de-sparkasse-onlineservice.xyz Open in urlscan Pro
172.67.174.152 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://op.of7.best/suifgwiuefhzwehfiweuhfzwehiufgwezufhweuzfgzuwe.php
Effective URL:
https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi
Submission: On July 23 via manual (July 23rd 2024, 2:55:46 pm UTC) from DE — Scanned from DE

Summary HTTP 17 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 172.67.174.152, located in United States and belongs to CLOUDFLARENET, US. The main domain is de-sparkasse-onlineservice.xyz.
TLS certificate: Issued by WE1 on July 17th 2024. Valid for: 3 months.

This is the only time de-sparkasse-onlineservice.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	209.126.2.155 209.126.2.155	40021 (NL-811-40021) (NL-811-40021)
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 18	172.67.174.152 172.67.174.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	1

1 209.126.2.155 (St Louis, United States) 1 redirects

ASN40021 (NL-811-40021, US)
PTR: vmd144598.contaboserver.net

op.of7.best	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

m-santander.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.67.174.152 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

de-sparkasse-onlineservice.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	de-sparkasse-onlineservice.xyz 1 redirects de-sparkasse-onlineservice.xyz	799 KB
1	m-santander.de 1 redirects m-santander.de	517 B
1	of7.best 1 redirects op.of7.best	231 B
17	3

	Domain	Requested by
18	de-sparkasse-onlineservice.xyz	1 redirects de-sparkasse-onlineservice.xyz
1	m-santander.de	1 redirects
1	op.of7.best	1 redirects
17	3

This site contains links to these domains. Also see Links.

Domain
module.foerde-sparkasse.de
blog.foerde-sparkasse.de
www.facebook.com
twitter.com
www.youtube.com
www.xing.com
www.tiktok.com
termin.foerde-sparkasse.de
www.studiale.de
www.sparkassen-shop.de

Subject Issuer	Validity	Valid
de-sparkasse-onlineservice.xyz WE1	`2024-07-17` - `2024-10-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi
Frame ID: 337D1C92F1F766E9384F68BD8C3FB54F
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Online-Banking | Sparkasse

Page URL History Show full URLs

https://op.of7.best/suifgwiuefhzwehfiweuhfzwehiufgwezufhweuzfgzuwe.php HTTP 302
https://m-santander.de/ssppkk HTTP 307
https://de-sparkasse-onlineservice.xyz/s/?s=340y4xp7q43hh29c3pqndv0tl222ud3w HTTP 302
https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jn... Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*parbase

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

798 kB
Transfer

3060 kB
Size

1
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://module.foerde-sparkasse.de/de/home/ihre-sparkasse/podcast.html?n=true&stref=hnav
Title: Podcast

Search URL Search Domain Scan URL

URL: https://blog.foerde-sparkasse.de/
Title: Ihre Sparkasse hautnahBlog der Sparkasse

Search URL Search Domain Scan URL

URL: https://www.facebook.com/foerdesparkasse
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/foerdesparkasse
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcKZYqFLnRp9bmhEPbkytXA
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.xing.com/company/foerdesparkasse
Title: Xing

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@foerdesparkasse
Title: TikTok

Search URL Search Domain Scan URL

URL: http://termin.foerde-sparkasse.de/
Title: Beratungstermin vereinbaren

Search URL Search Domain Scan URL

URL: https://www.studiale.de/
Title: Studiale

Search URL Search Domain Scan URL

URL: https://www.sparkassen-shop.de/foerde-sparkasse/?_ga=2.141694002.1491539779.1620378309-163821152.1620378309
Title: Sparkassen-Shop

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://op.of7.best/suifgwiuefhzwehfiweuhfzwehiufgwezufhweuzfgzuwe.php HTTP 302
https://m-santander.de/ssppkk HTTP 307
https://de-sparkasse-onlineservice.xyz/s/?s=340y4xp7q43hh29c3pqndv0tl222ud3w HTTP 302
https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request anmeldung.php Show response de-sparkasse-onlineservice.xyz/s/ Redirect Chain https://op.of7.best/suifgwiuefhzwehfiweuhfzwehiufgwezufhweuzfgzuwe.php https://m-santander.de/ssppkk https://de-sparkasse-onlineservice.xyz/s/?s=340y4xp7q43hh29c3pqndv0tl222ud3w https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi	60 KB 9 KB	261ms 260ms	Document text/html	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `85ab3462e1b68b508a597e80ad0e5b8c9106b460978e5e9e259ddb8a554743ad` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8a7c834acb7671a9-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 23 Jul 2024 14:55:41 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=beSmC8%2FoxupnrcvuLFwnmGgSGcZW5n4%2F7vfZH%2FRvKOAIOPyhCjS8lgYwn4H21hTzvPYqjCvfxmVpIcjaw%2BoGvtnxIQEhVKFa6RoqXgZzU4%2FR9h2FHTKvw2C3Ta5XEaeSvXwbRd%2FR7k7vrcVLbFhXp%2Fs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8a7c8348e8b871a9-FRA content-type text/html; charset=UTF-8 date Tue, 23 Jul 2024 14:55:41 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gc3X2MiKCN3K0liaFMimJ6%2B97Ny3VwCdTgsUOhry89JI4xlhs3z4n%2Bk7IoAW%2F4WBNe5SPc2jnMbqeMggKRcq43E3IxEG8oMvpoEsfEyW3qJTqfultsyU3sUZ614P3U%2BaQcmIUVsRi18Paj8LSP2nD58%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css de-sparkasse-onlineservice.xyz/s/src/	2 MB 189 KB	84ms 77ms	Stylesheet text/css	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-onlineservice.xyz/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Requested by Host: de-sparkasse-onlineservice.xyz URL: https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7bff2bf5fb283195a323aa0994f605e0710397955f82d54d8f4993993a5037d5` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:41 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3984 etag "1be7e3-5ee86a9010d00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t6oZLkHnslB313I9Z2jy1ZybNECIejS3kvSWc%2FHRGBvGvU5upqopIkjROzVFNrxokUkEWSUpcuQnvvaBMsNFihkvWSNmCPrNlStmIWZfdTx489jHli0UGcjWjuXboIZCkwLHEdq%2FIVirGuCoPpZl4oY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a7c834d9f8571a9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	internetfiliale.min.007ac3aaa8c7e77660499b0a77898638.js Show response de-sparkasse-onlineservice.xyz/s/src/	612 KB 148 KB	262ms 255ms	Script application/javascript	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-onlineservice.xyz/s/src/internetfiliale.min.007ac3aaa8c7e77660499b0a77898638.js Requested by Host: de-sparkasse-onlineservice.xyz URL: https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7771efb0493be3b72af4f72309fbcd3fc797ff5cb68411000809afb7906c2aa2` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:41 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3984 etag "98f9e-5ee86a9010d00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pt%2FNGP%2B6xwzUhHOh%2FhCIgGu30PH%2BsoHeYsXY2Vso2d1qCaT%2FAf70FODyIrH2B144O16gaE5U10EjKNUyF7CEQuPNtPgrzC9KoUoEFgy6xCbVxfXKxbVGpALKwJ7n5TW56H0B785LNmSyGc3%2Fgfn67zY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8a7c834d9f8871a9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	logo_ini.svg de-sparkasse-onlineservice.xyz/s/src/	22 KB 9 KB	375ms 368ms	Image image/svg+xml	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://de-sparkasse-onlineservice.xyz/s/src/logo_ini.svg Requested by Host: de-sparkasse-onlineservice.xyz URL: https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:41 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3984 etag W/"58be-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZUOmGpReGj6j0yxDfINf%2FmU2nnVPj%2BcCQOrHVHD1Be4XEiIQyU%2BzOenZ7dVz3Dmc6c59Q%2BxoPiDymSLwESUT3UgXTepe9%2B9EcgZ2c9ezRAteifQvO5ouEvjmR%2B%2BzBs70ofs28DDO9YnCRH8W1P5HDv4%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 8a7c834d9f8b71a9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	Bildmarke_S-Sparkasse_72px.svg de-sparkasse-onlineservice.xyz/s/src/	976 B 859 B	83ms 77ms	Image image/svg+xml	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://de-sparkasse-onlineservice.xyz/s/src/Bildmarke_S-Sparkasse_72px.svg Requested by Host: de-sparkasse-onlineservice.xyz URL: https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:41 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3984 etag W/"3d0-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2FYc5bvtoUnOgQbzjwCPRuO73vIpNEZszTZUh9iSp5r8UrILM0RQs%2F79Ej%2BSAuQiJ%2B5PEBntmHGYq%2FeehJiMF1WUa6e4DpYXo%2BB6mOpQCCRQEwx94VOC1JzPdA40pQmu9u1FQiQhgWeFWXQzOrki5D0%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 8a7c834d9f8d71a9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	1624599692487.png de-sparkasse-onlineservice.xyz/s/src/	81 KB 82 KB	283ms 282ms	Image image/png	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://de-sparkasse-onlineservice.xyz/s/src/1624599692487.png Requested by Host: de-sparkasse-onlineservice.xyz URL: https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `56e9434317dee79ec08a0e26b77be2e4188fafa982f1e9b91d3103574f131b60` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:41 GMT cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3984 etag "145f5-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XAxu0kuJRuQ8BnWVgPoXimfpNCSq38iTRKsJePxqcSqSV5Wp3%2FPKDd5v3cXM6fYPCHg%2FN65TKeyfR%2F8bnjQ1LQDjaNJt59IIjnjcVjJpdV1e2RHBgE8vMybWJYWXhBO5iip%2BaJPIEDPSjHsPiEYyDA4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8a7c834e188671a9-FRA alt-svc h3=":443"; ma=86400 content-length 83445
GET H3	200	1559285204680.jpg de-sparkasse-onlineservice.xyz/s/src/	49 KB 49 KB	101ms 101ms	Image image/jpeg	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://de-sparkasse-onlineservice.xyz/s/src/1559285204680.jpg Requested by Host: de-sparkasse-onlineservice.xyz URL: https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0953b37758ea0fe97892f833b84425dce3e3dee6419374cf439c373b0a159f2e` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:42 GMT cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3985 etag "c3f7-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2BQJYRTnmClNOPvKBdgSqtkuwBLmr0w1YQms8LXxDcqeaSDgB0TIdmkg84kXbqhQmP3dWVLN5Sfq1C68DGgIP3fSLRkNmAVCW5p6e16%2F5ptnW7SpqcMtlrjkztvVTJbKxYZIUDGOlhLZxGx%2FFAa%2Bd8w%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8a7c834feb9971a9-FRA alt-svc h3=":443"; ma=86400 content-length 50167
GET H3	200	tdg de-sparkasse-onlineservice.xyz/s/src/	45 B 485 B	280ms 279ms	Image image/gif	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://de-sparkasse-onlineservice.xyz/s/src/tdg Requested by Host: de-sparkasse-onlineservice.xyz URL: https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:42 GMT cf-cache-status DYNAMIC last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2d-5ee86a9010d00" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qZVD%2FfYrTFI5F9I%2B76i1O3KNWqOivhQtmRBX59maQjYcaNoOAKF7gjuGTCmEOXOwnEr%2Fz9tuTpkbMxxtKeXWDjzhlELtm0KdJoROFPGnimC1KVOMvGq6uzXApHJInoF9mYaG9Bde%2BZ12ILxOihssQ3Q%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 8a7c83501bed71a9-FRA alt-svc h3=":443"; ma=86400 content-length 45
GET H3	200	universal_analytics.min.fce01e1aa1583405fd3c179639d0bd13.js Show response de-sparkasse-onlineservice.xyz/s/src/	77 KB 27 KB	73ms 72ms	Script application/javascript	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-onlineservice.xyz/s/src/universal_analytics.min.fce01e1aa1583405fd3c179639d0bd13.js Requested by Host: de-sparkasse-onlineservice.xyz URL: https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a9ef9d42dab6b5e3172ec15be7fa5605792b9cd28055eaa9efc29c91eb789da6` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:42 GMT content-encoding gzip cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3984 alt-svc h3=":443"; ma=86400 content-length 27368 last-modified Mon, 28 Nov 2022 12:03:32 GMT server cloudflare etag "13358-5ee86a9010d00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W6InTrBYZ1tvNRmCX%2B2aqd5%2FCKz4GQBZHLmR7xnY53NFvSGVOscy1yki8zM6grv55aXwoc3tosMBL%2FB84qoIYNK0Rddovv5rnhBHq480AmQyRRH%2BE671DN2JuYh4eMtJ6%2BgqqpHcyffq96e0PLMJ0uM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8a7c83501be971a9-FRA
GET H3	200	Sparkasse_web_Rg.woff de-sparkasse-onlineservice.xyz/s/src/fonts/	41 KB 41 KB	91ms 68ms	Font application/font-woff	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-onlineservice.xyz/s/src/fonts/Sparkasse_web_Rg.woff Requested by Host: de-sparkasse-onlineservice.xyz URL: https://de-sparkasse-onlineservice.xyz/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://de-sparkasse-onlineservice.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:42 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3984 etag W/"a200-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jAvponzJP%2BlFdl1rFzd2vEmvL0Zgnhw%2BvxASutGyh6FQ%2FWaUFXuiDORsgcdgfCesnS%2Bcxyp9ntNPePccZDBNDDOgc7tG%2FBGJws7nlEXnQNLg0nISctjI9Cl5W3aTtn%2BKWqAJl5kQ0OqaSk3WpySRq6Q%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 8a7c83507c8b71a9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	pictos-if.woff de-sparkasse-onlineservice.xyz/s/src/fonts/	204 KB 114 KB	94ms 70ms	Font application/font-woff	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-onlineservice.xyz/s/src/fonts/pictos-if.woff Requested by Host: de-sparkasse-onlineservice.xyz URL: https://de-sparkasse-onlineservice.xyz/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ee88f0851598c363b9b465dd2606efb934c3357aaed3274d0f4a2e6d40b86951` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://de-sparkasse-onlineservice.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:42 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3984 etag W/"3309c-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTWFrjHMG7KuDBp1eaQoFaTebkUsj18wHnwM6XmWVgpRUuLo7MtwVf8AcHxR9XK8b1TVcw%2FyIlobT7ifs4J75hHGJpAHaPh5J0Xhu9ixTuN5QOOw0eJCvHn%2BF4XrIE%2BZyDWG7mVkt%2Fa2De83xWWkaZs%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 8a7c83507c9271a9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	Sparkasse_web_Md.woff de-sparkasse-onlineservice.xyz/s/src/fonts/	30 KB 31 KB	83ms 60ms	Font application/font-woff	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-onlineservice.xyz/s/src/fonts/Sparkasse_web_Md.woff Requested by Host: de-sparkasse-onlineservice.xyz URL: https://de-sparkasse-onlineservice.xyz/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `67284df54731fccb0b3c039cbeaab3474c057c5bc95accad964b13ef86eb1c8d` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://de-sparkasse-onlineservice.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:42 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3984 etag W/"7928-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2D0SYej2hqPyKPhbIWPc9gvI1iEkOBy2YLbzfdyrZtOdiqeMeqLU%2FPIRz9o8lpF1Sfw1JX1P4ltLbyuo%2FQgkkj7ClpfCZshhq5Ko0ziodUpr0pvzsd9JSeF3xBIVcvSt%2FUGz5VFMW6%2BJdzDlnkTzknA%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 8a7c83507c9671a9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	SparkasseHead_web_Rg.woff de-sparkasse-onlineservice.xyz/s/src/fonts/	29 KB 30 KB	126ms 104ms	Font application/font-woff	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-onlineservice.xyz/s/src/fonts/SparkasseHead_web_Rg.woff Requested by Host: de-sparkasse-onlineservice.xyz URL: https://de-sparkasse-onlineservice.xyz/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://de-sparkasse-onlineservice.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:42 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3984 etag W/"7550-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CTICpqEM7bfJ4tmMB8nLWuck3E55ECQCtVj1agfusRBNkz%2FU%2FeO%2B%2BTSuEhp2v2HhONKKOLTYFlTV%2FJQLOdD6WyVc7oaoGiCWmpRDm1rvWB2C%2B6r8fxqzYpGC164K0ITxvwMGIAAEOQhZPiiyr1gCCUE%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 8a7c83507c9b71a9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	Sparkasse_web_Lt.woff de-sparkasse-onlineservice.xyz/s/src/fonts/	30 KB 30 KB	131ms 108ms	Font application/font-woff	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-onlineservice.xyz/s/src/fonts/Sparkasse_web_Lt.woff Requested by Host: de-sparkasse-onlineservice.xyz URL: https://de-sparkasse-onlineservice.xyz/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `25dd114c2f885924740de83597589835df1a394b84b1cf687585790462f95042` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://de-sparkasse-onlineservice.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:42 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 17 etag W/"77cc-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CtoR%2Fsp3RNj5U8xyumsQMpQFX5Y5B0myVI9jSrBMg0WANI3aLTxCv8ICLdEyYVF2vdxBLwLjiyh7ir18CNwvff2Jwa6nbMLSQx6SZQ9xGjt1m3yLPCepG9KH9ejkBAKUk%2BLli9Tx3o0sbGPAJhrRqCI%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 8a7c83507ca071a9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	Sparkasse_web_Bd.woff de-sparkasse-onlineservice.xyz/s/src/fonts/	36 KB 37 KB	88ms 65ms	Font application/font-woff	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-onlineservice.xyz/s/src/fonts/Sparkasse_web_Bd.woff Requested by Host: de-sparkasse-onlineservice.xyz URL: https://de-sparkasse-onlineservice.xyz/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://de-sparkasse-onlineservice.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:42 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3984 etag W/"901c-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rnkN3wHjg%2BG3Vl7euCfA54erT3PRnRVY7wIAmAZj4iawT3fJnYl0y3o%2BcFfO%2Fx%2Fa6SVs9SLg8DrTMP3j7%2FwJ9RwVdy%2Bu79EnUm7v4VhY9HVMMJy7QoCfaD0shgOFjQ2yqe7DBtX%2FY9Ayw5nXZTIb8l8%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 8a7c83507ca471a9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon1x.ico de-sparkasse-onlineservice.xyz/s/src/	1 KB 690 B	336ms 333ms	Other image/vnd.microsoft.icon	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-onlineservice.xyz/s/src/favicon1x.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2b09bfaae201b4b85471fc79e4890ed850374b3751f3dbda255092b1740c4737` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:42 GMT content-encoding br cf-cache-status MISS last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"47e-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bo5CdSmZPZgu%2Beesf6D0tDMK%2BKe4DYuRkQL5Oqlkd5lIJWXaG7tO5Ie4rsACuKpzpT4daNiphm63HhIUtPWfRzLNXeNe%2B2utXLLTWn8ueqqWYQdX93uQae89lm9jnnpOQMHvCny34U4GpJBfcf%2BB43Y%3D"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon cache-control max-age=14400 cf-ray 8a7c83527fec71a9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon2x.png de-sparkasse-onlineservice.xyz/s/src/	298 B 766 B	55ms 55ms	Other image/png	172.67.174.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-sparkasse-onlineservice.xyz/s/src/favicon2x.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d57403a697fb7d9e5090e8958be0325c4ae6d09b72f6d67b9e2a666e6c6be335` Request headers Referer https://de-sparkasse-onlineservice.xyz/s/anmeldung.php?starten=qTw39CYjs07E4FWahxGAQpVnmDPboM&shufflUri?=AZvMtNB6jnP4gHhDLJXi User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:42 GMT cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3983 etag "12a-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPzB571RUaYiluHTRpayyaTrfKZEYY12J%2BCNwFuArGIGaQ0he8BpI0cj2pLGJ3R9lfnikQrp5NlCL0H5hy0vCxx9bz5zVRFrqgWfM%2FsFR91tNUZTh1Uwa%2BoW11IKpvMDOfXiZLgRPoBhrd0gsf3mSgI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8a7c83548b4171a9-FRA alt-svc h3=":443"; ma=86400 content-length 298

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			de-sparkasse-onlineservice.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: knh4ussld0n6he4vi1hlr0fu4t

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

de-sparkasse-onlineservice.xyz
m-santander.de
op.of7.best
172.67.174.152
188.114.96.3
209.126.2.155
0953b37758ea0fe97892f833b84425dce3e3dee6419374cf439c373b0a159f2e
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
25dd114c2f885924740de83597589835df1a394b84b1cf687585790462f95042
2b09bfaae201b4b85471fc79e4890ed850374b3751f3dbda255092b1740c4737
2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a
56e9434317dee79ec08a0e26b77be2e4188fafa982f1e9b91d3103574f131b60
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
67284df54731fccb0b3c039cbeaab3474c057c5bc95accad964b13ef86eb1c8d
7771efb0493be3b72af4f72309fbcd3fc797ff5cb68411000809afb7906c2aa2
7bff2bf5fb283195a323aa0994f605e0710397955f82d54d8f4993993a5037d5
85ab3462e1b68b508a597e80ad0e5b8c9106b460978e5e9e259ddb8a554743ad
a9ef9d42dab6b5e3172ec15be7fa5605792b9cd28055eaa9efc29c91eb789da6
d57403a697fb7d9e5090e8958be0325c4ae6d09b72f6d67b9e2a666e6c6be335
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86
ee88f0851598c363b9b465dd2606efb934c3357aaed3274d0f4a2e6d40b86951
f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35

de-sparkasse-onlineservice.xyz Open in urlscan Pro 172.67.174.152 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

1 IPs

2 Countries

798 kBTransfer

3060 kBSize

1 Cookies

10 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

32 JavaScript Global Variables

1 Cookies

Indicators

de-sparkasse-onlineservice.xyz Open in urlscan Pro
172.67.174.152 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

798 kB
Transfer

3060 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!