de-agb-aktualisierung.email Open in urlscan Pro
2606:4700:3031::681c:ed1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s7531330.sendpul.se/sl/NTk0Nzk=/c4a3cfed69bcdd0d1057e37f2b886c80s6
Effective URL:
https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368
Submission Tags: 6854244
Submission: On November 18 via api (November 18th 2020, 2:33:56 pm UTC) from NL

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3031::681c:ed1, located in United States and belongs to CLOUDFLARENET, US. The main domain is de-agb-aktualisierung.email.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 16th 2020. Valid for: a year.

This is the only time de-agb-aktualisierung.email was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.165.155.46 188.165.155.46	16276 (OVH) (OVH)
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 12	2606:4700:303... 2606:4700:3031::681c:ed1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	1

1 188.165.155.46 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip46.ip-188-165-155.eu

s7531330.sendpul.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3031::681c:ed1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

de-agb-aktualisierung.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	de-agb-aktualisierung.email 1 redirects de-agb-aktualisierung.email	198 KB
1	bit.ly 1 redirects bit.ly	276 B
1	sendpul.se 1 redirects s7531330.sendpul.se	207 B
11	3

	Domain	Requested by
12	de-agb-aktualisierung.email	1 redirects de-agb-aktualisierung.email
1	bit.ly	1 redirects
1	s7531330.sendpul.se	1 redirects
11	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-16` - `2021-11-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368
Frame ID: 4F1E359D22E9904529472504F796D0F5
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://s7531330.sendpul.se/sl/NTk0Nzk=/c4a3cfed69bcdd0d1057e37f2b886c80s6 HTTP 302
https://bit.ly/3f58276 HTTP 301
https://de-agb-aktualisierung.email/de/verifizierung/anmelden HTTP 302
https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSC... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

197 kB
Transfer

215 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s7531330.sendpul.se/sl/NTk0Nzk=/c4a3cfed69bcdd0d1057e37f2b886c80s6 HTTP 302
https://bit.ly/3f58276 HTTP 301
https://de-agb-aktualisierung.email/de/verifizierung/anmelden HTTP 302
https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 615496357368 Show response de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/ Redirect Chain https://s7531330.sendpul.se/sl/NTk0Nzk=/c4a3cfed69bcdd0d1057e37f2b886c80s6 https://bit.ly/3f58276 https://de-agb-aktualisierung.email/de/verifizierung/anmelden https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368	3 KB 2 KB	1019ms 1019ms	Document text/html	2606:4700:3031::681c:ed1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:ed1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.24 PleskLin Resource Hash `7f96fe9b47c53a55d75260462ef314cadd696729893e64a461690ce04a8a0f81` Request headers :method GET :authority de-agb-aktualisierung.email :scheme https :path /anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie __cfduid=d8d23ef702ce6d075c0655097c0b56f171605710013; PHPSESSID=e1b8au7g0ikdr2arimir4v40dm Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Wed, 18 Nov 2020 14:33:35 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.3.24 PleskLin expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache cf-cache-status DYNAMIC cf-request-id 067d5f81250000dfa5f1807000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xjRS0wUoMmA0d0hkPLelZ2LnTqCRaOP2JCqaZMtbyPLT%2BEZvXgTSVtWxg8Ah%2BRI9L%2FmFj5pJoAxs3f5BodSeHVehXRCpJ1lCAxJ1GYs5t8t8xgO%2FaQW8qViVINuSf9qf3lU%2Bn1c5d2I%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5f4268483f5edfa5-FRA content-encoding br Redirect headers status 302 date Wed, 18 Nov 2020 14:33:34 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d8d23ef702ce6d075c0655097c0b56f171605710013; expires=Fri, 18-Dec-20 14:33:33 GMT; path=/; domain=.de-agb-aktualisierung.email; HttpOnly; SameSite=Lax; Secure PHPSESSID=e1b8au7g0ikdr2arimir4v40dm; path=/ x-powered-by PHP/7.3.24 PleskLin expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache location /anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 cf-cache-status DYNAMIC cf-request-id 067d5f7d130000dfa5549c6000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QidarLXukPC0Gl0wC9QB9LtiWeSLH4wWYA9aV%2FWSyHxy144AWcfUm0nJQ6wvjzso5TZNdQjYO%2FS0883KuGUH2RB546WAE0YNw21E89Cs%2Blqna1v8uHn11wC0VwJg8qt0tYIW%2Bkg%2FX5M%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5f426841ba32dfa5-FRA
GET H2	200	y4aaRgDGJMPB8E5m7pINk de-agb-aktualisierung.email/	14 KB 4 KB	1215ms 1213ms	Stylesheet text/css	2606:4700:3031::681c:ed1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-agb-aktualisierung.email/y4aaRgDGJMPB8E5m7pINk Requested by Host: de-agb-aktualisierung.email URL: https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:ed1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.24, PleskLin Resource Hash `2d19bb76d44416cc0f4887b0cc71449979156c75c4d10efa37a47728b12197b7` Request headers Referer https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 18 Nov 2020 14:33:36 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.24, PleskLin expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0V%2BW47ktahMab%2B1S%2F4AxCfFeh39%2BtTRxkHwrATkjOGim8dQX8fkzTOuVGhmODzlG30Nlgq5Pht3jUCEVPwjrK36N1aqu5ENC%2BfzZL9OCtDvJ5JC%2BjUYnuPFkO73C%2FKUvC6F5meY99PQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate cf-ray 5f42684eac5ddfa5-FRA cf-request-id 067d5f85260000dfa540a3b000000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	ytMrJAyiyAU6hrGZMc4WgEJh de-agb-aktualisierung.email/	9 KB 4 KB	1458ms 1456ms	Image image/svg+xml	2606:4700:3031::681c:ed1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://de-agb-aktualisierung.email/ytMrJAyiyAU6hrGZMc4WgEJh Requested by Host: de-agb-aktualisierung.email URL: https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:ed1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.24, PleskLin Resource Hash `181b3df067913c04fc88c9f2b2960cb8467e845941ce1163abf96146250559a5` Request headers Referer https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma cache date Wed, 18 Nov 2020 14:33:37 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.24, PleskLin expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hYJJ2YN%2F16IDFmpEBX55UIimhZbt8IgJu%2FtDkYnTF1lPXj8i6bp7d1jJsiCHka6ZLcQlX%2F9zp8YRRWSZKxTABsch9XwEsJxf1bgERxozspQHUoCZPQ353M0QR6yuaEyNR7c7HxrXimM%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=3600 cf-ray 5f42684eac65dfa5-FRA cf-request-id 067d5f85270000dfa5e82b8000000001 expires Wed, 18 Nov 2020 15:33:38 GMT
GET H2	200	yiyVweCFC75lb5BLLB66W de-agb-aktualisierung.email/	3 KB 3 KB	2155ms 2154ms	Image image/png	2606:4700:3031::681c:ed1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://de-agb-aktualisierung.email/yiyVweCFC75lb5BLLB66W Requested by Host: de-agb-aktualisierung.email URL: https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:ed1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.24, PleskLin Resource Hash `bc4b0c1b29bfc9a420b7a21150a764688407e7bc3c976cf62b1dec5237a13e99` Request headers Referer https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma cache date Wed, 18 Nov 2020 14:33:37 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.24, PleskLin expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Htw8PJEjzyhpkuk54em9S4V3WK8vjol5NfUlON%2Fvl9EecDIvMqBDxpTKUmLTW33OREEWc88RNdj527b%2BZp%2B2iqz0q9kJT%2BYYthIc02t3nVg9Tq1ch2liXLht5MxbKh9U0ySDkrhSoPU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png status 200 cache-control max-age=3600 cf-ray 5f42684eac6bdfa5-FRA cf-request-id 067d5f85270000dfa53a931000000001 expires Wed, 18 Nov 2020 15:33:39 GMT
GET H2	200	yan162ksQyYcd51PNWdz de-agb-aktualisierung.email/	6 KB 6 KB	2507ms 2506ms	Image image/jpeg	2606:4700:3031::681c:ed1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://de-agb-aktualisierung.email/yan162ksQyYcd51PNWdz Requested by Host: de-agb-aktualisierung.email URL: https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:ed1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.24, PleskLin Resource Hash `4aed1efbbe0bb753684998625ef250fb40086fa7806930d159d80499a5aaf753` Request headers Referer https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma cache date Wed, 18 Nov 2020 14:33:38 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.24, PleskLin expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T4qZaDiaFfE5BGLzOjBnPhEpp4sxuFOYbyiqQGud2XdwWcwlNGZxgwisEzC%2Fwm0TkcMJkA5feecK63wLq%2FV8Vscuad17xM9JCbl%2Foe8eA5o%2BFX1HDIaHwkaLh5V%2FDaDDUh%2Fy7bt7L18%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg status 200 cache-control max-age=3600 cf-ray 5f42684eac6cdfa5-FRA cf-request-id 067d5f85270000dfa5d10e6000000001 expires Wed, 18 Nov 2020 15:33:39 GMT
GET H2	200	ylqjoHCDMy8OuJhl946K de-agb-aktualisierung.email/	25 KB 25 KB	860ms 859ms	Image image/png	2606:4700:3031::681c:ed1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://de-agb-aktualisierung.email/ylqjoHCDMy8OuJhl946K Requested by Host: de-agb-aktualisierung.email URL: https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:ed1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.24, PleskLin Resource Hash `c7ac16e506a09e0903c6a7e6d003d6f432349b5bae60f347384da07bd7093947` Request headers Referer https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma cache date Wed, 18 Nov 2020 14:33:36 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.24, PleskLin expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M%2F1YZ8Bw9gQ0zCad7cQdUyPJZcC4TGcYWvnVHONG%2BTRG3tt7KV1E%2FbwsWt8U92Kn21%2FCC95yh4yWjO%2BsIDEfnSOOxPGaHDbiULXP9rTBN2rnZ0l3iH2LE0h8ohxrmILI6dHKEMchx3E%3D"}],"group":"cf-nel","max_age":604800} content-type image/png status 200 cache-control max-age=3600 cf-ray 5f42684eac6ddfa5-FRA cf-request-id 067d5f85280000dfa5eba95000000001 expires Wed, 18 Nov 2020 15:33:37 GMT
GET H2	200	yDqlyqPht3SddoNEzJx Show response de-agb-aktualisierung.email/	5 KB 2 KB	1794ms 1793ms	Script text/css	2606:4700:3031::681c:ed1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-agb-aktualisierung.email/yDqlyqPht3SddoNEzJx Requested by Host: de-agb-aktualisierung.email URL: https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:ed1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.24, PleskLin Resource Hash `359eefdf867477680e54dbb4cb1a765b388aacc2dd3037224f8d53e2553da7d0` Request headers Referer https://de-agb-aktualisierung.email/anmelden/4448684355/7Ny4DI2mlBQD96fANfDinqSVy2CjBUxp/293828562104993626/0LSClDsEcbNU/615496357368 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 18 Nov 2020 14:33:37 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.24, PleskLin expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oJnphhXIJEvh9rCVMdODF0yRj%2FQjYUg4LEP1fFsyQk2xzJT%2BQE6Ya0hTZOR70yIxrVQD7Sdvqigzp62Q1msCG%2F9lw5rfj6ESsjUhxHslM639mWcYhFNPjQguzAfwhjydmY0KkpbH2G4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate cf-ray 5f42684eac62dfa5-FRA cf-request-id 067d5f85260000dfa5dc1ca000000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	ymly3C5f2muvhG2jj7ME5v0m de-agb-aktualisierung.email/	47 KB 47 KB	2260ms 2259ms	Font application/octet-stream	2606:4700:3031::681c:ed1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-agb-aktualisierung.email/ymly3C5f2muvhG2jj7ME5v0m Requested by Host: de-agb-aktualisierung.email URL: https://de-agb-aktualisierung.email/y4aaRgDGJMPB8E5m7pINk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:ed1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.24, PleskLin Resource Hash `1ab337962df7162cbc12f80783277dbcf416959d80ec88a2c990d6f1a98c3f24` Request headers Origin https://de-agb-aktualisierung.email Referer https://de-agb-aktualisierung.email/y4aaRgDGJMPB8E5m7pINk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma cache date Wed, 18 Nov 2020 14:33:39 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.24, PleskLin expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c%2FtZ66G4CjC6XWesMo%2BgjbpWuWmNj29A9G3ORmhpMCZ10IaU4aZXOO5O2WIdBJinVuTv9uIQQqwYCOYXGsOmYs0RYwY41HXx8A5vgt%2BbBQJd8w12AchAliz3Us1U801LduWFNaqrmBc%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream status 200 cache-control max-age=3600 cf-ray 5f4268564c12dfa5-FRA cf-request-id 067d5f89eb0000dfa515106000000001 expires Wed, 18 Nov 2020 15:33:40 GMT
GET H2	200	yiGiwncWMJHSEwz101LI de-agb-aktualisierung.email/	39 KB 39 KB	2630ms 2629ms	Font application/octet-stream	2606:4700:3031::681c:ed1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-agb-aktualisierung.email/yiGiwncWMJHSEwz101LI Requested by Host: de-agb-aktualisierung.email URL: https://de-agb-aktualisierung.email/y4aaRgDGJMPB8E5m7pINk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:ed1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.24, PleskLin Resource Hash `e3a096177fdb67dc609921050caec415a389d683674be529f2ba91f6e5514638` Request headers Origin https://de-agb-aktualisierung.email Referer https://de-agb-aktualisierung.email/y4aaRgDGJMPB8E5m7pINk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma cache date Wed, 18 Nov 2020 14:33:39 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.24, PleskLin expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ellDIBp9N%2FVMafwthnReSEmzduIZwr93z2omVQWVpdiop3A8Vm1OrSA9iJrL3fVQxsynSbFX10s2F3%2Bmhw2K9wPw1VNv%2Fui60RKc7ZEHG41V6z9uSbkD5FTaetDCkOr6FuWPfW16ejU%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream status 200 cache-control max-age=3600 cf-ray 5f4268564c14dfa5-FRA cf-request-id 067d5f89f30000dfa54f8fe000000001 expires Wed, 18 Nov 2020 15:33:40 GMT
GET H2	200	yyNfLYOVr3zGLvvoXGJ de-agb-aktualisierung.email/	27 KB 27 KB	3043ms 3042ms	Font application/octet-stream	2606:4700:3031::681c:ed1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-agb-aktualisierung.email/yyNfLYOVr3zGLvvoXGJ Requested by Host: de-agb-aktualisierung.email URL: https://de-agb-aktualisierung.email/y4aaRgDGJMPB8E5m7pINk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:ed1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.24, PleskLin Resource Hash `133ad01e7b25970c5cbcce3d8ffb7f23eef311c5950d9fcf27463c49e9ae3f02` Request headers Origin https://de-agb-aktualisierung.email Referer https://de-agb-aktualisierung.email/y4aaRgDGJMPB8E5m7pINk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma cache date Wed, 18 Nov 2020 14:33:40 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.24, PleskLin expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=powW1tT0T30voyQ%2BxV5p7r5J0uVQQLLuaaOLcozOwDNQUFrgfkDjfugtAb0ZVoDrWk%2F6C%2FN0NhSW5S%2Fdqkg2gjM825056dwT6L%2B%2BY7dDibiQsShCxrbtMG9ThTug2nthWvouhqzbdaU%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream status 200 cache-control max-age=3600 cf-ray 5f4268564c2edfa5-FRA cf-request-id 067d5f89f40000dfa5043f0000000001 expires Wed, 18 Nov 2020 15:33:41 GMT
GET H2	200	yosPFWJPrUXPExJp3TMALc0 de-agb-aktualisierung.email/	39 KB 39 KB	3424ms 3423ms	Font application/octet-stream	2606:4700:3031::681c:ed1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de-agb-aktualisierung.email/yosPFWJPrUXPExJp3TMALc0 Requested by Host: de-agb-aktualisierung.email URL: https://de-agb-aktualisierung.email/y4aaRgDGJMPB8E5m7pINk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:ed1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.24, PleskLin Resource Hash `a9ad5dac2a400c1fb324e09df57325568e98772618ff818ca5344b171c834aa2` Request headers Origin https://de-agb-aktualisierung.email Referer https://de-agb-aktualisierung.email/y4aaRgDGJMPB8E5m7pINk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma cache date Wed, 18 Nov 2020 14:33:40 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.24, PleskLin expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QpH5tz69HNKpVnPxQnDG6fYNo84olE7HUfoFZ5sRvjyPdBVlqPLc7nnTDjWfjVWoj98SnhxfTr26V6W5w2yAH5AkjA1rzhScA4o6JlgD41UWr42vzp1M9thxjMEkBIfsupU7SIbgEns%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream status 200 cache-control max-age=3600 cf-ray 5f4268564c2fdfa5-FRA cf-request-id 067d5f89f40000dfa530a33000000001 expires Wed, 18 Nov 2020 15:33:41 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
de-agb-aktualisierung.email
s7531330.sendpul.se
188.165.155.46
2606:4700:3031::681c:ed1
67.199.248.11
133ad01e7b25970c5cbcce3d8ffb7f23eef311c5950d9fcf27463c49e9ae3f02
181b3df067913c04fc88c9f2b2960cb8467e845941ce1163abf96146250559a5
1ab337962df7162cbc12f80783277dbcf416959d80ec88a2c990d6f1a98c3f24
2d19bb76d44416cc0f4887b0cc71449979156c75c4d10efa37a47728b12197b7
359eefdf867477680e54dbb4cb1a765b388aacc2dd3037224f8d53e2553da7d0
4aed1efbbe0bb753684998625ef250fb40086fa7806930d159d80499a5aaf753
7f96fe9b47c53a55d75260462ef314cadd696729893e64a461690ce04a8a0f81
a9ad5dac2a400c1fb324e09df57325568e98772618ff818ca5344b171c834aa2
bc4b0c1b29bfc9a420b7a21150a764688407e7bc3c976cf62b1dec5237a13e99
c7ac16e506a09e0903c6a7e6d003d6f432349b5bae60f347384da07bd7093947
e3a096177fdb67dc609921050caec415a389d683674be529f2ba91f6e5514638

de-agb-aktualisierung.email Open in urlscan Pro 2606:4700:3031::681c:ed1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

1 IPs

2 Countries

197 kBTransfer

215 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

Indicators

de-agb-aktualisierung.email Open in urlscan Pro
2606:4700:3031::681c:ed1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

197 kB
Transfer

215 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!