luftltd.com Open in urlscan Pro
2606:4700:3036::6815:59fd  Malicious Activity! Public Scan

Submitted URL: http://luftltd.com/?login=yvj4aidetcjrsne&user=xfjjyblpnqva037&anmeldung=rz2vfjibqitqyho
Effective URL: http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
Submission: On August 14 via automatic, source openphish — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3036::6815:59fd, located in United States and belongs to CLOUDFLARENET, US. The main domain is luftltd.com.
This is the only time luftltd.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

IP Address AS Autonomous System
1 12 2606:4700:303... 13335 (CLOUDFLAR...)
11 1
Apex Domain
Subdomains
Transfer
12 luftltd.com
luftltd.com
287 KB
11 1
Domain Requested by
12 luftltd.com 1 redirects luftltd.com
11 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
Frame ID: C294AA99183DE811C82E020DD1C610E5
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Online Legimitation

Page URL History Show full URLs

  1. http://luftltd.com/?login=yvj4aidetcjrsne&user=xfjjyblpnqva037&anmeldung=rz2vfjibqitqyho HTTP 302
    http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM Page URL

Page Statistics

11
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

286 kB
Transfer

621 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://luftltd.com/?login=yvj4aidetcjrsne&user=xfjjyblpnqva037&anmeldung=rz2vfjibqitqyho HTTP 302
    http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
luftltd.com/
Redirect Chain
  • http://luftltd.com/?login=yvj4aidetcjrsne&user=xfjjyblpnqva037&anmeldung=rz2vfjibqitqyho
  • http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
10 KB
4 KB
Document
General
Full URL
http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:59fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba18bdd3764154eaeaddd2deb1c9dea7086a648a82f237487fd3de2e22a40572

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
73aa052ccf369b21-FRA
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Aug 2022 13:26:05 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Pehx9ttyveYTa%2BYqJF0NgeaiuHNft468%2Bry37lmVSz1qX5qyx7BSs7Y%2Ff%2Fr0kiGtUEfD2%2Fe0zFyvSSJWSRyt7gTrfS0KxQwP9uIk5dzvJQGVNYaaKBSS%2B9gCHFMoXcmjJBXNHthL7y4MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
73aa0509792a9b21-FRA
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Aug 2022 13:26:05 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ri2oydRy8kE7vd3m%2Bm6Yj9C5q17NhEoKiljxHW5Cq4gWRX3fP50pt6C1L7aMBlxtt03l1cfDloQb%2FF66ZdbpDiV5YUZ0a00sNFVJ87hYwPjXPVRhgQudUTNMYQcOu%2BM8xvAFATsa9aK7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
U4edda4bdfef980
luftltd.com/
278 KB
45 KB
Stylesheet
General
Full URL
http://luftltd.com/U4edda4bdfef980
Requested by
Host: luftltd.com
URL: http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:59fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c15f4f08bd2d0cc24fcf0e0c1582eadc19abbab6e46396fdf69123af33685d92

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 13:26:05 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxxwcGIRsMhel2mx6Wcn5APvw06BS3pIpg4dprZCKM4EWOTU3%2FN1gxNDFcMMMkiWxs3B6x8o9K4LmDtB6AF39vh%2F1Ftvh4NPi2uALYYBQwnU4974qFVqvO4w4BMW4QCQAc%2B%2FC5OIzvtL8w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
CF-RAY
73aa052d78489b21-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
45283
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Ud080da85d24d68
luftltd.com/
94 KB
33 KB
Script
General
Full URL
http://luftltd.com/Ud080da85d24d68
Requested by
Host: luftltd.com
URL: http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:59fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
cache
Date
Sun, 14 Aug 2022 13:26:05 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8duOugEr69eumPcmiRAYx%2BISv2FL833Nyq1Is2nuK2O0FR5XhTuIIbQtI6Q6ywKUdG1WE7Lz6FZfdBN2eRBapgup11wH%2FL2qSS3s3fxDucqQPYltq5vXGwLJ7ykZ4dqYjF4IAFagCCejw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain;charset=UTF-8
Cache-Control
max-age=60
Connection
keep-alive
CF-RAY
73aa052d8f37bb4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
33369
Expires
Sun, 14 Aug 2022 13:27:05 GMT
Ud44fe7e07f6400
luftltd.com/
16 KB
6 KB
Image
General
Full URL
http://luftltd.com/Ud44fe7e07f6400
Requested by
Host: luftltd.com
URL: http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:59fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74bcd86bc937c41e4045ef2a14f6619ffc828ceeca96e7c1946330c34abba648

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
cache
Date
Sun, 14 Aug 2022 13:26:05 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7y9dbuysJj7oZeSexG%2BltNshEqvMHE5Q%2BpObDViSl%2BBaCGYq9dBnq5CeyD2Rhon65UxsLMEmnDpYX7fp6jRr9uxBaMxaD%2FFYInPG6rHUEbc5nYZkAiZLQEpMlgSePFX%2B5ZE3oQradJg4w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Cache-Control
max-age=60
Connection
keep-alive
CF-RAY
73aa052e88babb4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Sun, 14 Aug 2022 13:27:05 GMT
U336f0e5f827e6e
luftltd.com/
7 KB
8 KB
Image
General
Full URL
http://luftltd.com/U336f0e5f827e6e
Requested by
Host: luftltd.com
URL: http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:59fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
622cdddf9135812f42c5b6396df2b08c836819bb84d0bcd9e82e779d0a4ad469

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
cache
Date
Sun, 14 Aug 2022 13:26:05 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7gIxPZMckSXKvCljf9S4A%2FwIEv%2BjkPb47ic7pw%2Br3Ghhi6d0JpL7AF3DSsPb5CjEdst1e5SS9gnkHgPYhNDSukIjQcgSjNnikbfCDGAZ0qkdmoWxbEb91r85Pgjqmk6l74zRPBaKHF%2BVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=60
Connection
keep-alive
CF-RAY
73aa052e9ef79232-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
7022
Expires
Sun, 14 Aug 2022 13:27:05 GMT
U6f905677a6335e
luftltd.com/
39 KB
40 KB
Image
General
Full URL
http://luftltd.com/U6f905677a6335e
Requested by
Host: luftltd.com
URL: http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:59fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3d6aefec9d4c8294072e8a246a45716badf57373b71990f6254b4c480245288

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
cache
Date
Sun, 14 Aug 2022 13:26:05 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oTN3D1aNS3Dlr9mbuMX%2FNgiWRPFTeJRgClML3UPTK3z7nxEtndi0IW5TZY3jzbMKDmTV7x2pz3DtShdhl0%2BDvrTfMXCWhqt9%2FZcvrUhQREv77b99bUrHArvqQj0ZxJ5NJhpU3iftSqeQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=60
Connection
keep-alive
CF-RAY
73aa052e9c0fbb5f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Sun, 14 Aug 2022 13:27:05 GMT
U777ab42aa570ef
luftltd.com/
6 KB
6 KB
Image
General
Full URL
http://luftltd.com/U777ab42aa570ef
Requested by
Host: luftltd.com
URL: http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:59fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aed1efbbe0bb753684998625ef250fb40086fa7806930d159d80499a5aaf753

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
cache
Date
Sun, 14 Aug 2022 13:26:05 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7QbtA7P1ofpj7TCV%2FzpaFNXyH3gWqzu0yr5KziGcdFrSTnzfhHSd3HwrC6f20KNqRsJY6O3P2vf8C4kzHggn8PFfwpLSFl7gf%2Fc2x%2BKfTqLeGeMpOR5IvaPuQKEV1H3c9nY6RX7xleamg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=60
Connection
keep-alive
CF-RAY
73aa052e9e0292b1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5720
Expires
Sun, 14 Aug 2022 13:27:05 GMT
Ub810d5c26ce54a
luftltd.com/
46 KB
17 KB
Script
General
Full URL
http://luftltd.com/Ub810d5c26ce54a
Requested by
Host: luftltd.com
URL: http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:59fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
591c48a161f91ce005b11fa41df8645cff1859ae842c615dbcf929cd8ee108f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://luftltd.com/?login=318vzuDfWLEye7G&site=oOx2nhkPY7j1IWt&kunde=6pQAIRzhEeTgZvM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
cache
Date
Sun, 14 Aug 2022 13:26:05 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uC0cySMYCexJtGZeh020hQzhux1rj6ygji3ZJyhzZXK%2BY1ol80KMKtgq6T37oKjFWgiUNPzf8bqwzJo30TNxRsOeSuZdoUHvYytqwkOvajiUMLJbZRBn1%2FgTKDHbadCXo91Te2ortp8pDw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain;charset=UTF-8
Cache-Control
max-age=60
Connection
keep-alive
CF-RAY
73aa052e49829b21-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
16744
Expires
Sun, 14 Aug 2022 13:27:05 GMT
U802810c2c3213a
luftltd.com/
39 KB
39 KB
Font
General
Full URL
http://luftltd.com/U802810c2c3213a
Requested by
Host: luftltd.com
URL: http://luftltd.com/U4edda4bdfef980
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:59fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ad5dac2a400c1fb324e09df57325568e98772618ff818ca5344b171c834aa2

Request headers

Referer
http://luftltd.com/U4edda4bdfef980
Origin
http://luftltd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
cache
Date
Sun, 14 Aug 2022 13:26:05 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIYZc2T551a2l7jFqqBViuYW6B1hstaRW36exmakq3Smsr8A2%2B4lxXkWKinL%2FPP6DM%2FMFG6w1%2FMYOMsd7bczkyAHtkF0KpAIOnj1uherufk2OEEt%2BHEwX5%2BJKP6kDM2%2BmKccgEqb%2BtZhwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Cache-Control
max-age=60
Connection
keep-alive
CF-RAY
73aa052eda609b21-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Sun, 14 Aug 2022 13:27:05 GMT
U05f70956123fd2
luftltd.com/
48 KB
48 KB
Font
General
Full URL
http://luftltd.com/U05f70956123fd2
Requested by
Host: luftltd.com
URL: http://luftltd.com/U4edda4bdfef980
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:59fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56666c32c5c048a791e99fafef70d3791d6d5c6d350771ffbb4e2119df335f03

Request headers

Referer
http://luftltd.com/U4edda4bdfef980
Origin
http://luftltd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
cache
Date
Sun, 14 Aug 2022 13:26:06 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BJ4uiwoFYgKI4udKSruuB8FRf8RZpzQiNlpeq5mw%2FZ0ZD4bw1k3s7RpPACy3W5ztJ5si8S57wPcORXU5l1xQMovTc4%2FDuSXn4x6uXok2HqoaW55%2FAtvCZa1qPGiGzO%2B0L3XHSLfdz7Ygg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Cache-Control
max-age=60
Connection
keep-alive
CF-RAY
73aa05341bfdbb5f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Sun, 14 Aug 2022 13:27:06 GMT
Uddb21845e08d12
luftltd.com/
39 KB
40 KB
Font
General
Full URL
http://luftltd.com/Uddb21845e08d12
Requested by
Host: luftltd.com
URL: http://luftltd.com/U4edda4bdfef980
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:59fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3a096177fdb67dc609921050caec415a389d683674be529f2ba91f6e5514638

Request headers

Referer
http://luftltd.com/U4edda4bdfef980
Origin
http://luftltd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
cache
Date
Sun, 14 Aug 2022 13:26:06 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuEvdYaJyEFOBSi4tCz%2Fts2ejGXmIchqUv8sne2c895fD7aUBR3HjIXLag4sVNuOlVpHOqba54VX2T2M4qHN2GFrMKeVgfToX3M3vGktzF8tLcPZtR728urOsNUQroB1MIVKxlOre%2FEIjA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Cache-Control
max-age=60
Connection
keep-alive
CF-RAY
73aa05341b049b21-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Sun, 14 Aug 2022 13:27:06 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery object| deployJava function| Detector function| murmurhash3_32_gc object| swfobject function| ClientJS function| UAParser function| hsave string| s

1 Cookies

Domain/Path Name / Value
luftltd.com/ Name: PHPSESSID
Value: dgm2rogfm17pmvsm007mqu9vo1