tractebelna.com Open in urlscan Pro
2606:4700:3036::ac43:afa9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tractebelna.com/?anmelden=Lx9C6E3teRSiaAk&id=jIMHD9Y7SoLV08k&kunde=mD8Ypf1Ch67Lciy
Effective URL:
https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM
Submission Tags: @jcybersec_
Submission: On July 18 via api (July 18th 2020, 11:12:47 pm UTC) from GB

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3036::ac43:afa9, located in United States and belongs to CLOUDFLARENET, US. The main domain is tractebelna.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2020. Valid for: a year.

This is the only time tractebelna.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address		AS Autonomous System
6 17	2606:4700:303... 2606:4700:3036::ac43:afa9		13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	1

17 2606:4700:3036::ac43:afa9 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

tractebelna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	tractebelna.com 6 redirects tractebelna.com	147 KB
11	1

	Domain	Requested by
17	tractebelna.com	6 redirects tractebelna.com
11	1

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM
Frame ID: E0442791CC15A69189A694B92C340B1C
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://tractebelna.com/?anmelden=Lx9C6E3teRSiaAk&id=jIMHD9Y7SoLV08k&kunde=mD8Ypf1Ch67Lciy HTTP 302
https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

145 kB
Transfer

474 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tractebelna.com/?anmelden=Lx9C6E3teRSiaAk&id=jIMHD9Y7SoLV08k&kunde=mD8Ypf1Ch67Lciy HTTP 302
https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://tractebelna.com/dafc3677dfee839 HTTP 302
https://tractebelna.com/dafc3677dfee839?standard=Rdl0KF1DIXL43Nc&site=ehdqyjBvHrwNtG1&privatkunden=T5u8vGapsXAc29k

Request Chain 6

https://tractebelna.com/d15b6e0b675e5df HTTP 302
https://tractebelna.com/d15b6e0b675e5df?standard=iGgPYKBMOXQU6b9&user=cFU0u3OGqMCt6Zn&online=ZiVbwTRslKBSaGy

Request Chain 7

https://tractebelna.com/df929ec1c8e4e73 HTTP 302
https://tractebelna.com/df929ec1c8e4e73?standard=J2DUrsxtylLAkfM&direct=7dB94oXnLTvZq8w&kunde=6fYuwrOnlyBvp1D

Request Chain 8

https://tractebelna.com/dd9da071d14449e HTTP 302
https://tractebelna.com/dd9da071d14449e?login=yugXYJT1HIBDiVR&user=1oknfurQ6BeLOjv&kunde=j9ePnUBJGsVNbFr

Request Chain 9

https://tractebelna.com/d9225bb1d76cf5f HTTP 302
https://tractebelna.com/d9225bb1d76cf5f?home=Wq0xtevlKUIENCL&legitimation=tPWr5uXMR6eOxQS&kunde=h1mUHW0n6dJxQIF

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response tractebelna.com/ Redirect Chain https://tractebelna.com/?anmelden=Lx9C6E3teRSiaAk&id=jIMHD9Y7SoLV08k&kunde=mD8Ypf1Ch67Lciy https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM	9 KB 3 KB	330ms 329ms	Document text/html	2606:4700:3036::ac43:afa9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:afa9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5c659d1c933fa4d669480564d8c1754c452680fe2f11cccdcf2054d3218d4f50` Request headers :method GET :authority tractebelna.com :scheme https :path /?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie __cfduid=dd6b36dbf0cb4439dd1ad5b7e386596b21595113943; PHPSESSID=buf6lgav54otddjfbqhr873vl2 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Sat, 18 Jul 2020 23:12:24 GMT content-type text/html; charset=UTF-8 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 0405cc4cd70000c272c41c6200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5b4fe327bbdcc272-FRA content-encoding br Redirect headers status 302 date Sat, 18 Jul 2020 23:12:24 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=dd6b36dbf0cb4439dd1ad5b7e386596b21595113943; expires=Mon, 17-Aug-20 23:12:23 GMT; path=/; domain=.tractebelna.com; HttpOnly; SameSite=Lax PHPSESSID=buf6lgav54otddjfbqhr873vl2; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache location ?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM cf-cache-status DYNAMIC cf-request-id 0405cc4b850000c272c41b8200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5b4fe325a939c272-FRA
GET H2	200	da5d17168b39a62 tractebelna.com/	274 KB 39 KB	255ms 255ms	Stylesheet text/css	2606:4700:3036::ac43:afa9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tractebelna.com/da5d17168b39a62 Requested by Host: tractebelna.com URL: https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:afa9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `98a67bcc1207c71d2912fa6e744c69fd8c5695cff0522f465bc1a394ed0cca42` Request headers Referer https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 18 Jul 2020 23:12:24 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5b4fe329de1fc272-FRA cf-request-id 0405cc4e270000c272c41ce200000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	da6eb76b4fef131 Show response tractebelna.com/	94 KB 32 KB	319ms 318ms	Script text/plain	2606:4700:3036::ac43:afa9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tractebelna.com/da6eb76b4fef131 Requested by Host: tractebelna.com URL: https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:afa9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682` Request headers Referer https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma cache date Sat, 18 Jul 2020 23:12:24 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain;charset=UTF-8 status 200 cache-control max-age=60 cf-ray 5b4fe329de21c272-FRA cf-request-id 0405cc4e280000c272c41cf200000001 expires Sat, 18 Jul 2020 23:13:24 GMT
GET H2	200	dafc3677dfee839 tractebelna.com/ Redirect Chain https://tractebelna.com/dafc3677dfee839 https://tractebelna.com/dafc3677dfee839?standard=Rdl0KF1DIXL43Nc&site=ehdqyjBvHrwNtG1&privatkunden=T5u8vGapsXAc29k	9 KB 9 KB	217ms 217ms	Image text/html	2606:4700:3036::ac43:afa9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tractebelna.com/dafc3677dfee839?standard=Rdl0KF1DIXL43Nc&site=ehdqyjBvHrwNtG1&privatkunden=T5u8vGapsXAc29k Requested by Host: tractebelna.com URL: https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:afa9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 18 Jul 2020 23:12:25 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5b4fe32ecc21c272-FRA cf-request-id 0405cc51400000c272c41ec200000001 expires Thu, 19 Nov 1981 08:52:00 GMT Redirect headers pragma no-cache date Sat, 18 Jul 2020 23:12:25 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 302 content-type text/html; charset=UTF-8 location ?standard=Rdl0KF1DIXL43Nc&site=ehdqyjBvHrwNtG1&privatkunden=T5u8vGapsXAc29k cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5b4fe32d5a5dc272-FRA cf-request-id 0405cc50590000c272c41e1200000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	best.jpg tractebelna.com/dist/images/	7 KB 7 KB	307ms 305ms	Image image/jpeg	2606:4700:3036::ac43:afa9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tractebelna.com/dist/images/best.jpg Requested by Host: tractebelna.com URL: https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:afa9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `622cdddf9135812f42c5b6396df2b08c836819bb84d0bcd9e82e779d0a4ad469` Request headers Referer https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 18 Jul 2020 23:12:25 GMT cf-cache-status REVALIDATED last-modified Wed, 29 Apr 2020 23:00:16 GMT server cloudflare etag "1b6e-5a475e95ad5ee" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5b4fe32d7a75c272-FRA content-length 7022 cf-request-id 0405cc50660000c272c41e2200000001
GET H2	200	azubi.png tractebelna.com/dist/images/	39 KB 40 KB	305ms 304ms	Image image/png	2606:4700:3036::ac43:afa9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tractebelna.com/dist/images/azubi.png Requested by Host: tractebelna.com URL: https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:afa9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d3d6aefec9d4c8294072e8a246a45716badf57373b71990f6254b4c480245288` Request headers Referer https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 18 Jul 2020 23:12:25 GMT cf-cache-status REVALIDATED last-modified Wed, 29 Apr 2020 23:00:15 GMT server cloudflare etag "9d92-5a475e94b9b96" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5b4fe32d7a77c272-FRA content-length 40338 cf-request-id 0405cc50670000c272c41e3200000001
GET H2	200	private.jpg tractebelna.com/dist/images/	6 KB 6 KB	309ms 309ms	Image image/jpeg	2606:4700:3036::ac43:afa9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tractebelna.com/dist/images/private.jpg Requested by Host: tractebelna.com URL: https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:afa9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4aed1efbbe0bb753684998625ef250fb40086fa7806930d159d80499a5aaf753` Request headers Referer https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 18 Jul 2020 23:12:25 GMT cf-cache-status REVALIDATED last-modified Wed, 29 Apr 2020 23:00:20 GMT server cloudflare etag "1658-5a475e998b17f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5b4fe32d7a78c272-FRA content-length 5720 cf-request-id 0405cc50670000c272c41e4200000001
GET H2	200	d15b6e0b675e5df Show response tractebelna.com/ Redirect Chain https://tractebelna.com/d15b6e0b675e5df https://tractebelna.com/d15b6e0b675e5df?standard=iGgPYKBMOXQU6b9&user=cFU0u3OGqMCt6Zn&online=ZiVbwTRslKBSaGy	9 KB 3 KB	302ms 302ms	Script text/html	2606:4700:3036::ac43:afa9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tractebelna.com/d15b6e0b675e5df?standard=iGgPYKBMOXQU6b9&user=cFU0u3OGqMCt6Zn&online=ZiVbwTRslKBSaGy Requested by Host: tractebelna.com URL: https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:afa9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `09c4411bf31bfb55bb000aa82fa597bf5a3a976c357be94ab3129a0abc9fd1ef` Request headers Referer https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 18 Jul 2020 23:12:25 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5b4fe32e6ba6c272-FRA cf-request-id 0405cc51010000c272c41eb200000001 expires Thu, 19 Nov 1981 08:52:00 GMT Redirect headers pragma no-cache date Sat, 18 Jul 2020 23:12:25 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 302 content-type text/html; charset=UTF-8 location ?standard=iGgPYKBMOXQU6b9&user=cFU0u3OGqMCt6Zn&online=ZiVbwTRslKBSaGy cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5b4fe32ce9ddc272-FRA cf-request-id 0405cc50140000c272c41e0200000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	df929ec1c8e4e73 tractebelna.com/ Redirect Chain https://tractebelna.com/df929ec1c8e4e73 https://tractebelna.com/df929ec1c8e4e73?standard=J2DUrsxtylLAkfM&direct=7dB94oXnLTvZq8w&kunde=6fYuwrOnlyBvp1D	9 KB 3 KB	218ms 218ms	Font text/html	2606:4700:3036::ac43:afa9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tractebelna.com/df929ec1c8e4e73?standard=J2DUrsxtylLAkfM&direct=7dB94oXnLTvZq8w&kunde=6fYuwrOnlyBvp1D Requested by Host: tractebelna.com URL: https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:afa9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ca699fe66a3935640cb0afbe8662e00a522f4f181fa211f4a93d308c14949afb` Request headers Referer https://tractebelna.com/da5d17168b39a62 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 18 Jul 2020 23:12:26 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5b4fe335dc61c272-FRA cf-request-id 0405cc55ab0000c272c422b200000001 expires Thu, 19 Nov 1981 08:52:00 GMT Redirect headers pragma no-cache date Sat, 18 Jul 2020 23:12:26 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 302 content-type text/html; charset=UTF-8 location ?standard=J2DUrsxtylLAkfM&direct=7dB94oXnLTvZq8w&kunde=6fYuwrOnlyBvp1D cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5b4fe32d7a85c272-FRA cf-request-id 0405cc506c0000c272c41e5200000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	dd9da071d14449e tractebelna.com/ Redirect Chain https://tractebelna.com/dd9da071d14449e https://tractebelna.com/dd9da071d14449e?login=yugXYJT1HIBDiVR&user=1oknfurQ6BeLOjv&kunde=j9ePnUBJGsVNbFr	9 KB 3 KB	336ms 335ms	Font text/html	2606:4700:3036::ac43:afa9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tractebelna.com/dd9da071d14449e?login=yugXYJT1HIBDiVR&user=1oknfurQ6BeLOjv&kunde=j9ePnUBJGsVNbFr Requested by Host: tractebelna.com URL: https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:afa9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `11cdb0ce69e5bdf9c29085aac4713bebe34b80e84f88985971c5dbaee208503a` Request headers Referer https://tractebelna.com/da5d17168b39a62 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 18 Jul 2020 23:12:25 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5b4fe32f5ce5c272-FRA cf-request-id 0405cc519b0000c272c41ef200000001 expires Thu, 19 Nov 1981 08:52:00 GMT Redirect headers pragma no-cache date Sat, 18 Jul 2020 23:12:25 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 302 content-type text/html; charset=UTF-8 location ?login=yugXYJT1HIBDiVR&user=1oknfurQ6BeLOjv&kunde=j9ePnUBJGsVNbFr cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5b4fe32d7a87c272-FRA cf-request-id 0405cc506c0000c272c41e6200000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	d9225bb1d76cf5f tractebelna.com/ Redirect Chain https://tractebelna.com/d9225bb1d76cf5f https://tractebelna.com/d9225bb1d76cf5f?home=Wq0xtevlKUIENCL&legitimation=tPWr5uXMR6eOxQS&kunde=h1mUHW0n6dJxQIF	9 KB 3 KB	218ms 218ms	Font text/html	2606:4700:3036::ac43:afa9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tractebelna.com/d9225bb1d76cf5f?home=Wq0xtevlKUIENCL&legitimation=tPWr5uXMR6eOxQS&kunde=h1mUHW0n6dJxQIF Requested by Host: tractebelna.com URL: https://tractebelna.com/?standard=T78Qt1v4BRe6dGc&id=dV97BRfcYgT4AvZ&anmeldung=qFNkxY7H18ew2LM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:afa9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `025463f9a17facad0ecf90bc8519cf19a7e8c039895d6fcdfa8f160bccf9b354` Request headers Referer https://tractebelna.com/da5d17168b39a62 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 18 Jul 2020 23:12:25 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5b4fe3301dbec272-FRA cf-request-id 0405cc52130000c272c41f4200000001 expires Thu, 19 Nov 1981 08:52:00 GMT Redirect headers pragma no-cache date Sat, 18 Jul 2020 23:12:25 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 302 content-type text/html; charset=UTF-8 location ?home=Wq0xtevlKUIENCL&legitimation=tPWr5uXMR6eOxQS&kunde=h1mUHW0n6dJxQIF cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5b4fe32d7a89c272-FRA cf-request-id 0405cc506c0000c272c41e7200000001 expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

tractebelna.com
2606:4700:3036::ac43:afa9
025463f9a17facad0ecf90bc8519cf19a7e8c039895d6fcdfa8f160bccf9b354
09c4411bf31bfb55bb000aa82fa597bf5a3a976c357be94ab3129a0abc9fd1ef
11cdb0ce69e5bdf9c29085aac4713bebe34b80e84f88985971c5dbaee208503a
4aed1efbbe0bb753684998625ef250fb40086fa7806930d159d80499a5aaf753
5c659d1c933fa4d669480564d8c1754c452680fe2f11cccdcf2054d3218d4f50
622cdddf9135812f42c5b6396df2b08c836819bb84d0bcd9e82e779d0a4ad469
98a67bcc1207c71d2912fa6e744c69fd8c5695cff0522f465bc1a394ed0cca42
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
ca699fe66a3935640cb0afbe8662e00a522f4f181fa211f4a93d308c14949afb
d3d6aefec9d4c8294072e8a246a45716badf57373b71990f6254b4c480245288
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

tractebelna.com Open in urlscan Pro 2606:4700:3036::ac43:afa9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

145 kBTransfer

474 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Indicators

tractebelna.com Open in urlscan Pro
2606:4700:3036::ac43:afa9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

145 kB
Transfer

474 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!