zwergerlzeit.com Open in urlscan Pro
5.161.107.22 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cometabooks.com/google.php
Effective URL:
https://zwergerlzeit.com/a/e/clients/blz.php?verification
Submission: On May 06 via automatic, source phishtank (May 6th 2024, 5:22:44 pm UTC) — Scanned from DE

Summary HTTP 4 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 5.161.107.22, located in United States and belongs to HETZNER-CLOUD2-AS, DE. The main domain is zwergerlzeit.com.
TLS certificate: Issued by R3 on May 6th 2024. Valid for: 3 months.

This is the only time zwergerlzeit.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2	81.93.64.41 81.93.64.41	25144 (TELEKOM-S...) (TELEKOM-SRPSKE-AS Vuka Karadzica 2)
2 4	5.161.107.22 5.161.107.22	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
4	3

2 81.93.64.41 (Banja Luka, Bosnia & Herzegovina)

ASN25144 (TELEKOM-SRPSKE-AS Vuka Karadzica 2, BA)
PTR: cplin41.teol.net

cometabooks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.161.107.22 (United States) 2 redirects

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.22.107.161.5.clients.your-server.de

zwergerlzeit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	zwergerlzeit.com 2 redirects zwergerlzeit.com	901 KB
2	cometabooks.com cometabooks.com	682 B
4	2

	Domain	Requested by
4	zwergerlzeit.com	2 redirects zwergerlzeit.com
2	cometabooks.com
4	2

This site contains links to these domains. Also see Links.

Domain
www.berliner-sparkasse.de

Subject Issuer	Validity	Valid
cometabooks.com R3	`2024-03-11` - `2024-06-09`	3 months	crt.sh
zwergerlzeit.com R3	`2024-05-06` - `2024-08-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://zwergerlzeit.com/a/e/clients/blz.php?verification
Frame ID: 158558F367E2A17CCC6F3AE56FCE9C09
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Online-Banking

Page URL History Show full URLs

https://cometabooks.com/google.php Page URL
https://zwergerlzeit.com/a HTTP 301
https://zwergerlzeit.com/a/ Page URL
https://zwergerlzeit.com/a/e/index.php?pwd=M29juchv7 HTTP 302
https://zwergerlzeit.com/a/e/clients/blz.php?verification Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1230 kB
Transfer

4140 kB
Size

1
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://www.berliner-sparkasse.de/de/home.html?n=true&stref=logo

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/beratung.html?n=true&stref=hnav
Title: Beratung

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/service.html?n=true&stref=hnav
Title: Service-Center

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/online-mobile-banking.html?n=true&stref=hnav
Title: Online- und Mobile-Banking

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/online-mobile-banking/pushtan.html?n=true&stref=hnav
Title: pushTAN-Verfahren

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/online-mobile-banking/s-app.html?n=true&stref=hnav
Title: App Sparkasse

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/online-mobile-banking/apps-im-ueberblick.html?n=true&stref=hnav
Title: Apps im Überblick

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/online-mobile-banking/hilfe.html?n=true&stref=hnav
Title: Hilfe

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/online-mobile-banking/sicherheit-im-internet.html?n=true&stref=hnav
Title: Sicherheit im Internet

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/online-mobile-banking/giropay.html?n=true&stref=hnav
Title: giropay

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/online-mobile-banking/telefon-banking.html?n=true&stref=hnav
Title: Telefon-Banking

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/girokonto.html?n=true&stref=hnav
Title: Girokonto

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/girokonto/girokonto-online.html?n=true&stref=hnav
Title: Giro Digital

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/girokonto/girokonto-online/banking.html?n=true&stref=hnav
Title: Banking

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/girokonto/girokonto-komfort.html?n=true&stref=hnav
Title: Giro Individual

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/girokonto/girokonto-classic.html?n=true&stref=hnav
Title: Giro Pauschal

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/girokonto/junges-konto.html?n=true&stref=hnav
Title: Junges Konto

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/girokonto/startkonto.html?n=true&stref=hnav
Title: Startkonto

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/girokonto/sparkassencard.html?n=true&stref=hnav
Title: Sparkassen-Card (Debitkarte)

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/girokonto/girokonto-basis.html?n=true&stref=hnav
Title: Basiskonto

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/girokonto/finanzplaner.html?n=true&stref=hnav
Title: Finanzplaner

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/kreditkarte.html?n=true&stref=hnav
Title: Kartenprodukte

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/kreditkarte/visa-card.html?n=true&stref=hnav
Title: Visa Card (Kreditkarte)

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/kreditkarte/visa-card-gold.html?n=true&stref=hnav
Title: Visa Card Gold (Kreditkarte)

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/kreditkarte/visa-basis.html?n=true&stref=hnav
Title: Visa Card Basis (Debitkarte)

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/kreditkarte/sparkassencard.html?n=true&stref=hnav
Title: Sparkassen-Card (Debitkarte)

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/kredite-und-finanzierungen.html?n=true&stref=hnav
Title: Kredite und Finanzierungen

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/kredite-und-finanzierungen/ratenkredit-aus-kontoumsaetzen-skp.html?n=true&stref=hnav
Title: Ratenkredit aus Kontoumsätzen

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/kredite-und-finanzierungen/sparkassen-privatkredit.html?n=true&stref=hnav
Title: S-Privatkredit

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/kredite-und-finanzierungen/sparkassen-autokredit.html?n=true&stref=hnav
Title: S-Autokredit

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/kredite-und-finanzierungen/baufinanzierung.html?n=true&stref=hnav
Title: Immobilienfinanzierung

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/kredite-und-finanzierungen/privatkredit-fuer-eigentuemer.html?n=true&stref=hnav
Title: S-Privatkredit Plus für Eigentümer

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/kredite-und-finanzierungen/dispositionskredit.html?n=true&stref=hnav
Title: Dispositionskredit

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/kredite-und-finanzierungen/studienkredit.html?n=true&stref=hnav
Title: Studienkredit

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/sparen-und-anlegen.html?n=true&stref=hnav
Title: Sparen und Anlegen

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/sparen-und-anlegen/tagesgeld.html?n=true&stref=hnav
Title: Tagesgeldkonto

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/sparen-und-anlegen/deka-fondssparplan.html?n=true&stref=hnav
Title: Deka-FondsSparplan

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/sparen-und-anlegen/plussparen.html?n=true&stref=hnav
Title: Plussparen

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/sparen-und-anlegen/ps-lotterie-sparen.html?n=true&stref=hnav
Title: PS-Sparen und Gewinnen

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/sparen-und-anlegen/festgeld.html?n=true&stref=hnav
Title: Festzinssparen

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/sparen-und-anlegen/vl-sparen.html?n=true&stref=hnav
Title: VL-Sparen

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/sparen-und-anlegen/solit-edelmetalldepot-tarif-s.html?n=true&stref=hnav
Title: SOLIT Edelmetalldepot Tarif S

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/sparen-und-anlegen/mietkaution.html?n=true&stref=hnav
Title: Mietkaution

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/wertpapiere-und-boerse.html?n=true&stref=hnav
Title: Wertpapiere und Depots

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/wertpapiere-und-boerse/fonds-finder.html?n=true&stref=hnav
Title: Fonds-Finder

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/wertpapiere-und-boerse/fonds-der-dekabank.html?n=true&stref=hnav
Title: Fonds der DekaBank

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/wertpapiere-und-boerse/zertifikate-der-dekabank.html?n=true&stref=hnav
Title: Zertifikate-Angebot der DekaBank

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/wertpapiere-und-boerse/nachhaltige-geldanlage.html?n=true&stref=hnav
Title: Nachhaltige Geldanlage

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/wertpapiere-und-boerse/depotmodelle.html?n=true&stref=hnav
Title: Depotmodelle

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/wertpapiere-und-boerse/produkte-und-angebote.html?n=true&stref=hnav
Title: Produkte und Angebote

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/wertpapiere-und-boerse/deka-investments.html?n=true&stref=hnav
Title: Deka Investments

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/wertpapiere-und-boerse/boersencenter.html?n=true&stref=hnav
Title: BörsenCenter

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/wertpapiere-und-boerse/bevestor.html?n=true&stref=hnav
Title: bevestor

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/altersvorsorge.html?n=true&stref=hnav
Title: Sparkassen-Altersvorsorge

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/altersvorsorge/private-rentenversicherung-vk.html?n=true&stref=hnav
Title: Private Rentenversicherung

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/altersvorsorge/juniorrente-vk.html?n=true&stref=hnav
Title: JuniorRente

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/altersvorsorge/betriebliche-altersversorgung.html?n=true&stref=hnav
Title: Betriebliche Altersversorgung

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/altersvorsorge/ratgeber.html?n=true&stref=hnav
Title: Ratgeber Altersvorsorge

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/altersvorsorge/ratgeber-erben-vererben.html?n=true&stref=hnav
Title: Ratgeber Erben & Vererben

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/altersvorsorge/rentenrechner.html?n=true&stref=hnav
Title: Rentenrechner

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/altersvorsorge/basisrente-vk.html?n=true&stref=hnav
Title: BasisRente (Rürup-Rente)

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/versicherungen.html?n=true&stref=hnav
Title: Versicherungen

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/versicherungen/bauherren-rechtsschutz.html?n=true&stref=hnav
Title: Bauherren-Rechtsschutz

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/versicherungen/einkommenssicherung_vk.html?n=true&stref=hnav
Title: EinkommensSicherung (Berufsunfähigkeitsversicherung)

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/versicherungen/haftpflichtversicherung.html?n=true&stref=hnav
Title: Haftpflichtversicherung

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/versicherungen/hausratversicherung.html?n=true&stref=hnav
Title: Hausratversicherung

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/versicherungen/geraeteschutz.html?n=true&stref=hnav
Title: S-Geräteschutz

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/versicherungen/s-gesundheits-schutz-plus-ukv-xhtml.html?n=true&stref=hnav
Title: S-Gesundheits-Schutz

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/versicherungen/s-mietwagenschutz.html?n=true&stref=hnav
Title: S-Mietwagenschutz

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/versicherungen/unfallversicherung.html?n=true&stref=hnav
Title: Unfallversicherung

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/versicherungen/rechtsschutzversicherung.html?n=true&stref=hnav
Title: Rechtsschutzversicherung

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/versicherungen/reise-ruecktrittsversicherung.html?n=true&stref=hnav
Title: Reise-Rücktrittversicherung

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/versicherungen/schliessfachversicherung.html?n=true&stref=hnav
Title: Schließfachversicherung

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/versicherungen/versicherungs-check.html?n=true&stref=hnav
Title: Versicherungs-Check

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/versicherungen/versicherungsmanager.html?n=true&stref=hnav
Title: S-Versicherungsmanager

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/immobilien.html?n=true&stref=hnav
Title: Immobilien

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/immobilien/topimmobilien.html?n=true&stref=hnav
Title: Topimmobilien

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/immobilien/immobiliencenter.html?n=true&stref=hnav
Title: ImmobilienCenter

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/immobilien/energiesparaktion.html?n=true&stref=hnav
Title: Energiesparaktion

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/immobilien/ratgeber.html?n=true&stref=hnav
Title: Ratgeber Immobilien

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/immobilien/preisfinder.html?n=true&stref=hnav
Title: Immobilienbewertung

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/immobilien/eigentuemer.html?n=true&stref=hnav
Title: Angebote für Eigentümer

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/lbs-bausparen.html?n=true&stref=hnav
Title: LBS-Bausparen

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/lbs-bausparen/magazin.html?n=true&stref=hnav
Title: Magazin WohnRaum

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/lbs-bausparen/eigenkapital-aufbauen.html?n=true&stref=hnav
Title: Eigenkapital für den Immobilienwunsch

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/lbs-bausparen/immobilie-finanzieren.html?n=true&stref=hnav
Title: Bausparen als Finanzierungsstrategie

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/lbs-bausparen/junge-leute.html?n=true&stref=hnav
Title: Bausparen für junge Leute

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/lbs-bausparen/anschlussfinanzierung.html?n=true&stref=hnav
Title: Anschlussfinanzierung mit LBS-Bausparen

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/sparkassen-finanzkonzept.html?n=true&stref=hnav
Title: Sparkassen-Finanzkonzept

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/angebote-fuer-junge-kunden.html?n=true&stref=hnav
Title: Angebote für junge Kunden

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/privatkunden/produktflyer.html?n=true&stref=hnav
Title: Produkt- und Service-Flyer

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/ratgeber/ratgeber-privatkunden.html?n=true&stref=hnav
Title: Übersicht

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/ratgeber/junges-magazin.html?n=true&stref=hnav
Title: Ratgeber Junge Kunden

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/ratgeber/ratgeber-altersvorsorge.html?n=true&stref=hnav
Title: Ratgeber Altersvorsorge

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/ratgeber/ratgeber-geldanlage.html?n=true&stref=hnav
Title: Ratgeber Geldanlage

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/ratgeber/ratgeber-versicherungen.html?n=true&stref=hnav
Title: Ratgeber Absicherung

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/ratgeber/ratgeber-immobilien.html?n=true&stref=hnav
Title: Ratgeber Immobilien

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/ratgeber/ratgeber-erben-und-vererben.html?n=true&stref=hnav
Title: Ratgeber Erben & Vererben

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/ratgeber/ratgeber-firmenkunden.html?n=true&stref=hnav
Title: Ratgeber Firmenkunden

Search URL Search Domain Scan URL

URL: https://www.berliner-sparkasse.de/de/home/ratgeber/oft-gefragt.html?n=true&stref=hnav
Title: Oft gefragt

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cometabooks.com/google.php Page URL
https://zwergerlzeit.com/a HTTP 301
https://zwergerlzeit.com/a/ Page URL
https://zwergerlzeit.com/a/e/index.php?pwd=M29juchv7 HTTP 302
https://zwergerlzeit.com/a/e/clients/blz.php?verification Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://zwergerlzeit.com/a HTTP 301
https://zwergerlzeit.com/a/

4 HTTP transactions
14 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	google.php Show response cometabooks.com/	70 B 181 B	1056ms 907ms	Document text/html	81.93.64.41 TELEKOM-SRPSKE-AS...
General Check archive.org Show headers Download Go to Full URL https://cometabooks.com/google.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 81.93.64.41 Banja Luka, Bosnia & Herzegovina, ASN25144 (TELEKOM-SRPSKE-AS Vuka Karadzica 2, BA), Reverse DNS cplin41.teol.net Software nginx / PHP/8.3.6 PleskLin Resource Hash `9da8e3f5c42dfa25d70c531cce5a1d78926363beedb095256be344afbd4dd90a` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding br content-type text/html; charset=UTF-8 date Mon, 06 May 2024 17:22:39 GMT server nginx x-powered-by PHP/8.3.6 PleskLin
GET H2	200	/ zwergerlzeit.com/a/ Redirect Chain https://zwergerlzeit.com/a https://zwergerlzeit.com/a/	69 B 354 B	635ms 635ms	Document text/html	5.161.107.22 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://zwergerlzeit.com/a/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.161.107.22 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.22.107.161.5.clients.your-server.de Software nginx / PHP/7.4.33 PleskLin Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://cometabooks.com/google.php Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 83 content-type text/html; charset=UTF-8 date Mon, 06 May 2024 17:22:40 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx vary Accept-Encoding x-powered-by PHP/7.4.33 PleskLin Redirect headers content-length 302 content-type text/html; charset=iso-8859-1 date Mon, 06 May 2024 17:22:40 GMT location https://zwergerlzeit.com/a/ server nginx x-powered-by PleskLin
GET H2	404	favicon.ico cometabooks.com/	808 B 501 B	81ms 80ms	Other text/html	81.93.64.41 TELEKOM-SRPSKE-AS...
General Check archive.org Show headers Download Go to Full URL https://cometabooks.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 81.93.64.41 Banja Luka, Bosnia & Herzegovina, ASN25144 (TELEKOM-SRPSKE-AS Vuka Karadzica 2, BA), Reverse DNS cplin41.teol.net Software nginx / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cometabooks.com/google.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 17:22:39 GMT content-encoding br last-modified Thu, 07 Mar 2024 11:35:58 GMT server nginx etag W/"328-613107aa4f94d" content-type text/html
GET H2	200	Primary Request blz.php Show response zwergerlzeit.com/a/e/clients/ Redirect Chain https://zwergerlzeit.com/a/e/index.php?pwd=M29juchv7 https://zwergerlzeit.com/a/e/clients/blz.php?verification	3 MB 901 KB	679ms 679ms	Document text/html	5.161.107.22 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://zwergerlzeit.com/a/e/clients/blz.php?verification Requested by Host: zwergerlzeit.com URL: https://zwergerlzeit.com/a/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.161.107.22 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.22.107.161.5.clients.your-server.de Software nginx / PHP/7.4.33 PleskLin Resource Hash `e50e7e8b211c7eafbf457a490ab9cd673658c6d2a748a8c1d45206d7e68bb8f5` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://zwergerlzeit.com/a/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 06 May 2024 17:22:42 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx vary Accept-Encoding x-powered-by PHP/7.4.33 PleskLin Redirect headers cache-control no-store, no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Mon, 06 May 2024 17:22:41 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location clients/blz.php?verification#_ pragma no-cache server nginx x-powered-by PHP/7.4.33 PleskLin
GET DATA	200 OK	truncated /	24 KB 24 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `43a2c75ca73d8c1101ff7ae617e6dbc6934e8aa1cd72d64ce50908ac297156cb` Request headers Referer Origin https://zwergerlzeit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	82 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `98bf41236892c0559550c8ca87c4c25687f4457f7bb09aa0a4d41685b5ea5375` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `92a47005456ffc3265cfb02b76cfb77edf109347cd59ef3c755aec4ffd4e8e85` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	6 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3edc58dd505c594baa6bd39f1641072b5a072f16410c6d0c4bf65df2cdb1d356` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	976 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	25 KB 25 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `9ae3f33664fc3b273913900b81d8812d5a6a3c098b86d93d1f0ec54259d9441d` Request headers Referer Origin https://zwergerlzeit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	205 KB 205 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b8c33d420736e01e78f10be083cb31134439ea40fb1b89b95576518a85627db5` Request headers Referer Origin https://zwergerlzeit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	24 KB 24 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0d764d392e1685a777c2740c836285ddf29fc29f29b63c19546baf104c2de3d5` Request headers Referer Origin https://zwergerlzeit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	25 KB 25 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7b2888ded6c1e95affe8813aaba8fbcd060d774451c10afa71227616e9af159f` Request headers Referer Origin https://zwergerlzeit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	25 KB 25 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `addffd48c2bb1fe1e4409899c79d5b2beca7d72c4d80575401091f09ab0eae52` Request headers Referer Origin https://zwergerlzeit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	164 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `25f042d00f4ce4bcff027d7b7e5c3874e48de1393b3c6172f4775b4ced48c3bc` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	39 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `2383da7a90fb1dbc4bf4b2149a8aba7f31cbbfce942f739de2dd4a7771671d22` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	83 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d86fa09a2f9764c54486f84bb248963c9f074897cc923b794dbad6c661ddff10` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	45 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| savepage_ShadowLoader

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			zwergerlzeit.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: bophms3eogi98o1f1j731pgs4v

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cometabooks.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cometabooks.com
zwergerlzeit.com
5.161.107.22
81.93.64.41
0d764d392e1685a777c2740c836285ddf29fc29f29b63c19546baf104c2de3d5
2383da7a90fb1dbc4bf4b2149a8aba7f31cbbfce942f739de2dd4a7771671d22
25f042d00f4ce4bcff027d7b7e5c3874e48de1393b3c6172f4775b4ced48c3bc
3edc58dd505c594baa6bd39f1641072b5a072f16410c6d0c4bf65df2cdb1d356
43a2c75ca73d8c1101ff7ae617e6dbc6934e8aa1cd72d64ce50908ac297156cb
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
7b2888ded6c1e95affe8813aaba8fbcd060d774451c10afa71227616e9af159f
92a47005456ffc3265cfb02b76cfb77edf109347cd59ef3c755aec4ffd4e8e85
98bf41236892c0559550c8ca87c4c25687f4457f7bb09aa0a4d41685b5ea5375
9ae3f33664fc3b273913900b81d8812d5a6a3c098b86d93d1f0ec54259d9441d
9da8e3f5c42dfa25d70c531cce5a1d78926363beedb095256be344afbd4dd90a
addffd48c2bb1fe1e4409899c79d5b2beca7d72c4d80575401091f09ab0eae52
b8c33d420736e01e78f10be083cb31134439ea40fb1b89b95576518a85627db5
d86fa09a2f9764c54486f84bb248963c9f074897cc923b794dbad6c661ddff10
e50e7e8b211c7eafbf457a490ab9cd673658c6d2a748a8c1d45206d7e68bb8f5
f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35

zwergerlzeit.com Open in urlscan Pro 5.161.107.22 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1230 kBTransfer

4140 kBSize

1 Cookies

100 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

zwergerlzeit.com Open in urlscan Pro
5.161.107.22 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1230 kB
Transfer

4140 kB
Size

1
Cookies

4 HTTP transactions
14 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!