lucylovesresults.com Open in urlscan Pro
2606:4700:3031::6815:4082 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lucylovesresults.com/
Effective URL:
https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s
Submission: On July 08 via automatic, source phishtank (July 8th 2022, 3:39:50 pm UTC) — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3031::6815:4082, located in United States and belongs to CLOUDFLARENET, US. The main domain is lucylovesresults.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2022. Valid for: a year.

This is the only time lucylovesresults.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1 12	2606:4700:303... 2606:4700:3031::6815:4082		13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	1

12 2606:4700:3031::6815:4082 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lucylovesresults.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	lucylovesresults.com 1 redirects lucylovesresults.com	287 KB
11	1

	Domain	Requested by
12	lucylovesresults.com	1 redirects lucylovesresults.com
11	1

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-06` - `2023-07-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s
Frame ID: 996A0776E99ED6D09D34E7144D7B14A4
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Legimitation

Page URL History Show full URLs

https://lucylovesresults.com/ HTTP 302
https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s Page URL

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

286 kB
Transfer

617 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lucylovesresults.com/ HTTP 302
https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response lucylovesresults.com/ Redirect Chain https://lucylovesresults.com/ https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s	10 KB 3 KB	144ms 143ms	Document text/html	2606:4700:3031::6815:4082 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:4082 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b528de82bea9495187fdbab92badb730e0f266eed30662f94095b4b15b1051b0` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7279ea178c5a375c-MXP content-encoding br content-type text/html; charset=UTF-8 date Fri, 08 Jul 2022 15:39:45 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwFiO2Wm6KAHiTmh7KU1Txc2HhFY3JZ8c3wSxJC9NtekMQUeKQ3BrqIMgFzTMIhI%2B7YL25aKi9OLMHhRwPXGeD02or%2FtawL9ml2CPWjn1HW8ZhUrbEtp%2B3BsnAAb8nwfIH71%2BUm1T0Q2Q89jAGGNLiKwyA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7279ea163a45375c-MXP content-type text/html; charset=UTF-8 date Fri, 08 Jul 2022 15:39:45 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 19 Nov 1981 08:52:00 GMT location ?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nk9SKGAczs%2F6P8edEIkYE7M%2FJELYMX%2B%2Fl%2B0T0NBEMJnp9xGIFpJZOLwcpd72lHA8gsxeXnl8Hv27gx7%2B6gvsvkib7M1Wde9r4RW3hdZsaaJxysvkzQYB6CAzPMq58%2Fjmfqnhkc6wRtlD7nNVsf%2BOxe0pg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	r2d4815bcfaa317 lucylovesresults.com/	275 KB 45 KB	233ms 232ms	Stylesheet text/css	2606:4700:3031::6815:4082 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lucylovesresults.com/r2d4815bcfaa317 Requested by Host: lucylovesresults.com URL: https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4082 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8d99b7c0cbc7382fe0e836bc295f09fee177f6c39a16ad6e0baf8f1519f948a1` Request headers accept-language de-DE,de;q=0.9 Referer https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Fri, 08 Jul 2022 15:39:45 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANPxkbmE3XMd6vw3fygQqkCOYyDcy8M%2B9A2n5VC3OcwM7mstIk6sDa0VV5shYVG7LdeFzG7%2BLqCAuVdl%2B7iy3bVi6o3rGKzGuet6gTbjYz0MVzCpyjXojvaJyMOYfYmaflALvtwcuLxoYXZd0mml59DHng%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 7279ea186ce28397-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	rdca4168c1361e4 Show response lucylovesresults.com/	94 KB 35 KB	249ms 249ms	Script text/plain	2606:4700:3031::6815:4082 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lucylovesresults.com/rdca4168c1361e4 Requested by Host: lucylovesresults.com URL: https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4082 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682` Request headers accept-language de-DE,de;q=0.9 Referer https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma cache date Fri, 08 Jul 2022 15:39:45 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzURX5RJ2N5L7IHB3XqoeIn3orrsbU5q2ZABOCXLb1WS1aSsHxei3smc1jVd4aRWYl8hxgxelaGejd8mlkgat%2Bz0X3vfi9B8mv10a1iXsf08esm4G6hbPD6BF7sAOr7SI7xXTULrrO49oZND6nmmz4sCTg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=60 cf-ray 7279ea186ce88397-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 08 Jul 2022 15:40:45 GMT
GET H3	200	re5ead8a2a96198 lucylovesresults.com/	16 KB 6 KB	162ms 161ms	Image image/svg+xml	2606:4700:3031::6815:4082 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lucylovesresults.com/re5ead8a2a96198 Requested by Host: lucylovesresults.com URL: https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4082 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `74bcd86bc937c41e4045ef2a14f6619ffc828ceeca96e7c1946330c34abba648` Request headers accept-language de-DE,de;q=0.9 Referer https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma cache date Fri, 08 Jul 2022 15:39:45 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJvx3sbee7mcriq3FHXEBRkiis%2BkyuS9I7W4eT3LM4XxH4bdnuHvyy6SfQW5a1zVF%2FrSG8lDskcba4WvKrZBdRdKHecJjCfgEiNeacC7nMU%2BNKwzYRwutndmAlYVrGyS1eOjOJZslyfdm4jHAzE3EY4JOg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=60 cf-ray 7279ea1ab99c8397-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 08 Jul 2022 15:40:45 GMT
GET H3	200	r763819cc63cfd8 lucylovesresults.com/	7 KB 7 KB	219ms 218ms	Image image/png	2606:4700:3031::6815:4082 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lucylovesresults.com/r763819cc63cfd8 Requested by Host: lucylovesresults.com URL: https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4082 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `622cdddf9135812f42c5b6396df2b08c836819bb84d0bcd9e82e779d0a4ad469` Request headers accept-language de-DE,de;q=0.9 Referer https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma cache date Fri, 08 Jul 2022 15:39:45 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9NleHkNOcFKeDg%2F03%2BEYrRuJoGtH6nYH9XxWHoy06oT%2BD36%2FLvEDFgeczJCOzIyNMvk5R7g4mjvhEhS4nQuPYgwNzy%2F0%2Fn4gvfvpb7jgAlvJ0goRtwNpBwjb1DtUgjPLONhUWSgIC5Zk6sdpns1GagH4A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=60 cf-ray 7279ea1ad9e58397-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7022 expires Fri, 08 Jul 2022 15:40:45 GMT
GET H3	200	re4d74654a022bd lucylovesresults.com/	39 KB 40 KB	220ms 219ms	Image image/png	2606:4700:3031::6815:4082 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lucylovesresults.com/re4d74654a022bd Requested by Host: lucylovesresults.com URL: https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4082 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d3d6aefec9d4c8294072e8a246a45716badf57373b71990f6254b4c480245288` Request headers accept-language de-DE,de;q=0.9 Referer https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma cache date Fri, 08 Jul 2022 15:39:45 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihFBaZAJIRpeJ1J%2Bg1Tu6h2nrsC190cPl4u46lTEgBBhr3H1gMeCQIIIJL%2B1K7WW2yfMz0T7Y4HOac7j79P2b%2F1YOm93tjecIc0BojMO0urzcnHZvI6TYfJZxyiXKcyqtZ8MSFQdCeemlVfiY%2BBB%2FREiyg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=60 cf-ray 7279ea1ad9e78397-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 08 Jul 2022 15:40:45 GMT
GET H3	200	rac66aed713b200 lucylovesresults.com/	6 KB 6 KB	202ms 202ms	Image image/jpeg	2606:4700:3031::6815:4082 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lucylovesresults.com/rac66aed713b200 Requested by Host: lucylovesresults.com URL: https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4082 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4aed1efbbe0bb753684998625ef250fb40086fa7806930d159d80499a5aaf753` Request headers accept-language de-DE,de;q=0.9 Referer https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma cache date Fri, 08 Jul 2022 15:39:45 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsOO0NQ9Ma4ZZN4p3f1ri%2Btg0W06S8tV%2B%2Fz96%2BG9LBRzYT7%2FAxTyyVHtqOSg4wTmDFOtzKKN0uQ3uLfPWEIFjTGo52v5JjQAcHm0%2B5WWPXkou2w2JmvAOScpRDiDXhVkhr7Nq%2BbzPxaPEwfOUA1Lk13Ezw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=60 cf-ray 7279ea1ad9e88397-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5720 expires Fri, 08 Jul 2022 15:40:45 GMT
GET H3	200	r7b9ccb0140f7ed Show response lucylovesresults.com/	46 KB 17 KB	162ms 161ms	Script text/plain	2606:4700:3031::6815:4082 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lucylovesresults.com/r7b9ccb0140f7ed Requested by Host: lucylovesresults.com URL: https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4082 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `591c48a161f91ce005b11fa41df8645cff1859ae842c615dbcf929cd8ee108f8` Request headers accept-language de-DE,de;q=0.9 Referer https://lucylovesresults.com/?ref=aEScfMP2rwqlTkz&legitimation=zYa3Dq5n7IuGh1e&kunde=5SNn76p1bkdCE8s User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma cache date Fri, 08 Jul 2022 15:39:45 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3bd2CetV3fWpRs6XAhUEZuRpMGOnedqiVk6XHR41VCMQ6GqIbJrTr6cLClna%2B8w2Yn%2FUCZ6%2FZWnBMhvXMuVy8UcMQEmBpcCKHB4u1TmBAwybmjtRkNUd5My%2B9e4I1MZa28nbVAaBWT9ed6W3BUBUetiHw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=60 cf-ray 7279ea1a58828397-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 08 Jul 2022 15:40:45 GMT
GET H3	200	r8e99dd881e4422 lucylovesresults.com/	39 KB 39 KB	145ms 145ms	Font application/octet-stream	2606:4700:3031::6815:4082 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lucylovesresults.com/r8e99dd881e4422 Requested by Host: lucylovesresults.com URL: https://lucylovesresults.com/r2d4815bcfaa317 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4082 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a9ad5dac2a400c1fb324e09df57325568e98772618ff818ca5344b171c834aa2` Request headers Referer https://lucylovesresults.com/r2d4815bcfaa317 Origin https://lucylovesresults.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma cache date Fri, 08 Jul 2022 15:39:45 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMRUMK4w8Lussuy%2Ff%2BQvhrxdoOxspfhZNbglscKmsmRFiFUPnJoFph%2B8l1%2BgRMSLCz1zzqJrdcToGQJyCWxxYrm2CK87e7CtSXbmE1TcWn7dF8sorZ1iv9rXJ8yjhCvrqFI0BkIsWmLFU8nY%2FP374znwNg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=60 cf-ray 7279ea1b7b148397-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 08 Jul 2022 15:40:45 GMT
GET H3	200	r797d454584b5bf lucylovesresults.com/	48 KB 48 KB	159ms 158ms	Font application/octet-stream	2606:4700:3031::6815:4082 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lucylovesresults.com/r797d454584b5bf Requested by Host: lucylovesresults.com URL: https://lucylovesresults.com/r2d4815bcfaa317 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4082 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `56666c32c5c048a791e99fafef70d3791d6d5c6d350771ffbb4e2119df335f03` Request headers Referer https://lucylovesresults.com/r2d4815bcfaa317 Origin https://lucylovesresults.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma cache date Fri, 08 Jul 2022 15:39:46 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BwP1dkBvDWOaykQTNILa7n%2BJZt4iehBH%2FrCe990QxkyO0kD%2FvOTbnCgI1nU4ulUPbHyypQozqqbHe0%2FgG222SAc9gCEF%2BKGNePS0weXb9fFfTk136bCoLYWhi%2FFmSlp6Oj8kpXFf4PRkfyIQMJxNmOq7A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=60 cf-ray 7279ea20edc48397-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 08 Jul 2022 15:40:46 GMT
GET H3	200	r89024329215a86 lucylovesresults.com/	39 KB 39 KB	149ms 148ms	Font application/octet-stream	2606:4700:3031::6815:4082 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lucylovesresults.com/r89024329215a86 Requested by Host: lucylovesresults.com URL: https://lucylovesresults.com/r2d4815bcfaa317 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4082 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3a096177fdb67dc609921050caec415a389d683674be529f2ba91f6e5514638` Request headers Referer https://lucylovesresults.com/r2d4815bcfaa317 Origin https://lucylovesresults.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma cache date Fri, 08 Jul 2022 15:39:46 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aw6iA2j1Fu35gCLBnxCsjK0a%2FIK2Pe9bGmkAZLYMQQHyJcoWu0JHLv7E5EbJZioDX33VmDwtHo1PmlvIXN2q4iBlFQZTpkopGIYwUQNelosw16tpyd663VdyGVThrqAvCytuFyMasgZeTK2iDuZaaBPpZA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=60 cf-ray 7279ea20edc78397-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 08 Jul 2022 15:40:46 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lucylovesresults.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2p2glvn82c6vu8nme1n1qf3l12

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lucylovesresults.com
2606:4700:3031::6815:4082
4aed1efbbe0bb753684998625ef250fb40086fa7806930d159d80499a5aaf753
56666c32c5c048a791e99fafef70d3791d6d5c6d350771ffbb4e2119df335f03
591c48a161f91ce005b11fa41df8645cff1859ae842c615dbcf929cd8ee108f8
622cdddf9135812f42c5b6396df2b08c836819bb84d0bcd9e82e779d0a4ad469
74bcd86bc937c41e4045ef2a14f6619ffc828ceeca96e7c1946330c34abba648
8d99b7c0cbc7382fe0e836bc295f09fee177f6c39a16ad6e0baf8f1519f948a1
a9ad5dac2a400c1fb324e09df57325568e98772618ff818ca5344b171c834aa2
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b528de82bea9495187fdbab92badb730e0f266eed30662f94095b4b15b1051b0
d3d6aefec9d4c8294072e8a246a45716badf57373b71990f6254b4c480245288
e3a096177fdb67dc609921050caec415a389d683674be529f2ba91f6e5514638

lucylovesresults.com Open in urlscan Pro 2606:4700:3031::6815:4082 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

286 kBTransfer

617 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

1 Cookies

Indicators

lucylovesresults.com Open in urlscan Pro
2606:4700:3031::6815:4082 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

286 kB
Transfer

617 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!