loginvalidity.com Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response loginvalidity.com/	549 KB 47 KB	139ms 107ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loginvalidity.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0d489a7893b82ffd391ec461b3a28cdaeda650d4b6c20c2a4acf9313f06a8b7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Response headers cf-cache-status DYNAMIC cf-ray 8c8b67f229c8d270-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 25 Sep 2024 13:36:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TJL7wlSIYG85lpomA90zeNJUiIaxELnAI7I%2BHjYM8iyoOdwgb3ht5iVO1PLrQd1RWDOxgtYW5wvPNdvzEvEyArduG5hzwAaSggPK6llPsixjzZ%2BEPlQKHWGIxp%2FrTN54WfQ5SkqblvCK1gUxjBHsWw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	ust.min.js Show response loginvalidity.com/usertrack/server/	22 KB 8 KB	90ms 89ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loginvalidity.com/usertrack/server/ust.min.js?v=3.4.4 Requested by Host: loginvalidity.com URL: https://loginvalidity.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18835ee78c81711b2f21341a0f971d23af4f9f703c96a5ff8ce489d9d7bc27a1 Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC etag W/"66f2fec5-5886" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bI9wNHIy5qE06JJN%2F2t3UKY8APNh6ADeI96vX%2BsxqvbUk3nUJ6Y88VRgGD5KrMca4BVbzWr8Nl6UQ%2BbqwtrPlThiC1flgp40l%2FdfAvL6AfsBh1kz9dKYjiIg2PfK3S4k%2BSqMjhWRvOZiJ%2BznG9jAhQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f2dc1fd270-FRA date Wed, 25 Sep 2024 13:36:56 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 24 Sep 2024 18:02:45 GMT vary Accept-Encoding server cloudflare
GET H3	200	main.css loginvalidity.com/portal/media/system/41.203.28/css/	393 KB 133 KB	18ms 17ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loginvalidity.com/portal/media/system/41.203.28/css/main.css Requested by Host: loginvalidity.com URL: https://loginvalidity.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfeb0d8de76be005e8cf7a41d4417c7a52071ed74eef1f7309f53aef5f3534dc Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"667ee5c6-6224e" age 6285 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5pAP0l1QrqFuRfSoqdBc%2Fs2bdNsIfD0LQU8W7XrjqveKWgIWlS0G9%2B7iTNgywgdTOPA53nwzZuDo8E72kxNV9m1gHsFCBxByRvtrcbj42NkFPe3tt7dAEjQTcK5MFkPPcwXOB4QALUw90Bx1By6yw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f2dc24d270-FRA date Wed, 25 Sep 2024 13:36:56 GMT content-type text/css last-modified Fri, 28 Jun 2024 16:33:10 GMT vary Accept-Encoding server cloudflare
GET H3	200	cms.css loginvalidity.com/portal/media/system/41.203.28/css/	200 KB 95 KB	43ms 42ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loginvalidity.com/portal/media/system/41.203.28/css/cms.css Requested by Host: loginvalidity.com URL: https://loginvalidity.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10 Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"667ee5c6-32190" age 6285 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vP6OKhANSjREWbLi0zJsPYj3zFe71ynKlaVDh9Re3eLaLQwM%2BQMOKGzqXBCWktFr68USY%2FjeApLauAAtoBiR5fydb%2B9LpfClOLbZShsu4ENa24hQ1WeKPDcWUzzwM04oKcqjqZ%2BNDx52qa9sUF5F0Q%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f2dc26d270-FRA date Wed, 25 Sep 2024 13:36:56 GMT content-type text/css last-modified Fri, 28 Jun 2024 16:33:10 GMT vary Accept-Encoding server cloudflare
GET H3	404	jQuery_3_5_1.js loginvalidity.com/portal/media/system/41.203.28/js/	0 0	122ms 121ms	Script text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loginvalidity.com/portal/media/system/41.203.28/js/jQuery_3_5_1.js Requested by Host: loginvalidity.com URL: https://loginvalidity.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q%2B4tynBRDLMI9jnOcUBQFNpUDX7WlmXN4ksvERJYUZ7X0Dd5Tast6HWMQhJ1rzVzLu0GbhoVcplVJvA69OHpIOWt%2F6rZx%2F8mRh0i2X%2FqMDvC1KKT%2BDNA3rgWAsJM6aEIEw8VTZVXGrqUxlllssU0Cg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f2dc27d270-FRA date Wed, 25 Sep 2024 13:36:56 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	404	jquery_ui_1_13_2.js loginvalidity.com/portal/media/system/41.203.28/js/	0 0	106ms 105ms	Script text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loginvalidity.com/portal/media/system/41.203.28/js/jquery_ui_1_13_2.js Requested by Host: loginvalidity.com URL: https://loginvalidity.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lz38p6FOALGpXatob%2BZdKXwh2HucfCpkwg1NkeG82SG%2BraGRuVswY223w3msRTxf4%2BIWLj44LdkXPHVuOXv2OqWpUNQJAnJEBhJ82VL%2BZCvVEhU3IU5yMFmedXC%2FuyTMpKvoCLSUGsphQHVqZhqKRA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f2dc2ad270-FRA date Wed, 25 Sep 2024 13:36:56 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	404	lib_head.js loginvalidity.com/portal/media/system/41.203.28/js/	0 0	100ms 99ms	Script text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loginvalidity.com/portal/media/system/41.203.28/js/lib_head.js Requested by Host: loginvalidity.com URL: https://loginvalidity.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VpotCXdaBiDk2SDIRrS5bY9AFYDE2S3KmTOhNm1BsKIXbqLftYrd7y0xWcgiU0CSwcePwDPsC3mtwCNm0EPyzSArQJuCIdE6IzJVm3ic7zz69y1EIXB0bG9gUi%2BBtISJvB09mj0AZUozPyFaxHe6Gw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f2dc30d270-FRA date Wed, 25 Sep 2024 13:36:56 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	404	lib_smartbanner.js loginvalidity.com/portal/media/system/js/	0 0	100ms 100ms	Script text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loginvalidity.com/portal/media/system/js/lib_smartbanner.js Requested by Host: loginvalidity.com URL: https://loginvalidity.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aBY%2F%2BCw8ekhh3nacIhnwXVl%2BlHqGSGdZzfw%2BQlWQei4afKBJpzkKlU%2BidQp407VcwKkNVRp8QW1dqghzBH2DXdC7dzLxfAl958ibJ78qExOj%2FIKTcpMpxJx%2FSp4j0lTLVlIvVGvGRaLzRLKGInQDqg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f2dc34d270-FRA date Wed, 25 Sep 2024 13:36:56 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H2	200	/ Show response api.ipdata.co/	1 KB 953 B	91ms 46ms	Fetch application/json	3.74.10.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.ipdata.co/?api-key=8b7b4e0fb0416cb4708307001de92cb39717bec1fed7758c550e0efa Requested by Host: loginvalidity.com URL: https://loginvalidity.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.74.10.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-74-10-52.eu-central-1.compute.amazonaws.com Software / Resource Hash 507e496f5e38f6577f21a69749638d80f558e0dfb69cc70388f6d389306f778c Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers content-encoding gzip x-amz-apigw-id eqe-7G3IFiAERiA= x-amzn-trace-id Root=1-66f411f8-0c2f24dc06dadc976f65fec3;Parent=566564eb15206404;Sampled=0;lineage=2:a863b97f:0 access-control-allow-methods OPTIONS,POST,GET x-amzn-requestid 2628e6ba-cf33-41c3-8c69-a34fc8e7e994 access-control-allow-origin * content-length 610 date Wed, 25 Sep 2024 13:36:56 GMT content-type application/json; charset=utf-8 access-control-allow-headers Content-Type
GET H3	200	lupe.png loginvalidity.com/portal/media/system/images/	1 KB 2 KB	20ms 20ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://loginvalidity.com/portal/media/system/images/lupe.png Requested by Host: loginvalidity.com URL: https://loginvalidity.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358 Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "667ee5c6-51c" age 4067 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VHW7P62Lz1LMb8kejJhNfnIV7boY6CRCAb755LtNJsrGMN9ob0oX0%2FR88q1OCDPFcM9BR2lcl3C1aGP8Ky7QiiwGoBO1xsbZyeZNnMdxkeERKwJTLQNhWF6AI%2BTVRwD8UkxHHW4skbNbvGungxuq1A%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f33d43d270-FRA accept-ranges bytes content-length 1308 date Wed, 25 Sep 2024 13:36:56 GMT content-type image/png last-modified Fri, 28 Jun 2024 16:33:10 GMT vary Accept-Encoding server cloudflare
GET H3	200	logo_big_svg.svg loginvalidity.com/portal/media/system/images/	10 KB 3 KB	19ms 19ms	Image image/svg+xml	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://loginvalidity.com/portal/media/system/images/logo_big_svg.svg Requested by Host: loginvalidity.com URL: https://loginvalidity.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"667ee5c6-2658" age 4067 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fP2htkZsfDC%2BQA%2B9qGqSqdVLya4ymCTAbi%2F1Zs1TdjNkr7DEpd3s%2Fy1qKi19939UFe9NLfv8AbHqtb3ucrU8mOh1Tg8bhTFUQzURt4H%2B%2BPlwegkzt%2BAHVm%2BpbGfCMeS%2FWqlY82cMsaahYxsJzLVEHw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f37e27d270-FRA date Wed, 25 Sep 2024 13:36:56 GMT content-type image/svg+xml last-modified Fri, 28 Jun 2024 16:33:10 GMT vary Accept-Encoding server cloudflare
GET H3	404	lib_main.js loginvalidity.com/portal/media/system/41.203.28/js/	0 0	100ms 99ms	Script text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loginvalidity.com/portal/media/system/41.203.28/js/lib_main.js Requested by Host: loginvalidity.com URL: https://loginvalidity.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BN83SAEjVSJGrWVuYgB4lam%2Btz6KG9foFlw8x16uFmyKEz9HI6d7NhK6FiOdit9r9B6n5u80T%2FyBPjShSkqOPAsn2t0br3lkDpUSZipJ212pUrt8C8ZAVv0zswRkJ0Ggwg6uE0Scu5uIJ4Cx4g3%2BBw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f35db2d270-FRA date Wed, 25 Sep 2024 13:36:56 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	404	lib_cms.js loginvalidity.com/portal/media/system/41.203.28/js/	0 0	96ms 96ms	Script text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loginvalidity.com/portal/media/system/41.203.28/js/lib_cms.js Requested by Host: loginvalidity.com URL: https://loginvalidity.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mwmlZwcZxtJAFcsYv2o1HCPLSei7%2B2w%2B6iJx31cfDoDpr%2BxUsru79FeJdwWm5OvUovMU1j%2Bldk64CKIT%2BUCNU%2BMdrH0xoYs%2Fpdf1mBdcQp37IHRDNQugCPPzXpIMUDCpz6xEdkZCUKe14byhNoOK%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f36de5d270-FRA date Wed, 25 Sep 2024 13:36:56 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	200	ico_fehler_png1.png loginvalidity.com/portal/media/system/images/	2 KB 2 KB	24ms 23ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://loginvalidity.com/portal/media/system/images/ico_fehler_png1.png Requested by Host: loginvalidity.com URL: https://loginvalidity.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e8b34087f13f35feb8561e2e504060aa02914a889692ecaaa70d20626ba4e12 Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "66b2ac73-67b" age 4066 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fzmVr944sStXNUJLcPyoyVRegX0yLxMUDKDvg69jv8MeARKxhpJYZhJB3XGt1mNlh%2Ftjc2y%2BkpEqeUfv2XXG5NfbBT3iPcehz1D6T3hAhY5TpcCIajK4Goy3jcDsgpwQC5gRLUxNxe1LOS9W8OoW%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f3bee3d270-FRA accept-ranges bytes content-length 1659 date Wed, 25 Sep 2024 13:36:56 GMT content-type image/png last-modified Tue, 06 Aug 2024 23:06:27 GMT vary Accept-Encoding server cloudflare
GET DATA	200 OK	truncated /	17 KB 17 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75 Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Origin https://loginvalidity.com Referer Response headers Content-Type application/x-font-woff
GET H3	200	icons_woff.woff loginvalidity.com/portal/media/system/fonts/	40 KB 40 KB	95ms 95ms	Font font/woff	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loginvalidity.com/portal/media/system/fonts/icons_woff.woff Requested by Host: loginvalidity.com URL: https://loginvalidity.com/portal/media/system/41.203.28/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876 Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Origin https://loginvalidity.com Referer https://loginvalidity.com/portal/media/system/41.203.28/css/main.css Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "667ee5c6-9e84" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ghiPWgeMFK3b8jRcJGqZ9IBrHYgms2u4VrDl6JkLdMkU7Gxd6bvrsQl%2FOi7M07uBk1oCuTkr9DXP1pRt8m1Xc%2Bf%2BJBjJEIx4NzseE2h6k7LzQB0Tv38jYrVj%2BX1ymGD19rYUqWuBZalohzhNrhwSwQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f3df27d270-FRA accept-ranges bytes content-length 40580 date Wed, 25 Sep 2024 13:36:57 GMT content-type font/woff last-modified Fri, 28 Jun 2024 16:33:10 GMT vary Accept-Encoding server cloudflare
GET DATA	200 OK	truncated /	17 KB 17 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0 Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Origin https://loginvalidity.com Referer Response headers Content-Type application/x-font-woff
GET H3	200	getIP.php Show response loginvalidity.com/usertrack/server/helpers/	48 B 552 B	57ms 57ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loginvalidity.com/usertrack/server/helpers/getIP.php Requested by Host: loginvalidity.com URL: https://loginvalidity.com/usertrack/server/ust.min.js?v=3.4.4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0cbf876a672a105e9939748922dbee2cb23fac590ca8c0efcb28c66ae8883dca Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers cache-control max-age=0, no-cache, no-store, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3a2Qgq%2ByHN501b8RYlN0qMBsSDfl%2B4t6aHqwOuy8VI8hLxlUqey0w9rtaRb7xyFAw6u9Uh79LkaYpZFrZH3Fy1jQZydbo77snZ6zC8qdebAZMwV6Oo7TIbaFVhkLmN%2FLpjEFE07B0rgyNT3rxcPHhw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f40fc2d270-FRA expires Wed, 11 Jan 1984 05:00:00 GMT date Wed, 25 Sep 2024 13:36:57 GMT content-type application/javascript; charset=utf-8 server cloudflare
POST H3	200	createClient.php Show response loginvalidity.com/usertrack/server/tracker/	41 B 576 B	64ms 63ms	XHR text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loginvalidity.com/usertrack/server/tracker/createClient.php Requested by Host: loginvalidity.com URL: https://loginvalidity.com/usertrack/server/ust.min.js?v=3.4.4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36282acfccf19f839aabdbd9455b1ca9fc53c40fd4cb66b2ed50c92fabc74f0a Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://loginvalidity.com/ Response headers access-control-max-age 1000 cache-control max-age=0, no-cache, no-store, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tzo5H6hugyu4JcaIBUzCPTP65NWupJgvw1k%2Fncww1RlE%2B8xysQSUsSm2dN1FvJVL2iso2Jc7sPVezc9AbcZ22ybIMf3iBdUbc6XGRxZLrx1MG6fXJ%2FEORdMFQPHaqLg0k6iuvqYsRA4j1vYz6rNeEg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST, GET, OPTIONS cf-ray 8c8b67f46921d270-FRA expires Wed, 11 Jan 1984 05:00:00 GMT access-control-allow-origin * date Wed, 25 Sep 2024 13:36:57 GMT content-type text/html; charset=UTF-8 server cloudflare access-control-allow-headers Content-Type
GET H2	200	/ Show response ipapi.co/json/	767 B 929 B	242ms 209ms	Fetch application/json	2606:4700:20::681a:92c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ipapi.co/json/ Requested by Host: loginvalidity.com URL: https://loginvalidity.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3390f1dd057a769565a70ae21122d53a3742b6de052b278de735f4ef6650693 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-opener-policy same-origin cf-cache-status DYNAMIC content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fb8Ug3SC1fCSbT22MBWh%2BR9kwsqMkv8FboKYZXVDE%2F19cvNQlKk%2BhGpXIrkUjnHyevSfwZI8d6W4CSXhBX1k8viSoMJo3P7YeNcWB9z9Bxo5vIRixLN6Nmy8SVvbIQPAzZyLL3rt"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff allow GET, OPTIONS, HEAD, OPTIONS, POST cf-ray 8c8b67f4bfb8d34c-FRA referrer-policy same-origin access-control-allow-origin https://loginvalidity.com date Wed, 25 Sep 2024 13:36:57 GMT content-type application/json vary Host, origin server cloudflare x-frame-options DENY
GET H3	200	favicon.ico loginvalidity.com/	1 KB 1 KB	18ms 18ms	Other image/x-icon	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loginvalidity.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187 Request headers User-Agent Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36 Referer https://loginvalidity.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"66730e92-47e" age 6286 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tal8qQeP49S2SjE78XvIAR%2B%2FgHBJh6DqJqomTmGKZKPMR%2B%2BhqRyDL8A%2BcASJ2ENNL2s3l4BtWsHpv%2FtdjiAmFtCig6LNckb1n8A9VGzZ9x8mCicFyg66%2FduoUuZSMnBMlak3nihJMnDtSj2CXpxgww%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c8b67f48974d270-FRA date Wed, 25 Sep 2024 13:36:57 GMT content-type image/x-icon last-modified Wed, 19 Jun 2024 17:00:02 GMT vary Accept-Encoding server cloudflare

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x43b533 function| _0x42bf function| _0x5d84 object| UST_CT object| UST string| webtrekkEnabled function| addDynamicEventListener string| ust_myIP

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://loginvalidity.com/portal/media/system/41.203.28/js/lib_head.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://loginvalidity.com/portal/media/system/js/lib_smartbanner.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://loginvalidity.com/portal/media/system/41.203.28/js/jquery_ui_1_13_2.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://loginvalidity.com/portal/media/system/41.203.28/js/jQuery_3_5_1.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://loginvalidity.com/portal/media/system/41.203.28/js/lib_main.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://loginvalidity.com/portal/media/system/41.203.28/js/lib_cms.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipdata.co
ipapi.co
loginvalidity.com
2606:4700:20::681a:92c
2a06:98c1:3121::3
3.74.10.52
0cbf876a672a105e9939748922dbee2cb23fac590ca8c0efcb28c66ae8883dca
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
18835ee78c81711b2f21341a0f971d23af4f9f703c96a5ff8ce489d9d7bc27a1
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
36282acfccf19f839aabdbd9455b1ca9fc53c40fd4cb66b2ed50c92fabc74f0a
507e496f5e38f6577f21a69749638d80f558e0dfb69cc70388f6d389306f778c
5e8b34087f13f35feb8561e2e504060aa02914a889692ecaaa70d20626ba4e12
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876
b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187
cfeb0d8de76be005e8cf7a41d4417c7a52071ed74eef1f7309f53aef5f3534dc
d0d489a7893b82ffd391ec461b3a28cdaeda650d4b6c20c2a4acf9313f06a8b7
f3390f1dd057a769565a70ae21122d53a3742b6de052b278de735f4ef6650693
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358