spk-formula-einfuegen.xyz
Open in
urlscan Pro
2606:4700:3036::6815:451f
Malicious Activity!
Public Scan
Submission: On November 25 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 22nd 2021. Valid for: a year.
This is the only time spk-formula-einfuegen.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sparkasse (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 2606:4700:303... 2606:4700:3036::6815:451f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
spk-formula-einfuegen.xyz
spk-formula-einfuegen.xyz |
214 KB |
11 | 1 |
Domain | Requested by | |
---|---|---|
11 | spk-formula-einfuegen.xyz |
spk-formula-einfuegen.xyz
|
11 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-11-22 - 2022-11-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://spk-formula-einfuegen.xyz/s/anmeldung.php
Frame ID: 22CF4EF79DE743B81C915FFDF5F9C17F
Requests: 11 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
anmeldung.php
spk-formula-einfuegen.xyz/s/ |
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ngPAmjocXiwpUZyqlfQHsMNkDRhYtFVvIKCWrTOBaEGdxSLJzbue.css
spk-formula-einfuegen.xyz/s/src/css/ |
249 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invisible.js
spk-formula-einfuegen.xyz/cdn-cgi/challenge-platform/h/b/scripts/ |
44 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZR1pMwPB9Xsl53CW8qSL.png
spk-formula-einfuegen.xyz/s/src/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WwSGd09MRzJAkDH5sm3axX7OLpBbNV.png
spk-formula-einfuegen.xyz/s/src/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spk-logo-druck.png
spk-formula-einfuegen.xyz/s/src/img/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pictos-if.woff
spk-formula-einfuegen.xyz/s/src/fonts/ |
48 KB 48 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GmtFBuKRSiNbVacYxEjhfTdWlAUkvrQDZqOpPsoeHCMIzyXJwgnL.woff
spk-formula-einfuegen.xyz/s/src/fonts/ |
39 KB 39 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AnMlPaDTHuRzxycBZkjWSbpGsLJghqIYXUFQrmvKNedifEtwCoVO.woff
spk-formula-einfuegen.xyz/s/src/fonts/ |
39 KB 39 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pica.js
spk-formula-einfuegen.xyz/cdn-cgi/challenge-platform/h/b/scripts/ |
30 KB 10 KB |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
result
spk-formula-einfuegen.xyz/cdn-cgi/challenge-platform/h/b/cv/ |
2 B 783 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sparkasse (Banking)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| __CF$cv$params function| __cf_worker_run_after_load function| __cf_run_after_load2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
spk-formula-einfuegen.xyz/ | Name: PHPSESSID Value: pietj4rf5p03ojqqui1qu2oqj6 |
|
.spk-formula-einfuegen.xyz/ | Name: __cf_bm Value: kRcdBN_t_t_IJMN4PKHpabcdkghpjW8cl78plpTIakI-1637843038-0-Ae42pq+P6fEnd3J9HFmBJ4pqSCXEI7hKeKLWA2UqjU1qpGylL5jYxkzJiy5c7BBoe0YcHw3vPfclQS47szrq/GIAp/2GxazmZ/gLf6phO8izlIFKqtV4WfzYtQSdjrPAyQ== |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
spk-formula-einfuegen.xyz
2606:4700:3036::6815:451f
24fe884a1a3d0df4a3691499745d5363f7561c3855bf724feb65504715e0e0c0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
56666c32c5c048a791e99fafef70d3791d6d5c6d350771ffbb4e2119df335f03
9ef3568cb4cbc5b4a96dba63ccff15a441eac6d17c91fa963d2ac1b4534520d6
a9ad5dac2a400c1fb324e09df57325568e98772618ff818ca5344b171c834aa2
b6e2d8ddbe46b082268de889053054b1ae457a33871d65912253751bd74adca4
b8b51ca2d76d70709c6c9aa47b504dc4484cf89b508df064dc9c2b53d6ee75c4
b9e830e96a27b155e68fbf2bd76b10c2e9e054874c9c3c1e97bbaea573259894
c9281a3d999912ee8122aa03bf4814b0f0dda7412144bf2807aa4f3839604a46
d16cd665d719c20820702b390ce43791ec4ae374d5233251b04d578264808684
e3a096177fdb67dc609921050caec415a389d683674be529f2ba91f6e5514638