urlscan.io logo urlscan.io
SecurityTrails logo

voiksbanksicher-ueber24.xyz Open in urlscan Pro
172.67.160.221  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cowbirdco.com/wuigheirutzuiowefhiuwertiuwehfjoiwehrfiuwe.php
Effective URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgp...
Submission: On April 25 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 172.67.160.221, located in United States and belongs to CLOUDFLARENET, US. The main domain is voiksbanksicher-ueber24.xyz.
TLS certificate: Issued by GTS CA 1P5 on March 10th 2024. Valid for: 3 months.
This is the only time voiksbanksicher-ueber24.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 69.49.228.98 19871 (NETWORK-S...)
1 1 172.67.178.44 13335 (CLOUDFLAR...)
2 20 172.67.160.221 13335 (CLOUDFLAR...)
2 104.17.24.14 13335 (CLOUDFLAR...)
20 2
Apex Domain
Subdomains		 Transfer
20 voiksbanksicher-ueber24.xyz
voiksbanksicher-ueber24.xyz
266 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
31 KB
1 verbanlau.xyz
verbanlau.xyz
506 B
1 cowbirdco.com
cowbirdco.com
229 B
20 4
Domain Requested by
20 voiksbanksicher-ueber24.xyz 2 redirects voiksbanksicher-ueber24.xyz
2 cdnjs.cloudflare.com voiksbanksicher-ueber24.xyz
1 verbanlau.xyz 1 redirects
1 cowbirdco.com 1 redirects
20 4
Subject Issuer Validity Valid
voiksbanksicher-ueber24.xyz
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Frame ID: C66F8208702471166F4B0972B2E799A3
Requests: 18 HTTP requests in this frame

Frame: https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: AFCC64F6060BAFD3F4E2B85354A9E655
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmelden

Page URL History Show full URLs

  1. https://cowbirdco.com/wuigheirutzuiowefhiuwertiuwehfjoiwehrfiuwe.php HTTP 302
    https://verbanlau.xyz/brand HTTP 307
    https://voiksbanksicher-ueber24.xyz/?s=ybpw91p3kqo1tr5tg9p2h8gezr8xl6ys HTTP 302
    https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

296 kB
Transfer

1551 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cowbirdco.com/wuigheirutzuiowefhiuwertiuwehfjoiwehrfiuwe.php HTTP 302
    https://verbanlau.xyz/brand HTTP 307
    https://voiksbanksicher-ueber24.xyz/?s=ybpw91p3kqo1tr5tg9p2h8gezr8xl6ys HTTP 302
    https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
voiksbanksicher-ueber24.xyz/login/
Redirect Chain
  • https://cowbirdco.com/wuigheirutzuiowefhiuwertiuwehfjoiwehrfiuwe.php
  • https://verbanlau.xyz/brand
  • https://voiksbanksicher-ueber24.xyz/?s=ybpw91p3kqo1tr5tg9p2h8gezr8xl6ys
  • https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
1 MB
134 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df910bd378606fe41cfe9da780e5607b5e60170e4a1a665be407d2e16492c869

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
879ef7251a2f8fdc-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 25 Apr 2024 14:18:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=12OSw%2FEMxo81WQC4VZcTfVTf7JcvlsMx%2B0jjWwgrkDdszuXAJqWHljMXuwjRP8ymG%2FmOMT7duRZi3HEyeYujQel0nxSWfk1G3oCvSCi9ncIBGo9vs74cRB%2BLfRMfoIkzUDTOx8EldFSSAJ2KTZQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
879ef723d8dd8fdc-FRA
content-type
text/html; charset=UTF-8
date
Thu, 25 Apr 2024 14:18:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UlhKsx%2FnLKhq%2FIe%2FX5gA%2Fb6QRYYW9Q0bVta7te6Oeb2wG25tvtzcKf8W%2Ff2%2Bou2Dm%2B8BXliAepyyvEEV2jbTb14jeC4O8tpCWNGByHa1bjGwX0JLI9EilEAHLtPUivFdj7oQ9eWjxiuXS9ocUww%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
styles.c41ccfebca008d50e005.css
voiksbanksicher-ueber24.xyz/new/ 		31 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://voiksbanksicher-ueber24.xyz/new/styles.c41ccfebca008d50e005.css
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88aa1d3191c4fd20292768909dbf14e04bda916792a3a6ce7b3970a1dca0dc97

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1407
etag
W/"7ce7-5dacaf2b8ce80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ROd4vO2BXdE7X8KUVi3DezWiD1uMKM2%2F9UyfDm%2F6eb7D93ocfuEG9bZNcqsKbIsU7aNee8iflJLvzvZEUaQ10RIL4YrD090veucU4YQkWOywX%2F8O6ZJQEFav8YXqmn4jPnuEc%2B6E2WJaeFJz8E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
879ef725fb0d8fdc-FRA
alt-svc
h3=":443"; ma=86400
logo.png
voiksbanksicher-ueber24.xyz/new/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voiksbanksicher-ueber24.xyz/new/logo.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
484e193247ff1d9817990f0a936e75dc76ed69859cf8f1c854dff331fda44da8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Jul 2019 18:44:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1408
etag
"2d6c-58d43f3227440"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=erLHaJwPR9sY8NbBUckcR0dsFAWRRFpmrlxlTEmnoFpQ2CJETtENTTxcPQxfT8ab%2FYJ33%2FwURcZMOOjGSUiAV0XBkf4HRkfEkpgc15D8jg9zbs1Ya9IrlYtm3yJvjD77KXP7zYG7mNYQjqZ9dBw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
879ef7271c018fdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
11628
SchwaebischHall.png
voiksbanksicher-ueber24.xyz/new/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voiksbanksicher-ueber24.xyz/new/SchwaebischHall.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b80565005aab705788b217adbb52b163ae2efdf99fe81ee9d89f91e415e34af

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1408
etag
"10cf-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gy67gsTlXBpM%2FfXf93M8FoWdKCYPMiAN0MwzXnAPKM6PsiG%2B45kXIRPtvVnMgLAmjwTtEfupp3tK0JAHgxtcJD7KnH5MEpvX9HDWQYIiCZAca0n2zpcWzKi6lMab58o5iCoZZkB2WGwAnmxpCtI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
879ef7271c028fdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
4303
UnionInvestment.png
voiksbanksicher-ueber24.xyz/new/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voiksbanksicher-ueber24.xyz/new/UnionInvestment.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4144
etag
"17fe-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3L%2BAhdnSZ5N1SSfMR%2FLJ0xXX48oghrjQ1m%2FPQM8abmFdqUkKQ0XvIoTFJ2NWxjHZ488wn2XWzHFcFoBQFxxJDhVG9xCnU2xuXeXkEuy2P%2B7tg250vVK6Z68TxT2OgWZ2%2FhmXdv4wRzHMfZh5beM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
879ef7271c048fdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
6142
RundV.png
voiksbanksicher-ueber24.xyz/new/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voiksbanksicher-ueber24.xyz/new/RundV.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3003
etag
"1335-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hydO59bah544K3XB0TOfXfnPL82gfmk4HDbLpFd%2BMlStU7FmBQTsc%2FzbHSo4WiCFQ20ql5ebdittTzfyAMc1nPqam8gnUem65h%2BXYXF8O9FAK6AQCuVqvBAVIPM0VomNZxgHSVvZz5VQKxQPO7A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
879ef7271c068fdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
4917
easyCredit.png
voiksbanksicher-ueber24.xyz/new/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voiksbanksicher-ueber24.xyz/new/easyCredit.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab26bc72d10a5d80984e1a1bbe9f5d12c38013e35070f3ab382908c1f08594ec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1407
etag
"13dd-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lex8wlX0ZY1wB1FIurEeVOunBBT0Y7SwJmzmNfYV6X8hqj%2BK6gGEj6UIZTyhUQS1efpbzwV0GEpOucOFU8GYPa%2FKOCXKGHvplHMJRlwRpuqbq%2FpGVm0BBTdI23rQCpW%2BF5%2FVg1GIbQ650ByN1ug%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
879ef7271c088fdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
5085
DZBANK_Initiativbank.png
voiksbanksicher-ueber24.xyz/new/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voiksbanksicher-ueber24.xyz/new/DZBANK_Initiativbank.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1407
etag
"4194-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ns9WURGhtYi9Jqlpi2T3MGo6C5NLs%2B1Owdv4m%2BSGAi1HNLUZ8zYTw8D%2B0yuoImdWVQqrp09xuBdBhz82dTCQG4q35Doq1xgNg%2BzBoRA3vn3G25Imr4sBDzPPhWjPSQ4jWdB4TF6E19kIVjhhR%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
879ef7271c0b8fdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
16788
DZPrivatbank.png
voiksbanksicher-ueber24.xyz/new/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voiksbanksicher-ueber24.xyz/new/DZPrivatbank.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2455
etag
"c12-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OIEaH5awvBMB1w5EwX%2Fe82EKBjtKZccvCGw64%2BFvLf%2Fm2xF%2BNz8ERE9vxWfr1ioTx2O2Fq3O%2FJbAHCxYLRHOqOC%2F3ASEoQmqjOp2riWfjvxz6K33evfzl7ytW2AghZYPZorQ5nshYxnaPK1M%2FLc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
879ef7271c0c8fdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
3090
VR_Smart_Finanz.png
voiksbanksicher-ueber24.xyz/new/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voiksbanksicher-ueber24.xyz/new/VR_Smart_Finanz.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3002
etag
"e8f-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x6cqDJbU5KkddFgBREYY9yxvA7Rh3EYpkXmiTA5WixPH%2FF4hRVWcGsdr9vUH5wRrRCV5Ju4GiDI0wU%2BTdao3faSnR%2BMgMXI16ZA1LWc1cvmq7wzo4RY7s4i7P4n%2FE1mtQefPFMOPMgd0q7dVmio%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
879ef7271c0f8fdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
3727
DGHYP.png
voiksbanksicher-ueber24.xyz/new/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voiksbanksicher-ueber24.xyz/new/DGHYP.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1407
etag
"75b-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CA6ZaMDtBua22y0Xup4Kt535GKnLjnYMmhpLB%2FWiGAK1Sq1PZTGMNYIIA0DFdXg4km0ByPAlQrndQZ3JGZ6CRYuK2h0KX0Ebhzm3Lfx2qnbR13MO7ZV%2F1P0SVPVTQzZSj3CPxoqevL8TtorluSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
879ef7271c108fdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
1883
M%C3%BCnchenerHyp.png
voiksbanksicher-ueber24.xyz/new/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voiksbanksicher-ueber24.xyz/new/M%C3%BCnchenerHyp.png
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f00e05e6fcb48cbf33e15e7393b71041234246e48727fc225310c153cfa6cc31

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 09:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1407
etag
"16ae-5dacaf2b8ce80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7MzRKSZHLKdtDrx7G4zTg84DSnyVDkKLgTZYtJSyh7CoA9RQ%2FCAxhkwB3GFU5vjyYozhmT%2FyW6f76GMg%2BYgxuJNGo2Oh7ln3ACZlj2x4EM94BHUggdrXWkb3eWdjuadxAoZCywPevW1QHC9NzWI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
879ef7271c118fdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
5806
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
658043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27748
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sNaMmIkdxMEVYR1%2F88y35MsftfVQPangcoioGle2hLzRviyKxyQWqVAymJycbA17HzsIriWpJkFGUDXE5FzECyHDTCTHqyiYoNQ7%2BP3ifhEgtWz%2FNhNN70oNIaPVge0wWGP9e9nr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
879ef7276ab1360b-FRA
expires
Tue, 15 Apr 2025 14:18:59 GMT
jquery.mask.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/jquery.mask.min.js
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1781734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3038
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-1ff9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ps%2FY21TzhJKN2T5Gklnw3%2BJ0T%2BN%2F6tsTyMBPJ36UaC2r33ibXz9ypx9%2Bt0REa0CyKzf0BRpbzW3THlKd1rOB8yNhOoWcoN7F04DhgSApYScBqpG0HkASCuWwk1dNHtvfEz3Sd9uU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
879ef7276ab2360b-FRA
expires
Tue, 15 Apr 2025 14:18:59 GMT
site.js
voiksbanksicher-ueber24.xyz/assets/js/site/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voiksbanksicher-ueber24.xyz/assets/js/site/site.js
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af071a57c236fd1f0f0a862c29041c4cb73c0a2ed02d9f7abfb504ee5222909

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 25 Apr 2024 14:18:59 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ELApGdKnnL%2BO3s7f%2Fju7b1MhLu9uLdL92pw%2FOpTaykEhP4Ey8slpWB9QV%2FqSy%2BlRG3K%2Beb8k4RAXVKxENNfqenekZLLOOItyBPuIgBod6PB%2F6nP%2FPp6BQUUgOXDl2Q2Ok7Elq0YzqoOpDNHWuO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
879ef7272c198fdc-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
FrutigerVR-Bold_hinted.woff2
voiksbanksicher-ueber24.xyz/new/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://voiksbanksicher-ueber24.xyz/new/FrutigerVR-Bold_hinted.woff2
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c825e9b517a70daf14196922b7c35578f62e5facea44a808acf4dadda1456b85

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Origin
https://voiksbanksicher-ueber24.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 22 Mar 2022 09:19:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6004-5dacb1d849e00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kIrN%2FBPvHNRIxX8XSVlLswCd8204kLu9KW%2B5Dz8LAstl%2BGvH2OlSVTpIE23Br8jYalqC6pFoVWR9n%2F%2BXiP3rGqoX%2FDy6C%2Bb%2BrR68t9o9x5ZAqG6qJz9K%2B7xXivFQuLNnhPLbnb9b7vVmU4Nh72M%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
879ef7274c3e8fdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
24580
FrutigerVR-Regular_hinted.woff2
voiksbanksicher-ueber24.xyz/new/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://voiksbanksicher-ueber24.xyz/new/FrutigerVR-Regular_hinted.woff2
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af04aec736c43b3a1e44614897ae314d3f624fcdc15f6d9749600963b20e4eff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Origin
https://voiksbanksicher-ueber24.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 09:20:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4144
etag
"6020-5dacb1e5a3d80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=abtIZSHftVs1%2BnVqcIfykqSJqeKGQ%2Fwg91vpWziExuGw8Z6dIN1bWTi0PQWzO7vVz11bG%2Fla9KZYyf69yj4aqHkP0KsL5ejZfC5JWphBwGvNEpQALFPZ3cG8EWC%2FPsw24Ok6XeM4EF025jjoSr8%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
879ef7274c418fdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
24608
main.js
voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame AFCC
Redirect Chain
  • https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Protocol
H3
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bdce3e347ce5222b7200a6eb73c1d2b3f1c0d2b036911557e892efe9cb18b7d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rb8fV9RE70xq8vENUv6VeXoSzU8GkCTkdicMOgieX%2BbNhKx85WE7edTVb0V7TPakK9Z2dzw9pa1g8nW4WOfbFQUe0RneYG9mpy2mq5ZKZXMjTdO1L%2BERQQzZ22pKV351XILbD7jlDNe9DxApwec%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
879ef728ad898fdc-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 25 Apr 2024 14:18:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wV7o9ERqfYZq5%2FkeAEDKPTYnL%2F%2FcdZCLn%2FmA2JsuuRRswmWgWCnaaAQfx7Fpsg4D%2FgWbNESsiJrtnbQH6e%2FF%2F%2F6cmkWupEAXFbp3eW6XCv3nUymHObpDoXOdmzJe7bQpZ9Xdg06cESit3s4BW94%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
879ef7285d438fdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
voiksbanksicher-ueber24.xyz/new/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://voiksbanksicher-ueber24.xyz/new/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4bdb3d21d0c5f31206ba58da6c63c69c618d73723fce095e872d67e11f9d818

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 09:23:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1407
etag
W/"d91-5dacb29706000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Em9brNRU8T7ig%2F8rL3EBkwc93vN6V%2F3LF3q70wzOsKuUsRujDaQK9gMz1zkJxPtOmo8m3Zf0TmfvFqIXX7Tep6uNYGmkQVpcyusvxuLMLGB3xhxroPQ7OnUTazGQNGyly9pCn%2BfWAzDr%2F2O4V2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
cf-ray
879ef7286d4f8fdc-FRA
alt-svc
h3=":443"; ma=86400
879ef7251a2f8fdc
voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame AFCC 		0
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/879ef7251a2f8fdc
Requested by
Host: voiksbanksicher-ueber24.xyz
URL: https://voiksbanksicher-ueber24.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Apr 2024 14:18:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4qPxXaU2WwQruWOS2dnp%2FpFzUwLgEePRp7%2FAoRdiEBVsl63NhMTK8Vkns9sfxXeBfbL5a1M1XY5tEnplvT9jmuMlQRNG1vEv71ynS64DONkvcAYQSPNzju0svZK6ZfABUs0yoh5%2Bv%2FXtKmRFb0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
879ef7293e0b8fdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| $jscomp function| Site object| site

2 Cookies

Domain/Path Name / Value
voiksbanksicher-ueber24.xyz/ Name: PHPSESSID
Value: 0hkbgqf2elm04p3ru6oo6sh4km
.voiksbanksicher-ueber24.xyz/ Name: cf_clearance
Value: _4eQgD3czY8MeHg22w.DhHubPJg13SUhkHcLCnX_0r4-1714054739-1.0.1.1-eDnvMeJIQEucIqsjc6lg4wO32xb_BF2Hw_5BYJsiIv4xzpNUBqP9yalXqD1j2cM4fwBcrG.NkJ9YKpIOUNdS6A

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://voiksbanksicher-ueber24.xyz/login/XUnRdrFGcFeuBBAuZpYXS&xunvZeUQhcq=qzhceiPvKTkeBMpPVP-sLSkhkxtnYfsoWHb&KVAMHseBTXfaLa=nJFgpvzWRFQemIPJCK
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
cowbirdco.com
verbanlau.xyz
voiksbanksicher-ueber24.xyz
104.17.24.14
172.67.160.221
172.67.178.44
69.49.228.98
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6
1bdce3e347ce5222b7200a6eb73c1d2b3f1c0d2b036911557e892efe9cb18b7d
3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6
33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb
484e193247ff1d9817990f0a936e75dc76ed69859cf8f1c854dff331fda44da8
4af071a57c236fd1f0f0a862c29041c4cb73c0a2ed02d9f7abfb504ee5222909
60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c
7b80565005aab705788b217adbb52b163ae2efdf99fe81ee9d89f91e415e34af
88aa1d3191c4fd20292768909dbf14e04bda916792a3a6ce7b3970a1dca0dc97
93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47
ab26bc72d10a5d80984e1a1bbe9f5d12c38013e35070f3ab382908c1f08594ec
af04aec736c43b3a1e44614897ae314d3f624fcdc15f6d9749600963b20e4eff
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168
c825e9b517a70daf14196922b7c35578f62e5facea44a808acf4dadda1456b85
df910bd378606fe41cfe9da780e5607b5e60170e4a1a665be407d2e16492c869
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bdb3d21d0c5f31206ba58da6c63c69c618d73723fce095e872d67e11f9d818
f00e05e6fcb48cbf33e15e7393b71041234246e48727fc225310c153cfa6cc31