de-legitimation-8120.xyz Open in urlscan Pro
2606:4700:3037::ac43:9bc0 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://de-legitimation-8120.xyz/de/Kontrolle/volks/
Effective URL:
https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/
Submission Tags: volksbank phishing Search All
Submission: On June 27 via manual (June 27th 2022, 8:59:15 am UTC) from DE — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3037::ac43:9bc0, located in United States and belongs to CLOUDFLARENET, US. The main domain is de-legitimation-8120.xyz.
TLS certificate: Issued by E1 on June 25th 2022. Valid for: 3 months.

This is the only time de-legitimation-8120.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3 18	2606:4700:303... 2606:4700:3037::ac43:9bc0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	3

18 2606:4700:3037::ac43:9bc0 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

de-legitimation-8120.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	de-legitimation-8120.xyz 3 redirects de-legitimation-8120.xyz	199 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	6 KB
25	2

	Domain	Requested by
18	de-legitimation-8120.xyz	3 redirects de-legitimation-8120.xyz
1	cdnjs.cloudflare.com	de-legitimation-8120.xyz
25	2

This site contains no links.

Subject Issuer	Validity	Valid
*.de-legitimation-8120.xyz E1	`2022-06-25` - `2022-09-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/
Frame ID: 47B1DD90B96E98FD172CF6F09C90A721
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Volksbank

Page URL History Show full URLs

https://de-legitimation-8120.xyz/de/Kontrolle/volks/ Page URL
https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1 HTTP 301
http://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/ HTTP 301
https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/ HTTP 302
https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

64 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

203 kB
Transfer

1169 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://de-legitimation-8120.xyz/de/Kontrolle/volks/ Page URL
https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1 HTTP 301
http://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/ HTTP 301
https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/ HTTP 302
https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
de-legitimation-8120.xyz/de/Kontrolle/volks/ 728 B
971 B 145ms
84ms Document
text/html 2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 865c532e0f415be3b6a9c808150e5711a203640b4966def2e9b2dd6b29aa52ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 721cfc31fa1c9188-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 27 Jun 2022 08:59:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Axh5AGnKWjlCjjUNylHsziNfmNuO3XqRF18J5p0BnWyhsucjagU8n6Ps9%2BbCJWwE2gzttzJcrdY1rJqt31CWBrAHSR%2F0UyHGVEJdMT7qMxc6Xr6PrEQu6Tl6Yl%2B7JKOer4vFPiUeswE731o21kTTOft8CzSajrY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

Primary Request / Show response
de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/
Redirect Chain

https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1?
http://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/?
https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/?
https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?

964 KB
126 KB

150ms
150ms

Document
text/html

2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
Requested by: Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffe0ceaed6197224212e5f6ab5b89b550a6969f52e7ff6de0256fa62960c0bde

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 721cfc39dce1baab-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 27 Jun 2022 08:59:12 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0MV20PrlEYdJZzlnvQQnW4aTL%2Bjj0fnbiS64af7Bhhbl9yp4Jj0tzWqoj7ALgmd3AF6VELczo0QAipUnjKdFbc127ZQS%2Bj8xz0BfsEqMmY5edBpNLhxLTkkQf%2B3VVubs0DQRgSYf1br7b0cnvgjtPGsN5PjmKA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 721cfc396c18baab-MXP
content-type: text/html; charset=UTF-8
date: Mon, 27 Jun 2022 08:59:12 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: login/?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLDKUA9jwdQzoaxyWA4VKzBfXI1xH5UW5CmSRVkHAs6iZGL6P3Oho1VPRZTfIpXCVFPsOIgWh2BjHJ9P2Xww1gNVjIq1cVV6U0kFmtcQbFQ%2F35RAg1bGcacKk7%2BWteGlq2u0fFl6R4ZxUT5%2FTZ1kqi5nbKd%2FyQE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 jquery.min.js Show response
de-legitimation-8120.xyz/de/Kontrolle/volks/bower_components/jquery/dist/ 85 KB
31 KB 1664ms
1663ms Script
application/javascript 2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/bower_components/jquery/dist/jquery.min.js
Requested by: Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:59:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:09:48 GMT
server: cloudflare
etag: W/"15283-5deb142644b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAL6i4K8lhHmA5dhSjjR4HV77d1CgqbC1H%2FHemGtM5fCg8bAnkKVRp76xgkRQXDIY1C66VBqvRNLGAdOmX2O6%2BdWXFjHvZLSRtgEwl0dVdWnX7L1GECN1%2B9cK6ssU6KSWA4ZM4B8JWcQ1vnxSSf%2BiQ0zU3qKN4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 721cfc3aee77baab-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 ua-parser.min.js
de-legitimation-8120.xyz/de/Kontrolle/volks/bower_components/ua-parser-dist/ 0
0 2079ms
2076ms Script
text/html 2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/bower_components/ua-parser-dist/ua-parser.min.js
Requested by: Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:59:14 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LG5XKhCOjz%2BJkKJQkIngUf1Z86flUgEgnWJudmXV1L%2F7DQDIywEPq4KI%2B75JHRCOmP7OaUQiY0LavPTj6xMBnh9G7oouv5QgSHnd%2BTnP6naYUBJytGBSCWCdN697dAwIl367IM4caoocYJdqibJ9c5hHYsCFkLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 721cfc3aee78baab-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 font-awesome.min.css
de-legitimation-8120.xyz/de/Kontrolle//login/css/ 0
0 1617ms
1615ms Stylesheet
text/html 2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle//login/css/font-awesome.min.css
Requested by: Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:59:14 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSv%2BoW4M4AN%2BWo1m9yx3d7a8oIujA0ZI1A0U%2BuWZch8lw6G1bv%2B85q3tYmk%2BGPo1S6rw%2BIyYj6%2FasyaZBctiS%2FRs%2FTPnkyNpOMTrnmmCZxLBhOWY2tR%2BJJ0frGedBIujEsHF2STNqSMPGhQy3OgCwr58v2z6l1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 721cfc3aee7abaab-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 33ms
13ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-legitimation-8120.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:59:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 346283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kRk0RXjNavB3AUIRmYHE9rZ9xfOISSBExpmDB8AzGGqJe6FuoatM9O%2F%2FeAfwkVIlA90CmO5xClz5doQRJwHTIruYEcFzNF6qztHlPQpzMehjq9zgAyUSox1TKTE4VN70hjS%2FZG%2BJEBNP8ZeJWtcf5fS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 721cfc3aefbd8ff4-FRA
expires: Sat, 17 Jun 2023 08:59:12 GMT

GET
H3 200 core_form.js Show response
de-legitimation-8120.xyz/de/Kontrolle/volks/core/form/ 14 KB
4 KB 1671ms
1669ms Script
application/javascript 2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/core/form/core_form.js
Requested by: Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60cd231b661f9f9a1412b5188a3a3bf7564b8fdecc97bb0fe6be34999da927ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:59:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:02 GMT
server: cloudflare
etag: W/"390d-5deb14339ea80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyvwvDCu0BhxGrPTBp1XoAPcxjPGwVjmjA0LtJZj31PlMRJa%2BlNT4CmIZ5HBXUEsxt0I8AzQR2ucVrZGD1pKsCXqRCZWYaFp2W3PSw1ck6JZPsgl1JPLhuGmKJBTo0mSSiE2s650Mjwk9d72Ib%2BHvxJVmQFI3bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 721cfc3aee7cbaab-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core_form.css
de-legitimation-8120.xyz/de/Kontrolle/volks/core/form/ 1 KB
871 B 1650ms
1648ms Stylesheet
text/css 2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/core/form/core_form.css
Requested by: Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8a5a50d229192e436fec31dc1f61c98a0c10fd01b22e31746468c0df40152e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:59:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:02 GMT
server: cloudflare
etag: W/"5e9-5deb14339ea80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51VLecXXVGU%2FkTkN2oepbNAgwY7T%2Berq702wCkSVIQCoui6jJhnDAXAMGMmTNBhdyzCEXHAVG5RLO%2BNJ%2BtTqQrz5fA9CCudTIKjVws5o%2Fgf6LM2oyMMTB7uILU2yt2rb85f6Q6Xbr1upx882YrGGgiNME%2FqAA%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 721cfc3aee7ebaab-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core_token.js Show response
de-legitimation-8120.xyz/de/Kontrolle/volks/core/token/ 17 KB
2 KB 1925ms
1924ms Script
application/javascript 2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/core/token/core_token.js
Requested by: Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2c4a54b79a448cfe7331863e45d7b1859ff9aeac68e72fe413a537e6ee792bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:59:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:00 GMT
server: cloudflare
etag: W/"448e-5deb1431b6600-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u854gyQbBOEGXFun7U5KTOyYToLGiGvAwQy%2BQS%2BEcSOOCkGvqfsqE7a7GAJ5llkpA5LYp9Z%2FA%2FJfBEOu8CeZWz5ymUavLFmyHHWCNK2IVtDgqr68f8Oj07%2BqnR9nc%2FhT1LzoTy8h%2BbOje%2F4IorcC7as2UH7FaWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 721cfc3aee80baab-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core_token.css
de-legitimation-8120.xyz/de/Kontrolle/volks/core/token/ 2 KB
1 KB 2083ms
2081ms Stylesheet
text/css 2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/core/token/core_token.css
Requested by: Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bcc1e01cd938f9d0faf84cedfb52b72e5fee4acb22dc9f806a519c2552ef9fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:59:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:00 GMT
server: cloudflare
etag: W/"940-5deb1431b6600-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NF%2Fxn31B8z3UYqlgru7P9H6xB%2FXcDVWa9nTbqNdpg0cpARyAd5Uzy6m%2BKYbvW8Djyd9TQ6tvzeiwtvQhSMFXJJdleUYoUN7RHRcKEkYowmB%2F%2BVzQU0aPJwS7swJucwHJtB1v0AznZjSx1b1aXNaPUf8XUU8uggw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 721cfc3aee82baab-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 styles.c41ccfebca008d50e005.css
de-legitimation-8120.xyz/de/Kontrolle/volks/login/css/ 31 KB
5 KB 1664ms
1662ms Stylesheet
text/css 2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/css/styles.c41ccfebca008d50e005.css
Requested by: Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4845ef45f4426035b2fc1fae4108a4b90517a0dbb95112b0aef970fd83a7189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:59:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:50 GMT
server: cloudflare
etag: W/"7d0b-5deb146165680-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyVVqzXWNnISjKRIFqhYhP%2FWpyB1LxHq0TDTg7DV1YEpkqpz4QwOABBXN9qNBMVwni9EPe0oiWs91ke7Pg%2FV%2FYPLUy%2BPa6CmKR5grfjXrYT7W9UFR1WG9kKAWI9xJXLt7TUfkd%2BOK0ppfCskCEHZ%2BGdR2iDbltM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 721cfc3aee83baab-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET logo.png
de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/ 0
0

GET
H3 200 SchwaebischHall.png
de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/ 4 KB
5 KB 64ms
61ms Image
image/png 2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/SchwaebischHall.png
Requested by: Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b80565005aab705788b217adbb52b163ae2efdf99fe81ee9d89f91e415e34af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:59:14 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:56 GMT
server: cloudflare
etag: "10cf-5deb14671e400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwsfFAsPsmTBVm90utDC%2BvDsvcYgp4LUV78nQcpucCBXbt%2FNqJTW%2FmLjWRG4z4BENUiNXbFrW4fImxlHh6xEEnVmsvy7EtJySvcpeH563iUsQmvj0RAPnS71aZ53U%2Bbg95w6KYKsvuFOlVK89chi51VDHl3joNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 721cfc480bb3baab-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4303

GET
H3 200 UnionInvestment.png
de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/ 6 KB
7 KB 63ms
60ms Image
image/png 2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/UnionInvestment.png
Requested by: Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:59:14 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:58 GMT
server: cloudflare
etag: "17fe-5deb146906880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FDPPiYmsbuagCfRuYr1eSU2HK51gpC0WYGl0FAf4o58eAf61NKp7hnE%2B1QMsOSvjWXseKjBQVrEc%2B72MXJkK7KkrWwTJtKeSC41upiSDHg1oD4iHg1gMyoYOdm0lh8t6GutK6WDR0CuA%2B6C%2BS6yFibvYS1edgU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 721cfc480bb6baab-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6142

GET RundV.png
de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/ 0
0

GET
H3 200 easyCredit.png
de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/ 5 KB
6 KB 64ms
62ms Image
image/png 2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/easyCredit.png
Requested by: Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab26bc72d10a5d80984e1a1bbe9f5d12c38013e35070f3ab382908c1f08594ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:59:14 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:56 GMT
server: cloudflare
etag: "13dd-5deb14671e400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXMTwd%2F2Gkz759vpAGv2xZUbwSK5ALd4vMznCQc84Ic4MJpQ7C%2BwEizLovLNbmUQfpVy7GyTQMH1UzXnBAfhuDOksVkbvn0EsDVNPJwRhjCcNa3iJYumSOtOXwQsSvebYHQB4r%2F0AskU8671KMQVi16Bnk8HevM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 721cfc480bb8baab-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5085

GET DZBANK_Initiativbank.png
de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/ 0
0

GET DZPrivatbank.png
de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/ 0
0

GET VR_Smart_Finanz.png
de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/ 0
0

GET
H3 200 DGHYP.png
de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/ 2 KB
2 KB 54ms
52ms Image
image/png 2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/DGHYP.png
Requested by: Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:59:14 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:56 GMT
server: cloudflare
etag: "75b-5deb14671e400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuCQoxSW%2F3XtPKPqaCvPG1Pgs16J8TEmuJmFB9GZvw%2FmZ1XnbcKcLuFGoSZrX48F1FFLPphnToBhd8uGqjCn9KllfDr71l1gLD7KYqb5SM1gV7D4WA88o%2FNJrvvyVeePIK7hJaKxVpdfdr6ldKnJLgBSFUdbuQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 721cfc480bbebaab-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1883

GET
H3 200 M%C3%BCnchenerHyp.png
de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/ 6 KB
6 KB 62ms
61ms Image
image/png 2606:4700:3037::ac43:9bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/M%C3%BCnchenerHyp.png
Requested by: Host: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f00e05e6fcb48cbf33e15e7393b71041234246e48727fc225310c153cfa6cc31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:59:14 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:56 GMT
server: cloudflare
etag: "16ae-5deb14671e400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQD4C77BiPlq9TZWXHcFgfjQLHp9%2BzhqwooTGCBs%2FfPmfZXBLB6IslDz%2BQLFFq0gM8kNO1aginqepyVFeCp7SE2bPUGeRDhN4ufoW1vAw8PLIa5C3EBoiJmMLWiCri25UTnVRkmeXgh8uTxR%2BeH4naiTmpYde9E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 721cfc480bbfbaab-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5806

GET form.js
de-legitimation-8120.xyz/de/Kontrolle/volks/login/form/ 0
0

GET token.js
de-legitimation-8120.xyz/de/Kontrolle/volks/login/token/ 0
0

GET FrutigerVR-Bold_hinted.woff2
de-legitimation-8120.xyz/de/Kontrolle/volks/login/fonts/ 0
0

GET FrutigerVR-Regular_hinted.woff2
de-legitimation-8120.xyz/de/Kontrolle/volks/login/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/logo.png

Domain: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/RundV.png

Domain: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/DZBANK_Initiativbank.png

Domain: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/DZPrivatbank.png

Domain: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/img/VR_Smart_Finanz.png

Domain: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/form/form.js?v=62b9716066822

Domain: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/token/token.js?v=62b9716066827

Domain: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/fonts/FrutigerVR-Bold_hinted.woff2

Domain: de-legitimation-8120.xyz
URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/login/fonts/FrutigerVR-Regular_hinted.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			de-legitimation-8120.xyz/de/Kontrolle/volks/a1b2c3/61c00b455138b742460a4819d52f5df1	1969-12-31 23:59:59	Name: bid Value: 61c00b455138b742460a4819d52f5df1
			de-legitimation-8120.xyz/de/Kontrolle/volks	1969-12-31 23:59:59	Name: real Value: OK

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://de-legitimation-8120.xyz/de/Kontrolle//login/css/font-awesome.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://de-legitimation-8120.xyz/de/Kontrolle/volks/bower_components/ua-parser-dist/ua-parser.min.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
de-legitimation-8120.xyz
de-legitimation-8120.xyz
2606:4700:3037::ac43:9bc0
2606:4700::6811:180e
193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6
2bcc1e01cd938f9d0faf84cedfb52b72e5fee4acb22dc9f806a519c2552ef9fe
60cd231b661f9f9a1412b5188a3a3bf7564b8fdecc97bb0fe6be34999da927ea
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b80565005aab705788b217adbb52b163ae2efdf99fe81ee9d89f91e415e34af
865c532e0f415be3b6a9c808150e5711a203640b4966def2e9b2dd6b29aa52ef
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47
ab26bc72d10a5d80984e1a1bbe9f5d12c38013e35070f3ab382908c1f08594ec
ce8a5a50d229192e436fec31dc1f61c98a0c10fd01b22e31746468c0df40152e
e4845ef45f4426035b2fc1fae4108a4b90517a0dbb95112b0aef970fd83a7189
f00e05e6fcb48cbf33e15e7393b71041234246e48727fc225310c153cfa6cc31
f2c4a54b79a448cfe7331863e45d7b1859ff9aeac68e72fe413a537e6ee792bf
ffe0ceaed6197224212e5f6ab5b89b550a6969f52e7ff6de0256fa62960c0bde

de-legitimation-8120.xyz Open in urlscan Pro 2606:4700:3037::ac43:9bc0 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

64 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

203 kBTransfer

1169 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

51 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

de-legitimation-8120.xyz Open in urlscan Pro
2606:4700:3037::ac43:9bc0 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

64 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

203 kB
Transfer

1169 kB
Size

2
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!