sparkassen-aktualisierungen.ru Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://filmistik.com/595hz7589895hz7805h598hdf9sghs0dgs.php
Effective URL:
https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5
Submission: On August 14 via manual (August 14th 2024, 1:56:59 pm UTC) from DE — Scanned from DE

Summary HTTP 17 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is sparkassen-aktualisierungen.ru.
TLS certificate: Issued by WE1 on August 2nd 2024. Valid for: 3 months.

This is the only time sparkassen-aktualisierungen.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	80.93.208.98 80.93.208.98	20649 (ASFIBERSU...) (ASFIBERSUNUCU)
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 19	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	1

1 80.93.208.98 (Turkey) 1 redirects

ASN20649 (ASFIBERSUNUCU, TR)
PTR: server.lodos.com

filmistik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

shturl.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 188.114.97.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

mandat-klarna.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sparkassen-aktualisierungen.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	sparkassen-aktualisierungen.ru 1 redirects sparkassen-aktualisierungen.ru	799 KB
1	mandat-klarna.xyz 1 redirects mandat-klarna.xyz	519 B
1	shturl.xyz 1 redirects shturl.xyz	441 B
1	filmistik.com 1 redirects filmistik.com	241 B
17	4

	Domain	Requested by
18	sparkassen-aktualisierungen.ru	1 redirects sparkassen-aktualisierungen.ru
1	mandat-klarna.xyz	1 redirects
1	shturl.xyz	1 redirects
1	filmistik.com	1 redirects
17	4

This site contains links to these domains. Also see Links.

Domain
module.foerde-sparkasse.de
blog.foerde-sparkasse.de
www.facebook.com
twitter.com
www.youtube.com
www.xing.com
www.tiktok.com
termin.foerde-sparkasse.de
www.studiale.de
www.sparkassen-shop.de

Subject Issuer	Validity	Valid
sparkassen-aktualisierungen.ru WE1	`2024-08-02` - `2024-10-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5
Frame ID: BA7D248878620935909E8EEC67CD2C0B
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Online-Banking | Sparkasse

Page URL History Show full URLs

https://filmistik.com/595hz7589895hz7805h598hdf9sghs0dgs.php HTTP 302
https://shturl.xyz/BJbQ5NBz HTTP 302
https://mandat-klarna.xyz/spaka HTTP 307
https://sparkassen-aktualisierungen.ru/s/?s=m7fhd9p5gt9v3o8tw3h8aesw3excvpdn HTTP 302
https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIs... Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*parbase

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

1
IPs

2
Countries

798 kB
Transfer

3060 kB
Size

1
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://module.foerde-sparkasse.de/de/home/ihre-sparkasse/podcast.html?n=true&stref=hnav
Title: Podcast

Search URL Search Domain Scan URL

URL: https://blog.foerde-sparkasse.de/
Title: Ihre Sparkasse hautnahBlog der Sparkasse

Search URL Search Domain Scan URL

URL: https://www.facebook.com/foerdesparkasse
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/foerdesparkasse
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcKZYqFLnRp9bmhEPbkytXA
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.xing.com/company/foerdesparkasse
Title: Xing

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@foerdesparkasse
Title: TikTok

Search URL Search Domain Scan URL

URL: http://termin.foerde-sparkasse.de/
Title: Beratungstermin vereinbaren

Search URL Search Domain Scan URL

URL: https://www.studiale.de/
Title: Studiale

Search URL Search Domain Scan URL

URL: https://www.sparkassen-shop.de/foerde-sparkasse/?_ga=2.141694002.1491539779.1620378309-163821152.1620378309
Title: Sparkassen-Shop

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://filmistik.com/595hz7589895hz7805h598hdf9sghs0dgs.php HTTP 302
https://shturl.xyz/BJbQ5NBz HTTP 302
https://mandat-klarna.xyz/spaka HTTP 307
https://sparkassen-aktualisierungen.ru/s/?s=m7fhd9p5gt9v3o8tw3h8aesw3excvpdn HTTP 302
https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request anmeldung.php Show response sparkassen-aktualisierungen.ru/s/ Redirect Chain https://filmistik.com/595hz7589895hz7805h598hdf9sghs0dgs.php https://shturl.xyz/BJbQ5NBz https://mandat-klarna.xyz/spaka https://sparkassen-aktualisierungen.ru/s/?s=m7fhd9p5gt9v3o8tw3h8aesw3excvpdn https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5	60 KB 9 KB	277ms 277ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `85ab3462e1b68b508a597e80ad0e5b8c9106b460978e5e9e259ddb8a554743ad` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8b3173736d672bac-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 14 Aug 2024 13:56:55 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y9emOT1QJAixWLPRO3yKSD5gpc3dVA9XK7BJ8IOnNIGe8iVh3lXjkpN%2BzYO6kfXrYUJApsDRIYzFJxmXnGbsGNH%2BL6fEQw8Auu5hfyxwGTTBpOpN3MWXAV26ki3ojxSgxNDvkHBQAH%2FlhbgVKJpFjYk%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8b3173714b052bac-FRA content-type text/html; charset=UTF-8 date Wed, 14 Aug 2024 13:56:54 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T12MxQv72DTBta39yqlPJTlZc9qIV%2FteoXFA8uPIezAK24B%2BbWfF7UX0K4CQUTeNEEkObx5M1RmZfymiPyllmNXu0%2BlT1gfFe2C3T74WkJ%2Fgm3qXpVdaGbn1OrtgxJ%2F73I9W0FdpOxzUzAIOFmJV2WY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css sparkassen-aktualisierungen.ru/s/src/	2 MB 189 KB	94ms 94ms	Stylesheet text/css	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sparkassen-aktualisierungen.ru/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Requested by Host: sparkassen-aktualisierungen.ru URL: https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7bff2bf5fb283195a323aa0994f605e0710397955f82d54d8f4993993a5037d5` Request headers Referer https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:55 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6120 etag "1be7e3-5ee86a9010d00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nT8UmyWUcpuR6EpWloiWkDCWyKTgLEuTUrEPjvo9kIi98hnnlhlCSOpBo%2BQgY4cggq3mNvtn9F0TfoRucForbC%2FacLZXFwWpR5CXlnn4blMzj1omyrnSbJaDfqafTx8ZZgKpSEhiTgLUCZO6GIpSEo0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8b3173752fa52bac-FRA alt-svc h3=":443"; ma=86400
GET H3	200	internetfiliale.min.007ac3aaa8c7e77660499b0a77898638.js Show response sparkassen-aktualisierungen.ru/s/src/	612 KB 148 KB	52ms 51ms	Script application/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sparkassen-aktualisierungen.ru/s/src/internetfiliale.min.007ac3aaa8c7e77660499b0a77898638.js Requested by Host: sparkassen-aktualisierungen.ru URL: https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7771efb0493be3b72af4f72309fbcd3fc797ff5cb68411000809afb7906c2aa2` Request headers Referer https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:55 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6120 etag "98f9e-5ee86a9010d00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b70s24DxynNgLeEnHggt6oU3ORF0rvgVAv1IT31YkMcxCdQzMnnbukk2mcb3gVAiOMI69WskGRUdc74JWZ%2F5ho7GrJqoqJ%2FJCOa0aeqL8yG4NLsqi4mCivDKACHKzdlcoKj59G4m8Fj3gq23M173VqE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8b3173752fa92bac-FRA alt-svc h3=":443"; ma=86400
GET H3	200	logo_ini.svg sparkassen-aktualisierungen.ru/s/src/	22 KB 9 KB	257ms 256ms	Image image/svg+xml	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sparkassen-aktualisierungen.ru/s/src/logo_ini.svg Requested by Host: sparkassen-aktualisierungen.ru URL: https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a` Request headers Referer https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:55 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6120 etag W/"58be-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zu4ut5irHDuXWlS1JiolSxhr%2BjfeKfHFKSb6OxLpa%2FOXSPZry26YpDKiEISdJHMF56NTWqWIwhKvxn0J8VdHbgKHN%2BoSNUj7DqNrM1r%2FPCqd2rv8mCf9NTEa3BK8prI%2F7S%2FAN9PlUy8IqCXE%2BQASndI%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 8b3173752faa2bac-FRA alt-svc h3=":443"; ma=86400
GET H3	200	Bildmarke_S-Sparkasse_72px.svg sparkassen-aktualisierungen.ru/s/src/	976 B 858 B	256ms 256ms	Image image/svg+xml	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sparkassen-aktualisierungen.ru/s/src/Bildmarke_S-Sparkasse_72px.svg Requested by Host: sparkassen-aktualisierungen.ru URL: https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35` Request headers Referer https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:55 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6120 etag W/"3d0-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7KgJ4G7iFfAHtomOphnioQ%2FLw4viOgFOxlikIweNE4KjuT9f4bnx0aiKOjgQzTjbWY%2F5ui%2F2PvpXoP%2F4LWFwemRE%2BYWp1AceaHvlUxPkxVr4nROXq4bLwoV2VV2AtL%2BYvel41iOPCcynB3zriE67TvI%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 8b3173752fab2bac-FRA alt-svc h3=":443"; ma=86400
GET H3	200	1624599692487.png sparkassen-aktualisierungen.ru/s/src/	81 KB 82 KB	55ms 54ms	Image image/png	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sparkassen-aktualisierungen.ru/s/src/1624599692487.png Requested by Host: sparkassen-aktualisierungen.ru URL: https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `56e9434317dee79ec08a0e26b77be2e4188fafa982f1e9b91d3103574f131b60` Request headers Referer https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:55 GMT cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6120 etag "145f5-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jqT4cLZkD%2BhhKnByVHhNkQfHCOJ6V7JXc09zTo5gsIMy0NZ7KNVsDEsHM%2FfjlGC%2B5gMTxaj7XwubZvmXG6er9sdyUEVW2xRd1xF359knNIJN%2BGkIAtkaHo2JS37bn3KuqGu5Cl55DaVEPEgutCp1a34%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8b317376d9bb2bac-FRA alt-svc h3=":443"; ma=86400 content-length 83445
GET H3	200	1559285204680.jpg sparkassen-aktualisierungen.ru/s/src/	49 KB 49 KB	51ms 51ms	Image image/jpeg	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sparkassen-aktualisierungen.ru/s/src/1559285204680.jpg Requested by Host: sparkassen-aktualisierungen.ru URL: https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0953b37758ea0fe97892f833b84425dce3e3dee6419374cf439c373b0a159f2e` Request headers Referer https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:55 GMT cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6120 etag "c3f7-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h9F3BnnOn%2FbrOWpW9HF1Iw1ogMdbij9ODPFN2S7Me5rq3JyHfHZg6cvH3IutU%2BHOUnDXzRbkU30vJ3DzUCMNYSK6gX31rRrFNBmgvnrfZUQ2MHn03%2BnMoRIRpXMBhYQRaFUKRoWJ3XONM6Svk%2BSu0%2B4%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8b317376d9bf2bac-FRA alt-svc h3=":443"; ma=86400 content-length 50167
GET H3	200	tdg sparkassen-aktualisierungen.ru/s/src/	45 B 486 B	258ms 258ms	Image image/gif	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sparkassen-aktualisierungen.ru/s/src/tdg Requested by Host: sparkassen-aktualisierungen.ru URL: https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4` Request headers Referer https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:55 GMT cf-cache-status DYNAMIC last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2d-5ee86a9010d00" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TMg7EQm6PPmEMw5sLli3FoWbgXsycMeXrJxXnaNTALO8DwgNSUAc1qs3uFZCIFRMSZr7v%2B%2BHRqx%2BFOqe5BkCW3xXVw5f5Vtp%2BC6NbEeQ2NNbuuztGHsMwvbk36xBuEBWBHeZdSYOf3xtEVJYZLsPwoE%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 8b3173771a072bac-FRA alt-svc h3=":443"; ma=86400 content-length 45
GET H3	200	universal_analytics.min.fce01e1aa1583405fd3c179639d0bd13.js Show response sparkassen-aktualisierungen.ru/s/src/	77 KB 27 KB	54ms 54ms	Script application/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sparkassen-aktualisierungen.ru/s/src/universal_analytics.min.fce01e1aa1583405fd3c179639d0bd13.js Requested by Host: sparkassen-aktualisierungen.ru URL: https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a9ef9d42dab6b5e3172ec15be7fa5605792b9cd28055eaa9efc29c91eb789da6` Request headers Referer https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:55 GMT content-encoding gzip cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6119 alt-svc h3=":443"; ma=86400 content-length 27368 last-modified Mon, 28 Nov 2022 12:03:32 GMT server cloudflare etag "13358-5ee86a9010d00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2KaUutuka7NMd%2FOC%2B0CAoQEZ1UcN9zhjhmCNC77qCO77dV%2BQPbs47Z%2FscuZqIBSOrjlB1DENrE3k2aAfKWjLK55be6Qj%2F9oBtNZeMFzassG7%2FuqHoWpsmSPj%2FChs8gH%2BuLxOwMIT0S4TNcn2bwHCEAc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8b3173771a032bac-FRA
GET H3	200	Sparkasse_web_Rg.woff sparkassen-aktualisierungen.ru/s/src/fonts/	41 KB 41 KB	59ms 58ms	Font application/font-woff	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sparkassen-aktualisierungen.ru/s/src/fonts/Sparkasse_web_Rg.woff Requested by Host: sparkassen-aktualisierungen.ru URL: https://sparkassen-aktualisierungen.ru/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451` Request headers Referer https://sparkassen-aktualisierungen.ru/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://sparkassen-aktualisierungen.ru User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:55 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6119 etag W/"a200-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J9Lhh7cba%2B7XeuA3mM3pYmLOIVm2nOgEEAo8GtBC1JWetSpbeuwLCc%2B8MDoRB1Wcnh0j%2FqnyilC3x%2FY2R6sQemfUravUvBc53I5u9Fj6KIg7oycNkiw%2FIgKu1Y%2BCIUmZl%2BTiGA%2BE4TsEtcgnnnuEEys%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 8b3173774a3b2bac-FRA alt-svc h3=":443"; ma=86400
GET H3	200	pictos-if.woff sparkassen-aktualisierungen.ru/s/src/fonts/	204 KB 114 KB	61ms 60ms	Font application/font-woff	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sparkassen-aktualisierungen.ru/s/src/fonts/pictos-if.woff Requested by Host: sparkassen-aktualisierungen.ru URL: https://sparkassen-aktualisierungen.ru/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ee88f0851598c363b9b465dd2606efb934c3357aaed3274d0f4a2e6d40b86951` Request headers Referer https://sparkassen-aktualisierungen.ru/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://sparkassen-aktualisierungen.ru User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:55 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6119 etag W/"3309c-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WtSqnViGBuAG7zClniqyvef%2B1v%2B58Unna%2Bnbmr9BsKe2yDDmxdUHOaEwAZBK%2BDdPFkWBZwtGUl94OZaG3g3HwsxyGiudo9kzTTkTvDdzV2lsItwF0vRu6HglCRqKyTzwZqKfa9ZI5TwAoWIFu9f05Ek%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 8b3173774a402bac-FRA alt-svc h3=":443"; ma=86400
GET H3	200	Sparkasse_web_Md.woff sparkassen-aktualisierungen.ru/s/src/fonts/	30 KB 31 KB	97ms 97ms	Font application/font-woff	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sparkassen-aktualisierungen.ru/s/src/fonts/Sparkasse_web_Md.woff Requested by Host: sparkassen-aktualisierungen.ru URL: https://sparkassen-aktualisierungen.ru/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `67284df54731fccb0b3c039cbeaab3474c057c5bc95accad964b13ef86eb1c8d` Request headers Referer https://sparkassen-aktualisierungen.ru/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://sparkassen-aktualisierungen.ru User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:55 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6119 etag W/"7928-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vyf9dbzGqp%2BcTG3z%2BbRLr1jVQ61sAubKOMT74q6S%2Frj4OzUV8ylnPqWRgw0JRbKPs6Yyrd7CU9iCJgXcs6fEnZJVEMq%2BMy6qqUocYCEkrQJnXtrQnf5xcGKfV77%2FzhAtKC8Vd4HkMRrxYtMHJpJEGhE%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 8b3173774a432bac-FRA alt-svc h3=":443"; ma=86400
GET H3	200	SparkasseHead_web_Rg.woff sparkassen-aktualisierungen.ru/s/src/fonts/	29 KB 30 KB	55ms 55ms	Font application/font-woff	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sparkassen-aktualisierungen.ru/s/src/fonts/SparkasseHead_web_Rg.woff Requested by Host: sparkassen-aktualisierungen.ru URL: https://sparkassen-aktualisierungen.ru/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86` Request headers Referer https://sparkassen-aktualisierungen.ru/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://sparkassen-aktualisierungen.ru User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:55 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6119 etag W/"7550-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=epu%2FSWj9oLnfeQNX9YiO6qigIsekOaBZWP9F1mhOM6Pn11aJjREzMDEwjPcNXI7ORVyyCVTjWy70pqbedXakwlhVycuhMLhWuvT02uFioS730%2Ba5tUr01lKvqBTzm0g3vgvbJ%2BdaCR0VL6ByAg0k9T8%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 8b3173774a462bac-FRA alt-svc h3=":443"; ma=86400
GET H3	200	Sparkasse_web_Lt.woff sparkassen-aktualisierungen.ru/s/src/fonts/	30 KB 30 KB	398ms 397ms	Font application/font-woff	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sparkassen-aktualisierungen.ru/s/src/fonts/Sparkasse_web_Lt.woff Requested by Host: sparkassen-aktualisierungen.ru URL: https://sparkassen-aktualisierungen.ru/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `25dd114c2f885924740de83597589835df1a394b84b1cf687585790462f95042` Request headers Referer https://sparkassen-aktualisierungen.ru/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://sparkassen-aktualisierungen.ru User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:55 GMT content-encoding br cf-cache-status MISS last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"77cc-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2oBu%2Bmap6wOdb6cApQH6c4%2BonI%2F0DSq%2BFYa4xEichptz%2FqC9CTIhcSy2IvS6b275lcGGpU8rSN1CE9EKMwVtMoNWQZTtUdwklkA24yz04nW5oO%2BncQ5hKlgLu6TEqSZbYCoiISzqqP%2FE6MaWqP124m0%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 8b3173774a492bac-FRA alt-svc h3=":443"; ma=86400
GET H3	200	Sparkasse_web_Bd.woff sparkassen-aktualisierungen.ru/s/src/fonts/	36 KB 37 KB	58ms 58ms	Font application/font-woff	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sparkassen-aktualisierungen.ru/s/src/fonts/Sparkasse_web_Bd.woff Requested by Host: sparkassen-aktualisierungen.ru URL: https://sparkassen-aktualisierungen.ru/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002` Request headers Referer https://sparkassen-aktualisierungen.ru/s/src/internetfiliale.min.36ca8f1e347de7a03a31e002be3843c7.css Origin https://sparkassen-aktualisierungen.ru User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:55 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6119 etag W/"901c-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QCb1DqlbRBych30fdMDdkgV0Ya7iMgtc7rKtFHJtLOg6M3fF8ejAdn%2BX7uwVsx5U5%2FJn77oQHNlvt6ia2rrEUlSA0LPG6We1LK8ybt7cI1NUcwhKCf9c2DwLXcYvNc7q7flloMUdfwXSMkXZCqWNG7M%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 8b3173774a4a2bac-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon1x.ico sparkassen-aktualisierungen.ru/s/src/	1 KB 693 B	336ms 336ms	Other image/vnd.microsoft.icon	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sparkassen-aktualisierungen.ru/s/src/favicon1x.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2b09bfaae201b4b85471fc79e4890ed850374b3751f3dbda255092b1740c4737` Request headers Referer https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:56 GMT content-encoding br cf-cache-status MISS last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"47e-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Y2sV2ERYvgHQ%2BytME2JxnaZW5xZgepVHNG0kQU0oPgI6zYVuIhMDJQvz1EBFe%2BKwgPgWHLBMVeJ%2BEApCezuUwJ8WTe0C%2Bn1B3mFrIUg8BAS%2FyR1AuFNt4EzYc5kfz%2FoeZveVXzm5lyZE7BBV5JD0a0%3D"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon cache-control max-age=14400 cf-ray 8b317379dd5c2bac-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon2x.png sparkassen-aktualisierungen.ru/s/src/	298 B 769 B	66ms 66ms	Other image/png	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sparkassen-aktualisierungen.ru/s/src/favicon2x.png Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d57403a697fb7d9e5090e8958be0325c4ae6d09b72f6d67b9e2a666e6c6be335` Request headers Referer https://sparkassen-aktualisierungen.ru/s/anmeldung.php?starten=HrsTGKPqczRuQSXivhp5eYWjV7afZk&shufflUri?=lSnCLhYeIsMopZGJPdz5 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 13:56:56 GMT cf-cache-status HIT last-modified Mon, 28 Nov 2022 12:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6119 etag "12a-5ee86a9010d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PIzIiOJoScAMY2hQb4%2F4E0RgsTGHyM3qm6QuYWD8kaoiLG09izvp%2F04JXPhn0yOeUFEmNILxLEw%2FOpEmhC7SsbjJvz9xmdMsjx3epIHEMZAylUFAcST1ZWS1Oxs1IdWHMaaeTiwmRcr%2BUH0QdTdAxJ0%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8b31737bf87a2bac-FRA alt-svc h3=":443"; ma=86400 content-length 298

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sparkassen-aktualisierungen.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: bm5l7gtfhhf086m12klv0p002j

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

filmistik.com
mandat-klarna.xyz
shturl.xyz
sparkassen-aktualisierungen.ru
188.114.96.3
188.114.97.3
80.93.208.98
0953b37758ea0fe97892f833b84425dce3e3dee6419374cf439c373b0a159f2e
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
25dd114c2f885924740de83597589835df1a394b84b1cf687585790462f95042
2b09bfaae201b4b85471fc79e4890ed850374b3751f3dbda255092b1740c4737
2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a
56e9434317dee79ec08a0e26b77be2e4188fafa982f1e9b91d3103574f131b60
62cfb054088e29a0e576b434030c236c6101af0599e6f55cfe89b35a6186fba4
67284df54731fccb0b3c039cbeaab3474c057c5bc95accad964b13ef86eb1c8d
7771efb0493be3b72af4f72309fbcd3fc797ff5cb68411000809afb7906c2aa2
7bff2bf5fb283195a323aa0994f605e0710397955f82d54d8f4993993a5037d5
85ab3462e1b68b508a597e80ad0e5b8c9106b460978e5e9e259ddb8a554743ad
a9ef9d42dab6b5e3172ec15be7fa5605792b9cd28055eaa9efc29c91eb789da6
d57403a697fb7d9e5090e8958be0325c4ae6d09b72f6d67b9e2a666e6c6be335
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86
ee88f0851598c363b9b465dd2606efb934c3357aaed3274d0f4a2e6d40b86951
f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35

sparkassen-aktualisierungen.ru Open in urlscan Pro 188.114.97.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

1 IPs

2 Countries

798 kBTransfer

3060 kBSize

1 Cookies

10 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

32 JavaScript Global Variables

1 Cookies

Indicators

sparkassen-aktualisierungen.ru Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

1
IPs

2
Countries

798 kB
Transfer

3060 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!