urlscan.io logo urlscan.io
SecurityTrails logo

spk-kundencenter-de-safe-redirect-home-portal.ru Open in urlscan Pro
91.92.109.167  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://shrt.es/KzjoS
Effective URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/
Submission Tags: 6759174
Submission: On September 05 via api from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 3 countries across 3 domains to perform 20 HTTP transactions. The main IP is 91.92.109.167, located in Bulgaria and belongs to NETERRA-AS, BG. The main domain is spk-kundencenter-de-safe-redirect-home-portal.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 11th 2020. Valid for: 3 months.
This is the only time spk-kundencenter-de-safe-redirect-home-portal.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 188.94.254.137 15817 (MITTWALD-...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
4 24 91.92.109.167 34224 (NETERRA-AS)
20 1
Apex Domain
Subdomains		 Transfer
24 spk-kundencenter-de-safe-redirect-home-portal.ru
spk-kundencenter-de-safe-redirect-home-portal.ru
325 KB
1 ug-ltd.xyz
ug-ltd.xyz
806 B
1 shrt.es
shrt.es
275 B
20 3
Domain Requested by
24 spk-kundencenter-de-safe-redirect-home-portal.ru 4 redirects spk-kundencenter-de-safe-redirect-home-portal.ru
1 ug-ltd.xyz 1 redirects
1 shrt.es 1 redirects
20 3

This site contains no links.

Subject Issuer Validity Valid
spk-kundencenter-de-safe-redirect-home-portal.ru
Let's Encrypt Authority X3		 2020-08-11 -
2020-11-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/
Frame ID: E9AB72DED3B0F15942008D0EED5D0255
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://shrt.es/KzjoS HTTP 301
    https://ug-ltd.xyz/Slft41F HTTP 302
    https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/ HTTP 302
    https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a HTTP 301
    http://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/ HTTP 301
    https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/ HTTP 302
    https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

1
IPs

3
Countries

324 kB
Transfer

500 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://shrt.es/KzjoS HTTP 301
    https://ug-ltd.xyz/Slft41F HTTP 302
    https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/ HTTP 302
    https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a HTTP 301
    http://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/ HTTP 301
    https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/ HTTP 302
    https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/
Redirect Chain
  • https://shrt.es/KzjoS
  • https://ug-ltd.xyz/Slft41F
  • https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/
  • https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a?
  • http://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/?
  • https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/?
  • https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
69103444fe79a8e12842f03660dcdf5122a2c507422d5402a32f238f61f2fee1

Request headers

Host
spk-kundencenter-de-safe-redirect-home-portal.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bid=03d8a746892d3f3bfeb7f9405ff5cc4a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.10.3 (Ubuntu)
Date
Sat, 05 Sep 2020 18:50:06 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
4700
Connection
keep-alive
Set-Cookie
PHPSESSID=do1b18kng27l40n5872sekshm1; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx/1.10.3 (Ubuntu)
Date
Sat, 05 Sep 2020 18:50:06 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Set-Cookie
bid=03d8a746892d3f3bfeb7f9405ff5cc4a
location
login/?
jquery.min.js
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/bower_components/jquery/dist/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/bower_components/jquery/dist/jquery.min.js
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Feb 2020 17:27:42 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"15283-59f9209cc9f80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30138
ua-parser.min.js
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/bower_components/ua-parser-js/dist/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/bower_components/ua-parser-js/dist/ua-parser.min.js
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896

Request headers

Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Feb 2020 17:27:44 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"4298-59f9209eb2400-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6063
font-awesome.min.css
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/bower_components/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/bower_components/font-awesome/css/font-awesome.min.css
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Feb 2020 17:27:40 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"7918-59f9209ae1b00-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7053
css.css
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/form/ 		557 B
557 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/form/css.css
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
117bce8813acf5c9ee88220b82297dcbec9fd00f46178e6a78d0533b9252f276

Request headers

Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Mar 2020 09:16:50 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"22d-59fefc387a480-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
254
style.php
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/ 		73 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/style.php
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
b87d2aaa6bb1dd568673b4cdc22bd6e1cf278710779f0e407642fed6e61cfd64

Request headers

Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 05 Sep 2020 18:50:06 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
10608
Expires
Thu, 19 Nov 1981 08:52:00 GMT
spk-logo-desktop.png
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/spk-logo-desktop.png
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a4f04574b20972a5b290984c214ff23af7810b73db0a640c75bf11b2a042336b

Request headers

Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:07 GMT
Last-Modified
Thu, 27 Feb 2020 17:27:24 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"1bb5-59f9208b9f700"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7093
spk-logo-mobile.png
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/spk-logo-mobile.png
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
723733a7bb6f25194a40769ba4b2c4b4840d707bba89f745984fab9442f72141

Request headers

Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:07 GMT
Last-Modified
Thu, 27 Feb 2020 17:27:24 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"146c-59f9208b9f700"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5228
spk-logo-druck.png
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/spk-logo-druck.png
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
92a47005456ffc3265cfb02b76cfb77edf109347cd59ef3c755aec4ffd4e8e85

Request headers

Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:06 GMT
Last-Modified
Thu, 27 Feb 2020 17:27:24 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"18d5-59f9208b9f700"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6357
tdg
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/ 		310 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/tdg
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
4aea18f209023234a92e63a8a1f66e0c4b85a031391792e81d39f8f3901a13f0

Request headers

Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:07 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
form.js
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/form/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/form/form.js?v=5f53ddde66e34
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
47c4c7b3fddbf6b4c854f09c3d434da26826a2affeca30874e1846ce275b3bc0

Request headers

Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Feb 2020 17:27:34 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"2535-59f9209528d80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2801
token.js
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/token/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/token/token.js?v=5f53ddde66e85
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
0e322d75e7e6d86475f347f96a1f770a17025eec6070a0d8735177af29094d8a

Request headers

Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Mar 2020 10:09:42 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"2a6a-59ff080988580-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1782
25frrutigerltw02-55roman-webfont.woff
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/fonts/reg/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/fonts/reg/25frrutigerltw02-55roman-webfont.woff
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/style.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7cc0a4759f5cfe7d8a6f191f79a38b1c8e36c975f160b89f21d31436dff05c4e

Request headers

Origin
https://spk-kundencenter-de-safe-redirect-home-portal.ru
Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/style.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:07 GMT
Last-Modified
Sun, 01 Mar 2020 13:29:08 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"62e4-59fcb0e247100"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25316
pictos-if.woff
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/pictos-if.woff
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/style.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
d6fff4dce0ed66b0ef96ec5165e4b5fa7d2d193df2537040630dd19606b7b664

Request headers

Origin
https://spk-kundencenter-de-safe-redirect-home-portal.ru
Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/style.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:07 GMT
Last-Modified
Thu, 27 Feb 2020 17:27:22 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"ff6c-59f92089b7280"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65388
25frrutigerltw02-65bold-webfont.woff
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/fonts/bold/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/fonts/bold/25frrutigerltw02-65bold-webfont.woff
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/style.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
353b8f56926b58e1c037ac912432156fff183d03d5f42a1f5d2ec06199e446f4

Request headers

Origin
https://spk-kundencenter-de-safe-redirect-home-portal.ru
Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/style.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:07 GMT
Last-Modified
Sun, 01 Mar 2020 13:29:00 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"6574-59fcb0daa5f00"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25972
password.ttf
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/password.ttf
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/style.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
5585d482c2eee6acbeca5fe3d9ffaad32b15c5b26995ee345b0208f557571155

Request headers

Origin
https://spk-kundencenter-de-safe-redirect-home-portal.ru
Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/login/style.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:07 GMT
Last-Modified
Tue, 03 Mar 2020 09:02:34 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"1f2fc-59fef90821e80"
Content-Type
application/font-sfnt
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
127740
home.php
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/ 		57 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/home.php?link=sparkase.de&bid=03d8a746892d3f3bfeb7f9405ff5cc4a&callback=jQuery32108485019396027467_1599331806854&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1599331806855
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/bower_components/jquery/dist/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8038a801db146c04dfba811a22ec2971ebbdc49e9fd483cd4f48c20883b4c73a

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:07 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
57
Content-Type
application/json
home.php
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/ 		57 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/home.php?link=sparkase.de&bid=03d8a746892d3f3bfeb7f9405ff5cc4a&callback=jQuery32108485019396027467_1599331806856&data=%7B%22mes%22%3A%22User%20on%20Login%20page%22%7D&_=1599331806857
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/bower_components/jquery/dist/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
3f8e2a411c72d15c52e277ce9ded5ad2ea9ebc8491a9b0b4dfd7403fa4db81ca

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:07 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
57
Content-Type
application/json
home.php
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/ 		57 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/home.php?link=sparkase.de&bid=03d8a746892d3f3bfeb7f9405ff5cc4a&callback=jQuery32108485019396027467_1599331806856&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1599331806858
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/bower_components/jquery/dist/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
3f8e2a411c72d15c52e277ce9ded5ad2ea9ebc8491a9b0b4dfd7403fa4db81ca

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:12 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
57
Content-Type
application/json
home.php
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/ 		57 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/home.php?link=sparkase.de&bid=03d8a746892d3f3bfeb7f9405ff5cc4a&callback=jQuery32108485019396027467_1599331806856&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1599331806859
Requested by
Host: spk-kundencenter-de-safe-redirect-home-portal.ru
URL: https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/bower_components/jquery/dist/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.92.109.167 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
physc.sofhat.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
3f8e2a411c72d15c52e277ce9ded5ad2ea9ebc8491a9b0b4dfd7403fa4db81ca

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a/login/?
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Sep 2020 18:50:17 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
57
Content-Type
application/json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| UAParser string| bid object| php_js string| el function| next__ function| finish__ object| cookies function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q function| send1 function| ask_login_proxy object| bider_obj object| last_respond undefined| last_operation object| respond object| CORE__ object| REST_FN__ number| bidder_timer

2 Cookies

Domain/Path Name / Value
spk-kundencenter-de-safe-redirect-home-portal.ru/ Name: PHPSESSID
Value: do1b18kng27l40n5872sekshm1
spk-kundencenter-de-safe-redirect-home-portal.ru/service-portal/03d8a746892d3f3bfeb7f9405ff5cc4a Name: bid
Value: 03d8a746892d3f3bfeb7f9405ff5cc4a