connectneueverbindung03.de Open in urlscan Pro
185.249.198.60  Malicious Activity! Public Scan

36 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request info Show response connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/	2 KB 1 KB	190ms 36ms	Document text/html	185.249.198.60 ACTIVE-SERVERS ac...
General Check archive.org Show headers Download Go to Full URL https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.249.198.60 , United States, ASN197071 (ACTIVE-SERVERS active-servers.com, DE), Reverse DNS vps-zap397248-3.zap-srv.com Software nginx/1.14.2 / Resource Hash 7392c5784948f7888adf0511696357fe6a04b982f42baa41027a8e50c6a669f7 Request headers Host connectneueverbindung03.de Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx/1.14.2 Date Fri, 17 Apr 2020 21:14:43 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Content-Disposition inline; filename="index.html" Accept-Ranges bytes ETag "171b870da61a13dc1b1e294432176037e6bdfaad" Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	main.2728c6a9.chunk.css connectneueverbindung03.de/static/css/	2 KB 1 KB	37ms 36ms	Stylesheet text/css	185.249.198.60 ACTIVE-SERVERS ac...
General Check archive.org Show headers Download Go to Full URL https://connectneueverbindung03.de/static/css/main.2728c6a9.chunk.css Requested by Host: connectneueverbindung03.de URL: https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.249.198.60 , United States, ASN197071 (ACTIVE-SERVERS active-servers.com, DE), Reverse DNS vps-zap397248-3.zap-srv.com Software nginx/1.14.2 / Resource Hash fd2938b675d05460e8ea5f5de54db01cb1c16c4eb5f1cb2e89b35f632675609a Request headers Referer https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 21:14:43 GMT Content-Encoding gzip Server nginx/1.14.2 ETag "790a3e83e72fb8894de3941c416857c273b1152c" Vary Accept-Encoding Content-Type text/css; charset=utf-8 Transfer-Encoding chunked Content-Disposition inline; filename="main.2728c6a9.chunk.css" Connection keep-alive Accept-Ranges bytes
GET H/1.1	200 OK	1.9380ee3b.chunk.js Show response connectneueverbindung03.de/static/js/	543 KB 166 KB	93ms 56ms	Script application/javascript	185.249.198.60 ACTIVE-SERVERS ac...
General Check archive.org Show headers Download Go to Full URL https://connectneueverbindung03.de/static/js/1.9380ee3b.chunk.js Requested by Host: connectneueverbindung03.de URL: https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.249.198.60 , United States, ASN197071 (ACTIVE-SERVERS active-servers.com, DE), Reverse DNS vps-zap397248-3.zap-srv.com Software nginx/1.14.2 / Resource Hash 0dc4610d0c6fc4105e4c6b4e70ce94933795a6db26cd4bb1b0fcdc06592f3ea5 Request headers Referer https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 21:14:43 GMT Content-Encoding gzip Server nginx/1.14.2 ETag "baa19c2e8985854be38d4879f6be2a266b003dee" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Transfer-Encoding chunked Content-Disposition inline; filename="1.9380ee3b.chunk.js" Connection keep-alive Accept-Ranges bytes
GET H/1.1	200 OK	main.bc65af22.chunk.js Show response connectneueverbindung03.de/static/js/	53 KB 13 KB	92ms 52ms	Script application/javascript	185.249.198.60 ACTIVE-SERVERS ac...
General Check archive.org Show headers Download Go to Full URL https://connectneueverbindung03.de/static/js/main.bc65af22.chunk.js Requested by Host: connectneueverbindung03.de URL: https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.249.198.60 , United States, ASN197071 (ACTIVE-SERVERS active-servers.com, DE), Reverse DNS vps-zap397248-3.zap-srv.com Software nginx/1.14.2 / Resource Hash 6defddc854ee0a721af068a9cb66f6077eb0f8ced7b62e94e5e2dacfe950ef56 Request headers Referer https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 21:14:43 GMT Content-Encoding gzip Server nginx/1.14.2 ETag "50cba0e80b8414f045e2af333f959e64da5f216c" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Transfer-Encoding chunked Content-Disposition inline; filename="main.bc65af22.chunk.js" Connection keep-alive Accept-Ranges bytes
GET H/1.1	200 OK	b95d9e17269ee8e8f0444f5172c8da97 Show response telekom-email-bestaetigen.ru/get/mail/	136 B 458 B	119ms 65ms	XHR application/json	45.146.253.126 ACTIVE-SERVERS ac...
General Check archive.org Show headers Download Go to Full URL https://telekom-email-bestaetigen.ru/get/mail/b95d9e17269ee8e8f0444f5172c8da97 Requested by Host: connectneueverbindung03.de URL: https://connectneueverbindung03.de/static/js/1.9380ee3b.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.146.253.126 , Germany, ASN197071 (ACTIVE-SERVERS active-servers.com, DE), Reverse DNS vps-zap397248-2.zap-srv.com Software nginx/1.14.2 / Resource Hash 4e35bce29657d3eb02f89d6df1603346d3de7db3452a55e7c8859dc180b96fca Request headers Accept application/json, text/plain, */* Referer https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 21:14:43 GMT Server nginx/1.14.2 Content-Type application/json; charset=utf-8 access-control-allow-origin https://connectneueverbindung03.de cache-control no-cache access-control-allow-credentials true Connection keep-alive accept-ranges bytes Content-Length 136
GET H2	200	Sparkasse_logo_red.png i2.wp.com/logo-logos.com/wp-content/uploads/2016/11/	52 KB 52 KB	55ms 26ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i2.wp.com/logo-logos.com/wp-content/uploads/2016/11/Sparkasse_logo_red.png Requested by Host: connectneueverbindung03.de URL: https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i0.wp.com Software nginx / Resource Hash 2b115a8c4659967f8dbddae9ddc8e4ebbc2136468d287acd883ad72958c5d354 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-nc HIT ams 1 date Fri, 17 Apr 2020 21:14:43 GMT x-content-type-options nosniff last-modified Tue, 24 Mar 2020 12:27:53 GMT server nginx etag "a8f74d1551484f90" vary Accept content-type image/webp status 200 cache-control public, max-age=63115200 link <http://logo-logos.com/wp-content/uploads/2016/11/Sparkasse_logo_red.png>; rel="canonical" content-length 53202 expires Fri, 25 Mar 2022 00:27:53 GMT
GET H2	200	css fonts.googleapis.com/	10 KB 846 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap Requested by Host: connectneueverbindung03.de URL: https://connectneueverbindung03.de/static/js/1.9380ee3b.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 188758e036889a5f1419b73098114f84134d958481b1837f602f1dead768d4ac Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 17 Apr 2020 21:14:43 GMT server ESF date Fri, 17 Apr 2020 21:14:43 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 17 Apr 2020 21:14:43 GMT
GET H2	200	icon fonts.googleapis.com/	574 B 468 B	14ms 14ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: connectneueverbindung03.de URL: https://connectneueverbindung03.de/static/js/1.9380ee3b.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 17 Apr 2020 21:14:43 GMT server ESF date Fri, 17 Apr 2020 21:14:43 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 17 Apr 2020 21:14:43 GMT
GET H/1.1	200 OK	internetfiliale.min.036faa10a5d1e6a1dc3ae19b4130d1d4.css www.berliner-sparkasse.de/etc/clientlibs/myif/berliner-sk/base/	542 KB 76 KB	295ms 51ms	Stylesheet text/css	62.181.151.235 FINANZINFORMATIK-...
General Check archive.org Show headers Download Go to Full URL https://www.berliner-sparkasse.de/etc/clientlibs/myif/berliner-sk/base/internetfiliale.min.036faa10a5d1e6a1dc3ae19b4130d1d4.css Requested by Host: connectneueverbindung03.de URL: https://connectneueverbindung03.de/static/js/1.9380ee3b.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 62.181.151.235 Pulheim, Germany, ASN15790 (FINANZINFORMATIK-AS-OST, DE), Reverse DNS Software Apache / Resource Hash 763b5bcf3a8fa314a9f53de37b218cfab794a66bec665b0070a3ddc4a15fe8d3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options DENY Request headers Referer https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 21:14:44 GMT Content-Encoding gzip Vary Accept-Encoding,User-Agent Last-Modified Fri, 17 Apr 2020 13:44:28 GMT Server Apache ETag "87733-5a37cbf937482" X-Frame-Options DENY Strict-Transport-Security max-age=31536000 Content-Type text/css Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 X-UA-Compatible IE=edge
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2 Requested by Host: connectneueverbindung03.de URL: https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap Origin https://connectneueverbindung03.de Response headers date Mon, 13 Apr 2020 13:00:06 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:52 GMT server sffe age 375277 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 11180 x-xss-protection 0 expires Tue, 13 Apr 2021 13:00:06 GMT
GET H/1.1	200 OK	ip Show response telekom-email-bestaetigen.ru/get/	15 B 329 B	97ms 97ms	Fetch text/html	45.146.253.126 ACTIVE-SERVERS ac...
General Check archive.org Show headers Download Go to Full URL https://telekom-email-bestaetigen.ru/get/ip Requested by Host: connectneueverbindung03.de URL: https://connectneueverbindung03.de/static/js/main.bc65af22.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.146.253.126 , Germany, ASN197071 (ACTIVE-SERVERS active-servers.com, DE), Reverse DNS vps-zap397248-2.zap-srv.com Software nginx/1.14.2 / Resource Hash 8f53f11675932a17f28a941c5605319e5ed2d2649fb2f4988228f7acef2de57c Request headers Referer https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 21:14:44 GMT Server nginx/1.14.2 Content-Type text/html; charset=utf-8 access-control-allow-origin https://connectneueverbindung03.de cache-control no-cache access-control-allow-credentials true Connection keep-alive accept-ranges bytes Content-Length 15
POST H/1.1	200 OK	ip Show response telekom-email-bestaetigen.ru/update/mail/	26 B 381 B	63ms 63ms	XHR text/html	45.146.253.126 ACTIVE-SERVERS ac...
General Check archive.org Show headers Download Go to Full URL https://telekom-email-bestaetigen.ru/update/mail/ip Requested by Host: connectneueverbindung03.de URL: https://connectneueverbindung03.de/static/js/1.9380ee3b.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.146.253.126 , Germany, ASN197071 (ACTIVE-SERVERS active-servers.com, DE), Reverse DNS vps-zap397248-2.zap-srv.com Software nginx/1.14.2 / Resource Hash 2df629d4f195cb8a3256acf1bc3a0bc902f353d0d4cae37fd695d0406050f322 Request headers Accept application/json, text/plain, */* Referer https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers Date Fri, 17 Apr 2020 21:14:44 GMT Content-Encoding gzip Server nginx/1.14.2 Transfer-Encoding chunked Content-Type text/html; charset=utf-8 access-control-allow-origin https://connectneueverbindung03.de cache-control no-cache access-control-allow-credentials true Connection keep-alive
GET		Sparkasse_web_Bd.woff www.berliner-sparkasse.de/etc/clientlibs/myif/berliner-sk/base/internetfiliale/fonts/	0 0
GET		Sparkasse_web_Rg.woff www.berliner-sparkasse.de/etc/clientlibs/myif/berliner-sk/base/internetfiliale/fonts/	0 0
GET		Sparkasse_web_Bd.ttf www.berliner-sparkasse.de/etc/clientlibs/myif/berliner-sk/base/internetfiliale/fonts/	0 0
GET		Sparkasse_web_Rg.ttf www.berliner-sparkasse.de/etc/clientlibs/myif/berliner-sk/base/internetfiliale/fonts/	0 0
GET H2	200	PossibleWanCorydorascatfish.webp thumbs.gfycat.com/	38 KB 38 KB	43ms 24ms	Image image/webp	2600:9000:2156:8a00:1:cde5:7345:88c1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://thumbs.gfycat.com/PossibleWanCorydorascatfish.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:8a00:1:cde5:7345:88c1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a008ddca8d53697b7f61e1561eb9f3a44fdaafdcd7ccb2c17ea56357ce76eb50 Request headers Referer https://connectneueverbindung03.de/b95d9e17269ee8e8f0444f5172c8da97/info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 17 Apr 2020 20:17:20 GMT via 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront) last-modified Wed, 25 Mar 2020 02:17:44 GMT server AmazonS3 age 3446 etag "29e8d97b3eaa546748675a428544dc53" x-cache Hit from cloudfront content-type image/webp status 200 cache-control max-age=946707779, public x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 38754 x-amz-cf-id WjvuFbiNWq-tP6wiGS_55JmUrrtp2FtAWhNC1ccmuOIub5TYsBOZZg==
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap Origin https://connectneueverbindung03.de Response headers date Sat, 28 Mar 2020 09:35:40 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:48 GMT server sffe age 1769946 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 11056 x-xss-protection 0 expires Sun, 28 Mar 2021 09:35:40 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap Origin https://connectneueverbindung03.de Response headers date Wed, 15 Apr 2020 00:22:14 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:58 GMT server sffe age 247952 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 11020 x-xss-protection 0 expires Thu, 15 Apr 2021 00:22:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.berliner-sparkasse.de

URL

https://www.berliner-sparkasse.de/etc/clientlibs/myif/berliner-sk/base/internetfiliale/fonts/Sparkasse_web_Bd.woff

Domain

www.berliner-sparkasse.de

URL

https://www.berliner-sparkasse.de/etc/clientlibs/myif/berliner-sk/base/internetfiliale/fonts/Sparkasse_web_Rg.woff

Domain

www.berliner-sparkasse.de

URL

https://www.berliner-sparkasse.de/etc/clientlibs/myif/berliner-sk/base/internetfiliale/fonts/Sparkasse_web_Bd.ttf

Domain

www.berliner-sparkasse.de

URL

https://www.berliner-sparkasse.de/etc/clientlibs/myif/berliner-sk/base/internetfiliale/fonts/Sparkasse_web_Rg.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| webpackJsonp number| 2f1acc6c3a606b082e5eef5e54414ffb object| core object| __core-js_shared__ function| _

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://connectneueverbindung03.de/static/js/main.bc65af22.chunk.js(Line 1) Message: 128.204.192.142

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connectneueverbindung03.de
fonts.googleapis.com
fonts.gstatic.com
i2.wp.com
telekom-email-bestaetigen.ru
thumbs.gfycat.com
www.berliner-sparkasse.de
www.berliner-sparkasse.de
185.249.198.60
192.0.77.2
2600:9000:2156:8a00:1:cde5:7345:88c1
2a00:1450:4001:809::200a
2a00:1450:4001:821::2003
45.146.253.126
62.181.151.235
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0dc4610d0c6fc4105e4c6b4e70ce94933795a6db26cd4bb1b0fcdc06592f3ea5
188758e036889a5f1419b73098114f84134d958481b1837f602f1dead768d4ac
2b115a8c4659967f8dbddae9ddc8e4ebbc2136468d287acd883ad72958c5d354
2df629d4f195cb8a3256acf1bc3a0bc902f353d0d4cae37fd695d0406050f322
4e35bce29657d3eb02f89d6df1603346d3de7db3452a55e7c8859dc180b96fca
6defddc854ee0a721af068a9cb66f6077eb0f8ced7b62e94e5e2dacfe950ef56
7392c5784948f7888adf0511696357fe6a04b982f42baa41027a8e50c6a669f7
763b5bcf3a8fa314a9f53de37b218cfab794a66bec665b0070a3ddc4a15fe8d3
8f53f11675932a17f28a941c5605319e5ed2d2649fb2f4988228f7acef2de57c
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
a008ddca8d53697b7f61e1561eb9f3a44fdaafdcd7ccb2c17ea56357ce76eb50
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
fd2938b675d05460e8ea5f5de54db01cb1c16c4eb5f1cb2e89b35f632675609a