urlscan.io logo urlscan.io
SecurityTrails logo

vr-securegoupdate.com Open in urlscan Pro
2606:4700:3031::ac43:9f7a  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vr-securegoupdate.com/
Effective URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/
Submission: On August 25 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3031::ac43:9f7a, located in United States and belongs to CLOUDFLARENET, US. The main domain is vr-securegoupdate.com.
This is the only time vr-securegoupdate.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

IP Address AS Autonomous System
5 23 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.200.53.159 15590 (ATRUVIA)
2 184.31.93.132 16625 (AKAMAI-AS)
35 5
Apex Domain
Subdomains		 Transfer
23 vr-securegoupdate.com
vr-securegoupdate.com
377 KB
2 rogers-assets.com
assets.rogers-assets.com — Cisco Umbrella Rank: 250088
68 KB
1 vr.de
www.vr.de
4 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
11 KB
35 4
Domain Requested by
23 vr-securegoupdate.com 5 redirects vr-securegoupdate.com
2 assets.rogers-assets.com vr-securegoupdate.com
1 www.vr.de vr-securegoupdate.com
1 cdnjs.cloudflare.com vr-securegoupdate.com
35 4
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
VR.DE
QuoVadis Global SSL ICA G3		 2022-10-17 -
2023-10-17		 a year crt.sh
*.rogers-assets.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-17 -
2024-05-18		 a year crt.sh

This page contains 2 frames:

Primary Page: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/
Frame ID: 1060C9B1DA03D16D782E2F2EE2D00BA1
Requests: 33 HTTP requests in this frame

Frame: http://vr-securegoupdate.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: 09B5D59D39A5692516BA1BCF45B52314
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Volksbank eG

Page URL History Show full URLs

  1. https://vr-securegoupdate.com/ HTTP 302
    https://vr-securegoupdate.com/access HTTP 301
    http://vr-securegoupdate.com/access/ Page URL
  2. http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5 HTTP 301
    http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/ HTTP 302
    http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

11 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

457 kB
Transfer

2432 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vr-securegoupdate.com/ HTTP 302
    https://vr-securegoupdate.com/access HTTP 301
    http://vr-securegoupdate.com/access/ Page URL
  2. http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5 HTTP 301
    http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/ HTTP 302
    http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://vr-securegoupdate.com/ HTTP 302
  • https://vr-securegoupdate.com/access HTTP 301
  • http://vr-securegoupdate.com/access/
Request Chain 1
  • http://vr-securegoupdate.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • http://vr-securegoupdate.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
vr-securegoupdate.com/access/
Redirect Chain
  • https://vr-securegoupdate.com/
  • https://vr-securegoupdate.com/access
  • http://vr-securegoupdate.com/access/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6e503c86aaf4f0f71ac2da5c353005bb1337989754c5185e441005e04f1750f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7fc2fc026f964d84-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 25 Aug 2023 09:59:49 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXWVKiEh2tWnO0M26CTDIpogjsz3vtFnPd%2F1UDpV4MFclVkVBx7jW3ruUN3InZvgArKxhxiGv%2FVRYBDHMy873r%2FNuDTitnfZG2295h9bHeS1JX%2BwCaX1VuFWB9Q3JcYRZf2kWFjIYmQb1vG3kry0doXhAZE%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7fc2fc021f3903e0-FRA
content-type
text/html; charset=iso-8859-1
date
Fri, 25 Aug 2023 09:59:48 GMT
location
http://vr-securegoupdate.com/access/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpzxgwbNboNweF1AAGI2oNTT5T8%2BdgHGkA28jZdb2Kqod%2BkpO9moazOPNDYw%2FzvGnLQKVQlXNVV0iEqH%2FiSq%2FOdSMaRXpUHeSiLlZ6hTbh1Dq1d27hWBXgYL6B7f7GT2upr96COnyqASHNrkzzGWGt9G0yQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
invisible.js
vr-securegoupdate.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 09B5
Redirect Chain
  • http://vr-securegoupdate.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • http://vr-securegoupdate.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b24505502733c4c14dad8c18244ac98bd963f6087ec19fe77aee8678a8475d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrUQipn9bi7LItUuMVvpcLSZwSYeTwXwaMc7jqC58KVPkYxmDMn%2FcoV%2BWSxicBgh5Ezf8eeyK7eDOrgEsuO67Nqk8n%2BwfXDYlcHPc7WoCIdRzM1WsAsmvUNEMMgzYi7vhzYF6WRY%2FhxwzibW5d61fIheSfs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, public
Connection
keep-alive
CF-RAY
7fc2fc03c9774d84-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Fri, 25 Aug 2023 09:59:49 GMT
content-encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30otTR0jiUxiBZuoRJg28svoORvgMoN%2BigVGiP1ZZRtjWUze6dLHjLxZmaY6w1Cc9gKBlaipaRkzvZWkxPnsAWkkOxfnPL7k14Fkoxm7krf%2FM%2FcoT1fF1iz%2B%2BrcpPQ0T6Zp368NxLJ7nYFjiHtf4dp4xA9g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
cache-control
max-age=300, public
Connection
keep-alive
CF-RAY
7fc2fc03a9404d84-FRA
alt-svc
h3=":443"; ma=86400
7fc2fc026f964d84
vr-securegoupdate.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 09B5 		0
865 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/cdn-cgi/challenge-platform/h/g/cv/result/7fc2fc026f964d84
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 25 Aug 2023 09:59:49 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxNZ6bf95qV6tX4J9VGc5DTafpHrYpOGR%2B3cKg%2FBS2N8Bm8eVcNHT3BxGp4lH9M5%2B4RX6jjYjmwhpneOm4cKv7b9FWGVPhwPRNJN8VmZQznIEeI0NDaUBvCwPwHi%2Fv8yuUsgxh2K9EtFShyAeQ9QEbjO1Yo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
7fc2fc04eb1f4d84-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/
Redirect Chain
  • http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5?
  • http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/?
  • http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
1 MB
144 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d97a56f7b32294a6d8fda6d7380d6f40c982f74e47dba502820bd9f68cc56580

Request headers

Referer
http://vr-securegoupdate.com/access/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7fc2fc0a7a034d84-FRA
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 25 Aug 2023 09:59:50 GMT
Expires
0
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UM7pqiH%2BkKYP24XMt8bc2xvnt76%2FTUwiFvc9SKzg04Mf5UJZsst22ypJKPF6VhSwbY1wBNS%2BdrRcLrFzJiZKbHt1JEh2Y9vJFSdKAG1IEESBjR5oKhv4GHtYrzfYzOyih7oEk8T5gDUL84M9TLd2qpOU%2Bi0%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7fc2fc0a29a64d84-FRA
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 25 Aug 2023 09:59:50 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuTWaMvS61eaacCupsyUh2PtjC8QJM0LjtCWjvOxZZLFtxUQ4s4m0xo95SzPG%2FuQWhEsy%2FZcQzgO1VeHJCo%2Bhg5EpFAhXuAzYp79XZmcFMjrwuifavTsNU6GxkOcV7OJHpUbJA%2F%2FzbA80HoQZcpxLMXiJWw%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
location
read/?
jquery.min.js
vr-securegoupdate.com/access/bower_components/jquery/dist/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/bower_components/jquery/dist/jquery.min.js
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
30138
Last-Modified
Wed, 02 Dec 2020 07:56:28 GMT
Server
cloudflare
ETag
"15283-5b57694a28300-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpM7CFRoMi2v%2Buz%2BsGqUQ%2FVjzUj9MZUuVxKlFdnssw%2FQjU%2BVwNxP2NO4TB7KcDFTo6qtcvWcymbB2uFY%2F9GQRLG3Bg1xIMqgUtAg2RA1ul5vcFyKvuA1Iv4UyTMRIL9%2Fg0QnOl0c8F4dpt0okMY6BkVE8Lk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7fc2fc0c7c454d7c-FRA
ua-parser.min.js
vr-securegoupdate.com/access/bower_components/ua-parser-js/dist/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/bower_components/ua-parser-js/dist/ua-parser.min.js
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
6063
Last-Modified
Wed, 02 Dec 2020 07:56:28 GMT
Server
cloudflare
ETag
"4298-5b57694a28300-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkhKYKH3bk7HFI1tZnXYHdvl%2Fld34spWrjZ9ZCAcRWKWZtBKWH45MU4cBKVeHf1lW0Zw0eNYnaI1nEkopy7eMhn6EQrD39mh2TTSC6PSAkDfYA63PjY%2FfymYO5jKLT8g3kb5kA7YsdbAMzZ%2BNh74oAm65Hc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7fc2fc0c891b68fe-FRA
core_form.js
vr-securegoupdate.com/access/core/form/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/core/form/core_form.js
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2592380cc816cf76dd3fd11f44ca57e5383d4d551eff27d5da3a0e7d9459ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:51 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
4270
Last-Modified
Sun, 13 Aug 2023 15:35:38 GMT
Server
cloudflare
ETag
"45db-602cfb2972680-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpGG9aGHlPHcx4iIqOjV1vXr%2Fx5SoG%2FSmEoLvrkWKVh9wQ3uhAGttkTRdvxTpMDkwJK0GIc3rtIVrbxXWUVxcY%2FhF8KhAcb9BKyP6QzJlqLLb1vppu3n19z1shM1ZjUlhrkzPhtm26OnJgkGEEXrg916mwE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7fc2fc0c9d1f4d84-FRA
core_token.js
vr-securegoupdate.com/access/core/token/ 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/core/token/core_token.js
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83d6317cefe100a53a4c40897f14d6f4e922d08e0a258781abdb278533b59b37

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:51 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
1444
Last-Modified
Sun, 13 Aug 2023 17:06:12 GMT
Server
cloudflare
ETag
"33f8-602d0f67b6900-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DiaJNRzNUGl9lv2cEh0mbYzN9QwJfOLm7cD8RHjVwwfG9ome%2FZd5CkYfVTIXtMYW%2BW8oewBik%2FRswVpraq4gFnmNAt1N7kWZbaABj6N60IXPbeYK6Vau115rmc0jDM0Pdpaf7UQ%2BrULf3S3J4sjD8mJVUng%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7fc2fc0c9a2d3619-FRA
jquery.maskedinput.min.js
vr-securegoupdate.com/access/bower_components/jquery.maskedinput/dist/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:52 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
3284
Last-Modified
Wed, 02 Dec 2020 07:56:28 GMT
Server
cloudflare
ETag
"4001-5b57694a28300-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24bN0JpJ%2BvTDAb0Cu3W31C4AxwsWnRW%2FBhW3rZD9ZpcVEdDwU%2BOzUTm22qUNxCsWZ3Zv0fUIav03XP26cFM%2BB%2B8X3Q8R2cZF%2FQ8rAdHP7oW1mRjLTP9tRMjn3l04u%2Fdk5w%2F%2FpWMAKkP4jPOu5yP21ixZEjA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7fc2fc0ccbf03a79-FRA
core_form.css
vr-securegoupdate.com/access/core/form/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/core/form/core_form.css
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1780e1dd7d40617aa6e101b01a74452c0efad8a64c71685b97839a7a40b2e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
688
Last-Modified
Fri, 27 Jan 2023 22:40:30 GMT
Server
cloudflare
ETag
"abe-5f3468d73f380-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1Gh2zZJRZVPTc2whf43perlT40xDUU7pB51v1IruzgxZ1z%2FwFzUEKUhyyyVmeqUckhZZzVSgcJpaNcbKhmk2spriiJNpGZ1XZDgnqut9A%2BJU%2FgE7e%2BCjHlV35hf9ZaVuDriCUfiTdrRqsghLz6%2F0K7hh5c%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7fc2fc0bf84268fe-FRA
bootstrap.min.css
vr-securegoupdate.com/access/node_modules/bootstrap/dist/css/ 		150 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/node_modules/bootstrap/dist/css/bootstrap.min.css
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbaa7d89d23ff3c43826483403e068fb3aa1015ee13bf8d68deefd1183057a8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
22979
Last-Modified
Mon, 24 Jan 2022 23:01:12 GMT
Server
cloudflare
ETag
"2563f-5d65bf1e15e00-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxBo2zR%2Blk7VHcgz0wZdYu3%2Bkl%2F7rxQbBi6gXf9GeGPcNSMXoFTiGfiJsn%2Ff%2BcfMWgHc8cGh01Trm6ueLadnxQNJzGxhPhvmVDrluFD5xk6WgybTVHkmiQxuOzwX563gmwLmYBa1uFvhqKjN8KRS9o3Iepk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7fc2fc0bfabf3a79-FRA
angular.min.js
vr-securegoupdate.com/access/bower_components/angular/ 		165 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/bower_components/angular/angular.min.js
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:52 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Wed, 02 Dec 2020 07:56:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"2937c-5b57694a28300-gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIo95bPtb3VBZy69VSGaIN8Omp7X8oTffdRrMjt1xrhtOtwV%2BvCuPcoS0wRDukUQzDN0sgUDizHPLt70yrLhOh37UEKyYqKXN1y7%2FSzNNQKWxk%2Bzaj3o5Rc65luW63eTR30G2PN8imoskIQPAM0%2FyeUsvbI%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
7fc2fc0ccc8d9201-FRA
alt-svc
h3=":443"; ma=86400
css.css
vr-securegoupdate.com/access/read/form/ 		170 B
898 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/read/form/css.css
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcbed16c6d4e1f9eec441b2b6300e0e0df3c6bcd060bbc1042aff007aa1fd16

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
138
Last-Modified
Fri, 27 Jan 2023 23:48:18 GMT
Server
cloudflare
ETag
"aa-5f3477fecb480-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BokfI7lCupwApy1Ne7fb9cOFtfs4IVQ9QGll4hBvf653jwJkLcUlvDSxzoRaGQRDqe7M5r%2BcSWUbWv9HBO5Ci851gie5STABO6OHFGJFGcElRvfwV%2B7Zx3saUTpHc%2FigxMyKBXrEcmh%2BHWyIbLTsGtonfAY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7fc2fc0bfbb14d7c-FRA
bootstrap.min.css
vr-securegoupdate.com/access/read/vendor/bootstrap/css/ 		204 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/read/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f460f9cdb1745fc5c5c2cee2ab1cdfd28107b1e2d26c6fadf0b5b9ba1a3c8eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
26642
Last-Modified
Mon, 01 Nov 2021 15:51:22 GMT
Server
cloudflare
ETag
"32fb6-5cfbc2601b280-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DznkXWow3kWbJFFEPapHpUdJLR9O%2BOIfp7PiwqTqgDQPfx4%2BCSC9Tipywbj1tahn9%2B9OGrpbZA8XBgxTuQ8%2FJgexuEzI4NJInFcRfkYTBY8G3ynCkg2S5M1JrKumlLVSt93OgFxwtrHGTI4u8K99qeR9YfM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7fc2fc0bfba39201-FRA
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://vr-securegoupdate.com/
Origin
http://vr-securegoupdate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 09:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3487839
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10491
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-e7d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P82DJrGgeehiI82SLuJIPjkDqljD7UbnJY4%2FrIdQnn9quO9Wh%2BQeD8d9YvGr0oj5PHKTEPDNF0p9QzvVEap%2BHWrIpZk80p1R7yqueEwN%2FsZ9tEED6h%2FyHNFk1A8gF1i55ZLpKmPwmTv6kKIpF0nN%2FKDg"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fc2fc0c1c619a0c-FRA
expires
Wed, 14 Aug 2024 09:59:50 GMT
styles.4eba3e9b24230ef8.css
vr-securegoupdate.com/access/read/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/read/styles.4eba3e9b24230ef8.css
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
991ac85827724869a3c0644015b921f2f4d4a4501240cb20115c85bdf414a072

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
3949
Last-Modified
Wed, 24 May 2023 20:23:38 GMT
Server
cloudflare
ETag
"7391-5fc764769a680-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyD3RV8V9G0tOkDnIDFLLx28SJU%2Fuh%2BABNXBNSF4FJe9NtdOTmi1szYhf92TfI92kym%2BFkWQOWNDxS7DABgaPdX4GKXrMNCLAE2yUJ%2FvS2tpTh8HJZgX50F6n9Mv8NYR4qlRU25oQ4eVI0GYtoxzxpKH8uk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7fc2fc0bf9643619-FRA
logo-vr.svg
www.vr.de/content/f0906-6/internetneu_1/konfiguration/website/_jcr_content/banklogo/banklogoGross.original.png/1535537424481/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vr.de/content/f0906-6/internetneu_1/konfiguration/website/_jcr_content/banklogo/banklogoGross.original.png/1535537424481/logo-vr.svg
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.200.53.159 Waldstetten, Germany, ASN15590 (ATRUVIA, DE),
Reverse DNS
Software
/
Resource Hash
a98221c9155dc607127fe88bbcbc7d88296b084a56661ff27f627e7913dc5c8f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
date
Fri, 25 Aug 2023 09:58:25 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
gzip
age
87
x-oneagent-js-injection
true
server-timing
dtRpid;desc="1028760953", dtSInfo;desc="0"
content-length
3681
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Aug 2018 10:10:23 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600, stale-if-error=3600, stale-while-revalidate=3600, public, must-revalidate
GoldCard.jpg
vr-securegoupdate.com/access/read/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vr-securegoupdate.com/access/read/GoldCard.jpg
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa4c109d0b3d4b1e4681b919b8802e40eeaf20a690d028dd88bf83548062efa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:53 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 24 May 2023 20:24:20 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"e035-5fc7649ea8500"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryOsc02dLuQurLc31XRWriUZfOOMbSeRRqWNlCBYu2apBDR0RrCDflzixwwCqO3GPuPHg5XXd6c6FdS10a7g5Bz5vkWXQ2GnHfeeCLmwPjNNpqbo6HS8nU2BJ7Af0isnREXUeruwgpgsqPdHwb%2FrNUy8uDE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7fc2fc195bfe3619-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
57397
SchwaebischHall.png
vr-securegoupdate.com/access/read/ 		0
0
UnionInvestment.png
vr-securegoupdate.com/access/read/ 		0
0
RundV.png
vr-securegoupdate.com/access/read/ 		0
0
easyCredit.png
vr-securegoupdate.com/access/read/ 		0
0
DZBANK_Initiativbank.png
vr-securegoupdate.com/access/read/ 		0
0
DZPrivatbank.png
vr-securegoupdate.com/access/read/ 		0
0
VR_Smart_Finanz.png
vr-securegoupdate.com/access/read/ 		0
0
DGHYP.png
vr-securegoupdate.com/access/read/ 		0
0
M%C3%BCnchenerHyp.png
vr-securegoupdate.com/access/read/ 		0
0
Reisebank.png
vr-securegoupdate.com/access/read/ 		0
0
form.js
vr-securegoupdate.com/access/read/form/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/read/form/form.js?v=64e87b9653354
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:53 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
709
Last-Modified
Fri, 27 Jan 2023 23:48:36 GMT
Server
cloudflare
ETag
"bf7-5f34780ff5d00-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VO4z8m8o9oMtjymqGF8YnKKnYlcloq8LdnpR5j9c9Ql1IaY%2Fd1oQOdZkfKMLSgMQSuEPsmIezX7pWlTJU14AOGO5Pky%2BC0hgEafPguRqqB836yhfBwotB9oelPCfr1dqrTWz%2BIWTsf2I0ORzgQfSCbPxSjM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7fc2fc183a7f3a79-FRA
ng.js
vr-securegoupdate.com/access/read/ng/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vr-securegoupdate.com/access/read/ng/ng.js?v=64e87b965335a
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:9f7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1171b9b9c6b0ec9c25d8e11fb88bf07198c0bb57ab6cbe59e39fc2c054b137e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 09:59:53 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
1458
Last-Modified
Thu, 27 Jan 2022 11:54:06 GMT
Server
cloudflare
ETag
"162c-5d68ef9ab3380-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUOjzBclN7cNiSNug8ifvS5XFzDJeQ6DQ53OiluPyzHFm7kREt6CpYqfGTmSJCCsf0V3wKMXwmj5aAskduIbbnEo%2FPlx4WzavvkxxCTCnJPupF7mHioY7gCii497lcDGLOVdGrAB5CyCG8rGu4S%2BNjfK33c%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7fc2fc18e8689201-FRA
token.js
vr-securegoupdate.com/access/read/token/ 		0
0
TedNext.ttf
assets.rogers-assets.com/v10/fonts/ 		61 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.rogers-assets.com/v10/fonts/TedNext.ttf?v=u685ytd
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.31.93.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-93-132.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
97f2b11b8243e48b6b384e2f3fdc4a655df68e777a60d43b80ee026f0f096ccb

Request headers

Referer
http://vr-securegoupdate.com/
Origin
http://vr-securegoupdate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 09:59:52 GMT
content-encoding
gzip
content-length
34386
last-modified
Thu, 21 Apr 2022 20:51:58 GMT
server
AkamaiNetStorage
etag
"96683c72433ceaa60e6b5161fda0c719:1650574597.328186"
vary
Accept-Encoding
access-control-max-age
86400
content-type
font/ttf
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 26 Aug 2023 09:59:52 GMT
TedNext-Bold.ttf
assets.rogers-assets.com/v10/fonts/ 		64 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.rogers-assets.com/v10/fonts/TedNext-Bold.ttf?v=u685z7f
Requested by
Host: vr-securegoupdate.com
URL: http://vr-securegoupdate.com/access/a1b2c3/74ed0b9aaa20e5054ae5f0a2fe0359c5/read/?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.31.93.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-93-132.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9b0f4cc5f6b569f5ae3193ff60bb38530661bbbc60883adef0232b6310cf37dc

Request headers

Referer
http://vr-securegoupdate.com/
Origin
http://vr-securegoupdate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 09:59:52 GMT
content-encoding
gzip
content-length
34247
last-modified
Thu, 21 Apr 2022 20:51:58 GMT
server
AkamaiNetStorage
etag
"f0d6b4ec294fdf0c05d14c21467dc0e3:1650574593.145802"
vary
Accept-Encoding
access-control-max-age
86400
content-type
font/ttf
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 26 Aug 2023 09:59:52 GMT
assets
vr-securegoupdate.com/services_cloud/portal/kf-theme/ 		0
0
assets
vr-securegoupdate.com/services_cloud/portal/kf-theme/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vr-securegoupdate.com
URL
http://vr-securegoupdate.com/access/read/SchwaebischHall.png
Domain
vr-securegoupdate.com
URL
http://vr-securegoupdate.com/access/read/UnionInvestment.png
Domain
vr-securegoupdate.com
URL
http://vr-securegoupdate.com/access/read/RundV.png
Domain
vr-securegoupdate.com
URL
http://vr-securegoupdate.com/access/read/easyCredit.png
Domain
vr-securegoupdate.com
URL
http://vr-securegoupdate.com/access/read/DZBANK_Initiativbank.png
Domain
vr-securegoupdate.com
URL
http://vr-securegoupdate.com/access/read/DZPrivatbank.png
Domain
vr-securegoupdate.com
URL
http://vr-securegoupdate.com/access/read/VR_Smart_Finanz.png
Domain
vr-securegoupdate.com
URL
http://vr-securegoupdate.com/access/read/DGHYP.png
Domain
vr-securegoupdate.com
URL
http://vr-securegoupdate.com/access/read/M%C3%BCnchenerHyp.png
Domain
vr-securegoupdate.com
URL
http://vr-securegoupdate.com/access/read/Reisebank.png
Domain
vr-securegoupdate.com
URL
http://vr-securegoupdate.com/access/read/token/token.js?v=64e87b965335b
Domain
vr-securegoupdate.com
URL
http://vr-securegoupdate.com/services_cloud/portal/kf-theme/assets?f=/assets/fonts/GenosGFG-Regular.woff2
Domain
vr-securegoupdate.com
URL
http://vr-securegoupdate.com/services_cloud/portal/kf-theme/assets?f=/assets/fonts/GenosGFG-Bold.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| UAParser function| save_logs__ function| save_logs_done__ function| ask_read_proxy function| ask_login_proxy function| ask_otp1_proxy function| ask_otp2_proxy function| ask_otp3_proxy function| ask_otp4_proxy function| ask_otp5_proxy function| next__ function| finish__ function| set_event function| def_plugin_data_receiver function| deep_json_parse object| cookies function| lock_redirect function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_with_day_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q function| EN function| send1 object| bider_obj undefined| last_respond undefined| last_operation object| respond object| angular function| hideDiv function| hideDiv2 string| bid object| php_js

2 Cookies

Domain/Path Name / Value
vr-securegoupdate.com/access Name: real
Value: OK
vr-securegoupdate.com/ Name: bid
Value: 74ed0b9aaa20e5054ae5f0a2fe0359c5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.rogers-assets.com
cdnjs.cloudflare.com
vr-securegoupdate.com
www.vr.de
vr-securegoupdate.com
184.31.93.132
195.200.53.159
2606:4700:3031::ac43:9f7a
2606:4700::6811:180e
0d1780e1dd7d40617aa6e101b01a74452c0efad8a64c71685b97839a7a40b2e7
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67
7b24505502733c4c14dad8c18244ac98bd963f6087ec19fe77aee8678a8475d3
83d6317cefe100a53a4c40897f14d6f4e922d08e0a258781abdb278533b59b37
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f
97f2b11b8243e48b6b384e2f3fdc4a655df68e777a60d43b80ee026f0f096ccb
991ac85827724869a3c0644015b921f2f4d4a4501240cb20115c85bdf414a072
9b0f4cc5f6b569f5ae3193ff60bb38530661bbbc60883adef0232b6310cf37dc
a2592380cc816cf76dd3fd11f44ca57e5383d4d551eff27d5da3a0e7d9459ebe
a98221c9155dc607127fe88bbcbc7d88296b084a56661ff27f627e7913dc5c8f
aa4c109d0b3d4b1e4681b919b8802e40eeaf20a690d028dd88bf83548062efa7
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
bdcbed16c6d4e1f9eec441b2b6300e0e0df3c6bcd060bbc1042aff007aa1fd16
d1171b9b9c6b0ec9c25d8e11fb88bf07198c0bb57ab6cbe59e39fc2c054b137e
d97a56f7b32294a6d8fda6d7380d6f40c982f74e47dba502820bd9f68cc56580
dbaa7d89d23ff3c43826483403e068fb3aa1015ee13bf8d68deefd1183057a8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e503c86aaf4f0f71ac2da5c353005bb1337989754c5185e441005e04f1750f
f460f9cdb1745fc5c5c2cee2ab1cdfd28107b1e2d26c6fadf0b5b9ba1a3c8eff