urlscan.io logo urlscan.io
SecurityTrails logo

verfahren-sp.net Open in urlscan Pro
2606:4700:3033::ac43:d9e7  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://verfahren-sp.net/
Effective URL: https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
Submission Tags: threatview.io malwar3ninja rule: suspected phishing scam automated-submission Search All
Submission: On August 14 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3033::ac43:d9e7, located in United States and belongs to CLOUDFLARENET, US. The main domain is verfahren-sp.net.
TLS certificate: Issued by WE1 on August 9th 2024. Valid for: 3 months.
This is the only time verfahren-sp.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
2 18 2606:4700:303... 13335 (CLOUDFLAR...)
1 76.76.21.98 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
19 3
Apex Domain
Subdomains		 Transfer
18 verfahren-sp.net
verfahren-sp.net
675 KB
2 umami.dev
api-gateway.umami.dev — Cisco Umbrella Rank: 88435
753 B
1 umami.is
analytics.eu.umami.is
2 KB
19 3
Domain Requested by
18 verfahren-sp.net 2 redirects verfahren-sp.net
2 api-gateway.umami.dev analytics.eu.umami.is
1 analytics.eu.umami.is verfahren-sp.net
19 3

This site contains no links.

Subject Issuer Validity Valid
verfahren-sp.net
WE1		 2024-08-09 -
2024-11-07		 3 months crt.sh
analytics.eu.umami.is
R10		 2024-07-29 -
2024-10-27		 3 months crt.sh
umami.dev
E6		 2024-06-25 -
2024-09-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
Frame ID: 03F2AEA94E0E1CA51D1122E9314B33B4
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online-Banking Zugang aktivieren | Sparkasse

Page URL History Show full URLs

  1. http://verfahren-sp.net/ HTTP 307
    https://verfahren-sp.net/ Page URL
  2. https://verfahren-sp.net/cdn-cgi/phish-bypass?atok=OoS6Lz.uIlVzOinNHP4ZA0URzzTgHseS1voDJfoqRBo-172362... HTTP 301
    https://verfahren-sp.net/ HTTP 302
    https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

19
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

677 kB
Transfer

3575 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://verfahren-sp.net/ HTTP 307
    https://verfahren-sp.net/ Page URL
  2. https://verfahren-sp.net/cdn-cgi/phish-bypass?atok=OoS6Lz.uIlVzOinNHP4ZA0URzzTgHseS1voDJfoqRBo-1723626848-0.0.1.1-%2F HTTP 301
    https://verfahren-sp.net/ HTTP 302
    https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://verfahren-sp.net/ HTTP 307
  • https://verfahren-sp.net/

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
verfahren-sp.net/
Redirect Chain
  • http://verfahren-sp.net/
  • https://verfahren-sp.net/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://verfahren-sp.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b8fde28dd4cad00183eb38e130e31e1f8026f8a4b27a8a8a39256e5a249e790
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-ray
8b2fd53ccd5f1b36-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 14 Aug 2024 09:14:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7CdzQQTesK%2F%2FzQHCjA32WfagKLXqNDo2CfXSYKJO3RcMEXlb2DQOKYVBoJ561BD7MjUka3uuArI3oDU6898Lp7SYMZ4d%2FxUDGXFda5GbCbfzNL2D05aBy8fU7UYs9wn%2BrO17EucOxtk84xnCecYq"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://verfahren-sp.net/
Non-Authoritative-Reason
HttpsUpgrades
cf.errors.css
verfahren-sp.net/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://verfahren-sp.net/cdn-cgi/styles/cf.errors.css
Requested by
Host: verfahren-sp.net
URL: https://verfahren-sp.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://verfahren-sp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Aug 2024 09:34:53 GMT
server
cloudflare
etag
W/"66b33fbd-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
8b2fd53d3e1b1b36-FRA
expires
Wed, 14 Aug 2024 11:14:08 GMT
icon-exclamation.png
verfahren-sp.net/cdn-cgi/images/ 		452 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verfahren-sp.net/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: verfahren-sp.net
URL: https://verfahren-sp.net/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://verfahren-sp.net/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:14:08 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Aug 2024 09:34:53 GMT
server
cloudflare
etag
"66b33fbd-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
8b2fd53d6e681b36-FRA
content-length
452
expires
Wed, 14 Aug 2024 11:14:08 GMT
favicon.ico
verfahren-sp.net/ 		278 B
663 B 		Other
General
Check archive.org
Download Go to
Full URL
https://verfahren-sp.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9f51ffb781c1c87bc269d4afa597557c94a3fea65c2fac4da5c05cbb6d5b40b

Request headers

Referer
https://verfahren-sp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:14:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QzQ6eTJ5btE4YHg5JR69CALT94IfAE4sppGUNP5WQvG0%2BMOfw6WxxXZtBnZjNcvCeDmRInEQ1pCLKJq9hg9WO%2FG6himmvQhPagYSeMJ61rx7mzBZq%2BZWH6uvtzElA%2BI1reK55Qi2VXilmGQDJRlZ"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8b2fd53dbec61b36-FRA
alt-svc
h3=":443"; ma=86400
Primary Request index.php
verfahren-sp.net/SPPRTZLKDJ/
Redirect Chain
  • https://verfahren-sp.net/cdn-cgi/phish-bypass?atok=OoS6Lz.uIlVzOinNHP4ZA0URzzTgHseS1voDJfoqRBo-1723626848-0.0.1.1-%2F
  • https://verfahren-sp.net/
  • https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
144 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cfeb46db3598e7ff3c248126fe9d544fe1e00f4ab311dec3cafe0bbefc0fde3

Request headers

Referer
https://verfahren-sp.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b2fd556195d1b36-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 14 Aug 2024 09:14:12 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p2pq6bn5BakdUx3lfqjbutXuFFtXdExXyCfbYDdBYyVN%2FjjfXnU5ITW1jO8Y1QGKBoQxZluXuBysfdsTDWwWn6qMpajTOp4%2FJXjXldZpWMyJxFrp05RTHnvbzXP3eW07AYNZ2ytN4IPSunv06kUZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b2fd554bf631b36-FRA
content-type
text/html; charset=UTF-8
date
Wed, 14 Aug 2024 09:14:12 GMT
location
./SPPRTZLKDJ/index.php?FGDD=1#HDHKJDJDSSJDSJKJDSJDSDJJDSHYKJHGFG
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hvcQlDdJGsh81CctHESRO71X%2BANJ8%2F%2FckNIbOqBMbcjKJR%2FHWtSFJR77tqetR3Ydq3TJmvbTaFFUo2weZ0TUtY%2FpPPRXEJcOgIcpVDSIh4qYGalUhJ014fbvQY2Lw7wcvTHCE2Nt7ESbFgjniT8A"}],"group":"cf-nel","max_age":604800}
server
cloudflare
script.js
analytics.eu.umami.is/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.eu.umami.is/script.js
Requested by
Host: verfahren-sp.net
URL: https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
efea87cb00bae1bd1334d1b15d66a007d38b94b4bf4e15bc0e37a7814a4276df
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' *
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://verfahren-sp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' *
content-encoding
br
date
Wed, 14 Aug 2024 09:14:13 GMT
server
Vercel
strict-transport-security
max-age=63072000
age
7201
x-matched-path
/script.js
etag
W/"1ead7f8fadb266731e106c7fb39c6b6d"
x-vercel-cache
HIT
x-dns-prefetch-control
on
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-vercel-id
fra1::ckjkk-1723626853003-66df492c18a7
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="script.js"
internetfiliale.min.afc7ae1f00ee4bfb9d51522c08de507e.css
verfahren-sp.net/SPPRTZLKDJ/X911/ 		2 MB
330 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://verfahren-sp.net/SPPRTZLKDJ/X911/internetfiliale.min.afc7ae1f00ee4bfb9d51522c08de507e.css
Requested by
Host: verfahren-sp.net
URL: https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddfabcc95f5c431087bb7a466660546c05073b7e1019e2498dbb7e53cce2b50b

Request headers

Referer
https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:14:13 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 18:19:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65720cae-2472c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2DVa%2FsqbmKHyvzBrlrceVvy7fChiM9dkBiduwI%2FE%2F3Vp1hw4Nv5jl03ks8ruNK6Fv4XP0I575MMHWhY9coOuJ8RHJeS5l8bk11Ot7g2l46wH6pbZwUnC4m85dZp9qhpncHLHT1Sq2x%2FNMcHGfRD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8b2fd556da6a1b36-FRA
alt-svc
h3=":443"; ma=86400
internetfiliale.min.1ad45579c103c7d4ed66d462b867cc32.js
verfahren-sp.net/SPPRTZLKDJ/X911/ 		679 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://verfahren-sp.net/SPPRTZLKDJ/X911/internetfiliale.min.1ad45579c103c7d4ed66d462b867cc32.js
Requested by
Host: verfahren-sp.net
URL: https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf2bea2f3e0af55f365697cfc2a0b37e8d76a075cb53459521e0237d85e4eab

Request headers

Referer
https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:14:13 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 06 Dec 2023 00:16:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"656fbd66-a9d78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=10OC9vDfaoZOwA0F5C0Y5rFF6DOkA9P%2FokkeGfzUvabdY%2FVKVG1vV08ZmivDNzp2R5JKklj5JLrxzzAzEurufJRZwNCaQjCrT2SMn5OuIrxDo0x9xUzEr3aVIF7limNv4b2m62OjtJvAPKfaveRW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8b2fd556da6d1b36-FRA
alt-svc
h3=":443"; ma=86400
zab.jpg
verfahren-sp.net/SPPRTZLKDJ/X911/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verfahren-sp.net/SPPRTZLKDJ/X911/zab.jpg
Requested by
Host: verfahren-sp.net
URL: https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3317187f76e36dc3a4e97ff04eca2ab5bffe35684422e4d64fe1f3fed8694d2b

Request headers

Referer
https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:14:13 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 07 Dec 2023 17:06:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6571fb96-4ccf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eE2IdWX8wdwlbKgQsvqwOTJiYuVdmudIeaf1i8vvrzasrOTLh9wlK7nP9%2BWyIkdLVvCNFQ3YmK%2FpAyY96M112lrKWXGXUEGzBPPka89l4E7U5ZoLERunOnTvOTAJNco%2BTYb09Wdn1zX0pjALuT0I"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b2fd556da711b36-FRA
alt-svc
h3=":443"; ma=86400
content-length
19663
1828945.png
verfahren-sp.net/SPPRTZLKDJ/X911/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verfahren-sp.net/SPPRTZLKDJ/X911/1828945.png
Requested by
Host: verfahren-sp.net
URL: https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b388bdc8e4579bc1bdc7740215c3f426e8f419c5bf2d95085c0a3bc0ad92fdd3

Request headers

Referer
https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:14:13 GMT
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 16:13:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6571ef0c-3ee0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nlophfoIQqI5W7flCl1uoHXeutY1F2c19qx0PlzgqtSHaHf5x28hzV3aHJPxh3Y5At7Wtvx2mI59QORutQw8Y24nXA90KK7%2BP5ZXjU0mhr9bP3TnjYiIwSvki9SUs83Fsg8mZyx4FV%2Fpf3ZDvxgH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b2fd556da721b36-FRA
alt-svc
h3=":443"; ma=86400
content-length
16096
512x512bb.jpg
verfahren-sp.net/SPPRTZLKDJ/X911/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verfahren-sp.net/SPPRTZLKDJ/X911/512x512bb.jpg
Requested by
Host: verfahren-sp.net
URL: https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d778f9a248709d6508a3728820131d0fca71ba5d025f231d63dc16064f3bde02

Request headers

Referer
https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:14:13 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 00:16:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"656fbd66-3954"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80QfGt%2F3hJHWjhZTlM%2FLkTk5wQV7%2FOf4aIOtQTWZJRF8DS4ywZlWCR6YO%2B04DCtmG%2BAGy0L5%2BGNic6zmqEa1vSNUTuDZ8tUtxSDzDz2K5RchlC4lNL5P4DCxZvsM%2BrhPtcG3VP2Jlq5nivtI1HRq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b2fd5583c421b36-FRA
alt-svc
h3=":443"; ma=86400
content-length
14676
Sparkasse_web_Bd.woff
verfahren-sp.net/SPPRTZLKDJ/X911/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://verfahren-sp.net/SPPRTZLKDJ/X911/Sparkasse_web_Bd.woff
Requested by
Host: verfahren-sp.net
URL: https://verfahren-sp.net/SPPRTZLKDJ/X911/internetfiliale.min.afc7ae1f00ee4bfb9d51522c08de507e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ae3f33664fc3b273913900b81d8812d5a6a3c098b86d93d1f0ec54259d9441d

Request headers

Referer
https://verfahren-sp.net/SPPRTZLKDJ/X911/internetfiliale.min.afc7ae1f00ee4bfb9d51522c08de507e.css
Origin
https://verfahren-sp.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:14:13 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 01:42:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"656fd16e-6274"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tlNlk5ZeNNQ%2FnnsV2BEthqysCyONJSC%2B%2BIO5iJlImxjfQLKE9tlFpEIKM5Ru4MFDrMmeNak6fUsSZMBGgyR5B1Oh1%2BF8dRJlnfLYqRrxnsh0GUprZaQsHLMMg3Kfunr02cTI3ejq6b%2B1HObwDtZ1"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b2fd558ed3b1b36-FRA
alt-svc
h3=":443"; ma=86400
content-length
25204
Sparkasse_web_Rg.woff
verfahren-sp.net/SPPRTZLKDJ/X911/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://verfahren-sp.net/SPPRTZLKDJ/X911/Sparkasse_web_Rg.woff
Requested by
Host: verfahren-sp.net
URL: https://verfahren-sp.net/SPPRTZLKDJ/X911/internetfiliale.min.afc7ae1f00ee4bfb9d51522c08de507e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43a2c75ca73d8c1101ff7ae617e6dbc6934e8aa1cd72d64ce50908ac297156cb

Request headers

Referer
https://verfahren-sp.net/SPPRTZLKDJ/X911/internetfiliale.min.afc7ae1f00ee4bfb9d51522c08de507e.css
Origin
https://verfahren-sp.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:14:13 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 01:42:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"656fd168-61f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2Bb5woSbEjlPoLPy590J5GpYMVwgw32qmctDdbn5pfrRFYbXtRPAGjgSbhvvQripdkJZqM6IK%2BZF7WX45U2knUQgc0B4DeVVZrYcCI5iNbOv%2F3SbVBhfG5Wrk4yY62lK0a1eVRwbnVUE0AlTzgCo"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b2fd558ed3d1b36-FRA
alt-svc
h3=":443"; ma=86400
content-length
25076
break.html
verfahren-sp.net/content/myif/sk-koblenz/work/filiale/de/home/misc/ 		278 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://verfahren-sp.net/content/myif/sk-koblenz/work/filiale/de/home/misc/break.html?type=jslog&url=https%3A%2F%2Fverfahren-sp.net%2FSPPRTZLKDJ%2Findex.php%3FFGDD%3D1%23HDHKJDJDSSJDSJKJDSJDSDJJDSHYKJHGFG&stref=checkProxy&check=false&hostname=verfahren-sp.net&salt=5wohrNe34g&hash=731663296&proof=-1064120473
Requested by
Host: verfahren-sp.net
URL: https://verfahren-sp.net/SPPRTZLKDJ/X911/internetfiliale.min.1ad45579c103c7d4ed66d462b867cc32.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9f51ffb781c1c87bc269d4afa597557c94a3fea65c2fac4da5c05cbb6d5b40b

Request headers

Accept
text/html, */*; q=0.01
Referer
https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:14:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84KJp9BBUlcO8ICSJT7peFE19AVEcKfqg3RwA8PUx5aHbm%2FnnTucRGORIotu7k1AjA1UlwND67GBgtD0in1rjHggdvSVwOpDgde7lj%2BmXUN4RM3hE99DHWa85XKq63m%2FFWAxV7uP1kjI1A9wscFq"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
8b2fd5590d541b36-FRA
alt-svc
h3=":443"; ma=86400
send
api-gateway.umami.dev/api/ 		56 B
753 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-gateway.umami.dev/api/send
Requested by
Host: analytics.eu.umami.is
URL: https://analytics.eu.umami.is/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fb795ae3d496acccf0fc6815b2dc24ac40b3cd6398e880a5d3cec6e9244011
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://verfahren-sp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Aug 2024 09:14:14 GMT
content-security-policy
default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
on
alt-svc
h3=":443"; ma=86400
cf-placement
remote-EWR
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
expect-ct
max-age=86400, enforce
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t3neIUqg6d7tWWM8gDMLQvvmUHs%2FGUUrfOJqKG1dJcqisDnQQCcnTLgpKaxo8Ztiy%2FdUEPkXnKZX6Hk%2Bw2a3aHossBSB9qQwdoUv3vMP%2Fl1SEqY%2FLSaWbx31URhGi4dVQVNdqhlgFY2VjtXw4jJQvSYnrw8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-ray
8b2fd55b69eb5c98-FRA
access-control-allow-headers
*
send
api-gateway.umami.dev/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-gateway.umami.dev/api/send
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://verfahren-sp.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-placement
remote-EWR
cf-ray
8b2fd55a99245c98-FRA
content-length
0
date
Wed, 14 Aug 2024 09:14:13 GMT
expect-ct
max-age=86400, enforce
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YECEfVMtylJjYTopJwjXu4Ou5fbnOCrYBYzfuFwMtmWhn6beHcAPrBrBHyItjHWiQXZ6DppuyuFmaTonRZ%2B3jMhTe%2BCN1Quniv32BGsCZujouSaApuXNmF9TjmunayN0WiOw9iU8o0qIdwhcYgGQdkdDfEw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
index.php
verfahren-sp.net/SPPRTZLKDJ/ 		144 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cfeb46db3598e7ff3c248126fe9d544fe1e00f4ab311dec3cafe0bbefc0fde3

Request headers

Referer
https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Aug 2024 09:14:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FNM6iWQaVq5USwrWbN90sgHkz4ZUoplQDp43muBezN3AdBAOIaivw8a2oQlBOfiO%2FP4fGbw64vUt7ogAp0OzhoL66NgWuNb33FrE6rc4QL4jlLAuUop8AEtf4K4KRGG5AH4Fnq6sEDUI7FbcCpgW"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
8b2fd55a7fa91b36-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
verfahren-sp.net/SPPRTZLKDJ/X911/ 		1 KB
703 B 		Other
General
Check archive.org
Download Go to
Full URL
https://verfahren-sp.net/SPPRTZLKDJ/X911/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b09bfaae201b4b85471fc79e4890ed850374b3751f3dbda255092b1740c4737

Request headers

Referer
https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:14:13 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 22 May 2023 11:30:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646b5238-47e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PNzQzVkWMUXT448Ca78IQyKNDZMSIylskzG4eKjWqgcFa2gKwcgirNIjqSn08Mlwl6xEa%2B3jS46rtsO7O6m8Znel%2FYXRi%2BIlpcRVhTmtlQLnAtba0WCeXlGjhf%2Bbivtk2Kq%2BH7C%2F7bLe6tr5HAPu"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8b2fd55b38cf1b36-FRA
alt-svc
h3=":443"; ma=86400
index.php
verfahren-sp.net/SPPRTZLKDJ/ 		144 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d9e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cfeb46db3598e7ff3c248126fe9d544fe1e00f4ab311dec3cafe0bbefc0fde3

Request headers

Referer
https://verfahren-sp.net/SPPRTZLKDJ/index.php?FGDD=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Aug 2024 09:14:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2wZtYEy6Nxb4kd5tka8T7H2NcPiIIZGVDQw7KW1ePsBN%2BrIUPCZ1jScvCvDVvmhwnsC%2F9CsIDs4tuxAY4Pm4fwQTCQA3%2Fvs%2BaK7g16LjcANhSUlMBD66%2F3XhEDtj1rus8vc4Z0dNx3rDxuvtyCht"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
8b2fd55bc9ce1b36-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| umami function| _0x37ad function| _0x2c36 object| IF6 function| getQueryParamValue function| overlayShow function| overlayClose function| setSessionTimeout function| focusBankingFormularElement function| toggleClassInRows function| SLURI function| moveBContent object| ifLoginHeaderTimer function| refreshClientTimeout function| refreshServerTimeout function| showCountdownLayer function| updateHeaderLoginIfPresent function| tick function| countdownShow function| callBreakHtml object| nbfDatePicker object| nbfTanInput function| selectListBoxItem function| createMobileViewContainer function| destroyMobileViewContainer function| initializeMobileViewContainer function| clickHandlerClose function| editTeaserRef function| pagenav_statistics_send function| pagenav_statistics function| pagenav_scroll function| pagenav_scroll_window function| $ function| jQuery object| myif function| filterOptions function| clearInput function| normalizeText function| selectOption function| redirect number| chr boolean| bcarouselAttached object| $mkpDropzoneInput object| $mkpDropzone boolean| mkp_switcher

2 Cookies

Domain/Path Name / Value
.verfahren-sp.net/ Name: __cf_mw_byp
Value: OoS6Lz.uIlVzOinNHP4ZA0URzzTgHseS1voDJfoqRBo-1723626848-0.0.1.1-/
verfahren-sp.net/ Name: PHPSESSID
Value: klfdseg1ht0hquvl0gegks6pi4

3 Console Messages

Source Level URL
Text
network error URL: https://verfahren-sp.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://verfahren-sp.net/content/myif/sk-koblenz/work/filiale/de/home/misc/break.html?type=jslog&url=https%3A%2F%2Fverfahren-sp.net%2FSPPRTZLKDJ%2Findex.php%3FFGDD%3D1%23HDHKJDJDSSJDSJKJDSJDSDJJDSHYKJHGFG&stref=checkProxy&check=false&hostname=verfahren-sp.net&salt=5wohrNe34g&hash=731663296&proof=-1064120473
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api-gateway.umami.dev/api/send
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN