urlscan.io logo urlscan.io
SecurityTrails logo

online-rvices.de Open in urlscan Pro
2606:4700:3035::ac43:d6d9  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://online-rvices.de/egbe2
Submission: On September 24 via manual from AU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3035::ac43:d6d9, located in United States and belongs to CLOUDFLARENET, US. The main domain is online-rvices.de.
TLS certificate: Issued by WE1 on September 15th 2024. Valid for: 3 months.
This is the only time online-rvices.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
2 13 2606:4700:303... 13335 (CLOUDFLAR...)
11 1
Apex Domain
Subdomains		 Transfer
13 online-rvices.de
online-rvices.de
71 KB
11 1
Domain Requested by
13 online-rvices.de 2 redirects online-rvices.de
11 1

This site contains no links.

Subject Issuer Validity Valid
online-rvices.de
WE1		 2024-09-15 -
2024-12-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://online-rvices.de/egbe2
Frame ID: D5967DB6D52C3DF5F079B51CB536A000
Requests: 9 HTTP requests in this frame

Frame: https://online-rvices.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: DF4281DD7F5A9310E02C1C3CEC3BE9A5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://online-rvices.de/egbe2 Page URL
  2. https://online-rvices.de/cdn-cgi/phish-bypass?atok=keCgZuCBLd6ubrEcGzR3PgK7LNtFE9EtFH9liMjM_7I-172722... HTTP 301
    https://online-rvices.de/egbe2 Page URL
  3. https://online-rvices.de/egbe2 Page URL

Page Statistics

11
Requests

91 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

70 kB
Transfer

91 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://online-rvices.de/egbe2 Page URL
  2. https://online-rvices.de/cdn-cgi/phish-bypass?atok=keCgZuCBLd6ubrEcGzR3PgK7LNtFE9EtFH9liMjM_7I-1727221194-0.0.1.1-%2Fegbe2 HTTP 301
    https://online-rvices.de/egbe2 Page URL
  3. https://online-rvices.de/egbe2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://online-rvices.de/cdn-cgi/phish-bypass?atok=keCgZuCBLd6ubrEcGzR3PgK7LNtFE9EtFH9liMjM_7I-1727221194-0.0.1.1-%2Fegbe2 HTTP 301
  • https://online-rvices.de/egbe2
Request Chain 6
  • https://online-rvices.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://online-rvices.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
egbe2
online-rvices.de/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://online-rvices.de/egbe2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d6d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f14436a1d5207e54ea97106587ee3997892bba1b8f59357c447259fc5c120e80
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-ray
8c869dd04e522c39-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 24 Sep 2024 23:39:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4KJIyd%2Bw7Kq7%2FmhLMHmicj6pkHCPNRCDFQwFFfCzL1uY4SEKn3GSdW4pbt2WGvwHARlpedQQLjloIonDdZ%2F2hebOUanY%2F12xYsbit5N4GnPFmINCd%2FovaLAEzEu97GzAeMxQ6rGVxnSZlrR3FTgD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
online-rvices.de/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://online-rvices.de/cdn-cgi/styles/cf.errors.css
Requested by
Host: online-rvices.de
URL: https://online-rvices.de/egbe2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d6d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://online-rvices.de/egbe2

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"66e7fafc-5df3"
x-content-type-options
nosniff
cf-ray
8c869dd07e6a2c39-FRA
expires
Wed, 25 Sep 2024 01:39:54 GMT
date
Tue, 24 Sep 2024 23:39:54 GMT
content-type
text/css
last-modified
Mon, 16 Sep 2024 09:31:40 GMT
server
cloudflare
x-frame-options
DENY
icon-exclamation.png
online-rvices.de/cdn-cgi/images/ 		452 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://online-rvices.de/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: online-rvices.de
URL: https://online-rvices.de/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d6d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://online-rvices.de/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"66e7fafc-1c4"
x-content-type-options
nosniff
cf-ray
8c869dd10ef02c39-FRA
expires
Wed, 25 Sep 2024 01:39:54 GMT
accept-ranges
bytes
content-length
452
date
Tue, 24 Sep 2024 23:39:54 GMT
content-type
image/png
last-modified
Mon, 16 Sep 2024 09:31:40 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
online-rvices.de/ 		18 KB
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://online-rvices.de/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d6d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3651c4a9d20093812725ec070566295562c2ed61165cf52d8f425eeb5bc0ce9
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://online-rvices.de/egbe2

Response headers

cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOXPlysuB5I9IgoZjy%2FAzz1X6D5nCCwwWdzqWg2ob5JImZQYx0BM4TK0deEdEw87cbxMYrYDQ%2BAhUhsECUODpxoN%2F%2BqEBq7d69fHILGWI4MK%2BTYDypKBJG8Xg9WYzYWShXI%2F6suJznDFwWGa3%2BEm"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
cf-ray
8c869dd11f1d2c39-FRA
expires
0
date
Tue, 24 Sep 2024 23:39:54 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
egbe2
online-rvices.de/
Redirect Chain
  • https://online-rvices.de/cdn-cgi/phish-bypass?atok=keCgZuCBLd6ubrEcGzR3PgK7LNtFE9EtFH9liMjM_7I-1727221194-0.0.1.1-%2Fegbe2
  • https://online-rvices.de/egbe2
19 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://online-rvices.de/egbe2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d6d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca2814f3e4a5f5a8042ef106506af579940b0c7b25cb24fe8be038541a9c4dd2
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://online-rvices.de/egbe2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8c869ded89e72c39-FRA
content-type
text/html; charset=utf-8
date
Tue, 24 Sep 2024 23:39:59 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PDHOcEbzKXPyUevc8jYU5S3ZG57x8ZpYX6fmbmDIaehHHuAJf1TqWMGXgaPtMIWAvhxJ9xkyB6HhpNGdKvbe%2BeOs1y%2FFEvOgLQofH1Es%2B9Y%2FYhQJf5DphTBTd6mNjRNMtHi%2Bru7Sqj5IbYBsf1uD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

cache-control
private, no-cache
cf-ray
8c869ded79da2c39-FRA
content-length
167
content-type
text/html
date
Tue, 24 Sep 2024 23:39:58 GMT
location
https://online-rvices.de/egbe2
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
egbe2
online-rvices.de/ 		0
857 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://online-rvices.de/egbe2
Requested by
Host: online-rvices.de
URL: https://online-rvices.de/egbe2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d6d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Combination
Referer
https://online-rvices.de/egbe2
X-Requested-Type-Combination
GET
X-Requested-TimeStamp
y3mSQULCSiyn33EpvCXEQP6wm0
uzPhceYCFc7OfFLgfJSS2K7MU5w
X-Requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-Requested-Type
GET
iOpjeFrRGBMLftyc4rfP-mmYOQ
43332947
Content-type
application/x-www-form-urlencoded
X-Requested-TimeStamp-Expire

Response headers

cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
pragma
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mbeoCzeUKddsPk%2BZfHKAY0jlhJcmecPTDAkWvHM48A5cM%2BXomGWL1yvC1Qv4LvepUHRbOt%2FmVjJIt32h0Wztwf8HAECy8O5h1FCDs3gCRoS1sJY9JjudO38JQpKksAmSbVs3eeVnEQ7P3TVR0Hie"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
cf-ray
8c869def2acb2c39-FRA
expires
0
date
Tue, 24 Sep 2024 23:39:59 GMT
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
main.js
online-rvices.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame DF42
Redirect Chain
  • https://online-rvices.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://online-rvices.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://online-rvices.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
Protocol
H2
Server
2606:4700:3035::ac43:d6d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe07114c1f559b04713dc3c15c8560480c5c000b4d3682dd88e390faec169a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HeJKA%2BYi43bxdUE0CLOXqEHrMyLoYOvtsLTAz7%2BgPDpkzt7fzJVmZMQarAzffvuT73iyKd0GwpBetdL48GwaQV247WsYSnzbc6iHQ2g9Iiqc%2B%2BTRgB0t1WOM%2FjILewk1VCuw17YD7HoMEOaFB13r"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8c869def4ae02c39-FRA
date
Tue, 24 Sep 2024 23:39:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aZW%2BWFWOinPv7QKjBbbIkUaI9tx4J4i6Ucx%2Bfvj4mPlV4q53kFQtGQZK0aJ15c0gm8VsS32UV4ak8JUolGma8P4ikqwP24Jg6k85MM%2FELEEYrGTvuItM8k2jf3GBw0XCo2vNefevVW3fy6rxgVgd"}],"group":"cf-nel","max_age":604800}
cf-ray
8c869def2acc2c39-FRA
access-control-allow-origin
*
content-length
0
date
Tue, 24 Sep 2024 23:39:59 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
online-rvices.de/ 		18 KB
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://online-rvices.de/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d6d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://online-rvices.de/egbe2

Response headers

cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5GLlahKRmCw5v1%2F0%2F6y1RBJL%2FHHvfG9qDb%2BOhN3qIh0%2FrlzkAQN4mRhQRkKnsF49K46wWEuwNOfrw85AM1gp4JVyulvHIICTFrZVaXzWglfnPijyWVFO2NNhZ%2FbQW68KwnttgJVuWOzOMaemKek"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
cf-ray
8c869def2ace2c39-FRA
expires
0
date
Tue, 24 Sep 2024 23:39:59 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
8c869ded89e72c39
online-rvices.de/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame DF42 		0
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://online-rvices.de/cdn-cgi/challenge-platform/h/g/jsd/r/8c869ded89e72c39
Requested by
Host: online-rvices.de
URL: https://online-rvices.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d6d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8c869defab452c39-FRA
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
0
date
Tue, 24 Sep 2024 23:39:59 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uLtT%2BxMERCQppz5SkeEli373nPZiBB0zUoziHNqxhM1YzSY1rWdm4HRTi2NFixk4Q7wZJO0KP6Fz2i7cLyUH8wSZ%2FIfApA0NXtuPcPFZIa%2BrgekwSk0T5WmBNmvkvKjRhkZwP7a1WAAZCHVuRAz9"}],"group":"cf-nel","max_age":604800}
Primary Request egbe2
online-rvices.de/ 		548 B
459 B 		Document
General
Check archive.org
Download Go to
Full URL
https://online-rvices.de/egbe2
Requested by
Host: online-rvices.de
URL: https://online-rvices.de/egbe2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d6d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://online-rvices.de/egbe2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c869df0dc8d2c39-FRA
content-encoding
br
content-type
text/html
date
Tue, 24 Sep 2024 23:39:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tRqjxXlcfOJnKlThNPvTpNd2P9aKWsRMh2UZIQWywSgsRp2JSUeeMNhB6up5%2BpscHvD7%2FcRvh3vlCIKRHkTbOmqlaOcABw16Kq3xaM%2BrDCniAvG1hSD5it7EwUFBOdnAsbQ4Y5r4vHG%2FXhxwTgo%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
favicon.ico
online-rvices.de/ 		548 B
508 B 		Other
General
Check archive.org
Download Go to
Full URL
https://online-rvices.de/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d6d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://online-rvices.de/egbe2

Response headers

cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
pragma
public
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4X0mkXMQRfddshET%2BsfDYcOqS9jQOsyqQpwf4II2Y%2FWdyEgIu%2FGCdPLyONGS6WR04GTH26KQucJYcpEhUlYnKOHnEZTQRkHS8ACc%2BdHOKd1kmCQHRHq8%2BTY8g6QPwLb5xhUKA%2BijyVxhrk2q9gfg"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
cf-ray
8c869df1cd592c39-FRA
date
Tue, 24 Sep 2024 23:39:59 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
text/html
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Domain/Path Name / Value
online-rvices.de/ Name: -u-pH4h4d9vTLkqsKw0hOabSiQ4
Value: 41WVdmmXxqVNuORfyhv_0OU78tQ
online-rvices.de/ Name: MUoqL68mzNRmDeT2SyCOsNbSLuI
Value: 1727221194
online-rvices.de/ Name: 61I3c-JtAyLzaYvCPsrghfBP13U
Value: 1727307594
online-rvices.de/ Name: AqqR7O14iqaOyFPiIzFa5aSgA_w
Value: BC_eYzqe-XrFyuIq3kvPIFtysOc
.online-rvices.de/ Name: __cf_mw_byp
Value: keCgZuCBLd6ubrEcGzR3PgK7LNtFE9EtFH9liMjM_7I-1727221194-0.0.1.1-/egbe2
online-rvices.de/ Name: _IrYht_N_bI7swPhsPUkP0bnE54
Value: UekYdoZzuNQhKDN1bqZP1v8S1fA
online-rvices.de/ Name: NHdZKj6u8BwcXv_AbShXtv97RHs
Value: 1727221196
online-rvices.de/ Name: nVohBYWmUs2nGcuccnnQCtwc97s
Value: 1727307596
online-rvices.de/ Name: yxJ2WAqic8zUTg9_JQHQ4O19Q4E
Value: cspRbjkZ8MU8FwLSA2pgB6Jlilk
online-rvices.de/ Name: vFREAMJBtnsls4L3jdba86Z-Bpc
Value: mtBw4viaisU70bW_ozydfPItpUQ
.online-rvices.de/ Name: cf_clearance
Value: smqXvWQWPl0wqyLCv7tP8DxDeWAkHnG511HIavappI8-1727221199-1.2.1.1-TfA4BfNf4koGFoM.rsdKfCeWDjM2jn0fKMLiDuKxAkmmYojT2h.p9gSfjw2Q6MpMJlL1H_05msxkkQLz2IhxPJGYNNlt8Aq.a9.8tMgKealfx54tthPvrv9LcDKAHfJIAGZlXxxdbjBfnee8BJtmmweeMCleIZ0oH3kWcoO2g4iZXl_WVdjL5oZ4FifkA_3NZhVTSpmXQQHv5GGn2IAvXg.fKsOTvaF0RaBrLj_CgBm.e8Mth9Sz3W5Y7Y0nbK3PCMY4WOGxM9sZR.ds3AdfLK6A5SofreluNWJYEWffKIrDZIxuiGLCBbsiFJesoTYkDgs9XPkuq_5NY3HyNSKy1tpqiD6MJOaYduQ4y38Ulyd2oRxdTWFpRHxkGAdqxZwd
online-rvices.de/ Name: 8btLurnjsRbIUmeFWXltxit3M_o
Value: cHtpQMiy4f2v1WctU8IOVvooiBI
online-rvices.de/ Name: vZD_xV996gymvO1buxnW0mTq-Lk
Value: 1727221199
online-rvices.de/ Name: UuPZzR58yBrLtZK8ykLUzoFTc8s
Value: 1727307599
online-rvices.de/ Name: T-44jLmBggatr3IhBJanrVQ-nJM
Value: aVjnSepHbJ5wfJuyfiRAaMkEs4Q
online-rvices.de/ Name: FVwJQWifC8Y4-wM6MDASYJeTyDY
Value: rsNArxrKG3Ng5NntJuYLFlxOFow

5 Console Messages

Source Level URL
Text
network error URL: https://online-rvices.de/favicon.ico
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://online-rvices.de/egbe2
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://online-rvices.de/favicon.ico
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://online-rvices.de/egbe2
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://online-rvices.de/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN