de-legitimation-6120.xyz Open in urlscan Pro
2606:4700:3037::ac43:b243 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://de-legitimation-6120.xyz/de/Kontrolle/volks/
Effective URL:
https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/
Submission Tags: #phishing @ecarlesi Search All
Submission: On June 24 via api (June 24th 2022, 2:05:10 am UTC) from FI — Scanned from FI

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3037::ac43:b243, located in United States and belongs to CLOUDFLARENET, US. The main domain is de-legitimation-6120.xyz.
TLS certificate: Issued by E1 on June 23rd 2022. Valid for: 3 months.

This is the only time de-legitimation-6120.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3 29	2606:4700:303... 2606:4700:3037::ac43:b243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2

29 2606:4700:3037::ac43:b243 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

de-legitimation-6120.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	de-legitimation-6120.xyz 3 redirects de-legitimation-6120.xyz	292 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	6 KB
27	2

	Domain	Requested by
29	de-legitimation-6120.xyz	3 redirects de-legitimation-6120.xyz
1	cdnjs.cloudflare.com	de-legitimation-6120.xyz
27	2

This site contains no links.

Subject Issuer	Validity	Valid
*.de-legitimation-6120.xyz E1	`2022-06-23` - `2022-09-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/
Frame ID: 5D58EFBA0181BD2C1BD8616B8D1D7CF7
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Volksbank

Page URL History Show full URLs

https://de-legitimation-6120.xyz/de/Kontrolle/volks/ Page URL
https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe HTTP 301
http://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/ HTTP 301
https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/ HTTP 302
https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

296 kB
Transfer

1260 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://de-legitimation-6120.xyz/de/Kontrolle/volks/ Page URL
https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe HTTP 301
http://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/ HTTP 301
https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/ HTTP 302
https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
de-legitimation-6120.xyz/de/Kontrolle/volks/ 728 B
975 B 306ms
160ms Document
text/html 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708a5ef452403475d67c3d5a0912a4a7a72bf9ee5332d4770f45d60930b07a23

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7201e5637dfa77b6-KBP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 02:05:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJD3lCGw7GVvRz4UFJEukzCfdWaPl%2FC%2Fdb1ImS1gR5Wgr0DG425MtEClsm%2F73d0LZVr1hyhOXuemetu1EXIoz5Z%2BrZoPCYRX10CkDQbMqbjGo0nFjIcdU0S4y79Icpb5vfAFNxMchBGmfy7MzBcfCev4LMbEyL8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

Primary Request / Show response
de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/
Redirect Chain

https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe?
http://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/?
https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/?
https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?

964 KB
126 KB

158ms
157ms

Document
text/html

2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8afe9308a702adb4535b5fa637f3affaf879d3b4b5de86428e2d01d0a13b5be6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7201e56d3d6f2494-KBP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 02:05:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2Fxpoz6QGWm5A6ABWtNIJB%2BE%2BQ46A9Mu24G3TnG0hHmWMUtYv44uWzGga9%2FVxMfvoO69B1jVOcxPM6bKKfzHy3HOK4gYTWwEsXKCC0V7gjl3Zir3iAJI4gJGuj2WiqspiqwPjFDpwkFgjBs6BIhb7%2F%2Bz9LuPsns%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7201e56c7c992494-KBP
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 02:05:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: login/?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aqqo5p%2F5GIDx3oK89kbkdbK5bCWYIKv1U2w1ru6gEUrDfs0zmLJiXqVoGPJvbAGsD%2F1BnVoO6a3fmKO5HjtY4RjudKAh1LXPCnMTgRCCy80kqf0WvYM8NjKeCGMRh3UbkgSDpQcrbAmwzvoXHl3vHzp1VEavwPE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 jquery.min.js Show response
de-legitimation-6120.xyz/de/Kontrolle/volks/bower_components/jquery/dist/ 85 KB
31 KB 167ms
166ms Script
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/bower_components/jquery/dist/jquery.min.js
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:09:48 GMT
server: cloudflare
etag: W/"15283-5deb142644b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILlnnbAFRLSflDIZXBY4X98a%2F6qWIg3qHbL7iNieXmy6DESp8CgMKm9PG2h0mWjstAeMv2eJsOY8zMUiSv11SjXWfN41yuDck7Mw4n7NuZohbHWgqoEJTXgXAcqw47utk2xJTu6Aue75LK8oXRjKKvtQq%2FpPvnA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e56e5e802494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 ua-parser.min.js
de-legitimation-6120.xyz/de/Kontrolle/volks/bower_components/ua-parser-dist/ 0
0 156ms
149ms Script
text/html 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/bower_components/ua-parser-dist/ua-parser.min.js
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lg98uMkmTQq4wgvc1VZPdAioRKzBNHvv1fXkjmq9LP8VRzG68pBCAln596cEQxydGs7PTdQZdgwxtzPYz4IzwpbAj5kUznvi14UDp9iYeIusQ2JBTABGI446IfrfVmWM6GR5XkGkCPDam%2B31DLCeWw82j8sKdcc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7201e56e5e8b2494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 font-awesome.min.css
de-legitimation-6120.xyz/de/Kontrolle//login/css/ 0
0 156ms
150ms Stylesheet
text/html 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle//login/css/font-awesome.min.css
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqwQuxaAL%2F8teFI2fFzjEOisTbbUBaLCPXhzBe5cxsYyYLMbeuWv5zuwkv2Y5O27RjdCFLL7mJg6YdloaIIsBx4%2FsX1sam5VsY4ECM%2BjXFBsVjEMUo1kvSdw2sN83xySHaxEOckh5hJFltxmeK74kSbTNfOiHJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7201e56e5e8c2494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 143ms
40ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2458895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2erRimRObjmVkY1WEmTwARUOXIBYqlnWU4gjmVQnd1%2B9%2Fsx4dYjhRD3KPqd%2BCYhWp00uN1O4z1NRK9MWYBoxcHyDGgoP%2FTXzdRsNxXYYxhBVjdgYdTZJgH0a2v823VT4X7GSqLhOYd30qOfaWR68JelP"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7201e56eea629938-ARN
expires: Wed, 14 Jun 2023 02:05:03 GMT

GET
H3 200 core_form.js Show response
de-legitimation-6120.xyz/de/Kontrolle/volks/core/form/ 14 KB
4 KB 156ms
151ms Script
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/core/form/core_form.js
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60cd231b661f9f9a1412b5188a3a3bf7564b8fdecc97bb0fe6be34999da927ea

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:02 GMT
server: cloudflare
etag: W/"390d-5deb14339ea80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZmR42pJmyqc0SKHZLFZLeIiQgZEITSdv6vbdEBz5x7evRjnIfs6SYUOcD7VzIRYC6Wwyj37vuaAmW3C%2B%2BBxIlJ%2BfNbVK9V0ImWJtyu30yYjusOhUHfaXONq4Q7w9hfq7jczzoTaXwKGmnzJ%2BrwM%2BuiMP57et4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e56e5e8d2494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core_form.css
de-legitimation-6120.xyz/de/Kontrolle/volks/core/form/ 1 KB
866 B 156ms
152ms Stylesheet
text/css 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/core/form/core_form.css
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8a5a50d229192e436fec31dc1f61c98a0c10fd01b22e31746468c0df40152e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:02 GMT
server: cloudflare
etag: W/"5e9-5deb14339ea80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2B9hVrpYcLtFjgVuOuk9yS6bAfgNdbC3VIAS73J%2BKoHxa%2BwM5oB9sd8RpVD8r%2Bp6zlLUgf7grXR8p5od7UiQfN0Corskrk6h%2FHmG6P9JCkttQ6b25xhuPuJX3jPRvcfBrmM0iZVWcXbfmCDAXccCW3E1mP2CsRA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e56e5e8e2494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core_token.js Show response
de-legitimation-6120.xyz/de/Kontrolle/volks/core/token/ 17 KB
2 KB 157ms
152ms Script
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/core/token/core_token.js
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2c4a54b79a448cfe7331863e45d7b1859ff9aeac68e72fe413a537e6ee792bf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:00 GMT
server: cloudflare
etag: W/"448e-5deb1431b6600-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNMQ1hWYuGikgu5pumjTeQ9nIahbgtmWo8dU4w41Bzquxd72cDCDyLMzQIwQ%2BxGRWzaTFrkoUKvSFWGeO4g3AtAt7s8cA09aKu9bOqD2dVujws4P1GaZH2o%2BZUaa7yelfENJPfVACal%2FrDCFPDM4T49liw8wdV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e56e5e912494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core_token.css
de-legitimation-6120.xyz/de/Kontrolle/volks/core/token/ 2 KB
1 KB 157ms
153ms Stylesheet
text/css 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/core/token/core_token.css
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bcc1e01cd938f9d0faf84cedfb52b72e5fee4acb22dc9f806a519c2552ef9fe

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:00 GMT
server: cloudflare
etag: W/"940-5deb1431b6600-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbIeei3oeklLVCTBOvwlWb0GazdPuon90YOJ6r2LSWG313AjHyrrs6p2ifA4LdCIGS84sklcnN6JrM4%2FCihoBkdJxH4RxK4gBd4W89pDCsvZIAarzboiVvX3%2F5GJydq3f1J3GUKQbNBUWLqtXxodVT3Z1D6UQ1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e56e5e922494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 styles.c41ccfebca008d50e005.css
de-legitimation-6120.xyz/de/Kontrolle/volks/login/css/ 31 KB
5 KB 158ms
154ms Stylesheet
text/css 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/css/styles.c41ccfebca008d50e005.css
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4845ef45f4426035b2fc1fae4108a4b90517a0dbb95112b0aef970fd83a7189

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:50 GMT
server: cloudflare
etag: W/"7d0b-5deb146165680-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgPnsrfO5%2FMX2P2OuetHXIfmYfLJ8buoNKypprWb%2BX7L%2FNRbkeaMppnda7eIHwdOjP6SPqOSCZNlBSSjFpXHxlE2rzbzOmqGpqmzFwrume55Ooe08KJQk9dzVgFHiD768XSnJfjmRO%2BgJj64h%2BhgvwKaxDLSO%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e56e5e932494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo.png
de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/ 9 KB
10 KB 126ms
125ms Image
image/png 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/logo.png
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81e964fbcc0d91d57d4284567a6258537efdd63474f899bbd0ff419fa91c5984

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:56 GMT
server: cloudflare
etag: "259f-5deb14671e400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfaeeKTgB4AXaq%2FHLx47O7gUoYtwoEkttVgg%2FmR3OTElkCJkJqdzc0MfI96HR0R%2FQ7FWAt%2F%2FLsz04ODGiuJApnPAoB8eq0QI5Kf5YfF%2FgSJ0eW57fh2UO7to7yqudTrw35z%2B6vtZMNpw4LbQR6WQP6bs20Qq5bI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7201e56f6ff72494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9631

GET
H3 200 SchwaebischHall.png
de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/ 4 KB
5 KB 118ms
116ms Image
image/png 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/SchwaebischHall.png
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b80565005aab705788b217adbb52b163ae2efdf99fe81ee9d89f91e415e34af

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:56 GMT
server: cloudflare
etag: "10cf-5deb14671e400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A65GzJyUrYT%2FQMtW5vhz7vmHOH9J1dx94HxN%2FZNrpA7PNP1oWH4O8ziW6YIKV1XO0%2Fr8DKHH%2FdvLP%2BoBOu6jfCPZOUbXOgqFzNX2kdM1itewYKD1gf4FURlsEJhrntAC7dx681spRUMG2B4g4HuDLNzoFn23bgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7201e57018972494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4303

GET
H3 200 UnionInvestment.png
de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/ 6 KB
7 KB 116ms
114ms Image
image/png 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/UnionInvestment.png
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:58 GMT
server: cloudflare
etag: "17fe-5deb146906880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCBm%2F1Bs49Xrjl1Q2OqT3smVzqhQ%2BE6RHjfukNSR0j6KbGbanrEbpuzf%2BBE1TlRpMgG5IuYoLNBilH4R8b2n9XNhbl7SBVu09NgMdeXWuDwSH%2FnFB40d1CVp1f3U1ldT53FQSuiLI0dWLtkiDwiFeV4EOsIHzDc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7201e57018982494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6142

GET
H3 200 RundV.png
de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/ 5 KB
5 KB 117ms
115ms Image
image/png 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/RundV.png
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:58 GMT
server: cloudflare
etag: "1335-5deb146906880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lp9NLnnsL7UBeyJx%2BIvAdN3Feq0rOcEOZYqDIhfCT7fMYPkT5yZmV7yqVC7vR4O2Oml5qT5LVlOQRbQdyRKoycSVQ9ZBOOWR12HA87nbSBq5B16KrjkhqV5mJ%2F7OP527%2B68vM77k%2BOXOKTD%2B58dzfI94NEYbHTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7201e57028992494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4917

GET
H3 200 easyCredit.png
de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/ 5 KB
6 KB 96ms
94ms Image
image/png 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/easyCredit.png
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab26bc72d10a5d80984e1a1bbe9f5d12c38013e35070f3ab382908c1f08594ec

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:56 GMT
server: cloudflare
etag: "13dd-5deb14671e400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sci%2Fg%2Fs1L6MLUc98HwGPR7D4CMmLjbZQv75H%2BfaHslhil8ZtgdDmorH%2FA3rnijBk1ZT0%2F70F%2B2GKjXIASE8vifQM6i%2FN%2BzDYtPz3xgi2iCXicgxmBQ%2FWD7oqWhwUxLaWsSjJ9Z%2B7HvcPh8NIJSS8QuFEHVYizjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7201e570289b2494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5085

GET
H3 200 DZBANK_Initiativbank.png
de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/ 16 KB
17 KB 154ms
153ms Image
image/png 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/DZBANK_Initiativbank.png
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:58 GMT
server: cloudflare
etag: "4194-5deb146906880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8quMqFq2suKkB%2Fw7VLDWvtcy%2BN23VZjUOyP0OyNgfU45gmJhMzGSPaqxkjPdWHnm0dVT1NqFsbRYqSJ0rDa0djdyQKcEXhQNcpLB2YGFWoYlVOS0C37vlR6CzYxfp0hQ85cHKVcAt07HK3UMTFidaWhm2kYrcgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7201e570289c2494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16788

GET
H3 200 DZPrivatbank.png
de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/ 3 KB
4 KB 90ms
88ms Image
image/png 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/DZPrivatbank.png
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:56 GMT
server: cloudflare
etag: "c12-5deb14671e400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbrtF2KFH6RZMzAm65%2BjC%2BjoQNIGxXOA9ulmD1Sgia6ep6wO0t6ZP%2BRs1asoMuckEKikhsacLK4qapSxz01JwR5XrRM3njYnt6kvZXGiMyabu42QRe%2B4hT5N0AvdxeaQPzfT9%2BxB%2FXU6LOiGFF2jKt2tMhv3ix0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7201e570289d2494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3090

GET
H3 200 VR_Smart_Finanz.png
de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/ 4 KB
4 KB 125ms
123ms Image
image/png 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/VR_Smart_Finanz.png
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:56 GMT
server: cloudflare
etag: "e8f-5deb14671e400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLatGRvNsDNnXd5Bo6nDqoFhingsy8xuMPOrQX89LwADAnGBxCghk3mXeRhNo40brfi3Le94dfB9Zkrb%2FB1gOnmYtytuBlwKuEwAV6fuGGbeEPlGcvmEB%2B1huXCtjbImNo9kJjp3giPs56Q%2B3JawrX6lWUFXKPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7201e570289e2494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3727

GET
H3 200 DGHYP.png
de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/ 2 KB
2 KB 135ms
133ms Image
image/png 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/DGHYP.png
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:56 GMT
server: cloudflare
etag: "75b-5deb14671e400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zan2lJIc%2BsLrbgyA3hRSQ17PfjBw31qv4Z7eH0S9Iyne0AW34gk6V4zwTcvIiIO56hMnWa0Iz3VUPT%2F0eG4i1jBnhE2V0iO3FpNfC3miter0JqRC8BPgqPJg9JYWzEWPw5iKTajBIrG3HdFbgnbrm5X2M29S60%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7201e57028a02494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1883

GET
H3 200 M%C3%BCnchenerHyp.png
de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/ 6 KB
6 KB 121ms
120ms Image
image/png 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/img/M%C3%BCnchenerHyp.png
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f00e05e6fcb48cbf33e15e7393b71041234246e48727fc225310c153cfa6cc31

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:56 GMT
server: cloudflare
etag: "16ae-5deb14671e400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hppmvIXPCQh1pt1nbdZ0s5Q8PqETxtC8%2FvWhQUMG2XcHBaO80dP3F1YVwKgjtMiywZzfhJ2sTxuPdISp8%2BrW2pF58z%2FkfA1oYpKQdTPwD3bXiZBr8xUik4lAEjO4a9krx8PK%2FEDWJw66eSqraXYJhcP4wzWH98g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7201e57028a12494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5806

GET
H3 200 form.js Show response
de-legitimation-6120.xyz/de/Kontrolle/volks/login/form/ 5 KB
2 KB 124ms
124ms Script
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/form/form.js?v=62b51bcf0294a
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd88d44ab5b1dfcff947d5ce739fc6bcf61a4acbd043097d3b9aa245e3f34e3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:54 GMT
server: cloudflare
etag: W/"12d5-5deb146535f80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaI4ZZixTOtRtG7ckaRZMIzK5cHNgpaffyj9yEQsuDuz2Q%2BjeOVy5bFZG8n1MHFuGmNK0tH0ybHgPiGoSS286e54JcKTyoBtKXbdDGHjhe%2FGglmeeVceTNXVdQ5yC8FF77HxW4WJH2J1mN%2FbLHplY94olB6APkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e56fb8312494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 token.js Show response
de-legitimation-6120.xyz/de/Kontrolle/volks/login/token/ 1 KB
1 KB 124ms
123ms Script
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/token/token.js?v=62b51bcf02950
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50372824bb850b3891ec7f150cab492914fc6348f158deab54ecba2a48a2c5b0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:50 GMT
server: cloudflare
etag: W/"4f3-5deb146165680-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtF54YBJKwsDDweqUz9YmqTfVz%2BPP%2BmjZzsiKWgYSzT4GuvI49Qojm68GUaWTpPWGaqTvT%2FCsXvLQB7FjISXd%2FRAQA18pjAgzvWpswEFgrsObfSonEqC7ByVEPp3STKxzPB4nWooiVO%2BlM4oo85rK0adZtoBjjg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e57018942494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 FrutigerVR-Bold_hinted.woff2
de-legitimation-6120.xyz/de/Kontrolle/volks/login/fonts/ 24 KB
25 KB 152ms
151ms Font
font/woff2 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/fonts/FrutigerVR-Bold_hinted.woff2
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c825e9b517a70daf14196922b7c35578f62e5facea44a808acf4dadda1456b85

Request headers

Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Origin: https://de-legitimation-6120.xyz
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:58 GMT
server: cloudflare
etag: "6004-5deb146906880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKfN72YnzzlKrgYff6DZAlHeQVXUGDTQjnriJAU%2BUQC28oqn8iixLgm6kIJHFUlAh4QWW8jWMd0ZntM9O95hATOfs1rxi9SnihDa4rCx1pF5NQjZHNM%2FuCQZCUeWi%2BReBgXZHfs9fOcdp71wxN57VPXruSn6TKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7201e57038b22494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24580

GET
H3 200 FrutigerVR-Regular_hinted.woff2
de-legitimation-6120.xyz/de/Kontrolle/volks/login/fonts/ 24 KB
25 KB 151ms
150ms Font
font/woff2 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/login/fonts/FrutigerVR-Regular_hinted.woff2
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af04aec736c43b3a1e44614897ae314d3f624fcdc15f6d9749600963b20e4eff

Request headers

Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
Origin: https://de-legitimation-6120.xyz
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:11:02 GMT
server: cloudflare
etag: "6020-5deb146cd7180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NlX%2FrFNQy0TmI2frEY1B2txtCOa4CO8RXg%2F4i%2FAbExZsfs99p3rhSNGxHJqGtlD7Za7F8cDFtKgAp8PTDkzPinkAr47XZFvsS8dj6ZWVQuf5lziAqcDoOQrWK7nHE9qBgh9Mbf4qwfS26W5DpmqPm3F9kgF52E%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7201e57038b52494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24608

GET
H3 200 gate.php Show response
de-legitimation-6120.xyz/de/uadmin/ 58 B
556 B 105ms
105ms XHR
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/uadmin/gate.php?pl=token&link=volks&bid=52a37580f3d89f9c9679d04b28a33dbe&callback=jQuery321048864880308262637_1656036307811&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1656036307812
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/bower_components/jquery/dist/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa003397a3d693f26f02a86b15a79d30fa5b4953bd4620059c8f4e7282d4c477

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3H1dvOnd6NMbGZn4hp4joz9IkJJnAEaboSy2GOALSkze8aCOpelSGyYM3%2BdLd%2FgL6vvlsR5EUU7cRpwlGmRZRgjhNGPW6%2BdwX8WbJMEWWbBp7M3otY5vfM03X%2Fa6ZswwDM%2FNpbXMeHxhtSC7f8OH%2FpDT8%2FmHorA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7201e570f9802494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 gate.php Show response
de-legitimation-6120.xyz/de/uadmin/ 58 B
558 B 123ms
123ms XHR
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/uadmin/gate.php?pl=token&link=volks&bid=52a37580f3d89f9c9679d04b28a33dbe&callback=jQuery321048864880308262637_1656036307813&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1656036307814
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/bower_components/jquery/dist/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be3cbba41257d89c7f5a522e4a877193d4c6da34371d76bf37be9d2007bdfc9a

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe/login/?
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:05:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7X75HuNV1Z5Z09XzvTxm8KDFsqcW%2FwWsTfw7sGwoEc%2FO5701JOf4xtBUC6Egfs%2BAgEy%2FRsw0Qp6%2FcN95SK07Xnzdl7Fek535QP2Uw%2FtWWp01kr3HUT9%2BQSp7vrGdqy4aYmpsPvfcn%2FtbFSNzaZiAQcmqc5o4S%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7201e570f9812494-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			de-legitimation-6120.xyz/de/Kontrolle/volks/a1b2c3/52a37580f3d89f9c9679d04b28a33dbe	1969-12-31 23:59:59	Name: bid Value: 52a37580f3d89f9c9679d04b28a33dbe
			de-legitimation-6120.xyz/de/Kontrolle/volks	1969-12-31 23:59:59	Name: real Value: OK

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://de-legitimation-6120.xyz/de/Kontrolle/volks/bower_components/ua-parser-dist/ua-parser.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://de-legitimation-6120.xyz/de/Kontrolle//login/css/font-awesome.min.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
de-legitimation-6120.xyz
2606:4700:3037::ac43:b243
2606:4700::6811:190e
193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6
2bcc1e01cd938f9d0faf84cedfb52b72e5fee4acb22dc9f806a519c2552ef9fe
2bd88d44ab5b1dfcff947d5ce739fc6bcf61a4acbd043097d3b9aa245e3f34e3
3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6
33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb
50372824bb850b3891ec7f150cab492914fc6348f158deab54ecba2a48a2c5b0
60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c
60cd231b661f9f9a1412b5188a3a3bf7564b8fdecc97bb0fe6be34999da927ea
708a5ef452403475d67c3d5a0912a4a7a72bf9ee5332d4770f45d60930b07a23
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b80565005aab705788b217adbb52b163ae2efdf99fe81ee9d89f91e415e34af
81e964fbcc0d91d57d4284567a6258537efdd63474f899bbd0ff419fa91c5984
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8afe9308a702adb4535b5fa637f3affaf879d3b4b5de86428e2d01d0a13b5be6
93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47
aa003397a3d693f26f02a86b15a79d30fa5b4953bd4620059c8f4e7282d4c477
ab26bc72d10a5d80984e1a1bbe9f5d12c38013e35070f3ab382908c1f08594ec
af04aec736c43b3a1e44614897ae314d3f624fcdc15f6d9749600963b20e4eff
bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168
be3cbba41257d89c7f5a522e4a877193d4c6da34371d76bf37be9d2007bdfc9a
c825e9b517a70daf14196922b7c35578f62e5facea44a808acf4dadda1456b85
ce8a5a50d229192e436fec31dc1f61c98a0c10fd01b22e31746468c0df40152e
e4845ef45f4426035b2fc1fae4108a4b90517a0dbb95112b0aef970fd83a7189
f00e05e6fcb48cbf33e15e7393b71041234246e48727fc225310c153cfa6cc31
f2c4a54b79a448cfe7331863e45d7b1859ff9aeac68e72fe413a537e6ee792bf

de-legitimation-6120.xyz Open in urlscan Pro 2606:4700:3037::ac43:b243 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

296 kBTransfer

1260 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

de-legitimation-6120.xyz Open in urlscan Pro
2606:4700:3037::ac43:b243 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

296 kB
Transfer

1260 kB
Size

2
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!