sparka-gruppe-de-redirect-anmeldung-psd2.xyz Open in urlscan Pro
45.12.32.96 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://vai.promo/gmxweb/21cf
Effective URL:
https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/
Submission Tags: 6452405
Submission: On March 16 via api (March 16th 2020, 4:30:44 pm UTC) from NL

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 45.12.32.96, located in Russian Federation and belongs to INTERNET-IT, NL. The main domain is sparka-gruppe-de-redirect-anmeldung-psd2.xyz.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 16th 2020. Valid for: 3 months.

This is the only time sparka-gruppe-de-redirect-anmeldung-psd2.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.198.4.183 35.198.4.183	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3033::681b:b838	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 25	45.12.32.96 45.12.32.96	200313 (INTERNET-IT) (INTERNET-IT)
21	1

1 35.198.4.183 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 183.4.198.35.bc.googleusercontent.com

vai.promo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::681b:b838 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

redirecter-go.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 45.12.32.96 (Russian Federation) 4 redirects

ASN200313 (INTERNET-IT, NL)
PTR: livescripter7.ptr1.ru

sparka-gruppe-de-redirect-anmeldung-psd2.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	sparka-gruppe-de-redirect-anmeldung-psd2.xyz 4 redirects sparka-gruppe-de-redirect-anmeldung-psd2.xyz	326 KB
1	redirecter-go.xyz 1 redirects redirecter-go.xyz	785 B
1	vai.promo 1 redirects vai.promo	738 B
21	3

	Domain	Requested by
25	sparka-gruppe-de-redirect-anmeldung-psd2.xyz	4 redirects sparka-gruppe-de-redirect-anmeldung-psd2.xyz
1	redirecter-go.xyz	1 redirects
1	vai.promo	1 redirects
21	3

This site contains no links.

Subject Issuer	Validity	Valid
sparka-gruppe-de-redirect-anmeldung-psd2.xyz Let's Encrypt Authority X3	`2020-03-16` - `2020-06-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/
Frame ID: 1CFF68D7FBE84510071B7867E06BAB8F
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://vai.promo/gmxweb/21cf HTTP 301
https://redirecter-go.xyz/SPKLI3M HTTP 302
https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/ HTTP 302
https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2 HTTP 301
http://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/ HTTP 301
https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/ HTTP 302
https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/ Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

325 kB
Transfer

500 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://vai.promo/gmxweb/21cf HTTP 301
https://redirecter-go.xyz/SPKLI3M HTTP 302
https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/ HTTP 302
https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2 HTTP 301
http://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/ HTTP 301
https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/ HTTP 302
https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/ Redirect Chain https://vai.promo/gmxweb/21cf https://redirecter-go.xyz/SPKLI3M https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/ https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2? http://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/? https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/? https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/?	17 KB 5 KB	160ms 159ms	Document text/html	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `932768a7b6cedfbcae928cb0e708d0f5ea7ed10f457e36f21f2c34d5086873d7` Request headers Host sparka-gruppe-de-redirect-anmeldung-psd2.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie bid=48f345a9bbb73b44a6ef2cf31b369de2 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Server nginx/1.10.3 (Ubuntu) Date Mon, 16 Mar 2020 16:30:20 GMT Content-Type text/html; charset=UTF-8 Content-Length 4706 Connection keep-alive Set-Cookie PHPSESSID=os6pbsuibsbn7s5h5hk5a3g1e3; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Vary Accept-Encoding Content-Encoding gzip Redirect headers Server nginx/1.10.3 (Ubuntu) Date Mon, 16 Mar 2020 16:30:19 GMT Content-Type text/html; charset=UTF-8 Content-Length 0 Connection keep-alive Set-Cookie bid=48f345a9bbb73b44a6ef2cf31b369de2 location login/?
GET H/1.1	200 OK	jquery.min.js Show response sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/bower_components/jquery/dist/	85 KB 30 KB	195ms 194ms	Script application/javascript	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/bower_components/jquery/dist/jquery.min.js Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Content-Encoding gzip Last-Modified Fri, 28 Feb 2020 00:27:42 GMT Server nginx/1.10.3 (Ubuntu) ETag "15283-59f97e7d61b80-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 30138
GET H/1.1	200 OK	ua-parser.min.js Show response sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/bower_components/ua-parser-js/dist/	17 KB 6 KB	244ms 152ms	Script application/javascript	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/bower_components/ua-parser-js/dist/ua-parser.min.js Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Content-Encoding gzip Last-Modified Fri, 28 Feb 2020 00:27:44 GMT Server nginx/1.10.3 (Ubuntu) ETag "4298-59f97e7f4a000-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 6063
GET H/1.1	200 OK	font-awesome.min.css sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/bower_components/font-awesome/css/	30 KB 7 KB	242ms 152ms	Stylesheet text/css	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/bower_components/font-awesome/css/font-awesome.min.css Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Content-Encoding gzip Last-Modified Fri, 28 Feb 2020 00:27:40 GMT Server nginx/1.10.3 (Ubuntu) ETag "7918-59f97e7b79700-gzip" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 7053
GET H/1.1	200 OK	css.css sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/form/	557 B 557 B	314ms 224ms	Stylesheet text/css	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/form/css.css Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `117bce8813acf5c9ee88220b82297dcbec9fd00f46178e6a78d0533b9252f276` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Content-Encoding gzip Last-Modified Tue, 03 Mar 2020 16:16:50 GMT Server nginx/1.10.3 (Ubuntu) ETag "22d-59ff5a1912080-gzip" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 254
GET H/1.1	200 OK	style.php sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/	73 KB 11 KB	248ms 156ms	Stylesheet text/css	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/style.php Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `64b84e5740e6c63a58db60e046fbe2c2f393a540b72b48f46a61ae43fc12e227` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Pragma no-cache Date Mon, 16 Mar 2020 16:30:20 GMT Content-Encoding gzip Server nginx/1.10.3 (Ubuntu) Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 10612 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	spk-logo-desktop.png sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/	7 KB 7 KB	293ms 201ms	Image image/png	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Show image Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/spk-logo-desktop.png Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `a4f04574b20972a5b290984c214ff23af7810b73db0a640c75bf11b2a042336b` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Last-Modified Fri, 28 Feb 2020 00:27:24 GMT Server nginx/1.10.3 (Ubuntu) ETag "1bb5-59f97e6c37300" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 7093
GET H/1.1	200 OK	spk-logo-mobile.png sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/	5 KB 5 KB	155ms 153ms	Image image/png	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Show image Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/spk-logo-mobile.png Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `723733a7bb6f25194a40769ba4b2c4b4840d707bba89f745984fab9442f72141` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Last-Modified Fri, 28 Feb 2020 00:27:24 GMT Server nginx/1.10.3 (Ubuntu) ETag "146c-59f97e6c37300" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 5228
GET H/1.1	200 OK	spk-logo-druck.png sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/	6 KB 6 KB	185ms 184ms	Image image/png	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Show image Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/spk-logo-druck.png Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `92a47005456ffc3265cfb02b76cfb77edf109347cd59ef3c755aec4ffd4e8e85` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Last-Modified Fri, 28 Feb 2020 00:27:24 GMT Server nginx/1.10.3 (Ubuntu) ETag "18d5-59f97e6c37300" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 6357
GET H/1.1	404 Not Found	tdg sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/	306 B 306 B	149ms 149ms	Image text/html	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Show image Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/tdg Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `7c93d65ba4d004e0211eb25cbfd141acb4649f71fe2ead6deb9f099905c15cce` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Content-Encoding gzip Server nginx/1.10.3 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	form.js Show response sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/form/	9 KB 3 KB	152ms 151ms	Script application/javascript	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/form/form.js?v=5e6faa3412ac1 Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `47c4c7b3fddbf6b4c854f09c3d434da26826a2affeca30874e1846ce275b3bc0` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Content-Encoding gzip Last-Modified Fri, 28 Feb 2020 00:27:34 GMT Server nginx/1.10.3 (Ubuntu) ETag "2535-59f97e75c0980-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 2801
GET H/1.1	200 OK	token.js Show response sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/token/	11 KB 2 KB	221ms 220ms	Script application/javascript	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/token/token.js?v=5e6faa3412b02 Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `0e322d75e7e6d86475f347f96a1f770a17025eec6070a0d8735177af29094d8a` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Content-Encoding gzip Last-Modified Tue, 03 Mar 2020 17:09:42 GMT Server nginx/1.10.3 (Ubuntu) ETag "2a6a-59ff65ea20180-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1782
GET H/1.1	200 OK	25frrutigerltw02-55roman-webfont.woff sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/fonts/reg/	25 KB 25 KB	146ms 145ms	Font application/font-woff	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/fonts/reg/25frrutigerltw02-55roman-webfont.woff Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `7cc0a4759f5cfe7d8a6f191f79a38b1c8e36c975f160b89f21d31436dff05c4e` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/style.php Origin https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Last-Modified Sun, 01 Mar 2020 20:29:08 GMT Server nginx/1.10.3 (Ubuntu) ETag "62e4-59fd0ec2ded00" Content-Type application/font-woff Connection keep-alive Accept-Ranges bytes Content-Length 25316
GET H/1.1	200 OK	pictos-if.woff sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/	64 KB 64 KB	237ms 150ms	Font application/font-woff	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/pictos-if.woff Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `d6fff4dce0ed66b0ef96ec5165e4b5fa7d2d193df2537040630dd19606b7b664` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/style.php Origin https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Last-Modified Fri, 28 Feb 2020 00:27:22 GMT Server nginx/1.10.3 (Ubuntu) ETag "ff6c-59f97e6a4ee80" Content-Type application/font-woff Connection keep-alive Accept-Ranges bytes Content-Length 65388
GET H/1.1	200 OK	25frrutigerltw02-65bold-webfont.woff sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/fonts/bold/	25 KB 26 KB	298ms 160ms	Font application/font-woff	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/fonts/bold/25frrutigerltw02-65bold-webfont.woff Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `353b8f56926b58e1c037ac912432156fff183d03d5f42a1f5d2ec06199e446f4` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/style.php Origin https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Last-Modified Sun, 01 Mar 2020 20:29:00 GMT Server nginx/1.10.3 (Ubuntu) ETag "6574-59fd0ebb3db00" Content-Type application/font-woff Connection keep-alive Accept-Ranges bytes Content-Length 25972
GET H/1.1	200 OK	password.ttf sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/	125 KB 125 KB	281ms 151ms	Font application/font-sfnt	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/password.ttf Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `5585d482c2eee6acbeca5fe3d9ffaad32b15c5b26995ee345b0208f557571155` Request headers Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/login/style.php Origin https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Last-Modified Tue, 03 Mar 2020 16:02:34 GMT Server nginx/1.10.3 (Ubuntu) ETag "1f2fc-59ff56e8b9a80" Content-Type application/font-sfnt Connection keep-alive Accept-Ranges bytes Content-Length 127740
GET H/1.1	200 OK	home.php Show response sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/	58 B 221 B	261ms 261ms	XHR application/json	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/home.php?link=sparkase.de&bid=48f345a9bbb73b44a6ef2cf31b369de2&callback=jQuery321020107028074499844_1584376220375&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1584376220376 Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `0f79c0f06ce1c34f6c76623f68e8ab5acf634d61e64eda5b8cd4f60011fec143` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Sec-Fetch-Dest empty X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Server nginx/1.10.3 (Ubuntu) Connection keep-alive Content-Length 58 Content-Type application/json
GET H/1.1	200 OK	home.php Show response sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/	58 B 221 B	252ms 252ms	XHR application/json	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/home.php?link=sparkase.de&bid=48f345a9bbb73b44a6ef2cf31b369de2&callback=jQuery321020107028074499844_1584376220377&data=%7B%22mes%22%3A%22User%20on%20Login%20page%22%7D&_=1584376220378 Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `d0b0f4e00641cf192c08b0bce5b7ebc81c757f50f514c68bcfcfb18d09fc31b6` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Sec-Fetch-Dest empty X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 16 Mar 2020 16:30:20 GMT Server nginx/1.10.3 (Ubuntu) Connection keep-alive Content-Length 58 Content-Type application/json
GET H/1.1	200 OK	home.php Show response sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/	58 B 221 B	265ms 264ms	XHR application/json	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/home.php?link=sparkase.de&bid=48f345a9bbb73b44a6ef2cf31b369de2&callback=jQuery321020107028074499844_1584376220375&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1584376220379 Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `0f79c0f06ce1c34f6c76623f68e8ab5acf634d61e64eda5b8cd4f60011fec143` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Sec-Fetch-Dest empty X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 16 Mar 2020 16:30:25 GMT Server nginx/1.10.3 (Ubuntu) Connection keep-alive Content-Length 58 Content-Type application/json
GET H/1.1	200 OK	home.php Show response sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/	58 B 221 B	264ms 263ms	XHR application/json	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/home.php?link=sparkase.de&bid=48f345a9bbb73b44a6ef2cf31b369de2&callback=jQuery321020107028074499844_1584376220375&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1584376220380 Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `0f79c0f06ce1c34f6c76623f68e8ab5acf634d61e64eda5b8cd4f60011fec143` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Sec-Fetch-Dest empty X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 16 Mar 2020 16:30:30 GMT Server nginx/1.10.3 (Ubuntu) Connection keep-alive Content-Length 58 Content-Type application/json
GET H/1.1	200 OK	home.php Show response sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/	58 B 221 B	262ms 262ms	XHR application/json	45.12.32.96 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/home.php?link=sparkase.de&bid=48f345a9bbb73b44a6ef2cf31b369de2&callback=jQuery321020107028074499844_1584376220375&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1584376220381 Requested by Host: sparka-gruppe-de-redirect-anmeldung-psd2.xyz URL: https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.12.32.96 , Russian Federation, ASN200313 (INTERNET-IT, NL), Reverse DNS livescripter7.ptr1.ru Software nginx/1.10.3 (Ubuntu) / Resource Hash `0f79c0f06ce1c34f6c76623f68e8ab5acf634d61e64eda5b8cd4f60011fec143` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer https://sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2/login/? Sec-Fetch-Dest empty X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 16 Mar 2020 16:30:35 GMT Server nginx/1.10.3 (Ubuntu) Connection keep-alive Content-Length 58 Content-Type application/json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sparka-gruppe-de-redirect-anmeldung-psd2.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: os6pbsuibsbn7s5h5hk5a3g1e3
			sparka-gruppe-de-redirect-anmeldung-psd2.xyz/service-portal/48f345a9bbb73b44a6ef2cf31b369de2	1969-12-31 23:59:59	Name: bid Value: 48f345a9bbb73b44a6ef2cf31b369de2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

redirecter-go.xyz
sparka-gruppe-de-redirect-anmeldung-psd2.xyz
vai.promo
2606:4700:3033::681b:b838
35.198.4.183
45.12.32.96
0e322d75e7e6d86475f347f96a1f770a17025eec6070a0d8735177af29094d8a
0f79c0f06ce1c34f6c76623f68e8ab5acf634d61e64eda5b8cd4f60011fec143
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
117bce8813acf5c9ee88220b82297dcbec9fd00f46178e6a78d0533b9252f276
353b8f56926b58e1c037ac912432156fff183d03d5f42a1f5d2ec06199e446f4
47c4c7b3fddbf6b4c854f09c3d434da26826a2affeca30874e1846ce275b3bc0
5585d482c2eee6acbeca5fe3d9ffaad32b15c5b26995ee345b0208f557571155
64b84e5740e6c63a58db60e046fbe2c2f393a540b72b48f46a61ae43fc12e227
723733a7bb6f25194a40769ba4b2c4b4840d707bba89f745984fab9442f72141
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c93d65ba4d004e0211eb25cbfd141acb4649f71fe2ead6deb9f099905c15cce
7cc0a4759f5cfe7d8a6f191f79a38b1c8e36c975f160b89f21d31436dff05c4e
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
92a47005456ffc3265cfb02b76cfb77edf109347cd59ef3c755aec4ffd4e8e85
932768a7b6cedfbcae928cb0e708d0f5ea7ed10f457e36f21f2c34d5086873d7
a4f04574b20972a5b290984c214ff23af7810b73db0a640c75bf11b2a042336b
d0b0f4e00641cf192c08b0bce5b7ebc81c757f50f514c68bcfcfb18d09fc31b6
d6fff4dce0ed66b0ef96ec5165e4b5fa7d2d193df2537040630dd19606b7b664

sparka-gruppe-de-redirect-anmeldung-psd2.xyz Open in urlscan Pro 45.12.32.96 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

1 IPs

2 Countries

325 kBTransfer

500 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

28 JavaScript Global Variables

2 Cookies

Indicators

sparka-gruppe-de-redirect-anmeldung-psd2.xyz Open in urlscan Pro
45.12.32.96 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

325 kB
Transfer

500 kB
Size

2
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!