urlscan.io logo urlscan.io
SecurityTrails logo

kspb.info Open in urlscan Pro
2606:4700:3033::6815:4835  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://urlbit.co/HuaFZZrH
Effective URL: https://kspb.info/de/home/login-online-banking.html
Submission: On April 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 12 domains to perform 42 HTTP transactions. The main IP is 2606:4700:3033::6815:4835, located in United States and belongs to CLOUDFLARENET, US. The main domain is kspb.info.
TLS certificate: Issued by GTS CA 1P5 on April 3rd 2023. Valid for: 3 months.
This is the only time kspb.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

IP Address AS Autonomous System
3 18.66.97.129 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.14 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 1 67.199.248.11 396982 (GOOGLE-CL...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.234.148.192 14618 (AMAZON-AES)
1 1 3.216.43.215 14618 (AMAZON-AES)
16 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.85.1.81 20546 (SOPRADO-ANY)
1 195.140.53.169 9099 (FINANZINF...)
42 12
3    18.66.97.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-129.fra56.r.cloudfront.net
urlbit.co
2    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.97.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-14.fra56.r.cloudfront.net
api.urlbit.co
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
6    2606:4700:3032::6815:211c (United States)

ASN13335 (CLOUDFLARENET, US)
shre.ink
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    34.234.148.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-148-192.compute-1.amazonaws.com
api.shre.ink
1    3.216.43.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-43-215.compute-1.amazonaws.com
rebrand.ly
16    2606:4700:3033::6815:4835 (United States)

ASN13335 (CLOUDFLARENET, US)
kspb.info
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    185.85.1.81 (Germany)

ASN20546 (SOPRADO-ANY, DE)
PTR: ip-185-85-1-81.ax5z.com
www.sparkasse.de
1    195.140.53.169 (Germany)

ASN9099 (FINANZINFORMATIK-AS-NORD, DE)
module.sparkasse-saarbruecken.de
Apex Domain
Subdomains		 Transfer
16 kspb.info
kspb.info
540 KB
7 shre.ink
shre.ink
api.shre.ink
167 KB
4 urlbit.co
urlbit.co
api.urlbit.co
315 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201
161 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2284
266 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
155 KB
1 sparkasse-saarbruecken.de
module.sparkasse-saarbruecken.de
982 B
1 sparkasse.de
www.sparkasse.de — Cisco Umbrella Rank: 228146
604 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
1 rebrand.ly
rebrand.ly — Cisco Umbrella Rank: 69715
179 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 5486
226 B
0 googlesyndication.com Failed
pagead2.googlesyndication.com Failed
42 12
Domain Requested by
16 kspb.info shre.ink
kspb.info
urlbit.co
6 shre.ink urlbit.co
shre.ink
3 securepubads.g.doubleclick.net shre.ink
securepubads.g.doubleclick.net
3 urlbit.co urlbit.co
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com urlbit.co
shre.ink
1 module.sparkasse-saarbruecken.de kspb.info
1 www.sparkasse.de kspb.info
1 fonts.googleapis.com shre.ink
1 rebrand.ly 1 redirects
1 api.shre.ink shre.ink
1 bit.ly 1 redirects
1 api.urlbit.co urlbit.co
0 pagead2.googlesyndication.com Failed securepubads.g.doubleclick.net
42 14

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
urlbit.co
Amazon RSA 2048 M02		 2023-02-23 -
2023-09-29		 7 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
api.urlbit.co
Amazon RSA 2048 M01		 2023-02-24 -
2023-10-09		 7 months crt.sh
shre.ink
Cloudflare Inc ECC CA-3		 2023-03-02 -
2024-03-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
api.shre.ink
Amazon RSA 2048 M01		 2023-03-03 -
2024-04-01		 a year crt.sh
*.kspb.info
GTS CA 1P5		 2023-04-03 -
2023-07-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
www.sparkasse.de
D-TRUST SSL Class 3 CA 1 EV 2009		 2022-10-10 -
2023-05-30		 8 months crt.sh
module.sparkasse-saarbruecken.de
QuoVadis Europe EV SSL CA G1		 2022-08-01 -
2023-08-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://kspb.info/de/home/login-online-banking.html
Frame ID: 6D2A44E5781EC7A4ED5C6957174FFF90
Requests: 39 HTTP requests in this frame

Frame: https://kspb.info/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680508800
Frame ID: B6758370E16B709673B8B06971FA2603
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login Online-Banking

Page URL History Show full URLs

  1. https://urlbit.co/HuaFZZrH Page URL
  2. https://bit.ly/3m1d2kU HTTP 301
    https://shre.ink/kM4u Page URL
  3. https://rebrand.ly/brand-diebt6 HTTP 301
    https://kspb.info/de/home/login-online-banking.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div class="[^"]*parbase
  • /etc/clientlibs/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

42
Requests

88 %
HTTPS

46 %
IPv6

12
Domains

14
Subdomains

12
IPs

2
Countries

1342 kB
Transfer

4469 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urlbit.co/HuaFZZrH Page URL
  2. https://bit.ly/3m1d2kU HTTP 301
    https://shre.ink/kM4u Page URL
  3. https://rebrand.ly/brand-diebt6 HTTP 301
    https://kspb.info/de/home/login-online-banking.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://bit.ly/3m1d2kU HTTP 301
  • https://shre.ink/kM4u

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
HuaFZZrH
urlbit.co/ 		992 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://urlbit.co/HuaFZZrH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59a65f77587b0ed0b294f67ca64865f2f111b48ed5f631003d3fda1a55a1a48f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
18228
content-length
992
content-type
text/html
date
Mon, 03 Apr 2023 06:33:25 GMT
etag
"c168ee035a80fbcfdd18d6693e7851c0"
last-modified
Tue, 07 Mar 2023 15:55:54 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-id
CIMFb9TuQx6s5ag7XFBzIDHb1yETesPDa9iV5Y9U-7t_wAK2D-tSJA==
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
js
www.googletagmanager.com/gtag/ 		221 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YNHG8YYX8Z
Requested by
Host: urlbit.co
URL: https://urlbit.co/HuaFZZrH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93e3db0683ac16045d379180fe43e55263ecddcdea9e5a25b2c76c9dd6a3bcf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://urlbit.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79164
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 03 Apr 2023 11:37:13 GMT
main.b9c20696.js
urlbit.co/static/js/ 		1 MB
284 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urlbit.co/static/js/main.b9c20696.js
Requested by
Host: urlbit.co
URL: https://urlbit.co/HuaFZZrH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7ff621558a8c3b58d7375090ebe6544e0e6d145eaacb2f2b6f9c44ee5c96eed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://urlbit.co/HuaFZZrH
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 00:33:07 GMT
content-encoding
gzip
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 15:55:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
39847
etag
W/"0d0c1416e334c4208f6414452c9410be"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
gZcqqJ8iG11IL90rK3byKRFX2h6SVTqDb3qal4czq_f7Tn0tSZ551g==
main.06ffedac.css
urlbit.co/static/css/ 		256 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://urlbit.co/static/css/main.06ffedac.css
Requested by
Host: urlbit.co
URL: https://urlbit.co/HuaFZZrH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5752aa19ce173c5cf0d68e5fe90bb5ebb8ccdb726669becd5e0fcdf837e52f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://urlbit.co/HuaFZZrH
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 08:49:05 GMT
content-encoding
gzip
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 15:55:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
10089
etag
W/"13130a46cfd2ee6799de8dbbaab069e7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
YgUwVbMT5tSOyAGc9C3W5oGUXkLOKbOlnTcrHbcWf7UJ9WmIeV6F3w==
HuaFZZrH
api.urlbit.co/v1/links/ 		275 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.urlbit.co/v1/links/HuaFZZrH
Requested by
Host: urlbit.co
URL: https://urlbit.co/static/js/main.b9c20696.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-14.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://urlbit.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:13 GMT
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amzn-trace-id
Root=1-642aba69-3a4e1b9865e1f0e12da903ee;Sampled=0;lineage=70f38cfd:0
x-amzn-requestid
0760ba59-6fa0-4765-851e-56fd35cd18b5
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-apigw-id
CzIQiFCeoAMFthw=
content-length
275
x-amz-cf-id
WXW5No7iYoBAT7862R7VhiBWiWsL53RunhSsBmHDo4Xe5L-kaqzoqw==
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YNHG8YYX8Z&gtm=45je33t0&_p=1434649248&cid=524024097.1680521833&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680521833&sct=1&seg=0&dl=https%3A%2F%2Furlbit.co%2FHuaFZZrH&dt=URLbit%20%7C%20Best%20free%20URL%20shortener&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YNHG8YYX8Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://urlbit.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 03 Apr 2023 11:37:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://urlbit.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
kM4u
shre.ink/
Redirect Chain
  • https://bit.ly/3m1d2kU
  • https://shre.ink/kM4u
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shre.ink/kM4u
Requested by
Host: urlbit.co
URL: https://urlbit.co/static/js/main.b9c20696.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:211c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8d106006e9c65e2e9192aa3852e8ca9506984b7ed89940cfbfaeb84cc0e08d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://urlbit.co/HuaFZZrH
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b2104b79cff8fe2-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 03 Apr 2023 11:37:14 GMT
link
</_nuxt/70e253c.js>; rel="preload"; as=script, </_nuxt/8f8988a.js>; rel="preload"; as=script, </_nuxt/48403f5.js>; rel="preload"; as=script, </_nuxt/7920c1d.js>; rel="preload"; as=script
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77QosS4kBgMaUXmH%2BvnOOeU%2FoAsiax5UiHhJfkF3t070DWLo8UeTSjaYdCfevWCK29GyvtxTmhdBnP743SZi5JWFwRXqTc199vHNNWaj9RbdxiNFds551EdPI8SZJTkDrbnKRBWVwA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
108
content-type
text/html; charset=utf-8
date
Mon, 03 Apr 2023 11:37:13 GMT
location
https://shre.ink/kM4u
server
nginx
via
1.1 google
collect
region1.google-analytics.com/g/ 		0
0
70e253c.js
shre.ink/_nuxt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shre.ink/_nuxt/70e253c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:211c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9032ab886a442930a17bd528238616ebd63a6d63712c4b2eda518f84cb2fe4cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/kM4u
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6116
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"b9d5e4ca5b05b27a76e251b4e0ac7c3d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOE87C1%2FuxQWDhUmx2CEQL5AGVJbZvZqpXyZXzl8WL7XkcAEsS7vYToxhu2EXiTgENavW%2FZO5Rz1KCzYIDZJ%2B505fcnrXaT5%2BwnL4iqVDW%2FR3ojnmRr3Q25m7lZMFQu%2FZ67w2A%2F88A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
x-robots-tag
noindex
cf-ray
7b2104b80d838fe2-FRA
8f8988a.js
shre.ink/_nuxt/ 		251 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shre.ink/_nuxt/8f8988a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:211c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f696a6194a7c208a54b467d45f76580b9f03f9132150241bb4aa67f476bca6ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/kM4u
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6116
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"965ffe91122d55f56ff3749b8935aba6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfJQAV0EfxShjOCpGEXY7jbJaNPhv%2FKtQcQBikRWE8PflMAcCanPRAk%2B5h8bAowocgUC8a1pHfEO8voHcc60nadIYM8ssb1HnE4xxE9%2BD9xtGf3k5TXo4cQCZFZXON3dLpTZGZrw0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
x-robots-tag
noindex
cf-ray
7b2104b80d878fe2-FRA
48403f5.js
shre.ink/_nuxt/ 		203 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shre.ink/_nuxt/48403f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:211c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
055ebfa8368e99942256a553ef6f5ed45b4eae0e6bd62de36459e7eb3377f163
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/kM4u
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"fccda9f24a1919668cd403b71fc239e7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJ1yfOmKjL9Z%2BWfKAv2S8T%2BPMHy2ap4DBxoMdDmwXyuiJMPZePfgoG%2B6VeVb%2F%2FFHUG0EimDKQY513qAvuHLFSofezWKuTpScGrMhYtwnh4PIExYzJEBPBhJoeC8IVxOQvKQcPd52vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
x-robots-tag
noindex
cf-ray
7b2104b80d888fe2-FRA
7920c1d.js
shre.ink/_nuxt/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shre.ink/_nuxt/7920c1d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:211c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b9eb573734e1d1346e1c66cd2342c41612a53e5b1bcf30dd97c57090958679
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/kM4u
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6116
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7b09177f3f7e1f3cd623315b88906c2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kgs6yRHJF%2Ba%2FPVUiVyvMRZi%2FgybmWXoKaYmYW9P9vL6Mk2Vrlzg%2Bg3b28joSiagVZrsVU4rawWWXmUYeMobAl76DCKx5n2NImNWO6rhp0YWgxBDg2AWksmqa7zH8RzLDsQk2PXG0GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
x-robots-tag
noindex
cf-ray
7b2104b80d898fe2-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: shre.ink
URL: https://shre.ink/kM4u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b5796ee3cce561e8c6c05c159915947bb6489adb6c32df06230bec68ae6ba2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27231
x-xss-protection
0
server
sffe
etag
"1530 / 119 of 1000 / last-modified: 1680519845"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 03 Apr 2023 11:37:14 GMT
cd52b4e.js
shre.ink/_nuxt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shre.ink/_nuxt/cd52b4e.js
Requested by
Host: shre.ink
URL: https://shre.ink/_nuxt/70e253c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:211c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3af6d3d6078e73686473d771702059ee76520e1e9734d98b9c5bc3b2e6bd290
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/kM4u
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3422
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"44f0211ab10bd1064ad426c087ae8870"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slg%2BlRqJeZzhsN%2B5qXZWBr7KvVIpJSuQtMI%2F2cNOMc3yrb38iGZWOu1ty%2FzcjUCW%2FPAqgj5bFVdHUvlqw5fRP2bZt9TrQf6%2BCEobx2QWy3Iz5RBgedijPpajQKxDQ6dp0oXMksvTOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
x-robots-tag
noindex
cf-ray
7b2104b8ac423a3e-FRA
js
www.googletagmanager.com/gtag/ 		221 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1B3H44VW9G&l=dataLayer
Requested by
Host: shre.ink
URL: https://shre.ink/_nuxt/48403f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e147993a4bfb2d47f4a49ce1614c869bafbc0a41790ed3656b1bd6866d15db30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79201
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 03 Apr 2023 11:37:14 GMT
kM4u
api.shre.ink/url/ 		45 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.shre.ink/url/kM4u
Requested by
Host: shre.ink
URL: https://shre.ink/_nuxt/8f8988a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.148.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-148-192.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://shre.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
https://shre.ink
date
Mon, 03 Apr 2023 11:37:14 GMT
content-length
45
vary
origin
apigw-requestid
CzIQuiqgoAMEP3g=
content-type
application/json
pubads_impl_2023032801.js
securepubads.g.doubleclick.net/gpt/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95cebae126b596b85b7633805c98d6be3b0ccc8558b8a0c0cdcd3a0fef0c6917
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:34:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136767
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 08:36:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 02 Apr 2024 11:34:12 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		62 B
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shre.ink
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d51f2f5c06746f399d43b6e6548b072f1ad74f9f42fef3f9a17f54aadd33aa5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52
x-xss-protection
0
expires
Mon, 03 Apr 2023 11:37:14 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1B3H44VW9G&gtm=45je33t0&_p=712059974&cid=1695789295.1680521835&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=1&sid=1680521834&sct=1&seg=0&dl=https%3A%2F%2Fshre.ink%2FkM4u&dr=https%3A%2F%2Furlbit.co%2F&dt=Encurtador%20de%20link%20gr%C3%A1tis%20%7C%20URL%20Gr%C3%A1tis&en=scroll&_fv=1&_nsi=1&_ss=1&ep.debug_mode=false&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1B3H44VW9G&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 03 Apr 2023 11:37:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shre.ink
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request login-online-banking.html
kspb.info/de/home/
Redirect Chain
  • https://rebrand.ly/brand-diebt6
  • https://kspb.info/de/home/login-online-banking.html
30 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kspb.info/de/home/login-online-banking.html
Requested by
Host: shre.ink
URL: https://shre.ink/_nuxt/48403f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b411ef54d2d73a7d2eb90866f4088a8abf6a32f272c2df6edb93445f00fb472

Request headers

Referer
https://shre.ink/kM4u
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7b2104be7d729249-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 03 Apr 2023 11:37:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3%2BIktuY8tCeDWcoJTMuscHJfP44eKQvCdYIDxNHS41ZPMvgaPNM5g%2FQJ7IryK2Pk9hzSJmhiv4fYrBkDPr3tl6mXWrX11l9poMH5RqxvfpfK3NRB2IjoeYjV%2BwchuIsFKJMZf91Qhg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store
content-length
0
date
Mon, 03 Apr 2023 11:37:15 GMT
engine
Rebrandly.redirect, version 2.1
expires
-1
location
https://kspb.info/de/home/login-online-banking.html
strict-transport-security
max-age=15552000
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&family=Montserrat:wght@600;700&display=swap
Requested by
Host: shre.ink
URL: https://shre.ink/_nuxt/8f8988a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shre.ink/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Mon, 03 Apr 2023 11:37:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 03 Apr 2023 11:37:14 GMT
collect
region1.google-analytics.com/g/ 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0
main.css
kspb.info/assets/css/ 		887 KB
123 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kspb.info/assets/css/main.css
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99af8e594d8bfa3d207ac886b8d3a90d2dcbd00d6aebf71edb4600e5566810eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 13 Jun 2021 00:23:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"ddb08-5c49abf5b6980-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkuHkHyHr1USAQE5f2%2FUDrf1jEoN923iwVNtwZKQQ%2BnKzAlBLG4dK2F7owwzJDsrO1vvIBN9UYNHS2vs7DOVtVmYBrFf%2BSDrWe0T%2BvBAvj%2FqC2V74D7pfr%2BHe2hzm0BT6Z7kUy9U4do%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7b2104c0e98f9249-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.js
kspb.info/assets/js/ 		410 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kspb.info/assets/js/main.js
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
718c7b48061d85027c2841f24a700ca4dcf020dd78aab3276acdc99cfc5608bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 11 Jun 2021 16:13:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6698a-5c47fcb48f480-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHitxtI5yzCnaDPmrnUuHr8KJsl%2F8FAnuNE392d41P8U0JWZ7HpdHJ%2Fk5UtihZdcxgYuC6o23uDSWgZlr7ViZ84uL5sBaqA911%2Fz%2BNpHmTSXKo8mnaUnEnqvTtyI4xl2lUWqnLgq7TY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7b2104c0e9949249-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
spk-logo-desktop.png
kspb.info/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/assets/images/spk-logo-desktop.png
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b064f5dcd4f7e7624dbfddb11cf0b647b7e35d29397fa928d64d540eb59532c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:16 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Jun 2021 21:25:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6fb-5c484241a8c00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7NOLTY0XETx9XzS%2Fj3aN8uxSWAHuCBf6YtI7qdBd2z7eWBmEXXMHH3cVkCgCObVbPG7zrQQwpLCmzAUOHDYqcB6D%2B32fghnpQ2IfaMXe9sa4NTOWq4WpgnA471%2FAHULeibFg36kRi0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b2104c67e2c90f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1787
spk-logo-mobile.png
kspb.info/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/assets/images/spk-logo-mobile.png
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a954f53d05a60f8e52f29895a96cb54bf784c75c3bba62cb8af85c219163cc09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:16 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Jun 2021 21:25:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"72f-5c4842602d400"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkCjLkfmXb6FSvx0YYclcTtrGB2NNsY%2FIAKKPo3Rp94zYPCHVx2BwJdta47DOGXkMtZ1pn20PiR547PFadbuTJe51iKLmqTlTsLLmTz95YeMzNXvXCC32JfWArPjB2VAHQ9L%2BQO7Oi4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b2104c69e5c90f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1839
spk-logo-druck.png
kspb.info/assets/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/assets/images/spk-logo-druck.png
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf1798a11a26e7751ae0c54551736aca9d39c5c63b64ebc6f52dff8d6fd7e367

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:17 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Jun 2021 21:25:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"19f6-5c484250eb000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qCvBwlNU%2FvoFsjPMrDwvDqUJcuGFuGirfJmIPJRaNPVT1yfI2yCDLqgm8xsp6CWXz3pwOOF88pLghYJplG4X0wdiPPakSWmKUaQfR7lKYp7wGlo0cUE77QsSR5H0q3EMyvMuOqXpSo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b2104c6ae5f90f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6646
cq5dam.web.1280.1280.6d.del
kspb.info/content/dam/myif/spk-saarbruecken/work/bilder/privatkunden/kredite-finanzierungen/privatkredit/Laptop%20auf%20Tisch%20Textchat.jpg/_jcr_content/renditions/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/content/dam/myif/spk-saarbruecken/work/bilder/privatkunden/kredite-finanzierungen/privatkredit/Laptop%20auf%20Tisch%20Textchat.jpg/_jcr_content/renditions/cq5dam.web.1280.1280.6d.del
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70c4cca56b4a83a6aae6ab19eb56d32324b828db9cce2039492035784abc4650

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MG8MAERVOMmZ%2B4%2BNPlZvsQJaKCuwWJKSR%2FJWp7st2i4Kyys5iETwbw0itlcA6QgyPzAFXhkZ6cBEyedxRb0smCMVjjpI6z4RZwONtHDMSC2kFKU07%2BBkIL8FSNTvIZ2ffr4CS2Veqc8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
7b2104c6ae6090f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
BIK.png
kspb.info/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/assets/images/BIK.png
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4b0c1b29bfc9a420b7a21150a764688407e7bc3c976cf62b1dec5237a13e99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:16 GMT
cf-cache-status
MISS
last-modified
Sat, 12 Jun 2021 09:23:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a34-5c48e2c594000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvHA3xeuOVAjD03EcxfT3%2BkXTUGDVmnPo%2FoGw07kQii43nb9D3uPweOLexjiaRgD4gZWQ%2BU9N3pnBW%2B%2BP%2BzGVXaENh%2Fmu4zjDAXIUzf0YHuLnw39axfhJfpoPYjlfueUBUc3UzxDbCo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b2104c6ae6190f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2612
schutz.png
kspb.info/assets/images/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/assets/images/schutz.png
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adf4855311d6e6260d33dae718aa3fe8e0d3e97b12419f881089771d4af49b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:17 GMT
cf-cache-status
MISS
last-modified
Sat, 12 Jun 2021 09:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"707c-5c48e2d105b00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIrr50wThzXMMEPxbXSRgVrykNu%2BHvKgRxmOzGjSJ%2FUNv73hJnrOFnTVTjOYjR4DMZ3VWbRw3jahUgo29ISEH0gufq0MVZTk0AIiuK7qE41vaDBojgBqnx13UEDG3DZjRiJHPD4OApM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b2104c6ae6290f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28796
trendence.png
kspb.info/assets/images/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/assets/images/trendence.png
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
befb85a4fa7e4b368a637a23b0e8d5cdb952762a528604a92297d3b508f5f7bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:17 GMT
cf-cache-status
MISS
last-modified
Sat, 12 Jun 2021 09:23:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"13e8a-5c48e2d8a6d00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JD%2Fm58kXjlg2ue3NWA1JDh%2FnIAOVwtw1fnxzLnTxTwu5QZC9QXLXLKQjYCrjNJ4bOaMgjNDYjYt%2BZGKdKkssp0%2BCnBgAqKblQ7Xyg%2Bye%2FAy2SVi7e622FASQplVDISUhe5CPZn1tCac%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b2104c6ae6490f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
81546
family.jpg
kspb.info/assets/images/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kspb.info/assets/images/family.jpg
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d99d25ca6a5ba195d8836bd6d9dc4ff311234fe5c48e8581cce60c4c4534a34b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:17 GMT
cf-cache-status
MISS
last-modified
Sat, 12 Jun 2021 09:23:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"18610-5c48e2e230380"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BONBKmQn1mY6FaJA6YpUu6tuDtOEctdxhWe6E8lVHsM0NJskmrmwgRakWZCoBBPJ1mvUAatp%2BQih0Y8v4IVPdWrWhnhxIkxX6%2FAIFUEb%2FhrNbGVWYIiqe%2FaHbL2f0aKuXFyw6HXOuVw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b2104c6ae6590f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
99856
setTrackingCookie.html
www.sparkasse.de/frontend/ 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sparkasse.de/frontend/setTrackingCookie.html?blz=59050101
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.85.1.81 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
ip-185-85-1-81.ax5z.com
Software
myracloud /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
server
myracloud
etag
"myra-4ce3fbee"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 03 Apr 2023 11:37:16 GMT
tdg
module.sparkasse-saarbruecken.de/if/services/ 		45 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://module.sparkasse-saarbruecken.de/if/services/tdg?hs=2777567c39dccaca7445088381cf852db1e77a0e2ea113de40578eb31391c64d
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.140.53.169 , Germany, ASN9099 (FINANZINFORMATIK-AS-NORD, DE),
Reverse DNS
Software
/
Resource Hash
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Expires
Thu, 01 Dec 1994 16:00:00 GMT
Date
Mon, 03 Apr 2023 11:37:16 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Vary
User-Agent
Content-Language
de-DE
Content-Type
image/gif
Cache-Control
no-store, no-cache=set-cookie
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
45
X-UA-Compatible
IE=edge
universal_analytics.min.7c6403636a2a8f501fd2fc54714a9c1f.js
kspb.info/etc/clientlibs/myif/spk-saarbruecken/sfp/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://kspb.info/etc/clientlibs/myif/spk-saarbruecken/sfp/universal_analytics.min.7c6403636a2a8f501fd2fc54714a9c1f.js
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kspb.info/de/home/login-online-banking.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:16 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HU5t%2FI44DlNuylCZYjmtBhUwbq6pG6y2ZOVwuU3%2FlZbxXzv6Oeil4Ew%2FAv%2FnJz1PwezGXu16oWp6t75VMtpqCa21wwexVfUPQSV0st1vPIqTwRYcyKxDvpxB28EFO4v0yWFcDoWwtn0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
7b2104c5fd9a90f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Sparkasse_web_Rg.woff
kspb.info/assets/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kspb.info/assets/fonts/Sparkasse_web_Rg.woff
Requested by
Host: kspb.info
URL: https://kspb.info/assets/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451

Request headers

Referer
https://kspb.info/assets/css/main.css
Origin
https://kspb.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 11 Jun 2021 15:38:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"a200-5c47f4b040a80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWgbGOrkmE4b%2BYyFnMOi1LjrrsDtxTEzGMJ12Me5hmQnwFkTugWAq3tLfD86XBLVKm2rOyFr3WTuB1Qudy9%2F8Cx6NotQ7b7%2FK2INCxX1EGSOsuAOYNlRdnK%2BUtyuWqtXh3do2GPaGUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
7b2104c6dea190f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pictos-if.woff
kspb.info/assets/fonts/ 		0
0
Sparkasse_web_Bd.woff
kspb.info/assets/fonts/ 		0
0
invisible.js
kspb.info/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame B675 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kspb.info/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680508800
Requested by
Host: urlbit.co
URL: https://urlbit.co/HuaFZZrH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d26b12584ac2c9ebb65ec9dafe8b7383ff833ee335a7161a1ee6ca2a1eac32d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:16 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dduCGH3H54DUwNh%2BwtPdWrHo78pcK2ZB3ksuo8MHa4rpHGia6q%2B0wz13KX90SZGAo3kGnp94mJO8oVQPKj9mxIzETelPEyjrmMULzz55%2BXaSVpPL4S2f4fZpikv4d%2FSBWk9tfVP3xuM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7b2104c9192590f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
kspb.info/cdn-cgi/challenge-platform/h/b/scripts/ Frame B675 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kspb.info/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: kspb.info
URL: https://kspb.info/de/home/login-online-banking.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7b1b6074131faf974e2d855495465223494e4ac840d42305d7173545e5b1a62

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 11:37:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGCT91G2fq%2FjNjqCMGk88WTFgqHedFJw%2FjAFVrqX2yFYNhjd6nifSGo19jHUAvTgf4JCuyFbkNPF%2BqFP3vpcOA4IEysfH3uAcIw0ghqYRXryeZoxzGU7gMF5SnzI0p28nQb1yBB5rWg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7b2104c9596f90f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7b2104be7d729249
kspb.info/cdn-cgi/challenge-platform/h/b/cv/result/ Frame B675 		2 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kspb.info/cdn-cgi/challenge-platform/h/b/cv/result/7b2104be7d729249
Requested by
Host: kspb.info
URL: https://kspb.info/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680508800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

date
Mon, 03 Apr 2023 11:37:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wD8N1Lolx4iBnaCTLQ8Jzatif9ihvrH0gpAte7guf9Wwz3fKnTj78mrWbR2dHWJIWPLQriTGLI65uimVB2j0Rj45lg5xOSpoHpAaEyq2Skm9uQne51%2B76twUVNdQJkWClDZb2vjMqsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b2104cafb4390f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YNHG8YYX8Z&gtm=45je33t0&_p=1434649248&cid=524024097.1680521833&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1680521833&sct=1&seg=0&dl=https%3A%2F%2Furlbit.co%2FHuaFZZrH&dt=URLbit%20%7C%20Best%20free%20URL%20shortener&en=scroll&epn.percent_scrolled=90&_et=7
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1B3H44VW9G&gtm=45je33t0&_p=712059974&cid=1695789295.1680521835&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1680521834&sct=1&seg=0&dl=https%3A%2F%2Fshre.ink%2FkM4u&dr=https%3A%2F%2Furlbit.co%2F&dt=Encurtador%20de%20link%20gr%C3%A1tis%20%7C%20URL%20Gr%C3%A1tis&en=user_engagement&ep.debug_mode=false&_et=1047
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=plmetrics&cls=0.000&mls=0.000&nls=0&cas=0.000&nas=0&wls=0.000&tls=0.000&was=0.000&lcp=0&lcps=0&cbt=0&mbt=0&nlt=0&nif=0&ifi=0&eid=31072020%2C31072879%2C31073289%2C21065725&top=1&pvsid=1680270025194003&gpt=1
Domain
kspb.info
URL
https://kspb.info/assets/fonts/pictos-if.woff
Domain
kspb.info
URL
https://kspb.info/assets/fonts/Sparkasse_web_Bd.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| IF6 function| getQueryParamValue string| IF6_lightbox_closeicon_text function| overlayShow function| overlayClose function| focusBankingFormularElement function| toggleClassInRows function| SLURI function| moveBContent object| ifLoginHeaderTimer function| refreshClientTimeout function| refreshServerTimeout undefined| startCountdownLayer function| showCountdownLayer function| updateHeaderLoginIfPresent function| tick function| setSessionTimeout function| countdownShow function| callBreakHtml object| nbfDatePicker object| nbfTanInput function| selectListBoxItem function| editTeaserRef function| pagenav_statistics_send function| pagenav_statistics function| pagenav_scroll function| pagenav_scroll_window function| $ function| jQuery object| myif boolean| bcarouselAttached

10 Cookies

Domain/Path Name / Value
.urlbit.co/ Name: _ga
Value: GA1.1.524024097.1680521833
.urlbit.co/ Name: _ga_YNHG8YYX8Z
Value: GS1.1.1680521833.1.0.1680521833.0.0.0
.bit.ly/ Name: _bit
Value: n33bBd-865838c1fd0310572f-005
shre.ink/ Name: i18n_redirected
Value: default
.shre.ink/ Name: _ga
Value: GA1.1.1695789295.1680521835
kspb.info/ Name: XSRF-TOKEN
Value: eyJpdiI6ImgrZDJKT0wxbTRCNGV3RGMxU1M0dlE9PSIsInZhbHVlIjoibnVROTV0bmtDdWFHOVBKM0RXSXdtdnYzMldVVHRjY2FqcEl6WHhlNk9ZNERMeDNZNW01ZU9LeXY3ektoWG9PTHo4MmVLaEJQS0dRL1RNMkZLMXNOYjA1TXRSQkkyYjRCN3RvSGxuMzdQMjhiaWEwRFJqajZXNUhNTWFRZ0FlbzYiLCJtYWMiOiJmM2E1MjUxMWI3Y2MyOTMxNjI1M2NiNTcyZTUwYzBjZGFjZjk4NGM2YTQ3M2E1YmU2NmE0ZTZiOTU4NzQ4Mzk3In0%3D
kspb.info/ Name: laravel_session
Value: eyJpdiI6IjRjTUR1MFdhRlZLRVM1ZXNvTDV1S3c9PSIsInZhbHVlIjoiQlFzRTRGSFF4dTZNbWJQTE9TR0ZSTC9aaUltTVNPTDBNOGZPcU1qbHltL2ZsaEZVYUw2dktSRnA2bDV6V2FGVkNnY2FuVDE2Sm5GU0ZHWHRIZ0NaRVpIZmxFbmlicTNOMkMrMDhJbWF6c0R5bmx0UitVTXZSa0ZKeC9XNjVLTFYiLCJtYWMiOiI5MDNlNzU0NTMwZDQyZjU1NmJlZjE0YzJmNDYwZTNjMjVkYjNmZGYwZmQ1ZmRlNmE3YmU3OGYyYjRjMzNlYzkzIn0%3D
.shre.ink/ Name: _ga_1B3H44VW9G
Value: GS1.1.1680521834.1.0.1680521835.0.0.0
.sparkasse.de/ Name: SPK_COOKIE_EXTRAS
Value: YWNjdXJhY3k9aGlnaCZiYW5rY29kZT01OTA1MDEwMSZzb3VyY2U9c2VydmxldA%3D%3D
.sparkasse.de/ Name: SPK_COOKIE
Value: YmFua2NvZGU9NTkwNTAxMDE%3D

3 Console Messages

Source Level URL
Text
network error URL: https://shre.ink/kM4u
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://kspb.info/content/dam/myif/spk-saarbruecken/work/bilder/privatkunden/kredite-finanzierungen/privatkredit/Laptop%20auf%20Tisch%20Textchat.jpg/_jcr_content/renditions/cq5dam.web.1280.1280.6d.del
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://kspb.info/etc/clientlibs/myif/spk-saarbruecken/sfp/universal_analytics.min.7c6403636a2a8f501fd2fc54714a9c1f.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.shre.ink
api.urlbit.co
bit.ly
fonts.googleapis.com
kspb.info
module.sparkasse-saarbruecken.de
pagead2.googlesyndication.com
rebrand.ly
region1.google-analytics.com
securepubads.g.doubleclick.net
shre.ink
urlbit.co
www.googletagmanager.com
www.sparkasse.de
kspb.info
pagead2.googlesyndication.com
region1.google-analytics.com
18.66.97.129
18.66.97.14
185.85.1.81
195.140.53.169
2001:4860:4802:32::36
2606:4700:3032::6815:211c
2606:4700:3033::6815:4835
2a00:1450:4001:808::2008
2a00:1450:4001:810::2002
2a00:1450:4001:82a::200a
3.216.43.215
34.234.148.192
67.199.248.11
055ebfa8368e99942256a553ef6f5ed45b4eae0e6bd62de36459e7eb3377f163
09b9eb573734e1d1346e1c66cd2342c41612a53e5b1bcf30dd97c57090958679
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
59a65f77587b0ed0b294f67ca64865f2f111b48ed5f631003d3fda1a55a1a48f
5b411ef54d2d73a7d2eb90866f4088a8abf6a32f272c2df6edb93445f00fb472
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
6adf4855311d6e6260d33dae718aa3fe8e0d3e97b12419f881089771d4af49b7
6b064f5dcd4f7e7624dbfddb11cf0b647b7e35d29397fa928d64d540eb59532c
70c4cca56b4a83a6aae6ab19eb56d32324b828db9cce2039492035784abc4650
718c7b48061d85027c2841f24a700ca4dcf020dd78aab3276acdc99cfc5608bd
8d26b12584ac2c9ebb65ec9dafe8b7383ff833ee335a7161a1ee6ca2a1eac32d
9032ab886a442930a17bd528238616ebd63a6d63712c4b2eda518f84cb2fe4cb
93e3db0683ac16045d379180fe43e55263ecddcdea9e5a25b2c76c9dd6a3bcf5
95cebae126b596b85b7633805c98d6be3b0ccc8558b8a0c0cdcd3a0fef0c6917
99af8e594d8bfa3d207ac886b8d3a90d2dcbd00d6aebf71edb4600e5566810eb
a954f53d05a60f8e52f29895a96cb54bf784c75c3bba62cb8af85c219163cc09
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc4b0c1b29bfc9a420b7a21150a764688407e7bc3c976cf62b1dec5237a13e99
befb85a4fa7e4b368a637a23b0e8d5cdb952762a528604a92297d3b508f5f7bf
bf1798a11a26e7751ae0c54551736aca9d39c5c63b64ebc6f52dff8d6fd7e367
c3af6d3d6078e73686473d771702059ee76520e1e9734d98b9c5bc3b2e6bd290
d51f2f5c06746f399d43b6e6548b072f1ad74f9f42fef3f9a17f54aadd33aa5b
d7b1b6074131faf974e2d855495465223494e4ac840d42305d7173545e5b1a62
d99d25ca6a5ba195d8836bd6d9dc4ff311234fe5c48e8581cce60c4c4534a34b
e147993a4bfb2d47f4a49ce1614c869bafbc0a41790ed3656b1bd6866d15db30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b5796ee3cce561e8c6c05c159915947bb6489adb6c32df06230bec68ae6ba2
f5752aa19ce173c5cf0d68e5fe90bb5ebb8ccdb726669becd5e0fcdf837e52f8
f696a6194a7c208a54b467d45f76580b9f03f9132150241bb4aa67f476bca6ed
f7ff621558a8c3b58d7375090ebe6544e0e6d145eaacb2f2b6f9c44ee5c96eed
f8d106006e9c65e2e9192aa3852e8ca9506984b7ed89940cfbfaeb84cc0e08d3