425
etag
"6fb-5c484241a8c00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3CtG%2BeXBxORyVmqMbNJcBIZlcyr7%2BRy%2BEHqPNyZ78QJRpvHYaEuZRb70MI4ta0yKnKhabrLIBxw9XLAMf9DP7pBn6enZlmcm0mo1RhPjt2kyRRKUvRgFXDIeMx2LlDDvQfJzooByOE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b22ecbc8a9a35f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1787
spk-logo-mobile.png
kspb.info/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/assets/images/spk-logo-mobile.png
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a954f53d05a60f8e52f29895a96cb54bf784c75c3bba62cb8af85c219163cc09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Jun 2021 21:25:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"72f-5c4842602d400"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqMoWcU4jIQ4eUdqXg3mVQt7FmjdjTP7Z0%2FTJa4qSr%2F5T09pyXF9alvU%2BT4GvJME89kxbFVJGJHN2fm6b4pmmUqr4bCrbxzfl7CYOa79UFaT3KrMqowEg8MzNHWDY43zxPpkNRF0Fsk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b22ecbccafe35f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1839
spk-logo-druck.png
kspb.info/assets/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/assets/images/spk-logo-druck.png
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf1798a11a26e7751ae0c54551736aca9d39c5c63b64ebc6f52dff8d6fd7e367

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Jun 2021 21:25:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"19f6-5c484250eb000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BeEmu%2FEXQ72rX0Ri5IcLW6YBUq95d4kdfhZmxwI8nLVyHKUbUDzOmxIV6n1J%2F4a9EuE27oZ83BQUkHRSEz7jHAusEM6kgCI%2BrrNsEsTZOeVx%2BP3xf0fTKZ6XM2Ffz%2BauJXGo9FODNI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b22ecbcdb0235f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6646
cq5dam.web.1280.1280.6d.del
kspb.info/content/dam/myif/spk-saarbruecken/work/bilder/privatkunden/kredite-finanzierungen/privatkredit/Laptop%20auf%20Tisch%20Textchat.jpg/_jcr_content/renditions/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/content/dam/myif/spk-saarbruecken/work/bilder/privatkunden/kredite-finanzierungen/privatkredit/Laptop%20auf%20Tisch%20Textchat.jpg/_jcr_content/renditions/cq5dam.web.1280.1280.6d.del
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70c4cca56b4a83a6aae6ab19eb56d32324b828db9cce2039492035784abc4650

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNMkITkZUncfIguj6pH0bZ4WeQFYXlyziIlyorl7B%2FABc6RBuY6OM2HvTFHvSopsLNUhwn8GIHDE%2F86%2BO70Y2x3X%2FRuaRhjcPGkZkvvzXYoEX5xKXvGMY%2BMheqF3jR6rNC9bmraEkXc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
7b22ecbcdb0335f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
BIK.png
kspb.info/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/assets/images/BIK.png
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4b0c1b29bfc9a420b7a21150a764688407e7bc3c976cf62b1dec5237a13e99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
cf-cache-status
HIT
last-modified
Sat, 12 Jun 2021 09:23:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1425
etag
"a34-5c48e2c594000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKpy2TmR5jIKg%2FodVfAch5ojtJzsyqVDQz%2FWXrIXkT605yggZCni9LdGrrrCkiK8zdlqUEK%2F%2FzzU1AVgpQA4MPRkwsMBTLTsg1I%2BbWNAID99F%2Ft42WU4jrz8GsPydE6khqyq0jbbu5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b22ecbcdb0635f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2612
schutz.png
kspb.info/assets/images/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/assets/images/schutz.png
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adf4855311d6e6260d33dae718aa3fe8e0d3e97b12419f881089771d4af49b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
cf-cache-status
HIT
last-modified
Sat, 12 Jun 2021 09:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1425
etag
"707c-5c48e2d105b00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rH5mJ%2Fb957Owsccb160QncFiY1WU%2FrKx%2By%2BADQtbsC1Uci57nlFnxOui9GTBdPHshDV8Q5tvcUVKFY6bSFNE%2Ff%2Fyq3e0MmZKkijBfqcIN3K5DV9o3xQsavpR4rpME5SBVSYNCH1wLZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b22ecbcdb0835f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28796
trendence.png
kspb.info/assets/images/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/assets/images/trendence.png
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
befb85a4fa7e4b368a637a23b0e8d5cdb952762a528604a92297d3b508f5f7bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 12 Jun 2021 09:23:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"13e8a-5c48e2d8a6d00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AI13ISToJJE0K19IAlaaFZbLG4jh%2F0wIn4HIlBfex4dJsvubR6T6jTBKWRZo4Eby8T%2BK6bLGSffD9mmKSZI7Bg4VSToXWn492Y3cfeDnRXVt%2FlGDJkZpAUgBOsABqeWNKyfKHJoII%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b22ecbcdb0b35f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
81546
family.jpg
kspb.info/assets/images/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/assets/images/family.jpg
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d99d25ca6a5ba195d8836bd6d9dc4ff311234fe5c48e8581cce60c4c4534a34b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 12 Jun 2021 09:23:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"18610-5c48e2e230380"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dfcUE9TQO10qKp0ll3SAdafhnlnCbC35zqb%2BzDtL7Z77jPlrlDibVyH%2FrpK1JjBKBhs8coJN7JEDnA3SqRnmHt5gp%2Bj%2F5l95LZz2%2F5xGDHNWO9J7cdQ%2FCvv51cFuh7GzEmbjDOx1e4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b22ecbcdb0d35f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
99856
setTrackingCookie.html
www.sparkasse.de/frontend/ 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sparkasse.de/frontend/setTrackingCookie.html?blz=59050101
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.85.1.81 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
ip-185-85-1-81.ax5z.com
Software
myracloud /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
server
myracloud
etag
"myra-e6d7dc4c"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 03 Apr 2023 17:10:23 GMT
tdg
module.sparkasse-saarbruecken.de/if/services/ 		45 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://module.sparkasse-saarbruecken.de/if/services/tdg?hs=2777567c39dccaca7445088381cf852db1e77a0e2ea113de40578eb31391c64d
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.140.53.169 , Germany, ASN9099 (FINANZINFORMATIK-AS-NORD, DE),
Reverse DNS
Software
/
Resource Hash
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires
Thu, 01 Dec 1994 16:00:00 GMT
Date
Mon, 03 Apr 2023 17:10:23 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Vary
User-Agent
Content-Language
de-DE
Content-Type
image/gif
Cache-Control
no-store, no-cache=set-cookie
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
45
X-UA-Compatible
IE=edge
universal_analytics.min.7c6403636a2a8f501fd2fc54714a9c1f.js
kspb.info/etc/clientlibs/myif/spk-saarbruecken/sfp/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://kspb.info/etc/clientlibs/myif/spk-saarbruecken/sfp/universal_analytics.min.7c6403636a2a8f501fd2fc54714a9c1f.js
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ax8R5zfkVU9Df4wQBROEVbL3aXdKpUREwPpXf9Dm6BJeo%2FPuzXPYPoP7VOQGh5wNMTDYgCa7WEWpGPSw78Ip7Fn4WPWKao1bdzY6luOe5l4ZCVjYkMhp0ir48PnrG%2BRT64qo9%2Fv27kA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
7b22ecbc5a4d35f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Sparkasse_web_Rg.woff
kspb.info/assets/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kspb.info/assets/fonts/Sparkasse_web_Rg.woff
Requested by
Host: kspb.info
URL: https://kspb.info/assets/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451

Request headers

Referer
https://kspb.info/assets/css/main.css
Origin
https://kspb.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Jun 2021 15:38:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"a200-5c47f4b040a80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycVIGra2Qd4tcgOpOFn9aQKx%2BTsNt7xDjOnsC0HKKIHHB1gAssLHztNFAJ8iv0SijIcME35zm3gqSyHHM%2BRRjmgLRM2uEulLFky4r5SQByRj6nx8Pdi%2FgqaZQaq86zyT3yRnwapePSY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
7b22ecbcfb3a35f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pictos-if.woff
kspb.info/assets/fonts/ 		122 KB
123 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kspb.info/assets/fonts/pictos-if.woff
Requested by
Host: kspb.info
URL: https://kspb.info/assets/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acf367b9ae2a316f27c3f42706e0417a488868884f9406f334a3240f0c176b4d

Request headers

Referer
https://kspb.info/assets/css/main.css
Origin
https://kspb.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:24 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Jun 2021 15:38:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1e964-5c47f4b040a80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8Sisux64cVsm%2BDWo2KlUIdbOvjzSPU8pk1u8qnccKc0SlwVbGBc47jlV6%2B3IIxr9eh7jWPGL7WKaS93YEudpDyqbC%2BCkW2DgNzGE0v9bOzB2mo2KI1s53Pj%2B0XXTIF2uG9H7gmUQKU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
7b22ecbcfb3f35f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Sparkasse_web_Bd.woff
kspb.info/assets/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kspb.info/assets/fonts/Sparkasse_web_Bd.woff
Requested by
Host: kspb.info
URL: https://kspb.info/assets/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002

Request headers

Referer
https://kspb.info/assets/css/main.css
Origin
https://kspb.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Jun 2021 15:38:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"901c-5c47f4b040a80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mCjbfZvlbt8aWF%2B2kI4aCfeWQEcxoQEDllz1KnnrgLnFX9%2BwEUZallRjWiR9wBxo7X%2FUROBzKrOVDF%2F0In41ZdjUhdsZuwfxInazJbHXl9H3ccMz4uhfQpLcqg6SQmSJFOV5t8Dkis%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
7b22ecbcfb4235f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
invisible.js
kspb.info/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame C649 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kspb.info/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680537600
Requested by
Host: urlbit.co
URL: https://urlbit.co/HuaFZZrH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c3148e699e1f133789545bc7e48fc608c10821f246421e1c841de827eb9511a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGFTPrzuBT3zB83ph4UwqfctFETlgWfpEWwN5OOfsCiW7vUiye0yJulbTLuKMjcpjOafcZd%2FLNv5Lcax1zt1g6UjArj4ZCh3iVZ7W8WxA8VFP80%2BXt9EAZneFIJL7tAZMXY7oTCf%2Fso%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7b22ecbf9f3235f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
kspb.info/cdn-cgi/challenge-platform/h/b/scripts/ Frame C649 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kspb.info/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
625a4de8b1699436e28064954b00add7c1922241f1f35ebe3d44a5ce92181372

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:10:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhkjTP5d3DSKVpAcPDDnXTwG7J5e2P62CfLkVp%2FhASxVIvGcRHrbNmRqKcm5ovcf1mK%2F4sGObs1PhcbcW%2BIlMsnfgVokbHGEjgoUVz0gtzw5LlLMMW%2F94sROFmAVkw0Nrt7DHjvOu3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7b22ecbfdf9e35f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7b22ecb4e9d8927a
kspb.info/cdn-cgi/challenge-platform/h/b/cv/result/ Frame C649 		2 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kspb.info/cdn-cgi/challenge-platform/h/b/cv/result/7b22ecb4e9d8927a
Requested by
Host: kspb.info
URL: https://kspb.info/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680537600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 03 Apr 2023 17:10:24 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyeR3ImvO3hNgE5yarGdrf087wc%2FzZoceA30xaqm6WAvdFEEOkddwbkFoEg3DXbukspoIp0Fher7BiDbABtFnVdmKYlmD3erb2BcgTFkd19Fa%2F9CAtvDokZBNmHUSCjvyUvUFC79tkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b22ecc119b435f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YNHG8YYX8Z&gtm=45je33t0&_p=1161685773&cid=1193855309.1680541820&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1680541820&sct=1&seg=0&dl=https%3A%2F%2Furlbit.co%2FHuaFZZrH&dt=URLbit%20%7C%20Best%20free%20URL%20shortener&en=scroll&epn.percent_scrolled=90&_et=5
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1B3H44VW9G&gtm=45je33t0&_p=431502656&cid=202525960.1680541821&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1680541821&sct=1&seg=0&dl=https%3A%2F%2Fshre.ink%2FkM4u&dr=https%3A%2F%2Furlbit.co%2F&dt=Encurtador%20de%20link%20gr%C3%A1tis%20%7C%20URL%20Gr%C3%A1tis&en=user_engagement&ep.debug_mode=false&_et=1178

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| IF6 function| getQueryParamValue string| IF6_lightbox_closeicon_text function| overlayShow function| overlayClose function| focusBankingFormularElement function| toggleClassInRows function| SLURI function| moveBContent object| ifLoginHeaderTimer function| refreshClientTimeout function| refreshServerTimeout undefined| startCountdownLayer function| showCountdownLayer function| updateHeaderLoginIfPresent function| tick function| setSessionTimeout function| countdownShow function| callBreakHtml object| nbfDatePicker object| nbfTanInput function| selectListBoxItem function| editTeaserRef function| pagenav_statistics_send function| pagenav_statistics function| pagenav_scroll function| pagenav_scroll_window function| $ function| jQuery object| myif boolean| bcarouselAttached

10 Cookies

Domain/Path Name / Value
.urlbit.co/ Name: _ga
Value: GA1.1.1193855309.1680541820
.urlbit.co/ Name: _ga_YNHG8YYX8Z
Value: GS1.1.1680541820.1.0.1680541820.0.0.0
.bit.ly/ Name: _bit
Value: n33hal-6fed0cc3108a8338d5-00J
shre.ink/ Name: i18n_redirected
Value: default
.shre.ink/ Name: _ga
Value: GA1.1.202525960.1680541821
kspb.info/ Name: XSRF-TOKEN
Value: eyJpdiI6ImFiU0g0ZDNxekhQK3J3RG0wRkZNMWc9PSIsInZhbHVlIjoiVmtkNWpINVVUbzljcWxUeDN6LzBnWmMyVUVObzVlWHJyeVVJYkZpcFgyTGxKYnlDajZ1dGlZaThTODlTUjAxNEl6RVhtNG5JdkJ0Q08zeXlEMG9GRDh6dXZxOEJyR2FTQTQ2WG0zREJMZlB5d3JHNzRDUTZlVzZwKzhjZEgveSsiLCJtYWMiOiI4MzVjMWU5YmQ0NjEzYmVhODRmMjI4ZjYzMTczNDgzNmNkYzcyOTFkMTg3M2E5YjViMTViZDllMWFiMjBmOTFhIn0%3D
kspb.info/ Name: laravel_session
Value: eyJpdiI6IjEybGtFeFhEZjd6cTlscDV0dmJvUFE9PSIsInZhbHVlIjoiWlNvZE1OU1AzNVdiL3ptTTJZYU5HTTAxSkIzaHY4dGxZS0FlbWlmVHJ6cDA2eG9VZ3RiMXhlRis1YWVXMmNtTHNkTlgzWUV1VjFDcGd0Nnk1bzFiR0Ixbmc0RWlTMlBXL3U3ZHJyek9TNnh1dFlvUTRwU01JNE1YWWJXL2htejEiLCJtYWMiOiI5NmVjNTZmNTc2ZWNmZmMxOGIxMGFjMjJjNTYyZDU5N2MxNjE0MDA4OTQ2NzgzYzljOThhZWNkZmU5NDcwZDRmIn0%3D
.shre.ink/ Name: _ga_1B3H44VW9G
Value: GS1.1.1680541821.1.0.1680541822.0.0.0
.sparkasse.de/ Name: SPK_COOKIE_EXTRAS
Value: YWNjdXJhY3k9aGlnaCZiYW5rY29kZT01OTA1MDEwMSZzb3VyY2U9c2VydmxldA%3D%3D
.sparkasse.de/ Name: SPK_COOKIE
Value: YmFua2NvZGU9NTkwNTAxMDE%3D

3 Console Messages

Source Level URL
Text
network error URL: https://shre.ink/kM4u
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://kspb.info/content/dam/myif/spk-saarbruecken/work/bilder/privatkunden/kredite-finanzierungen/privatkredit/Laptop%20auf%20Tisch%20Textchat.jpg/_jcr_content/renditions/cq5dam.web.1280.1280.6d.del
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://kspb.info/etc/clientlibs/myif/spk-saarbruecken/sfp/universal_analytics.min.7c6403636a2a8f501fd2fc54714a9c1f.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.shre.ink
api.urlbit.co
bit.ly
fonts.googleapis.com
kspb.info
module.sparkasse-saarbruecken.de
rebrand.ly
region1.google-analytics.com
securepubads.g.doubleclick.net
shre.ink
urlbit.co
www.googletagmanager.com
www.sparkasse.de
region1.google-analytics.com
18.66.97.129
18.66.97.14
185.85.1.81
195.140.53.169
2001:4860:4802:32::36
2606:4700:3032::6815:211c
2606:4700:3033::6815:4835
2a00:1450:4001:803::2008
2a00:1450:4001:808::200a
2a00:1450:4001:828::2002
52.203.110.195
67.199.248.11
75.101.225.211
055ebfa8368e99942256a553ef6f5ed45b4eae0e6bd62de36459e7eb3377f163
09b9eb573734e1d1346e1c66cd2342c41612a53e5b1bcf30dd97c57090958679
0c3148e699e1f133789545bc7e48fc608c10821f246421e1c841de827eb9511a
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
59a65f77587b0ed0b294f67ca64865f2f111b48ed5f631003d3fda1a55a1a48f
5ca1bc5cac4ca158d953556b2cb361893e7fb1434ade7dbd5094773cdbeeb978
625a4de8b1699436e28064954b00add7c1922241f1f35ebe3d44a5ce92181372
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
6adf4855311d6e6260d33dae718aa3fe8e0d3e97b12419f881089771d4af49b7
6b064f5dcd4f7e7624dbfddb11cf0b647b7e35d29397fa928d64d540eb59532c
70c4cca56b4a83a6aae6ab19eb56d32324b828db9cce2039492035784abc4650
718c7b48061d85027c2841f24a700ca4dcf020dd78aab3276acdc99cfc5608bd
8ac15950866ee0236b6692f178f0ea8a48e02b278e55ff6077e5ab2de38fb060
8be270db3a4f811ff9ce298bdbc3938ef30674193be267164b0ba39a17d7efd8
9032ab886a442930a17bd528238616ebd63a6d63712c4b2eda518f84cb2fe4cb
99af8e594d8bfa3d207ac886b8d3a90d2dcbd00d6aebf71edb4600e5566810eb
a2f95610260cf64dd25b8eae0f74d5794e3609a8854cc78532dc3e796ce3d83d
a954f53d05a60f8e52f29895a96cb54bf784c75c3bba62cb8af85c219163cc09
acf367b9ae2a316f27c3f42706e0417a488868884f9406f334a3240f0c176b4d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc4b0c1b29bfc9a420b7a21150a764688407e7bc3c976cf62b1dec5237a13e99
befb85a4fa7e4b368a637a23b0e8d5cdb952762a528604a92297d3b508f5f7bf
bf1798a11a26e7751ae0c54551736aca9d39c5c63b64ebc6f52dff8d6fd7e367
c3af6d3d6078e73686473d771702059ee76520e1e9734d98b9c5bc3b2e6bd290
d51f2f5c06746f399d43b6e6548b072f1ad74f9f42fef3f9a17f54aadd33aa5b
d99d25ca6a5ba195d8836bd6d9dc4ff311234fe5c48e8581cce60c4c4534a34b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
f5752aa19ce173c5cf0d68e5fe90bb5ebb8ccdb726669becd5e0fcdf837e52f8
f5c73be20f1c843f720e46556edcca1bd93810cd4fa39f19f413113ac43f8fd3
f696a6194a7c208a54b467d45f76580b9f03f9132150241bb4aa67f476bca6ed
f7ff621558a8c3b58d7375090ebe6544e0e6d145eaacb2f2b6f9c44ee5c96eed
f8d106006e9c65e2e9192aa3852e8ca9506984b7ed89940cfbfaeb84cc0e08d3