berhhard.cyou Open in urlscan Pro
172.67.210.112  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response berhhard.cyou/lander/sber/	16 KB 6 KB	830ms 277ms	Document text/html	172.67.210.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://berhhard.cyou/lander/sber/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.210.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf6b7d2eaaa09e68bdb1f57f38f3bc8ce69809bc6025efd3b664b6766749b279 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8e33313e7c0f18f1-FRA content-encoding zstd content-type text/html; charset=UTF-8 date Fri, 15 Nov 2024 23:58:58 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=97fv0kP%2F1%2FwLDz1djf8xAKzTsHqnwQt25ZVK8%2FXpAA8qr4NR8otbbFWReUvO4SGPsx%2BL5XugZ54IjgDO6Ptl6pakmUg1gZx%2FYHDZe6rfT2mRzXkGnscqNmcsCw5kV8Cp"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=19123&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3962&recv_bytes=2298&delivery_rate=202441&cwnd=254&unsent_bytes=0&cid=05e965df8d991cda&ts=345&x=0" vary accept-encoding
GET H2	200	css2 fonts.googleapis.com/	11 KB 1 KB	640ms 44ms	Stylesheet text/css	216.58.206.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600;700&display=swap Requested by Host: berhhard.cyou URL: https://berhhard.cyou/lander/sber/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s11-in-f10.1e100.net Software ESF / Resource Hash 326bea53552281d9048339e235bcafaf2e8284e2aa10c40407dd7e9d8e27ff5f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://berhhard.cyou/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 15 Nov 2024 23:58:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 15 Nov 2024 23:58:59 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 15 Nov 2024 23:50:47 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	style.css berhhard.cyou/lander/sber/css/	3 KB 1 KB	231ms 207ms	Stylesheet text/css	172.67.210.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://berhhard.cyou/lander/sber/css/style.css Requested by Host: berhhard.cyou URL: https://berhhard.cyou/lander/sber/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.210.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 189cb1d1d218780257404bd21f67c5766244776d8fa55844e22f63e89ee79459 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://berhhard.cyou/lander/sber/ Response headers content-encoding zstd cf-cache-status MISS etag W/"6697b3d6-bd0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9lGttBtGkHAHgYBvEuy7ktZNFkqNKJ3dhRMZDY8qe6aRWQ6vlqejV5QhdlnndG%2FljbaxOGlGeKTKZcmgF9lNNuvr5xpBTwuxuQ5aanbsGI76Pw%2BPbUe%2FkpKdcLwnAkc7"}],"group":"cf-nel","max_age":604800} expires Mon, 25 Nov 2024 23:58:58 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=19161&sent=17&recv=13&lost=0&retrans=0&sent_bytes=10176&recv_bytes=2895&delivery_rate=528952&cwnd=254&unsent_bytes=0&cid=05e965df8d991cda&ts=620&x=0" date Fri, 15 Nov 2024 23:58:58 GMT content-type text/css last-modified Wed, 17 Jul 2024 12:06:46 GMT vary Accept-Encoding cache-control max-age=864000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e3331406d3b18f1-FRA access-control-allow-origin * server cloudflare
GET H2	200	landing.css berhhard.cyou/lander/sber/assets/landing/css/	4 KB 2 KB	242ms 219ms	Stylesheet text/css	172.67.210.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://berhhard.cyou/lander/sber/assets/landing/css/landing.css Requested by Host: berhhard.cyou URL: https://berhhard.cyou/lander/sber/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.210.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f02fef6e9154d43edbf9e8a7c30f9910d2d981ae7fb7582ac8f6b9350635df9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://berhhard.cyou/lander/sber/ Response headers content-encoding zstd cf-cache-status MISS etag W/"6697b3d6-10da" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdRD2536qVu8hHBwrDDrCewoiae4UU9MXm2p4FyszLFqlt1YO3NTL25%2Fy8DoiFxb7N%2FmJRJvHV9N9zbf66Y7AsPrgfqT3PpczPAbXESWB%2F3H4qj6j8EKDzqYPkDpXtFQ"}],"group":"cf-nel","max_age":604800} expires Mon, 25 Nov 2024 23:58:58 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=19161&sent=20&recv=13&lost=0&retrans=0&sent_bytes=11673&recv_bytes=2895&delivery_rate=528952&cwnd=254&unsent_bytes=0&cid=05e965df8d991cda&ts=630&x=0" date Fri, 15 Nov 2024 23:58:58 GMT content-type text/css last-modified Wed, 17 Jul 2024 12:06:46 GMT vary Accept-Encoding cache-control max-age=864000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e3331406d3c18f1-FRA access-control-allow-origin * server cloudflare
GET H2	200	intlTelInput.css berhhard.cyou/lander/sber/assets/landing/css/	22 KB 3 KB	276ms 254ms	Stylesheet text/css	172.67.210.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://berhhard.cyou/lander/sber/assets/landing/css/intlTelInput.css Requested by Host: berhhard.cyou URL: https://berhhard.cyou/lander/sber/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.210.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84507c031fc78d2b8449214cb58a09c018092a0ddc39bc91869d002d43f1c104 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://berhhard.cyou/lander/sber/ Response headers content-encoding zstd cf-cache-status MISS etag W/"6697b3d6-5974" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o3TrlRuIJ3hjqbPUxzovBmCSnWnSPyTBmO95TygM6hbWZUNZVm0r0163Kee9Xv5m2%2Fd9BZANorpDvF8eLMB23S88L8X4NTqPX4lv3%2Fiq1Bzfaf8GjmZd1%2FQJkZYT8sHN"}],"group":"cf-nel","max_age":604800} expires Mon, 25 Nov 2024 23:58:58 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=20422&sent=23&recv=15&lost=0&retrans=0&sent_bytes=13352&recv_bytes=2895&delivery_rate=528952&cwnd=254&unsent_bytes=0&cid=05e965df8d991cda&ts=666&x=0" date Fri, 15 Nov 2024 23:58:58 GMT content-type text/css last-modified Wed, 17 Jul 2024 12:06:46 GMT vary Accept-Encoding cache-control max-age=864000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e3331406d3e18f1-FRA access-control-allow-origin * server cloudflare
GET H2	200	jquery.min.js Show response berhhard.cyou/lander/sber/assets/landing/js/	87 KB 33 KB	327ms 307ms	Script application/javascript	172.67.210.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://berhhard.cyou/lander/sber/assets/landing/js/jquery.min.js Requested by Host: berhhard.cyou URL: https://berhhard.cyou/lander/sber/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.210.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://berhhard.cyou/lander/sber/ Response headers content-encoding zstd cf-cache-status MISS etag W/"6697b3d6-15d9f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mlro0WI%2B7KSHKiN447QazxBgv%2BMrE8bieMypudXriol7OE1Gl4NEIsrhqK%2BSsBnPtgV8wGQtsQ1mUYY3mzjRq8MoEr%2FxuZK9QQwQoLFhvfdP0O8cMoDcPS1PtS7vZDBY"}],"group":"cf-nel","max_age":604800} expires Mon, 25 Nov 2024 23:58:58 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=22330&sent=49&recv=23&lost=0&retrans=0&sent_bytes=30365&recv_bytes=2895&delivery_rate=1163062&cwnd=254&unsent_bytes=0&cid=05e965df8d991cda&ts=723&x=0" date Fri, 15 Nov 2024 23:58:58 GMT content-type application/javascript last-modified Wed, 17 Jul 2024 12:06:46 GMT vary Accept-Encoding cache-control max-age=864000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e3331406d3f18f1-FRA access-control-allow-origin * server cloudflare
GET H2	200	jquery.validate.min.js Show response berhhard.cyou/lander/sber/assets/landing/js/	24 KB 9 KB	291ms 271ms	Script application/javascript	172.67.210.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://berhhard.cyou/lander/sber/assets/landing/js/jquery.validate.min.js Requested by Host: berhhard.cyou URL: https://berhhard.cyou/lander/sber/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.210.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3183bfeda628b7c107abb16bdc206be17b6feb545e84fc660b45e87ba5179195 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://berhhard.cyou/lander/sber/ Response headers content-encoding zstd cf-cache-status MISS etag W/"6697b3d6-5f7e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDz0KrfioIlqJHl74MR52up0pK34VbA5zr1FsZRj1DuGJtC6djpqUmf9y6zuHcp0rlURIwTg7r2w2mP6MRVdgoMCTvaV7JCOLQb498dXqGM5r4GINkms0U%2Ba7u7czZpx"}],"group":"cf-nel","max_age":604800} expires Mon, 25 Nov 2024 23:58:58 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=24152&sent=38&recv=17&lost=0&retrans=0&sent_bytes=21222&recv_bytes=2895&delivery_rate=528952&cwnd=254&unsent_bytes=0&cid=05e965df8d991cda&ts=687&x=0" date Fri, 15 Nov 2024 23:58:58 GMT content-type application/javascript last-modified Wed, 17 Jul 2024 12:06:46 GMT vary Accept-Encoding cache-control max-age=864000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e3331406d4018f1-FRA access-control-allow-origin * server cloudflare
GET H2	200	form.js Show response berhhard.cyou/lander/sber/assets/landing/js/	17 KB 4 KB	285ms 266ms	Script application/javascript	172.67.210.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://berhhard.cyou/lander/sber/assets/landing/js/form.js Requested by Host: berhhard.cyou URL: https://berhhard.cyou/lander/sber/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.210.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5e6989bc6c282c097457238279dfed830042852d0cb2104082731da6b71b324 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://berhhard.cyou/lander/sber/ Response headers content-encoding zstd cf-cache-status MISS etag W/"6697b3d6-4215" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RC64%2Fss4i1x0y3KuZTgw8uK1w10GHfScslxWi80HLpdf3UdxrJIde9uVVBDKKz6cQalFXMtc9YgNHe3TXJk87DmeuBs6TU5eEyCtUZTgFYl3c4H3k3MwuayTD4HLAIf%2B"}],"group":"cf-nel","max_age":604800} expires Mon, 25 Nov 2024 23:58:58 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=20422&sent=30&recv=15&lost=0&retrans=0&sent_bytes=16664&recv_bytes=2895&delivery_rate=528952&cwnd=254&unsent_bytes=0&cid=05e965df8d991cda&ts=676&x=0" date Fri, 15 Nov 2024 23:58:58 GMT content-type application/javascript last-modified Wed, 17 Jul 2024 12:06:46 GMT vary Accept-Encoding cache-control max-age=864000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e3331406d4118f1-FRA access-control-allow-origin * server cloudflare
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v29/	37 KB 37 KB	616ms 97ms	Font font/woff2	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://berhhard.cyou Referer https://fonts.googleapis.com/ Response headers age 160358 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 14 Nov 2025 03:26:21 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 03:26:21 GMT last-modified Wed, 06 Nov 2024 17:30:37 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 37828 x-xss-protection 0 server sffe
GET H2	200	JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 fonts.gstatic.com/s/montserrat/v29/	23 KB 24 KB	565ms 47ms	Font font/woff2	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash 9a6dde39d72bcc6477eaf676d55fda00c5312bd7050d9e4f36e6dc7ca9b9e763 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://berhhard.cyou Referer https://fonts.googleapis.com/ Response headers age 92352 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 14 Nov 2025 22:19:47 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 22:19:47 GMT last-modified Wed, 06 Nov 2024 17:30:40 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 23836 x-xss-protection 0 server sffe
GET H2	200	ru.webp berhhard.cyou/lander/sber/assets/landing/img/flags/	226 B 768 B	218ms 218ms	Image image/webp	172.67.210.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://berhhard.cyou/lander/sber/assets/landing/img/flags/ru.webp Requested by Host: berhhard.cyou URL: https://berhhard.cyou/lander/sber/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.210.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b78bb1528859e7b96ea89758d222d630ec82842a2a89aa4e998f25c4421f8e6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://berhhard.cyou/lander/sber/ Response headers cf-cache-status MISS etag "6697b3d6-e2" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MsJ5lR3k%2FGVdpTP6ILxlHu802RTyulesAX1Pe%2FbY%2FuL%2BaDIz8v4eeeOXvfmSszmrQe4X8gchAifio8MU5fACwHtc8ePt0GE3w6%2BM27skRnBkKxXH86uPHFcSypo5XsKH"}],"group":"cf-nel","max_age":604800} expires Mon, 25 Nov 2024 23:58:59 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=26744&sent=84&recv=33&lost=0&retrans=0&sent_bytes=64122&recv_bytes=3037&delivery_rate=1163062&cwnd=254&unsent_bytes=0&cid=05e965df8d991cda&ts=1328&x=0" date Fri, 15 Nov 2024 23:58:59 GMT content-type image/webp last-modified Wed, 17 Jul 2024 12:06:46 GMT vary Accept-Encoding cache-control max-age=864000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e333144c82318f1-FRA accept-ranges bytes access-control-allow-origin * content-length 226 server cloudflare
GET H2	200	logo.png berhhard.cyou/lander/sber/images/	28 KB 28 KB	395ms 394ms	Other image/png	172.67.210.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://berhhard.cyou/lander/sber/images/logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.210.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57d4ea85a60012dac3014e047b85f06cbfd126366ed5d6e52df87726204a41fa Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://berhhard.cyou/lander/sber/ Response headers cf-cache-status MISS etag "6697b3d6-6fe6" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QlQRqW4BKaAeDIgTfEIdBOOAsu%2F4FV0Ol7ZRQ0yObk%2Fabc7bvLSGhUQHYRQtQvf%2FR%2BGNUX3w8V9cw4aZ3RhhjZPQ12nEIvod80jkFUupSEOBD5AZwLhJOxuSYRpzQWJV"}],"group":"cf-nel","max_age":604800} expires Mon, 25 Nov 2024 23:59:00 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=24351&sent=88&recv=37&lost=0&retrans=0&sent_bytes=64956&recv_bytes=3114&delivery_rate=1163062&cwnd=254&unsent_bytes=0&cid=05e965df8d991cda&ts=2061&x=0" date Fri, 15 Nov 2024 23:59:00 GMT content-type image/png last-modified Wed, 17 Jul 2024 12:06:46 GMT vary Accept-Encoding cache-control max-age=864000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e3331493a6e18f1-FRA accept-ranges bytes access-control-allow-origin * content-length 28646 server cloudflare

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SberBank (Banking)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| phoneRegex number| numLimit string| phoneccValue string| countryName object| countryList object| countryData string| countryValue function| autoGeo function| numRule function| functionSuccess function| functionError function| functionBeforeSend function| limitText string| phonePlaceholder

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			berhhard.cyou/	1969-12-31 23:59:59	Name: PHPSESSID Value: doil90aq1h0c3hk40v20ir1oij

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

berhhard.cyou
fonts.googleapis.com
fonts.gstatic.com
172.217.18.3
172.67.210.112
216.58.206.74
189cb1d1d218780257404bd21f67c5766244776d8fa55844e22f63e89ee79459
3183bfeda628b7c107abb16bdc206be17b6feb545e84fc660b45e87ba5179195
326bea53552281d9048339e235bcafaf2e8284e2aa10c40407dd7e9d8e27ff5f
57d4ea85a60012dac3014e047b85f06cbfd126366ed5d6e52df87726204a41fa
6f02fef6e9154d43edbf9e8a7c30f9910d2d981ae7fb7582ac8f6b9350635df9
84507c031fc78d2b8449214cb58a09c018092a0ddc39bc91869d002d43f1c104
8b78bb1528859e7b96ea89758d222d630ec82842a2a89aa4e998f25c4421f8e6
9a6dde39d72bcc6477eaf676d55fda00c5312bd7050d9e4f36e6dc7ca9b9e763
bf6b7d2eaaa09e68bdb1f57f38f3bc8ce69809bc6025efd3b664b6766749b279
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
e5e6989bc6c282c097457238279dfed830042852d0cb2104082731da6b71b324
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1