sprkase-baden.de Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sprkase-baden.de/
Effective URL:
https://sprkase-baden.de/de/home.html
Submission: On July 09 via api (July 9th 2024, 10:53:55 am UTC) from US — Scanned from DE

Summary HTTP 29 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 29 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sprkase-baden.de.
TLS certificate: Issued by WE1 on July 5th 2024. Valid for: 3 months.

This is the only time sprkase-baden.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address		AS Autonomous System
1 30	2a06:98c1:312... 2a06:98c1:3121::3		13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	1

30 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sprkase-baden.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	sprkase-baden.de 1 redirects sprkase-baden.de	2 MB
29	1

	Domain	Requested by
30	sprkase-baden.de	1 redirects sprkase-baden.de
29	1

This site contains links to these domains. Also see Links.

Domain
sparkasse-offenburg.linda-chatbot.de
www.facebook.com
instagram.com
www.xing.com
www.youtube.de
www.sparkassen-shop.de

Subject Issuer	Validity	Valid
sprkase-baden.de WE1	`2024-07-05` - `2024-10-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sprkase-baden.de/de/home.html
Frame ID: 837D55D93C6BCF26C66BA4F9A83792D9
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sparkasse Offenburg/Ortenau - Internet-Filiale

Page URL History Show full URLs

https://sprkase-baden.de/ Page URL
https://sprkase-baden.de/cdn-cgi/phish-bypass?atok=iccFGNhO5RjdNNzJyawJDrUho3hl6GmEdKEgF7d.vhY-172052... HTTP 301
https://sprkase-baden.de/ Page URL
https://sprkase-baden.de/de/home.html Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*parbase
/etc/clientlibs/

Page Statistics

29
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1905 kB
Transfer

5460 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://sparkasse-offenburg.linda-chatbot.de/skoffenburg?blz=66450050
Title: Service-Chat

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sparkasseoffenburg
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/sparkasse.offenburg
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.xing.com/pages/sparkasseoffenburg-ortenau
Title: Xing

Search URL Search Domain Scan URL

URL: http://www.youtube.de/sparkasseoffenburg
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.sparkassen-shop.de/sparkasse-offenburg/?disclaimer=ja
Title: SparkassenShop

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sprkase-baden.de/ Page URL
https://sprkase-baden.de/cdn-cgi/phish-bypass?atok=iccFGNhO5RjdNNzJyawJDrUho3hl6GmEdKEgF7d.vhY-1720522425-0.0.1.1-%2F HTTP 301
https://sprkase-baden.de/ Page URL
https://sprkase-baden.de/de/home.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://sprkase-baden.de/cdn-cgi/phish-bypass?atok=iccFGNhO5RjdNNzJyawJDrUho3hl6GmEdKEgF7d.vhY-1720522425-0.0.1.1-%2F HTTP 301
https://sprkase-baden.de/

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
sprkase-baden.de/ 4 KB
2 KB 66ms
16ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sprkase-baden.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5c9b8a2225ffdb5b044a39cd5bfca4bd056f3e6e64c1a01212cdcd5e652fabe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-ray: 8a07c5aa6f7665d6-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 09 Jul 2024 10:53:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9bCiWmfqPw1Ey2nOY3%2Ff9JHxp4zcI69gl1YSxnVc9SQEJPZiLi21hglxVvGMByBOIYKvq4FwqRBpyzjJgEh9Usgun2TasQPS0LbWg3t36xeDZ2cLnZzM%2FS7gD4g4eitoyh%2BQmSD4DBqVnOWol8ZT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 cf.errors.css
sprkase-baden.de/cdn-cgi/styles/ 23 KB
5 KB 17ms
17ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sprkase-baden.de/cdn-cgi/styles/cf.errors.css

Requested by

Host: sprkase-baden.de
URL: https://sprkase-baden.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sprkase-baden.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jul 2024 09:57:21 GMT
server: cloudflare
etag: W/"66867201-5df3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 8a07c5aa8fa965d6-FRA
expires: Tue, 09 Jul 2024 12:53:46 GMT

GET
H3 200 icon-exclamation.png
sprkase-baden.de/cdn-cgi/images/ 452 B
634 B 11ms
11ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sprkase-baden.de/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: sprkase-baden.de
URL: https://sprkase-baden.de/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sprkase-baden.de/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Jul 2024 09:57:21 GMT
server: cloudflare
etag: "66867201-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8a07c5aab80465d6-FRA
content-length: 452
expires: Tue, 09 Jul 2024 12:53:46 GMT

GET
H3 404 favicon.ico
sprkase-baden.de/ 564 B
580 B 50ms
49ms Other
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sprkase-baden.de/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

Referer: https://sprkase-baden.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5wyzdxkeGs12ZaDu1u%2FKhwcF2MWijJ8giTem8R0CuM99tyrqM2wtCL1d%2F5VvJlBqtglCpk5ZYxNS6jDtzfOpYnCzt6dWY7FUnKVqsM5RU58hs5FL2%2Bf8hWqcfG2xWr8gCXNPKsWFBFSKH7aE5ErN"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8a07c5aad83565d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

/ Show response
sprkase-baden.de/
Redirect Chain

https://sprkase-baden.de/cdn-cgi/phish-bypass?atok=iccFGNhO5RjdNNzJyawJDrUho3hl6GmEdKEgF7d.vhY-1720522425-0.0.1.1-%2F
https://sprkase-baden.de/

766 B
772 B

44ms
43ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sprkase-baden.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1d4abb5ae38236f31e079ae71915df7dcb4ae2dc0aaeb226728771fe75cba65

Request headers

Referer: https://sprkase-baden.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a07c5c4398565d6-FRA
content-encoding: br
content-type: text/html
date: Tue, 09 Jul 2024 10:53:50 GMT
last-modified: Tue, 07 May 2024 22:39:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5kVKuBPnKN%2Fpf%2BroX60LwVjJxwj%2B3mGRsPwcP1RWLWMdu%2BIU4YuFNT%2B4UuTTPIq4%2FozdTX4O05Z8C%2BVfxTgD8HxKjwE8hwmxLGK7WqVwwa%2B4wfE5sqKbz619nD0Mwnlk4lQ8Ztw%2BOnyNjeubGEgm"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cache-control: private, no-cache
cf-ray: 8a07c5c4296965d6-FRA
content-length: 167
content-type: text/html
date: Tue, 09 Jul 2024 10:53:50 GMT
location: https://sprkase-baden.de/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 Primary Request home.html Show response
sprkase-baden.de/de/ 104 KB
12 KB 44ms
44ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e39fd2c8a4d8ab7262ebb9823c1e179e761fa6f56f4c877945bd670e61a8fc9f

Request headers

Referer: https://sprkase-baden.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a07c5c4ba6e65d6-FRA
content-encoding: br
content-type: text/html
date: Tue, 09 Jul 2024 10:53:50 GMT
last-modified: Tue, 07 May 2024 22:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njUttl46xdfXBv3cCWifyRz1ByP1C2UfTYN4BcqVWsMouw4M4kI9oU8Wmu%2BJkrdrlSPyc%2Fw4F9EfkxrPgw4NoLzAd7Xe%2BAqS9EC844Cmdkda9TkcbZUmG3J3tcKZ%2BrcZ9r%2BEgwdm3BiVSo63wQQN"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 internetfiliale.min.b47b251af0dec64063da2ab15b555e99.css
sprkase-baden.de/etc/clientlibs/myif/master/base/ 3 MB
240 KB 52ms
51ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale.min.b47b251af0dec64063da2ab15b555e99.css
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64adf34b5255fbbd145dc0d806f5be91dad812c69b949ee0086f92a8b0fa8910

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663aad89-298795"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7LYpR0VUsVezGzeEbp7ywwRGGcUn4Ot5YXBviDjs96UsQzNdzn73u9xwb7hmWHjR5MtsziadYZCTnTH43NJut9NldIQXPnQRXMkroBqNuIKci%2BMs3YUPWJ6wTjUWSoCUUoNV55U3EnujFKfYhsMQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8a07c5c51aef65d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 internetfiliale.min.05a91e28292866824804111f31d05bc0.js Show response
sprkase-baden.de/etc/clientlibs/myif/master/base/ 1022 KB
200 KB 75ms
75ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale.min.05a91e28292866824804111f31d05bc0.js
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e01d4ec2541b7c4153266b48d31248c1d1162f1fcd8e6b344bb4a411ef4e9bdf

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663aad89-ff8a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K4ZKNK3lgGSvRF%2Fh3h4u%2BCXdj4BJNEd7SFrNnehzuBIl06MWOPO%2BKhH6KAhHMvQBqNEjcNPn5dfzi9r6CTEjeY1wnfJLBMUgZ%2BwJxxovhXkl0i8cVFS7s6SAsbyJsLwup221yHRgJY26wFTvDvXr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a07c5c51af265d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo_weiss.svg
sprkase-baden.de/content/dam/myif/spk-offenburg-ortenau/work/bilder/nbf-logos/ 10 KB
3 KB 43ms
43ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sprkase-baden.de/content/dam/myif/spk-offenburg-ortenau/work/bilder/nbf-logos/logo_weiss.svg
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a05dd91f2ce92bc2c082743daabaa85864037584021f33a80c93b827c3d1c7f2

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663aad86-2668"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1rw72P4Cwjg5hl%2BIz5P%2Fp5H23DjdV2ggIToBev%2F1pSaU2ALirxDM%2FZDJGXC7SBmn7iaKOHXZQswtpykhJj%2FLqgmuAzbaz8ALQlF%2B%2FUTkXXQfvRE8oU4Ra6Gh9HBFSusBTzLGTl42PEYsLFBZoor"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8a07c5c51af465d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 spk-logo-druck.png
sprkase-baden.de/content/dam/myif/spk-offenburg-ortenau/work/bilder/logos/ 13 KB
13 KB 36ms
35ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sprkase-baden.de/content/dam/myif/spk-offenburg-ortenau/work/bilder/logos/spk-logo-druck.png
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1afadaa6674288922ea5383c8a308ccfdd50b1cc7502838afee01457d4069437

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "663aad86-33bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qbd5liclnRntos3uUR3a%2FYjwFRRD%2BFzHMlFUNa%2Bnx%2F6IBNtFxSpiJTm7yELtrGF%2Bx3K016jxJ%2B7Rkwu4GvF%2FgDAT0kolNFHBYqVtRa8tiH3jfw24EV6pwz7C%2FlE0loHP%2BQh23ITEdrOJOWLqRNoi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a07c5c51af665d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13245

GET
H3 200 logo_rot.svg
sprkase-baden.de/content/dam/myif/spk-offenburg-ortenau/work/bilder/nbf-logos/ 10 KB
3 KB 168ms
168ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sprkase-baden.de/content/dam/myif/spk-offenburg-ortenau/work/bilder/nbf-logos/logo_rot.svg
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddd520c8fc7ae709f074e6ed9b5a4899b18a234b19462e07584e375cd201d0ac

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663aad86-2668"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=95JfdIwMth8Vj5D06VCpJ63V%2FX8HnYIaEG3wuFpL1nREAUignPk09Y430QGlPbGnp1%2B2bESoUEHvo27ApML5HNxRgFlM9AsTpziQuw8W0X95kKfiJZY0oPXP9OUJVGqRiUxijx2yj5u7OJrBAkfa"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8a07c5c55b9065d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Bildmarke_S-Sparkasse_72px.svg
sprkase-baden.de/content/dam/myif/spk-offenburg-ortenau/work/bilder/nbf-logos/ 976 B
851 B 42ms
42ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sprkase-baden.de/content/dam/myif/spk-offenburg-ortenau/work/bilder/nbf-logos/Bildmarke_S-Sparkasse_72px.svg
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663aad86-3d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DRadwDEcVE%2F5qSgqmiqsjUclhlCQ2TmPusM5hGVBh9XlOutmLqhEnM%2BbT4q1yX9FuKbkAgO43Psl%2Bw%2FMF7xssEHkG3Bbrg57uojBGhnQijxFOhwVhb7XUl4QteUF0C45MQIMkVC0s3S%2FqAE2uxWo"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8a07c5c56bb765d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 1708092527021.jpg
sprkase-baden.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_0/teaserref1.epimgref.jpg/ 53 KB
53 KB 44ms
44ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sprkase-baden.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_0/teaserref1.epimgref.jpg/1708092527021.jpg
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00a6425f24298e2bbfe5d312b02ae4467c5b539e0b8719c929ce9447ba525f1a

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "663aad87-d31b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6v1Sfhp9VpREoAMcXgX4NpUvfuYccqVqp6vYQ6Mwx9Ipmyk6wq1A8XnFwfXkDXsAsOPAsEKjFe1cBkDrAiHeWZ9XwP2%2FC5L3dn3bmKtVFkIzqaAIagwYiPt%2FfbVchGsrGXbEKvqzuO2dEUKDbF6f"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a07c5c70e8965d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 54043

GET
H3 200 1699435283959.jpg
sprkase-baden.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_0/teaserref2.epimgref.jpg/ 76 KB
77 KB 40ms
40ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sprkase-baden.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_0/teaserref2.epimgref.jpg/1699435283959.jpg
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 103448155bd4db4bbf2e382d2c0b5980df7830820a6e526dc52a870f0c9c87f4

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
cf-cache-status: MISS
last-modified: Tue, 07 May 2024 22:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "663aad87-130dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aNnsrY%2FWdmpc1MEEpyV6NXzT9%2Bx54%2BoWs%2BdFL8Rc5LIxm42QujZ4hfa4s4Eg9TDzObSJpBg4ZjwBrVxg%2BNITPCOOyHCz9QnUMZrmrwmjrJwV035Nk%2B%2BButLK0k5DqgGAyn%2F3TW0%2Bbhgg3luQ8UXk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a07c5c71ea965d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 78044

GET
H3 200 1643796088545.jpg
sprkase-baden.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_0/teaserref3.epimgref.jpg/ 48 KB
48 KB 32ms
31ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sprkase-baden.de/de/home/_jcr_content/homepagearea/parsys/teaserarea_0/teaserref3.epimgref.jpg/1643796088545.jpg
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9216637bfc7e123a675ef911a0f6ce9098da8b2bddbe331ae0cc1501328c8758

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "663aad87-becd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfiE9rS4FQYHu%2Ff6m%2FmN%2BWZMoStptdCtW3LjqDhIPcJzXRBOdqZVZg69noYEhzDKbOu3dVFuYrOBkLZgXF1ZbOtkZzYtHXSnbJpZGk3h%2F%2F2E6B03tTuDjfR32%2F2sM6pmH2KOtqecrjAHI7%2FjRpJ%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a07c5c71eae65d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 48845

GET
H3 200 s_app_info.min.9de96b1d86e28372e5ae30e36d2e185b.css
sprkase-baden.de/etc/clientlibs/myif/spk-offenburg-ortenau/sfp/ 2 KB
1 KB 47ms
47ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sprkase-baden.de/etc/clientlibs/myif/spk-offenburg-ortenau/sfp/s_app_info.min.9de96b1d86e28372e5ae30e36d2e185b.css
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 623c5f38127f5b4a231ddab9f83157831e4bfb0e23eeb5ad61baded926cf9cb4

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 May 2024 22:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663aad89-87c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFOq2dXltH0bNUBMlttPF9Keua3CPpvR%2BtLytITW%2BY5hJgu%2FCQmVp2voa0UtEqwx8%2BwgcMd3f5bsxnw0YQYxTW%2B8rIfW2rpFHl1qoQRaOTemKTkw5Eq8gLb5ZQ92N3c8p3iM8Uu9oZOB%2FCqSnBK0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8a07c5c5ac4865d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 s_app_info.min.4102b8bd530d02a6f2859830e2ec2d69.js Show response
sprkase-baden.de/etc/clientlibs/myif/spk-offenburg-ortenau/sfp/ 140 KB
42 KB 54ms
48ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sprkase-baden.de/etc/clientlibs/myif/spk-offenburg-ortenau/sfp/s_app_info.min.4102b8bd530d02a6f2859830e2ec2d69.js
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a322ece74bac065d9c0b836f805b7b38875d1ac97c0670dff30bb5200b37c7

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 May 2024 22:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663aad89-22e6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qkTeanGY3LrRLK6vmThSwffNGR%2F5NYnoTQN8kR9dXKsdhRU1GbNlKxjg0JEULQ3K6lVH2A5mAOeeKn5ip9Nb1Bth%2FuTNT5iZSgpEpT38A9O7QwoJDV3YpbdcfR0co9U901OOFKEQWYI%2BqsgbII3A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a07c5c60cea65d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Sparkasse_web_Rg.woff
sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale/fonts/ 24 KB
25 KB 54ms
54ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale/fonts/Sparkasse_web_Rg.woff
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale.min.b47b251af0dec64063da2ab15b555e99.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43a2c75ca73d8c1101ff7ae617e6dbc6934e8aa1cd72d64ce50908ac297156cb

Request headers

Referer: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale.min.b47b251af0dec64063da2ab15b555e99.css
Origin: https://sprkase-baden.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663aad89-61f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7mteYKtuCWArZxR1bFtKM2yc7qjEILAhu1A0P%2BOP80USKIIybv%2Brsf%2BZSxOiVF4hweA6fQVLmM%2FKkH9mvWvifm3md1CuFgxTha9CHsp6jRntsNCmRRh3KCVkBNWt9y2IFcOUq%2Fxic2Fx%2FlT1a66M"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 8a07c5c77f4065d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 pictos-if.woff
sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale/fonts/ 205 KB
111 KB 55ms
54ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale/fonts/pictos-if.woff
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale.min.b47b251af0dec64063da2ab15b555e99.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5706622f56a9d55053b778d797260c4ff05ce65c3402d0df06b1c5ddf59496a5

Request headers

Referer: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale.min.b47b251af0dec64063da2ab15b555e99.css
Origin: https://sprkase-baden.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663aad89-33590"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BlfxrDfRApU5TSRT6l8kS8VM46QQ2c6kGVij55f%2BK6%2BcFnSoFZkHB20lEFk6AQ8gNrZHST5YtRceNKlENuzugsxVTS34PYGFPA47HbjNDVv%2FzoCAxNq9ZhJpBYVVtB6Vv%2BaGzgqimnCOILrG3Bx4"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 8a07c5c77f4665d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Sparkasse_web_Md.woff
sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale/fonts/ 25 KB
25 KB 37ms
36ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale/fonts/Sparkasse_web_Md.woff
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale.min.b47b251af0dec64063da2ab15b555e99.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b2888ded6c1e95affe8813aaba8fbcd060d774451c10afa71227616e9af159f

Request headers

Referer: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale.min.b47b251af0dec64063da2ab15b555e99.css
Origin: https://sprkase-baden.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663aad89-62a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vqmFSXpDrHFp0PW4YX6jrF7vP%2FvKfGbWBiXg3Osia1bTBw%2BnNB88Yx9GjLiBLCDCIfT027eW%2F0HHUgKmsPTk%2BvX0whDnwPRWF%2FusL1BvByl73%2FSlEbXCLN%2BPnhBDG5J%2Fvft3E0%2FRMaicm4vkcrI9"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 8a07c5c77f4765d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Sparkasse_web_Bd.woff
sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale/fonts/ 25 KB
25 KB 61ms
60ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale/fonts/Sparkasse_web_Bd.woff
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale.min.b47b251af0dec64063da2ab15b555e99.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae3f33664fc3b273913900b81d8812d5a6a3c098b86d93d1f0ec54259d9441d

Request headers

Referer: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale.min.b47b251af0dec64063da2ab15b555e99.css
Origin: https://sprkase-baden.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663aad89-6274"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0UP1C00E%2F6A84pbVO8gmoq6lktoynzsEUa8YZZNAjzLJIWd%2FEhn2AQT%2FvyfV1dErXJxUvs1RoAT%2BBn1J2wX8nEt0bCUJsUEMOOroaieDPwj9U0UqHi%2BwvMybc3IffxNRL7y3kwiXnhhlEql6hhx9"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 8a07c5c77f4965d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 SparkasseHead_web_Rg.woff
sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale/fonts/ 25 KB
26 KB 61ms
60ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale/fonts/SparkasseHead_web_Rg.woff
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale.min.b47b251af0dec64063da2ab15b555e99.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: addffd48c2bb1fe1e4409899c79d5b2beca7d72c4d80575401091f09ab0eae52

Request headers

Referer: https://sprkase-baden.de/etc/clientlibs/myif/master/base/internetfiliale.min.b47b251af0dec64063da2ab15b555e99.css
Origin: https://sprkase-baden.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663aad89-65dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0pmlC33NpncIq52PWzc88wcAgVG2VkJq%2FsEjXQejKGv6TxjK1dOnYdhzwHunkxejAmke4%2FEa7FkwrVL9rJnls9KmWIOMFzDly%2FPlFBi3a1cXz2sRyrUtIRWiemjQi95iaNY1kXE6kcx6BhCW7D9y"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 8a07c5c77f4e65d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 1706880513978.jpg
sprkase-baden.de/de/home/_jcr_content/opener/openerref1.epimgref.res1920.jpg/ 109 KB
110 KB 56ms
55ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sprkase-baden.de/de/home/_jcr_content/opener/openerref1.epimgref.res1920.jpg/1706880513978.jpg
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 269c7ba8edb79d287ab0196f989cf3aee358495aaf03c91dffc30ac2530db407

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
cf-cache-status: MISS
last-modified: Tue, 07 May 2024 22:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "663aad87-1b434"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uczELIF3GFs8emLEursukAKY%2BWGapWAjdXrYhpQlltAd%2Fr2%2Fyxc6vxyK7bqAjOl9aqFeJH1cIW%2BQUOQz5kfFqsk%2BfKnYEzk%2BaSSRft1sb8bqy8%2BquUeXvGIGZpD%2BdslqGUPhYe6rOS3%2FZpbHqMkb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a07c5c8081365d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 111668

GET
H3 200 1703778278070.jpg
sprkase-baden.de/de/home/_jcr_content/opener/openerref2.epimgref.res1920.jpg/ 178 KB
179 KB 33ms
33ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sprkase-baden.de/de/home/_jcr_content/opener/openerref2.epimgref.res1920.jpg/1703778278070.jpg
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52b5ee0faae8a8cff310366f66f9cd62f16b6f293d1e44c9a41e517f8546e498

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
cf-cache-status: MISS
last-modified: Tue, 07 May 2024 22:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "663aad87-2c865"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=genOKOTlkPeNmPSZtxOXIw4mDZJMe%2FRyVhjZkmviABcQCY5VbHY6YOlHO0nHFJ2sb3S6togGIBrWeIT0u0f4%2BT037qsD%2B8Yhp%2F4enkfSn7VTohWRCJwusAiwLosBqgpT%2F5S5ngynRAeWOAGL8m50"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a07c5c8081765d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 182373

GET
H3 200 1706880587372.jpg
sprkase-baden.de/de/home/_jcr_content/opener/openerref3.epimgref.res1920.jpg/ 523 KB
524 KB 80ms
80ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sprkase-baden.de/de/home/_jcr_content/opener/openerref3.epimgref.res1920.jpg/1706880587372.jpg
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f58930c095adc5e8df128ea31ca79d1fb80e11ac5c8d3e5c1b2b8f847307843b

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
cf-cache-status: MISS
last-modified: Tue, 07 May 2024 22:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "663aad87-82d74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r8XwavLrzU3DGRi%2BvBJqCPWojsc3teNU6pZM%2BagtrVIaRJzOd%2FhhSpfw0VeJ9tH2TzhgdddAAJHRKXL9O%2F5ZYOV0BWy29Wp8IMZ9i82ATEEl2tsWHKDZcrAXT9pAad%2FAteCOjeqKGLplDePjMVnA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a07c5c8081965d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 535924

GET
H3 200 1706880616120.jpg
sprkase-baden.de/de/home/_jcr_content/opener/openerref4.epimgref.res1920.jpg/ 44 KB
45 KB 31ms
31ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sprkase-baden.de/de/home/_jcr_content/opener/openerref4.epimgref.res1920.jpg/1706880616120.jpg
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b81a4eb1bb95b956c0a57e2b34b80c619b58f60fd97a7bb28b81702452a6737

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
cf-cache-status: MISS
last-modified: Tue, 07 May 2024 22:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "663aad87-b189"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pd4bMD%2BVzlQxqMskklkQrHSI7g98iOPDT9H0b9qdL4rZk2MNh6xLw2G1S%2FO8aeRxR4Bul%2F%2FRh%2Bewt%2FeMPfb%2F4a8afhAvjLzH%2BX5%2FvAHQsbzT8kzfaWdHgCOb5fMmZKohCJQo03aGfH%2B9xdKAZkaT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a07c5c8081a65d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 45449

GET
H3 200 1707144538980.jpg
sprkase-baden.de/de/home/_jcr_content/opener/openerref5.epimgref.res1920.jpg/ 134 KB
134 KB 47ms
46ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sprkase-baden.de/de/home/_jcr_content/opener/openerref5.epimgref.res1920.jpg/1707144538980.jpg
Requested by: Host: sprkase-baden.de
URL: https://sprkase-baden.de/de/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5175289fa2f044b8e3c7a1b4f89719609d67f6d881d9bdc8d41fcae0dc98ce60

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
cf-cache-status: MISS
last-modified: Tue, 07 May 2024 22:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "663aad87-21609"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMvGnsLyQ%2FJpV2FaDneI4FiHWftiII2ScFh2jZ%2BoCWis5UgRxIUpADCTlez4jg62QNKt1ttt4bWGbCZ2MP%2Fjlei0%2Fs0lD73vLHbKsgK4vKjjOknvmL%2BrSx1pfvC5BsNv4ZnC2eNxa8NwRYseYCL%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a07c5c8081f65d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 136713

GET
H3 200 favicon1x.ico
sprkase-baden.de/content/dam/myif/spk-offenburg-ortenau/work/bilder/icons/ 1 KB
682 B 32ms
32ms Other
image/x-icon 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sprkase-baden.de/content/dam/myif/spk-offenburg-ortenau/work/bilder/icons/favicon1x.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b09bfaae201b4b85471fc79e4890ed850374b3751f3dbda255092b1740c4737

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663aad86-47e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pvHxmmDQmjtAv6FyqDgtPr4WBrO6X1njfOg4FtAdZwkRlnOuf5gde4AMrp1z9OE3Q3iIgl3XZVqQp9D%2BNjArR%2F%2FabYJD4T4q53q%2BlEXn73qPtDQ34E2KnRJvb%2BXTfQGsMAxH2hfU6wbdGGgSXcCP"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 8a07c5c919b665d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon2x.png
sprkase-baden.de/content/dam/myif/spk-offenburg-ortenau/work/bilder/icons/ 298 B
768 B 46ms
46ms Other
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sprkase-baden.de/content/dam/myif/spk-offenburg-ortenau/work/bilder/icons/favicon2x.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d57403a697fb7d9e5090e8958be0325c4ae6d09b72f6d67b9e2a666e6c6be335

Request headers

Referer: https://sprkase-baden.de/de/home.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:53:50 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2024 22:39:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "663aad86-12a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1Npeszjq%2FGVBpSrYLGATTMnG1X8RjAeJtQAxpFl7thIgtBOSJRyjkVLjC0qPoe2aq3LLROYPfvoXRPXiJPVsOap8I2vxg8qW1g2ZKbhPeolkO%2FtAVZmsb5TG%2Bciq%2F%2B%2B79NdtS3%2FJvwVkkXAa9ny"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a07c5c95a0765d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 298

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sprkase-baden.de/	1970-01-20 21:56:48	Name: __cf_mw_byp Value: iccFGNhO5RjdNNzJyawJDrUho3hl6GmEdKEgF7d.vhY-1720522425-0.0.1.1-/

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sprkase-baden.de/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sprkase-baden.de
2a06:98c1:3121::3
00a6425f24298e2bbfe5d312b02ae4467c5b539e0b8719c929ce9447ba525f1a
103448155bd4db4bbf2e382d2c0b5980df7830820a6e526dc52a870f0c9c87f4
1afadaa6674288922ea5383c8a308ccfdd50b1cc7502838afee01457d4069437
269c7ba8edb79d287ab0196f989cf3aee358495aaf03c91dffc30ac2530db407
2b09bfaae201b4b85471fc79e4890ed850374b3751f3dbda255092b1740c4737
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
41a322ece74bac065d9c0b836f805b7b38875d1ac97c0670dff30bb5200b37c7
43a2c75ca73d8c1101ff7ae617e6dbc6934e8aa1cd72d64ce50908ac297156cb
5175289fa2f044b8e3c7a1b4f89719609d67f6d881d9bdc8d41fcae0dc98ce60
52b5ee0faae8a8cff310366f66f9cd62f16b6f293d1e44c9a41e517f8546e498
5706622f56a9d55053b778d797260c4ff05ce65c3402d0df06b1c5ddf59496a5
623c5f38127f5b4a231ddab9f83157831e4bfb0e23eeb5ad61baded926cf9cb4
64adf34b5255fbbd145dc0d806f5be91dad812c69b949ee0086f92a8b0fa8910
6b81a4eb1bb95b956c0a57e2b34b80c619b58f60fd97a7bb28b81702452a6737
7b2888ded6c1e95affe8813aaba8fbcd060d774451c10afa71227616e9af159f
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
9216637bfc7e123a675ef911a0f6ce9098da8b2bddbe331ae0cc1501328c8758
9ae3f33664fc3b273913900b81d8812d5a6a3c098b86d93d1f0ec54259d9441d
a05dd91f2ce92bc2c082743daabaa85864037584021f33a80c93b827c3d1c7f2
addffd48c2bb1fe1e4409899c79d5b2beca7d72c4d80575401091f09ab0eae52
c1d4abb5ae38236f31e079ae71915df7dcb4ae2dc0aaeb226728771fe75cba65
d57403a697fb7d9e5090e8958be0325c4ae6d09b72f6d67b9e2a666e6c6be335
ddd520c8fc7ae709f074e6ed9b5a4899b18a234b19462e07584e375cd201d0ac
e01d4ec2541b7c4153266b48d31248c1d1162f1fcd8e6b344bb4a411ef4e9bdf
e39fd2c8a4d8ab7262ebb9823c1e179e761fa6f56f4c877945bd670e61a8fc9f
e5c9b8a2225ffdb5b044a39cd5bfca4bd056f3e6e64c1a01212cdcd5e652fabe
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35
f58930c095adc5e8df128ea31ca79d1fb80e11ac5c8d3e5c1b2b8f847307843b

sprkase-baden.de Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1905 kBTransfer

5460 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sprkase-baden.de Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1905 kB
Transfer

5460 kB
Size

1
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!