finja-finanz.de
Open in
urlscan Pro
138.201.13.228
Malicious Activity!
Public Scan
Effective URL: https://finja-finanz.de/
Submission: On May 02 via api from GB — Scanned from DE
Summary
TLS certificate: Issued by R3 on March 4th 2024. Valid for: 3 months.
This is the only time finja-finanz.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sparkasse (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a03:2a00:140... 2a03:2a00:1400:0:1::4966 | 15817 (MITTWALD-...) (MITTWALD-AS Mittwald CM Service GmbH und Co. KG) | |
21 | 138.201.13.228 138.201.13.228 | 24940 (HETZNER-AS) (HETZNER-AS) | |
21 | 1 |
ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE)
finjafinanz.de |
ASN24940 (HETZNER-AS, DE)
PTR: ip138-201-13-228.timmeserver.de
finja-finanz.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
finja-finanz.de
finja-finanz.de |
565 KB |
1 |
finjafinanz.de
1 redirects
finjafinanz.de |
94 B |
21 | 2 |
Domain | Requested by | |
---|---|---|
21 | finja-finanz.de |
finja-finanz.de
|
1 | finjafinanz.de | 1 redirects |
21 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.instagram.com |
www.facebook.com |
www.linkedin.com |
www.sparkasse-koelnbonn.de |
kiprotect.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
finja-finanz.de R3 |
2024-03-04 - 2024-06-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://finja-finanz.de/
Frame ID: 0F8EFDF9FF7A87942C2489D627EE43DB
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
finja: Finanzberatung mit Persönlichkeit für Köln-BonnPage URL History Show full URLs
-
http://finjafinanz.de/
HTTP 307
https://finjafinanz.de/ HTTP 301
http://finja-finanz.de/ HTTP 307
https://finja-finanz.de/ Page URL
Detected technologies
TYPO3 CMS (CMS) ExpandDetected patterns
- <link[^>]+ href="/?typo3(?:conf|temp)/
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: finja @ Instagram
Search URL Search Domain Scan URL
Title: finja @ Facebook
Search URL Search Domain Scan URL
Title: finja @ Linkedin
Search URL Search Domain Scan URL
Title: Sparkasse KölnBonn
Search URL Search Domain Scan URL
Title: [missing translation: de/poweredBy]
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://finjafinanz.de/
HTTP 307
https://finjafinanz.de/ HTTP 301
http://finja-finanz.de/ HTTP 307
https://finja-finanz.de/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
finja-finanz.de/ Redirect Chain
|
62 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
merged-0811dbbe63aa280b933155173d4495de-97fdb8cd1b7cba8d1256804d7f65c08e.css
finja-finanz.de/typo3temp/assets/compressed/ |
65 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
finja-finanzberatung-brand-visual-jade-02.jpg
finja-finanz.de/fileadmin/finja/00_Visual/02_Jade/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
finja-finanzberatung-brand-visual-jade-03.jpg
finja-finanz.de/fileadmin/finja/00_Visual/02_Jade/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
finja-finanzberatung-content-01.jpg
finja-finanz.de/fileadmin/finja/01_Home/ |
102 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
finja-finanzberatung-content-02.jpg
finja-finanz.de/fileadmin/finja/01_Home/ |
105 KB 106 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
merged-b204e0d4353e05a27311367042823169-d42c8080c07e869bdb19bece3c869ffa.js
finja-finanz.de/typo3temp/assets/compressed/ |
221 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.js
finja-finanz.de/build/ |
1 KB 900 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navigation.js
finja-finanz.de/build/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tile.js
finja-finanz.de/build/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forms.js
finja-finanz.de/build/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
accordion.js
finja-finanz.de/build/ |
2 KB 722 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner.svg
finja-finanz.de/_assets/1ee1d3e909b58d32e30dcea666dd3224/Icons/T3Icons/sprites/ |
561 B 441 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
finja-finanzberatung-brand-visual-rot-animation.mp4
finja-finanz.de/fileadmin/finja/00_Visual/01_Rot/ |
64 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
finja-finanzberatung-brand-visual-rot-animation.mp4
finja-finanz.de/fileadmin/finja/00_Visual/01_Rot/ |
96 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sparkasse_web_rg.woff2
finja-finanz.de/build/fonts/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sparkasse_web_md.woff2
finja-finanz.de/build/fonts/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sparkasse-serif_italic.woff2
finja-finanz.de/build/fonts/ |
33 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
finja-finanzberatung-brand-visual-rot-animation.mp4
finja-finanz.de/fileadmin/finja/00_Visual/01_Rot/ |
6 KB 6 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
finja-finanzberatung-brand-visual-rot-animation.mp4
finja-finanz.de/fileadmin/finja/00_Visual/01_Rot/ |
9 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.svg
finja-finanz.de/build/assets/favicon/ |
1 KB 801 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sparkasse (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunkfinja_frontend object| klaro object| klaroConfig0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; script-src 'self' 'nonce-h0WqQ24WYb_WDXTSdT-_MRcQmv6NxvKPOk7c_hmssatnEacjqBQwVg' 'sha256-oBaG/9F7h3NDynR4lPSnzusxtEgfZWT8AD5xlbCNokw=' 'sha256-vDbNjLRjLKvcOlYmDpzHQXAiQM2mDWJCjadnb2dOoDs=' 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https://www.googletagmanager.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com; script-src-elem 'self' 'nonce-h0WqQ24WYb_WDXTSdT-_MRcQmv6NxvKPOk7c_hmssatnEacjqBQwVg' 'sha256-oBaG/9F7h3NDynR4lPSnzusxtEgfZWT8AD5xlbCNokw=' 'sha256-vDbNjLRjLKvcOlYmDpzHQXAiQM2mDWJCjadnb2dOoDs=' https://www.googletagmanager.com 'report-sample'; connect-src 'self' https://*.google-analytics.com; style-src 'self' 'unsafe-inline' 'report-sample'; report-uri https://finja-finanz.de/@http-reporting?csp=report&requestTime=1714649200966060 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
finja-finanz.de
finjafinanz.de
138.201.13.228
2a03:2a00:1400:0:1::4966
113f7f2541d145bc29f7c928b756732706dbdf50b92745a33cca3ae7054da052
13beaabd6846e15380247e93e6af137ac997e7530c4d1b684552657cc2e6329c
2a455fb7ca7d8722ea783193987ac64d9a156151c5643f10a8739f49611138a7
36e6b2e70a5026ee7f272de19f9649c7a7dbe849931dcd983cbcc9c5a238db57
373a55a8d3d3e7191d4f6ee65109fc87aa44e618953d1747fcec6a8796eceabb
39abc0c65f5dff363878cb7d7f8614bc97aa7574e68e1c2eb54e5f4dc758a1e3
44b0c4ac153120bfb8ea5eb1b894e4c48aeea9e45e7402a8a4f6a19c95c49a59
5c4bb57e9101880b395e58270763412ce8f4807a34f6976598302b053efcbf09
75d61927281ab8a0c01d0e60cdc0d5a11dd80603c0cc1f49408770eb7df66ae5
8bc98717108fd1b0ac88b10081e79ce26dc45fb19e968e4f89dd5682d53012ad
a1526819ed10b3c4d9a1f6e956e673b47f295e58ac66e27391777e58e870331d
a5cd52733b0f9c25e193616ed4ae45159851d8c386c4db1dc8a6d1b3ea1bc9e2
b478987c2dd8f048fadfe689b59a69925cad18428f05f15cd26974484c1629e2
e579bfbdd90ef10a02027b7c0ee81a283674899b02b174eeac41bb3778889e4e
e61a20eacce94cb382dc0299d4f1dd827faed030543f8a7a5982188c5e9e9b7b
ef6f47671207c6c8b29f9a2396086c9a31337a3cda614ab1a44e1824af7dfa30
f242ffcd6fdfa46d721c369cc0f25e42c7e20721308100a03b9e4057b424e985
fba3e40d5465b3a879aadda7c000d26182e6c0b09791f9415ff473c2f904e80a