voiksbanksicher-ueber24.xyz Open in urlscan Pro
2606:4700:3031::ac43:a0dd  Malicious Activity! Public Scan

Submitted URL: https://us.stromieri.za.com/viwutrigfwheiduzweufgwheiufzgweuzf.php
Effective URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgk...
Submission: On April 19 via manual from DE — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3031::ac43:a0dd, located in United States and belongs to CLOUDFLARENET, US. The main domain is voiksbanksicher-ueber24.xyz.
TLS certificate: Issued by GTS CA 1P5 on March 10th 2024. Valid for: 3 months.
This is the only time voiksbanksicher-ueber24.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 162.241.125.232 19871 (NETWORK-S...)
1 1 172.67.178.44 13335 (CLOUDFLAR...)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 18 172.67.160.221 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
20 3
Apex Domain
Subdomains
Transfer
20 voiksbanksicher-ueber24.xyz
voiksbanksicher-ueber24.xyz
266 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
31 KB
1 verbanlau.xyz
verbanlau.xyz
504 B
1 za.com
us.stromieri.za.com
229 B
20 4
Domain Requested by
20 voiksbanksicher-ueber24.xyz 2 redirects voiksbanksicher-ueber24.xyz
2 cdnjs.cloudflare.com voiksbanksicher-ueber24.xyz
1 verbanlau.xyz 1 redirects
1 us.stromieri.za.com 1 redirects
20 4
Subject Issuer Validity Valid
voiksbanksicher-ueber24.xyz
GTS CA 1P5
2024-03-10 -
2024-06-08
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh

This page contains 2 frames:

Primary Page: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Frame ID: BF4E0875740152E4ACCED631BB43F8CB
Requests: 18 HTTP requests in this frame

Frame: https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
Frame ID: C15A026C32DAC2AC5966C2AABE577F9A
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Anmelden

Page URL History Show full URLs

  1. https://us.stromieri.za.com/viwutrigfwheiduzweufgwheiufzgweuzf.php HTTP 302
    https://verbanlau.xyz/brand HTTP 307
    https://voiksbanksicher-ueber24.xyz/?s=vrk8bi1rqfs7gq4hhlj37c0hi2ku433x HTTP 302
    https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJ... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

20 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

296 kB
Transfer

1552 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://us.stromieri.za.com/viwutrigfwheiduzweufgwheiufzgweuzf.php HTTP 302
    https://verbanlau.xyz/brand HTTP 307
    https://voiksbanksicher-ueber24.xyz/?s=vrk8bi1rqfs7gq4hhlj37c0hi2ku433x HTTP 302
    https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
voiksbanksicher-ueber24.xyz/login/
Redirect Chain
  • https://us.stromieri.za.com/viwutrigfwheiduzweufgwheiufzgweuzf.php
  • https://verbanlau.xyz/brand
  • https://voiksbanksicher-ueber24.xyz/?s=vrk8bi1rqfs7gq4hhlj37c0hi2ku433x
  • https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
1 MB
134 KB
Document
General
Full URL
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a0dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb1e4731164dda2d8d3b57061d1d9873a4ca5370de119e6524f33461d7027b4d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
876b339248c636dd-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 19 Apr 2024 07:32:34 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fTQUnzon3yGwRFyWccGlkDbs%2BNX212lOGgU87vSYNhEYADjHVUZXbJ8UUWhgMvzyGv6sHPBSTq%2BNTcIIZ6DiceQxa7DgHOpWVp0yeOrGU4a4y2CWvZvm8noy5B4wvge7IDDD7mFKksdHHizpuyQmma009wele%2F46nAo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
876b33912fb136dd-FRA
content-type
text/html; charset=UTF-8
date
Fri, 19 Apr 2024 07:32:34 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Km4X2FswuhinqmaEKs92dQVX3QkG8QSx3ehcjxc4%2F52ApWXGE4%2BOBMCp6Q%2Fdph2K8N2tV0TC3OW%2BJxDPA7YLPjyqPr7fpKYFUoGlv5aqb3YV%2B0RSMu%2BvVbpnnWkQjcY0PYTAoP32FQpmGSmrYZeBKrMXLGxQCoYL59g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
styles.c41ccfebca008d50e005.css
voiksbanksicher-ueber24.xyz/new/
31 KB
5 KB
Stylesheet
General
Full URL
https://voiksbanksicher-ueber24.xyz/new/styles.c41ccfebca008d50e005.css
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88aa1d3191c4fd20292768909dbf14e04bda916792a3a6ce7b3970a1dca0dc97

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7ce7-5dacaf2b8ce80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sw60GqauBbm2Z0bWxpxu0oFGeoeQhzbNrhh2wVHqIg0PXlmfeA4z6Gc4RbWRqmr0CjM%2F%2Bwi7mA2LJjZqCHAcT013TNeD6pUH0N8TkqAmm57TgGTn67M3etzN3rlcp%2FMz2RxXoG%2BpyRk6cGo%2B97g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
876b3393099f912e-FRA
alt-svc
h3=":443"; ma=86400
logo.png
voiksbanksicher-ueber24.xyz/new/
11 KB
12 KB
Image
General
Full URL
https://voiksbanksicher-ueber24.xyz/new/logo.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
484e193247ff1d9817990f0a936e75dc76ed69859cf8f1c854dff331fda44da8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Jul 2019 18:44:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3782
etag
"2d6c-58d43f3227440"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QTVCP0QuA%2BbesWDKOSVGWYbzqw2SVYdIhMMDiMN49tUWJ4gl6UNZvBum4m4mtUu%2FCLYeCx4R9W%2BH70u5T6JafJNg%2BguFp7kqIAi4nP4sMMOC21YPF%2FVUtKRPkQUc1iVk5JGae2Uea51Smcxj%2FD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876b33942a9b912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
11628
SchwaebischHall.png
voiksbanksicher-ueber24.xyz/new/
4 KB
5 KB
Image
General
Full URL
https://voiksbanksicher-ueber24.xyz/new/SchwaebischHall.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b80565005aab705788b217adbb52b163ae2efdf99fe81ee9d89f91e415e34af

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"10cf-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZnDzOP2llxtELBE%2FPUpzPiO31r1uQnI606wP3Z7%2FJmKd750Mz9WCRqwFGlZQXzycRjTkuk1MgLswn0Sf%2B8WIEDOKZjYbXrTxDiTxNLKEStZCbijj%2BPXreTcMXIL913FTwI9JN0r4lyRFACgeQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876b33942a9c912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
4303
UnionInvestment.png
voiksbanksicher-ueber24.xyz/new/
6 KB
6 KB
Image
General
Full URL
https://voiksbanksicher-ueber24.xyz/new/UnionInvestment.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"17fe-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BDn%2BRkRrQFnXD%2BVl1DFSWd6JcRjC77oNhkvPLrZjzwLiLwEzv4Bbx3%2FyV4WN82ErKYNrIs4cXLm6fY6LFnrzXG%2FpiUfK85QTvkg1Fe%2Fd8Cw%2BxPcC2o8aO0Kc77q41sYWa9WhSgrx%2BIjisdbXbts%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876b33942a9f912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
6142
RundV.png
voiksbanksicher-ueber24.xyz/new/
5 KB
5 KB
Image
General
Full URL
https://voiksbanksicher-ueber24.xyz/new/RundV.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1335-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4HbiznHYqdMoqj9tnUQkHFeefcImeXPzdYLk%2BSa67%2B2zKnrlTa%2FZLp6nl%2Bofr8Me0g5uOipKZ0fexzm37S8Akl1pzRZvrVKn5Y7bingDxitrgTZDyB2K5nV2BiE%2B4oHN4X9MIk%2FYxr2BA%2F7GxUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876b33942aa0912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
4917
easyCredit.png
voiksbanksicher-ueber24.xyz/new/
5 KB
5 KB
Image
General
Full URL
https://voiksbanksicher-ueber24.xyz/new/easyCredit.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab26bc72d10a5d80984e1a1bbe9f5d12c38013e35070f3ab382908c1f08594ec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"13dd-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2L9xlmXEI7z58B%2BKGkXya9KWw082UMWlJ4%2B%2BRDXjspFfjA4wd9d6VUz%2FGjualtrCJAVBmPpvTehv25WXKb%2FfOfpyrje0RhIrZS9dNaJyCZuUqri2Y%2BP8RqEfCz6fTAdQ70XiEik2sReHzn0XpR4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876b33942aa1912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
5085
DZBANK_Initiativbank.png
voiksbanksicher-ueber24.xyz/new/
16 KB
17 KB
Image
General
Full URL
https://voiksbanksicher-ueber24.xyz/new/DZBANK_Initiativbank.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4194-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mv4Z3YtICA9ja4tFskVCpCspOuVPdJINJsC15lH7%2BNsMepOamhyjAUJ8%2FMyqpHHAlSF6otmlO3hMp47Tod2UX4OKUr44n8%2FxoMBj%2B%2BFtJX0wc0kmOdspq%2FeIoH%2B1of69%2F5OUQFWOVtH9l%2B2bOVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876b33942aa2912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
16788
DZPrivatbank.png
voiksbanksicher-ueber24.xyz/new/
3 KB
3 KB
Image
General
Full URL
https://voiksbanksicher-ueber24.xyz/new/DZPrivatbank.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c12-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eVGJoKJKeJ267TUFHBB0ayeMDINJy1v7Rt2RKaxOUeeCHqu%2BhTNVIZyiEiwuAS50nW3qUAqTR7iL36N%2Fqa3fs39aSheP2TLGFKOWQ9SWsOx%2BgFzoyCWYgOt2hO3WTSVC0DoVioiqODzOJjVP77U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876b33942aa3912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
3090
VR_Smart_Finanz.png
voiksbanksicher-ueber24.xyz/new/
4 KB
4 KB
Image
General
Full URL
https://voiksbanksicher-ueber24.xyz/new/VR_Smart_Finanz.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e8f-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yl2BmYEgk9MhztQ05s4RjHRXkoxo5uQQj7VxgHwmJFewYuAOAkBr2VY8%2FzCffZyoXv4BZNHaj8EJDDA7XnZevnaqAofpR80GJlHhOhIB74ZloSsFL9BeJiOYeRMQC6CIvdD7rSFuCTW28NGhXEU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876b33942aa5912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
3727
DGHYP.png
voiksbanksicher-ueber24.xyz/new/
2 KB
2 KB
Image
General
Full URL
https://voiksbanksicher-ueber24.xyz/new/DGHYP.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"75b-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2BYGdO9%2FbNJjODG0P%2BJBmHnObhD60tKvZ%2BCK3xL8RWLPOMmT4j%2B%2BPwgZgOz5GpmG3a6k6S%2B2e1ki8qoe88ahC3R7xBH1qs7Vfiza1dKEVMGxsMQft%2FJVo5EIi7Uz5bZ2Cg%2FxqhPx723kXJdYNNk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876b33942aa7912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
1883
M%C3%BCnchenerHyp.png
voiksbanksicher-ueber24.xyz/new/
6 KB
6 KB
Image
General
Full URL
https://voiksbanksicher-ueber24.xyz/new/M%C3%BCnchenerHyp.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f00e05e6fcb48cbf33e15e7393b71041234246e48727fc225310c153cfa6cc31

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"16ae-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FLEUpgYj6o7yWIuG40IrBOgRs98X5f6m1ceepNi48TNpC7jNErRItYEl6d5tcGyAljsW5BhQWRZTU2eTJC8URBk%2BI%2BTuHkChJ7aEdPBD8%2FPmVnnvT6QeStpmYkWcZ2hLsy0kFqn81RxX3rqfxo8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876b33942aab912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
5806
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/
86 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
115258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27748
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7bcThORyK9bcPDC2KNHbBaZrW7T16UJu7Nh8QoPootE%2BzmMeCHIQzylf4D5YZZ9TLl%2Fk3z5f396EgcLaiN7iztnRb9rYKLVLJwyGPZW1wggmbBIEDRMHUekJgX1hRk4npu0szInb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
876b33945beb18fd-FRA
expires
Wed, 09 Apr 2025 07:32:34 GMT
jquery.mask.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/
8 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/jquery.mask.min.js
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1238949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3038
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-1ff9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FEbR6TcXWwZweQ%2BvN8Kkpz3%2Flk3o3LkuQq6QNa%2BJMaGSw7nRoCEQlbo2aWGfxYN%2FN5vlM18qHYqDORVjPsmCfujTKE2QtYY4OQfWl3lzfBQXmeGUn6O5YHeD9QCoOOM5m8YdEEL8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
876b33945bed18fd-FRA
expires
Wed, 09 Apr 2025 07:32:34 GMT
site.js
voiksbanksicher-ueber24.xyz/assets/js/site/
7 KB
2 KB
Script
General
Full URL
https://voiksbanksicher-ueber24.xyz/assets/js/site/site.js
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af071a57c236fd1f0f0a862c29041c4cb73c0a2ed02d9f7abfb504ee5222909

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 19 Apr 2024 07:32:34 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BOF9vG5G5zSn0dqpzAKqV61lv5mMXIa6IZ3SuLJEFfMlHvSzXrN11sSmZNXtxIm3oVByjgIXl7TZQKV9xtc0YRbhrnrHxZLy1mr0nBnGv8epqeUVXQufr%2BqJqzSnzapIfCgn2q2eFbSq8rRY%2BDg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
876b33943aad912e-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
FrutigerVR-Bold_hinted.woff2
voiksbanksicher-ueber24.xyz/new/
24 KB
24 KB
Font
General
Full URL
https://voiksbanksicher-ueber24.xyz/new/FrutigerVR-Bold_hinted.woff2
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c825e9b517a70daf14196922b7c35578f62e5facea44a808acf4dadda1456b85

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Origin
https://voiksbanksicher-ueber24.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 22 Mar 2022 09:19:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6004-5dacb1d849e00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CB3joF1XawIPOqbeQMOqR5kvGogmiJGatuJGQFKt2RKHJNFab8TvbN%2BDCtUlqgMZBHNXeE678TAEkqrvlqQ7vx8gIok5hdcl1e%2BcM%2BYqeCxR2NBTJiXE5tUbsUrIxo4OgsZdAdI5Dyqk5hNoFbI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876b33945ace912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
24580
FrutigerVR-Regular_hinted.woff2
voiksbanksicher-ueber24.xyz/new/
24 KB
25 KB
Font
General
Full URL
https://voiksbanksicher-ueber24.xyz/new/FrutigerVR-Regular_hinted.woff2
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af04aec736c43b3a1e44614897ae314d3f624fcdc15f6d9749600963b20e4eff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Origin
https://voiksbanksicher-ueber24.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 22 Mar 2022 09:20:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6020-5dacb1e5a3d80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1cWo5KLdbr34YpYqYi0Ti6ddmRxB6nWygS8kdQYLrWemT3Zk%2BCeTt4xe4o7u7gwuzgm3oR%2BIe73Phg2JYU5emtFZ3FvMqwXQOokVLBVhptgtL4I5dCWg6V%2FqmAlX7QUeko5fYaHRS85KFTugsiI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876b33945ad2912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
24608
main.js
voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/ Frame C15A
Redirect Chain
  • https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
8 KB
4 KB
Script
General
Full URL
https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
Protocol
H3
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3c3221389c9dbd0396bcf0e8c0670688bb6189a066248851e0828529ebe466e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QU7UpH5IXqRnaz2B10ooxd2Vos29hSRPAe1arMHgdn7TcXKOraUhq0oLVPQN259DZiFv2DGCCkJQseL2BOT8kNoc53V1asoLU0BqSUbScHcFwJ19eRXojQwHHqZhbMCtOEO2kWCboYM76dcOCdI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
876b33959bec912e-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 19 Apr 2024 07:32:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nbi1RAJbDiLsaNjF7LGTkiycAyaZmclxoKWYAa6QX1pojDRN%2F5u7ecfrqJThl80AZM8REMCues5OXbZRA9BRPzXu9%2Bi4lNCNw9yG2dkYaLBGsnAQ%2BAZi8giMfIo0FwGVcaltQP6PiCZQO4HCask%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
876b33957bcd912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
voiksbanksicher-ueber24.xyz/new/
3 KB
4 KB
Other
General
Full URL
https://voiksbanksicher-ueber24.xyz/new/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4bdb3d21d0c5f31206ba58da6c63c69c618d73723fce095e872d67e11f9d818

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 09:23:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3782
etag
W/"d91-5dacb29706000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TYIVsAk27DixFXXj6dZUvJ1FA5IlVQWcTD0zPO4zr3F6gqPEvx0E3cNgAn1SwF3QS2RnTKe2lAt36k3jhmo0zZnPqXBaC%2FNw2Zn%2BjTX826NRBdyy4AOnhxNpxH3ywExrT8rroNS0uhoJB8uEpu4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
cf-ray
876b33958bdd912e-FRA
alt-svc
h3=":443"; ma=86400
876b339248c636dd
voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame C15A
0
608 B
XHR
General
Full URL
https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/876b339248c636dd
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Apr 2024 07:32:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FcIk%2Bg2CXob7gYWr8SI9GFq8sLWsBiN%2F2HeD8wFDmBV03IpNdYaCWASh%2B6OLeSQ1%2BE6pejrUviyGOW2CPNMcPEt0JGLrPZCo91Kc6%2FyrB1wV7zzSBgkcyuCIsvA7LTSknhsX5iD9ovipCvajnI0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
876b33961c7f912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| $jscomp function| Site object| site

2 Cookies

Domain/Path Name / Value
voiksbanksicher-ueber24.xyz/ Name: PHPSESSID
Value: 0s8tffgbks7jd7h2r7que2f2me
.voiksbanksicher-ueber24.xyz/ Name: cf_clearance
Value: CK_wSfjdyXzANB1KFFaWjU0lON3u4RN5zNC59qHPlBA-1713511954-1.0.1.1-BgSsHglB7gdQPC_fU.OUnz.XxQzOSU5qsQubuylmCEAN136wBpE96kVORTdnqxV4EQfJ2cCu2bGx9ZgfpXtQ3A

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://voiksbanksicher-ueber24.xyz/login/tWzLlYzpNTUKsvj&MSZYYpOlwSCr=SVyPIycbEASbdaS-YXVdfzPWxd&JsWIbMrWErfaDJHztkQYK=PmSBRACdYcgkqpPcyGSFBl
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
us.stromieri.za.com
verbanlau.xyz
voiksbanksicher-ueber24.xyz
104.17.25.14
162.241.125.232
172.67.160.221
172.67.178.44
2606:4700:3031::ac43:a0dd
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6
3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6
33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb
484e193247ff1d9817990f0a936e75dc76ed69859cf8f1c854dff331fda44da8
4af071a57c236fd1f0f0a862c29041c4cb73c0a2ed02d9f7abfb504ee5222909
60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c
7b80565005aab705788b217adbb52b163ae2efdf99fe81ee9d89f91e415e34af
88aa1d3191c4fd20292768909dbf14e04bda916792a3a6ce7b3970a1dca0dc97
93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47
ab26bc72d10a5d80984e1a1bbe9f5d12c38013e35070f3ab382908c1f08594ec
af04aec736c43b3a1e44614897ae314d3f624fcdc15f6d9749600963b20e4eff
bb1e4731164dda2d8d3b57061d1d9873a4ca5370de119e6524f33461d7027b4d
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168
c3c3221389c9dbd0396bcf0e8c0670688bb6189a066248851e0828529ebe466e
c825e9b517a70daf14196922b7c35578f62e5facea44a808acf4dadda1456b85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bdb3d21d0c5f31206ba58da6c63c69c618d73723fce095e872d67e11f9d818
f00e05e6fcb48cbf33e15e7393b71041234246e48727fc225310c153cfa6cc31