filialenservice.live Open in urlscan Pro
2606:4700:3037::ac43:d48b Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://el.lk/hbNAy
Effective URL:
https://filialenservice.live/Start
Submission: On June 05 via automatic, source phishtank (June 5th 2023, 2:45:26 am UTC) — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3037::ac43:d48b, located in United States and belongs to CLOUDFLARENET, US. The main domain is filialenservice.live.
TLS certificate: Issued by GTS CA 1P5 on June 3rd 2023. Valid for: 3 months.

This is the only time filialenservice.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	107.174.14.244 107.174.14.244	36352 (AS-COLOCR...) (AS-COLOCROSSING)
1 1	185.230.60.180 185.230.60.180	58182 (WIX_COM) (WIX_COM)
1 25	2606:4700:303... 2606:4700:3037::ac43:d48b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2

1 107.174.14.244 (Dallas, United States) 1 redirects

ASN36352 (AS-COLOCROSSING, US)
PTR: compresser-4589.surgetip.com

el.lk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.230.60.180 (United States) 1 redirects

ASN58182 (WIX_COM, IL)
PTR: unalocated.60.wixsite.com

mirandamason1257.hopp.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:3037::ac43:d48b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

filialenservice.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	filialenservice.live 1 redirects filialenservice.live	931 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	28 KB
1	hopp.to 1 redirects mirandamason1257.hopp.to	493 B
1	el.lk 1 redirects el.lk	369 B
25	4

	Domain	Requested by
25	filialenservice.live	1 redirects filialenservice.live
1	cdnjs.cloudflare.com	filialenservice.live
1	mirandamason1257.hopp.to	1 redirects
1	el.lk	1 redirects
25	4

This site contains no links.

Subject Issuer	Validity	Valid
filialenservice.live GTS CA 1P5	`2023-06-03` - `2023-09-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://filialenservice.live/Start
Frame ID: 0DCBE529DAEB6532953038CD4F6E04DF
Requests: 22 HTTP requests in this frame

Frame: https://filialenservice.live/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
Frame ID: E4B078BF5C5AFC84F0870FC44B4F5CD3
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sparkasse | Melden Sie sich an

Page URL History Show full URLs

https://el.lk/hbNAy HTTP 301
https://mirandamason1257.hopp.to/sprken HTTP 302
https://filialenservice.live/Start Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*parbase

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

96 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

958 kB
Transfer

4332 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://el.lk/hbNAy HTTP 301
https://mirandamason1257.hopp.to/sprken HTTP 302
https://filialenservice.live/Start Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://filialenservice.live/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://filialenservice.live/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Start Show response
filialenservice.live/
Redirect Chain

https://el.lk/hbNAy
https://mirandamason1257.hopp.to/sprken
https://filialenservice.live/Start

150 KB
47 KB

403ms
351ms

Document
text/html

2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/Start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 928ce54535548e7689e08c8c34613baf14eb3022a76b78a64c2eb41bf7965ace

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d2514238c741c24-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 05 Jun 2023 02:45:18 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9F1liDFIWijKssGjnwMTYbAPg2wsvcbegQ%2BNoHud8s9Q5A2MtOHBGIttHYBO93FC6h%2F4vqaUIRFnbsNAWwsfCHtBajlXo0BsRi3r5PNIRf%2FT0D7BPtuKJFlT74uiW7CVMsuX6OyPyhcIaxcouQdRCVLmw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-store, no-cache
content-length: 112
content-type: text/html; charset=utf-8
date: Mon, 05 Jun 2023 02:45:17 GMT
location: https://filialenservice.live/Start
pragma: no-cache
server: Pepyaka/1.19.10
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-seen-by: m0j2EEknGIVUW/liY8BLLp4sYwYx2UgZC4DZhzpOwcVGkFvVdT2Nq6f3Hedj7ewB,F/2b1J1kmHV2BLnAgEYozE5fQUjchQyRisXc5Vs+E7Ffgabkp3vaQFNmmAMf929SWIHlCalF7YnfvOr2cMPpyw==,osV03DUdKaEVOGwoQFgPYocROJmR4PHWKdY6H9OqG1s=,sQ19iEk473qMiaixh4sATmGI3hhkWZtbZWW59dtmsRI=,QZHqNaElr5njDWVpNxBg0dyDiOjDkuKyPgPDENj4sNLRy9UREzGXyvYdSzdVWX/v
x-wix-request-id: 1685933117.8865355974954119117

GET
H2 200 sp_styles.css
filialenservice.live/assets/css/ 2 MB
214 KB 654ms
652ms Stylesheet
text/css 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/assets/css/sp_styles.css
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/Start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cdb874ad1a4a0623414f048ec39df6607f87a6dd123830a9bfef18b359e8347

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://filialenservice.live/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 05 May 2023 21:14:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2237d5-5faf8c6924e4a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOn7LZxtfwVdA%2FWvsLhik5OkNJkb3YWZS4ZDBdw3dgzdc6x4TizDJ9v41nWkCcnkGq8eVspgArumEOPS4Zp786aBFEwQ7wyvECWLs3bp3dspDoxL1H2DbYo342Kql9YEN1%2B5xxIRnnckdFW0OHmH61nf%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d251425cdcb1c24-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sp_scripts.js Show response
filialenservice.live/assets/js/ 641 KB
159 KB 761ms
760ms Script
application/javascript 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/assets/js/sp_scripts.js
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/Start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 340e931741c7162a2f4365577878e7b90d015114993168afbd2c40b674984380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://filialenservice.live/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 05 May 2023 21:15:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a02aa-5faf8c943f458-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJ3mTzaUE5yzciEyizc02fEA1UQ%2FARPkw3rJGLlTsPt96yehtS1XEf2CZsGEcf7tXUgMT2D81q48fVXme9mD2lH42r%2FyYfqA8lbwKdMhBjOC2p8abD57QslDNOZiQWNwBbGZRT5hdEG2fIw7pRQVBwQRPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d251425cdd11c24-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 toast.css
filialenservice.live/assets/css/ 639 KB
75 KB 629ms
627ms Stylesheet
text/css 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/assets/css/toast.css
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/Start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1586adc8f49ebd0d1deca54b3bc9d1850e7f299b0880b61e6520a7cf2f336a17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://filialenservice.live/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 05 May 2023 21:14:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9fb6e-5faf8c6a885e5-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5rraUK0dn0mCVgdlwjUJy3i5fJ9i0oyuKIc8GoeTn9QYb62XAj%2Bma1je9KDXPWUm9ckPkypTMzmBkeCZwLQkECDIVJ7ejuet9TyaPxduR40aaNKIs8qdVQ4vs%2F%2ByhbqM1GseOw%2BsknNM7SNcOifumpFkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d251425cdcc1c24-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sun.css
filialenservice.live/assets/css/ 14 KB
3 KB 331ms
330ms Stylesheet
text/css 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/assets/css/sun.css
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/Start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e91bcf65d01abb7d971cf9dda8046e8c20f9c4c53b849c656301b46e7b8131e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://filialenservice.live/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 05 May 2023 21:14:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3721-5faf8c6924e4a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bv77KKiPSUKfkcYX%2BFnZIHbJE%2FbTXFzVZiLszXIAk7DijpbsIi5iE0WIfhDx4XL3BNCO%2FwK%2F9LKURf71XRlc2t6%2B7tirzg0ffNS4QK6dabKIlm6kCTxgcuPx3NUA5CgCKu1%2F4D%2F4AhjT08kz5P8fCxMDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d251425cdcd1c24-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gridz_structure.css
filialenservice.live/assets/css/ 52 KB
7 KB 340ms
339ms Stylesheet
text/css 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/assets/css/gridz_structure.css
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/Start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e293166017618b14342bd640677f88274154a0fed8393cb056a16056348de4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://filialenservice.live/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 05 May 2023 21:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ce4b-5faf8c67cf170-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1HGjylHWkoR%2FOSVy3j8LVqs7xUgTbAbMQrOWJbmMdf3xnVwJtGd1pZQSJJzPnhbfkqx0nxwSwWqGDjUj049LCCiYMNng5Bx5OOvYtUHdOrWg8Ar8Ph5bI%2BGLFWHkibLZuI4%2FnTVZCkOqc0kWU40AUt9NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d251425cdcf1c24-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 light_styles.css
filialenservice.live/assets/css/ 5 KB
2 KB 323ms
322ms Stylesheet
text/css 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/assets/css/light_styles.css
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/Start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74e29c203255ea561c5057e915995667190e189d02c3d5a3e840ab28d2b26b33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://filialenservice.live/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 05 May 2023 21:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"13c0-5faf8c67d0110-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KESmeuhEtQvQAm%2Fg%2F82SHxPP01%2FuNmodzjY4edT8CJRuUpx0mfQcNb8fsI8HTQTxzy%2FU6TsTcb3pgavnW%2FhHF6smcAY%2B%2BKDS%2BBORtzPb0BHtEXw0SHv5r3uBmRnlZkfls3tqTNVNb3NCuzYcEn9NP%2FN34Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d251425cdd01c24-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bread.svg
filialenservice.live/assets/images/ 22 KB
9 KB 318ms
318ms Image
image/svg+xml 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://filialenservice.live/assets/images/bread.svg
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://filialenservice.live/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:19 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 21:14:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"58be-5faf8c6afd8ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aq95FxBDifibfGBRgABb4J3iM4s40QP7urtUqrI4gs0Wl%2BqaGDeJEL1RBQO1gaL%2FR2MiRRyf5Efy2ib8Ocys4QuP1M0KluvnroLuakfYz432hG88zEMcppE9vNkZMFW6A2pc6s3ydzDhsx7I%2BURG1mjcmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7d25142cafa290e8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 drink.svg
filialenservice.live/assets/images/ 976 B
869 B 325ms
325ms Image
image/svg+xml 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://filialenservice.live/assets/images/drink.svg
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://filialenservice.live/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:19 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 21:14:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3d0-5faf8c6afd8ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46CbGaWOBUNIfAcgLAtXzS4KIfT4OlXa1bDkjNh%2FgNmIRuMZByJTjFLYDswOxq4w%2BZxiX%2BBEF%2FC6S5%2Fukr2IAEQkNLYOAitm3B3VP4fOIw4y9fkyikoGtu7LXMFOlYwxXFWjKxpSDVIVi7ih%2BNaSOmMs1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7d25142cbfb290e8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 fetch
filialenservice.live/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/neo/ 0
0 324ms
324ms Script
text/html 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/neo/fetch?prepare=start&w=W_OLB_N_OLB_BEARB_PROLOG&s=S-ONLBNK-NEO
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://filialenservice.live/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJwbqTy8FVzdDATV4o5TAUWRUTSIXBqD0DcDj19vQrcGrBOIc6vMDOUx70%2F511f39vt50F2po%2FWH0DeOzhp9BuOITvNoMecFke2QVLhzlRdyqFhg1ivsH%2FEKc618dq0AWvzl7BbFeDKMxrzAigCg4IFfOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 7d25142aaece90e8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/ 88 KB
28 KB 30ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: filialenservice.live
URL: https://filialenservice.live/Start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://filialenservice.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2347663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28112
last-modified: Wed, 21 Dec 2022 00:05:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63a24ddb-6dd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SjKvNF7mz4Ko24bGe%2FMQBTjhxsiz8O%2FmT7R3%2BLTVmF%2FvSsuOEgt2rQKYH8ouLnoaqjNpfBlJmpQC18FwdIDwHI0PbukxKjQunFEcT%2FMAEO%2BWvtwnomVquTSp209kkKrXRUKqOkwP1TblyQjJW0kh1JI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d25142bdecf3635-FRA
expires: Sat, 25 May 2024 02:45:19 GMT

GET
H3 404 require.js
filialenservice.live/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/js-min/lib/ 0
0 307ms
307ms Script
text/html 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/js-min/lib/require.js
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://filialenservice.live/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPSXBgll7v7lu8j4YOd8km3OF1HMkufVVTdtXpAt0S138kKyLBDMPoCiW90awu9ebxcj5W8lDF8PFpmciRw4awO0UK5hF7Idnhnbjy0d4BBcZDANeor4zKgQCv5rp1%2FdoIRmEzyW1i8ZcaY%2B%2BoWyq5nK9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7d25142cefc290e8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 ospm_v2.css
filialenservice.live/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/css/ospm/ 0
0 319ms
319ms Stylesheet
text/html 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/css/ospm/ospm_v2.css
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://filialenservice.live/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYfVHeJPdfqKYUY6%2B%2Bn2TKvG6aiXpxtGB%2BROazNzoTm%2FSBEKLHjPGqcBaQFJTwBrXpC75Abq7oZKiOHRWJ5a6Jurm9JUPlh3fS77Tez7Yq4JRaLdZGnBBwHDGi84ePh98rAKnKdvOGBtrSK%2BrqLhKjlMSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7d25142cefc490e8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 ospm_if_v2.css
filialenservice.live/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/css/ospm/ 0
0 1318ms
1318ms Stylesheet
text/html 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/css/ospm/ospm_if_v2.css
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://filialenservice.live/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:20 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgZSFLPxY5Lqv48ile%2Bx2Iux8oKm8zfXEolRZE20YY2Oq5HxZ7daVHQUam8G2S4wbgGIV4%2BErP3hDQ18oDFydnpTX8IuwLWbMIiBGUvsh3Mc%2Bw11T41Fxl%2FTaGl9G0HCJueQpVimg4RzYtj4WUC17iB12Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7d25142cefc590e8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Start
filialenservice.live/ 72 KB
72 KB 347ms
347ms Image
text/html 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://filialenservice.live/Start
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://filialenservice.live/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 02:45:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucIHdFbdnY7djEz02S3RR7XP1sKa6VimWi5NxeA92rXBqeP4ER%2F0p7ohtYZ6gR0W6vIMxaXQ4AzPl8MeUNgoDq9H2r3k7eZwguK5DVPWW7nn6Tooyq07UItx7tXJBCrs8e687zcgHTG8tIsYQPiZp7iFXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d25142cefc690e8-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 Start Show response
filialenservice.live/ 150 KB
47 KB 190ms
189ms Script
text/html 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/Start
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 247b46d614fdf373dbdc11cf6a16161d3f1eb38d2d4c2b0dbe93f1f3559aede3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://filialenservice.live/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 02:45:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Lo3IJwL7ru4VR2BI3kgxxCF3Ddlray%2B1UoIOrY3K8vZ9kZw3doPqAXmV91WNv8BeNLm%2FewO6ws%2BZ9zDl0AviA0Tt%2FBc%2BI7BcQhW5c9mVfEJNSOLymbecTuGICnKq7fOO78JIxoKlhIv5pfrqx9ECWG5rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d25142cefc790e8-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 Sparkasse_web_Rg.woff
filialenservice.live/assets/css/cs_haspa/fonts/ 41 KB
41 KB 2309ms
2309ms Font
font/woff 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/assets/css/cs_haspa/fonts/Sparkasse_web_Rg.woff
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/assets/css/sp_styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451

Request headers

Referer: https://filialenservice.live/assets/css/sp_styles.css
Origin: https://filialenservice.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:21 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 21:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a200-5faf8c67cc28f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1u%2Fm3Z7J3wvftSq2rT0AI0Vb2yA%2FSPg2RGW2QTXd8uIhvju%2Bfnz2eff7r1lnhKH5xWToG8NTItFCpJ822LyafRth4UoTUpPooFAOiui1JcXhdyjRUcq21%2BGzEBYWbFDTwP%2FhsaLb4T%2Fx7Zp5vjJvak23A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d25142d1fdb90e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 41472

GET
H3 200 pictos-if.woff
filialenservice.live/assets/css/cs_haspa/fonts/ 197 KB
198 KB 2296ms
2296ms Font
font/woff 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/assets/css/cs_haspa/fonts/pictos-if.woff
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/assets/css/sp_styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 385bbee80414712855e9a4250cd4dcbbff192dc79136cf99fa5b62075d3bb0ad

Request headers

Referer: https://filialenservice.live/assets/css/sp_styles.css
Origin: https://filialenservice.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:21 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 21:14:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "315c8-5faf8c670dba1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMchgk25007sXkS%2BzDgvP%2FpZjyA%2FY1Vcz4Smj3BRYHy5LjKLc%2B9XNxjG3IneQ3YVFMgDZdrMC9IzcCo37DBxMv9Ox0eIRj5sGsqw69QPs4xFC%2BbEErIXAIT00J0NqMtEb23FJDpVbCKWHFjiH9RKkEvOEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d25142d1fdc90e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 202184

GET
H3 404 SparkasseNEURg-Bold.woff2
filialenservice.live/assets/ 0
0 2311ms
2311ms Font
text/html 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/assets/SparkasseNEURg-Bold.woff2
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/assets/css/light_styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://filialenservice.live/assets/css/light_styles.css
Origin: https://filialenservice.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbwMChumaxLoHs6qYWJiyDZabjJJ6aj2GcIKJzuqQJlHLBqn8QJVRlD0MM0pNiaA7e7HpxJBGAlAClTVdbF0sDyuxUxiKZ%2BTMLfnF40dno7SUlggKDrZj4Y7ZUqfFjJTJADwu5GyK4of3a04rAeH8AUnIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7d25142d1fdd90e8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 SparkasseNEUMedium-Regular.woff2
filialenservice.live/assets/ 0
0 1295ms
1294ms Font
text/html 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/assets/SparkasseNEUMedium-Regular.woff2
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/assets/css/light_styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://filialenservice.live/assets/css/light_styles.css
Origin: https://filialenservice.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:20 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bziiIr6ShzgkzsZH8Ms%2Fj45EvmyY6JLTHb3bD0591D%2BHPZzIPrUjrdXfJ4LFhrr3s1irfOmRZlekvBjmzL8YtXb4R9SUcXZY2RfpBcwV1aLXQb9xKYeMM9cr6%2F1KautY9HICQYcB%2BN0Bo8z8HzZCjW2SJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7d25142d1fde90e8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 SparkasseNEURg-Regular.woff2
filialenservice.live/assets/ 0
0 1290ms
1289ms Font
text/html 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/assets/SparkasseNEURg-Regular.woff2
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/assets/css/light_styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://filialenservice.live/assets/css/light_styles.css
Origin: https://filialenservice.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:20 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6IH5IVm1OAb12fqLM5zgUlkzvpIEONNzV7l7F9SLLZWTdplz6DaECIPSavZSjmWSEmK8wENWxKOJ59SKpolP4wgxVeOlnFRezJSK%2BWt8VImGLUjz4W5P0gfabXvgBDfgK5GxDYewOKziMoCKR%2FVNnbhxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7d25142d1fdf90e8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Sparkasse_web_Bd.woff
filialenservice.live/assets/css/cs_haspa/fonts/ 36 KB
37 KB 1291ms
1291ms Font
font/woff 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/assets/css/cs_haspa/fonts/Sparkasse_web_Bd.woff
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/assets/css/sp_styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002

Request headers

Referer: https://filialenservice.live/assets/css/sp_styles.css
Origin: https://filialenservice.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:20 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 21:14:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "901c-5faf8c6748525"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exa%2FMBlFmVJVASr6%2Bm3s9kMjBlG7A3fDy5sDzVaRndXvFHXR1bP9AfFxQkX1iTeuR9%2BhutltyIgILUl%2Fr6U50OkQEy3xRDnKCBhP1CytBbU4BuKcOw37BP7EKNs%2FyVYcLANQV%2F75J9NVPKmkBfxusFqnyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d25142d1fe090e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36892

GET
H3

200

invisible.js Show response
filialenservice.live/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/ Frame E4B0
Redirect Chain

https://filialenservice.live/cdn-cgi/challenge-platform/scripts/invisible.js
https://filialenservice.live/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js

29 KB
14 KB

12ms
12ms

Script
application/javascript

2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filialenservice.live/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js

Requested by

Host: filialenservice.live
URL: https://filialenservice.live/Start

Protocol

Server

2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

036b470ed32d3b5b7b61db00408f27a2a049b10725d4412ece3740a57bc4e39c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrNsvgrlrTCXSohUkbashuLCC56FDQwGrg4jwIbmkv0zfswLwLEdvqAoBucabSN6V13ptDO1FxUtPxSiOi%2Bk%2FGAKxgkCyH9me9YY7BC94qjpk%2FJIr7JJ%2B1rFUPO1r5T8VmNfQ%2FTOHXIkU1MewqCIJAmClQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7d25142df85890e8-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 05 Jun 2023 02:45:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Elhk%2BQhSgkMEdWEQVQdMwPZ6D2ZoF%2BuHobKiGQ7h1Ddoo%2FU9aExHQEmI%2BVu3BSLwJvZestJRRx0FWn5zUVExSRycFA2nVJxj137xVqlZ5ohd%2BPDz8zpu9TYFjW27Hrf0LKbmX7zT06qh4DzjGihJeXm3%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7d25142d680a90e8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 pica.js
filialenservice.live/cdn-cgi/challenge-platform/h/g/scripts/ Frame E4B0 6 KB
3 KB 20ms
20ms Other
application/javascript 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filialenservice.live/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: filialenservice.live
URL: https://filialenservice.live/Start

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a0e875e98e1d0b2310103b19c4658635ab071fd6c223d5a2e21d61c122c32d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUns0g4vjFUgatc9fcUELWdqi3NAdFHsBsQ92FWpde1nzoRLo1nOFJN8wrWCgC5Ktq50afcDWJO5PqeMwaPS9BeiZdXfYtcypBZBIK13GjrKOSJcGjWBRiN5Qutfp1YGfoSjmt2Te7Byfr33je03ng%2BY4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7d25142e287290e8-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 7d2514238c741c24 Show response
filialenservice.live/cdn-cgi/challenge-platform/h/g/cv/result/ Frame E4B0 2 B
636 B 24ms
24ms XHR
text/plain 2606:4700:3037::ac43:d48b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filialenservice.live/cdn-cgi/challenge-platform/h/g/cv/result/7d2514238c741c24
Requested by: Host: filialenservice.live
URL: https://filialenservice.live/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Jun 2023 02:45:20 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqjlJ0mFjo6rG%2BXImZqeAn%2FLXA5l8pLtCLsbQOq0NbfXwore7XG8NmY3EslH2uV%2BBfHer6z3hvW6nn%2FKc8vbXkgp%2FlmKtwWwcpV4z3p8wcFkOyH%2B0nCYDet5vFmhYOtOIho3kSs0ZioAPx%2Fk4KFOB%2BlkkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7d25142ff94d90e8-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
el.lk/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3pfsvi5q93hd6k1suh51m4pi8e
el.lk/	1970-01-20 12:18:54	Name: short_5048 Value: 1
filialenservice.live/	1969-12-31 23:59:59	Name: PHPSESSID Value: mr2r2ki67p962cl1ek03ku63ta
.filialenservice.live/	1970-01-20 12:18:54	Name: __cf_bm Value: Y2YrLPPnM3W7YaTPBG_wk_QiJop1cOd2dDlPy5xD2Jo-1685933120-0-AfaIyNl38wmEBMKRxI3tZH4yckXu5DbWoNRPo6q8xY1grxPbLV34VAbEOLaMiUktPd3ADh7gS11nJX+RFeOcbILbYD0ZZU1dWgU/n+yd0gt0

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://filialenservice.live/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/neo/fetch?prepare=start&w=W_OLB_N_OLB_BEARB_PROLOG&s=S-ONLBNK-NEO Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://filialenservice.live/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/js-min/lib/require.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://filialenservice.live/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/css/ospm/ospm_v2.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://filialenservice.live/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/css/ospm/ospm_if_v2.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://filialenservice.live/assets/SparkasseNEURg-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://filialenservice.live/assets/SparkasseNEUMedium-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://filialenservice.live/assets/SparkasseNEURg-Bold.woff2 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
el.lk
filialenservice.live
mirandamason1257.hopp.to
107.174.14.244
185.230.60.180
2606:4700:3037::ac43:d48b
2606:4700::6811:180e
036b470ed32d3b5b7b61db00408f27a2a049b10725d4412ece3740a57bc4e39c
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
1586adc8f49ebd0d1deca54b3bc9d1850e7f299b0880b61e6520a7cf2f336a17
22e293166017618b14342bd640677f88274154a0fed8393cb056a16056348de4
247b46d614fdf373dbdc11cf6a16161d3f1eb38d2d4c2b0dbe93f1f3559aede3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a
340e931741c7162a2f4365577878e7b90d015114993168afbd2c40b674984380
385bbee80414712855e9a4250cd4dcbbff192dc79136cf99fa5b62075d3bb0ad
6a0e875e98e1d0b2310103b19c4658635ab071fd6c223d5a2e21d61c122c32d7
74e29c203255ea561c5057e915995667190e189d02c3d5a3e840ab28d2b26b33
8cdb874ad1a4a0623414f048ec39df6607f87a6dd123830a9bfef18b359e8347
928ce54535548e7689e08c8c34613baf14eb3022a76b78a64c2eb41bf7965ace
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91bcf65d01abb7d971cf9dda8046e8c20f9c4c53b849c656301b46e7b8131e0
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35

filialenservice.live Open in urlscan Pro 2606:4700:3037::ac43:d48b Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

96 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

2 IPs

1 Countries

958 kBTransfer

4332 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

49 JavaScript Global Variables

4 Cookies

filialenservice.live Open in urlscan Pro
2606:4700:3037::ac43:d48b Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

96 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

958 kB
Transfer

4332 kB
Size

4
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!