finja-finanz.de Open in urlscan Pro
138.201.13.228 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://finjafinanz.de/
Effective URL:
https://finja-finanz.de/
Submission: On May 02 via api (May 2nd 2024, 11:26:45 am UTC) from GB — Scanned from DE

Summary HTTP 21 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 21 HTTP transactions. The main IP is 138.201.13.228, located in Mannheim, Germany and belongs to HETZNER-AS, DE. The main domain is finja-finanz.de.
TLS certificate: Issued by R3 on March 4th 2024. Valid for: 3 months.

This is the only time finja-finanz.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a03:2a00:140... 2a03:2a00:1400:0:1::4966	15817 (MITTWALD-...) (MITTWALD-AS Mittwald CM Service GmbH und Co. KG)
21	138.201.13.228 138.201.13.228	24940 (HETZNER-AS) (HETZNER-AS)
21	1

1 2a03:2a00:1400:0:1::4966 (Germany) 1 redirects

ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE)

finjafinanz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 138.201.13.228 (Mannheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ip138-201-13-228.timmeserver.de

finja-finanz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	finja-finanz.de finja-finanz.de	565 KB
1	finjafinanz.de 1 redirects finjafinanz.de	94 B
21	2

	Domain	Requested by
21	finja-finanz.de	finja-finanz.de
1	finjafinanz.de	1 redirects
21	2

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.linkedin.com
www.sparkasse-koelnbonn.de
kiprotect.com

Subject Issuer	Validity	Valid
finja-finanz.de R3	`2024-03-04` - `2024-06-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://finja-finanz.de/
Frame ID: 0F8EFDF9FF7A87942C2489D627EE43DB
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

finja: Finanzberatung mit Persönlichkeit für Köln-Bonn

Page URL History Show full URLs

http://finjafinanz.de/ HTTP 307
https://finjafinanz.de/ HTTP 301
http://finja-finanz.de/ HTTP 307
https://finja-finanz.de/ Page URL

Detected technologies

TYPO3 CMS (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+ href="/?typo3(?:conf|temp)/

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

565 kB
Transfer

9942 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/finja.finanz/
Title: finja @ Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/finja.finanz
Title: finja @ Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/finja-finanz
Title: finja @ Linkedin

Search URL Search Domain Scan URL

URL: https://www.sparkasse-koelnbonn.de/de/home.html
Title: Sparkasse KölnBonn

Search URL Search Domain Scan URL

URL: https://kiprotect.com/klaro
Title: [missing translation: de/poweredBy]

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://finjafinanz.de/ HTTP 307
https://finjafinanz.de/ HTTP 301
http://finja-finanz.de/ HTTP 307
https://finja-finanz.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
finja-finanz.de/
Redirect Chain

http://finjafinanz.de/
https://finjafinanz.de/
http://finja-finanz.de/
https://finja-finanz.de/

62 KB
16 KB

277ms
161ms

Document
text/html

138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://finja-finanz.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

ip138-201-13-228.timmeserver.de

Software

nginx /

Resource Hash

2a455fb7ca7d8722ea783193987ac64d9a156151c5643f10a8739f49611138a7

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' 'nonce-h0WqQ24WYb_WDXTSdT-_MRcQmv6NxvKPOk7c_hmssatnEacjqBQwVg' 'sha256-oBaG/9F7h3NDynR4lPSnzusxtEgfZWT8AD5xlbCNokw=' 'sha256-vDbNjLRjLKvcOlYmDpzHQXAiQM2mDWJCjadnb2dOoDs=' 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https://www.googletagmanager.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com; script-src-elem 'self' 'nonce-h0WqQ24WYb_WDXTSdT-_MRcQmv6NxvKPOk7c_hmssatnEacjqBQwVg' 'sha256-oBaG/9F7h3NDynR4lPSnzusxtEgfZWT8AD5xlbCNokw=' 'sha256-vDbNjLRjLKvcOlYmDpzHQXAiQM2mDWJCjadnb2dOoDs=' https://www.googletagmanager.com 'report-sample'; connect-src 'self' https://*.google-analytics.com; style-src 'self' 'unsafe-inline' 'report-sample'; report-uri https://finja-finanz.de/@http-reporting?csp=report&requestTime=1714649200966060

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

cache-control: private, no-store
content-encoding: br
content-language: de-DE
content-security-policy: default-src 'self'; script-src 'self' 'nonce-h0WqQ24WYb_WDXTSdT-_MRcQmv6NxvKPOk7c_hmssatnEacjqBQwVg' 'sha256-oBaG/9F7h3NDynR4lPSnzusxtEgfZWT8AD5xlbCNokw=' 'sha256-vDbNjLRjLKvcOlYmDpzHQXAiQM2mDWJCjadnb2dOoDs=' 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https://www.googletagmanager.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com; script-src-elem 'self' 'nonce-h0WqQ24WYb_WDXTSdT-_MRcQmv6NxvKPOk7c_hmssatnEacjqBQwVg' 'sha256-oBaG/9F7h3NDynR4lPSnzusxtEgfZWT8AD5xlbCNokw=' 'sha256-vDbNjLRjLKvcOlYmDpzHQXAiQM2mDWJCjadnb2dOoDs=' https://www.googletagmanager.com 'report-sample'; connect-src 'self' https://*.google-analytics.com; style-src 'self' 'unsafe-inline' 'report-sample'; report-uri https://finja-finanz.de/@http-reporting?csp=report&requestTime=1714649200966060
content-type: text/html; charset=utf-8
date: Thu, 02 May 2024 11:26:41 GMT
server: nginx
vary: Accept-Encoding
x-typo3-debug-cache: Cached page generated 2024-05-01 15:00. Expires 2024-05-02 15:00
x-typo3-parsetime: 0ms

Redirect headers

Location: https://finja-finanz.de/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 merged-0811dbbe63aa280b933155173d4495de-97fdb8cd1b7cba8d1256804d7f65c08e.css
finja-finanz.de/typo3temp/assets/compressed/ 65 KB
10 KB 47ms
47ms Stylesheet
text/css 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finja-finanz.de/typo3temp/assets/compressed/merged-0811dbbe63aa280b933155173d4495de-97fdb8cd1b7cba8d1256804d7f65c08e.css?1713779896
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: 113f7f2541d145bc29f7c928b756732706dbdf50b92745a33cca3ae7054da052

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://finja-finanz.de/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
content-encoding: br
last-modified: Mon, 22 Apr 2024 09:58:16 GMT
server: nginx
etag: W/"662634b8-10213"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 finja-finanzberatung-brand-visual-jade-02.jpg
finja-finanz.de/fileadmin/finja/00_Visual/02_Jade/ 36 KB
36 KB 48ms
48ms Image
image/jpeg 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finja-finanz.de/fileadmin/finja/00_Visual/02_Jade/finja-finanzberatung-brand-visual-jade-02.jpg
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: e579bfbdd90ef10a02027b7c0ee81a283674899b02b174eeac41bb3778889e4e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://finja-finanz.de/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
last-modified: Tue, 05 Sep 2023 08:54:38 GMT
server: nginx
etag: "64f6ecce-90d0"
vary: Accept-Encoding, Accept
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 37072
expires: Sat, 01 Jun 2024 11:26:41 GMT

GET
H2 200 finja-finanzberatung-brand-visual-jade-03.jpg
finja-finanz.de/fileadmin/finja/00_Visual/02_Jade/ 33 KB
33 KB 92ms
92ms Image
image/jpeg 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finja-finanz.de/fileadmin/finja/00_Visual/02_Jade/finja-finanzberatung-brand-visual-jade-03.jpg
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: 13beaabd6846e15380247e93e6af137ac997e7530c4d1b684552657cc2e6329c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://finja-finanz.de/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
last-modified: Tue, 05 Sep 2023 08:54:48 GMT
server: nginx
etag: "64f6ecd8-828d"
vary: Accept-Encoding, Accept
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 33421
expires: Sat, 01 Jun 2024 11:26:41 GMT

GET
H2 200 finja-finanzberatung-content-01.jpg
finja-finanz.de/fileadmin/finja/01_Home/ 102 KB
102 KB 82ms
81ms Image
image/jpeg 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finja-finanz.de/fileadmin/finja/01_Home/finja-finanzberatung-content-01.jpg
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: ef6f47671207c6c8b29f9a2396086c9a31337a3cda614ab1a44e1824af7dfa30

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://finja-finanz.de/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
last-modified: Tue, 05 Sep 2023 08:57:09 GMT
server: nginx
etag: "64f6ed65-196bf"
vary: Accept-Encoding, Accept
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 104127
expires: Sat, 01 Jun 2024 11:26:41 GMT

GET
H2 200 finja-finanzberatung-content-02.jpg
finja-finanz.de/fileadmin/finja/01_Home/ 105 KB
106 KB 82ms
81ms Image
image/jpeg 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finja-finanz.de/fileadmin/finja/01_Home/finja-finanzberatung-content-02.jpg
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: b478987c2dd8f048fadfe689b59a69925cad18428f05f15cd26974484c1629e2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://finja-finanz.de/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
last-modified: Tue, 05 Sep 2023 08:57:00 GMT
server: nginx
etag: "64f6ed5c-1a5f0"
vary: Accept-Encoding, Accept
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 108016
expires: Sat, 01 Jun 2024 11:26:41 GMT

GET
H2 200 merged-b204e0d4353e05a27311367042823169-d42c8080c07e869bdb19bece3c869ffa.js Show response
finja-finanz.de/typo3temp/assets/compressed/ 221 KB
70 KB 82ms
81ms Script
application/javascript 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finja-finanz.de/typo3temp/assets/compressed/merged-b204e0d4353e05a27311367042823169-d42c8080c07e869bdb19bece3c869ffa.js?1713779896
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: 39abc0c65f5dff363878cb7d7f8614bc97aa7574e68e1c2eb54e5f4dc758a1e3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://finja-finanz.de/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
content-encoding: br
last-modified: Mon, 22 Apr 2024 09:58:16 GMT
server: nginx
etag: W/"662634b8-37407"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 runtime.js Show response
finja-finanz.de/build/ 1 KB
900 B 82ms
82ms Script
application/javascript 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finja-finanz.de/build/runtime.js?1713779329
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: 75d61927281ab8a0c01d0e60cdc0d5a11dd80603c0cc1f49408770eb7df66ae5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://finja-finanz.de/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
content-encoding: br
last-modified: Mon, 22 Apr 2024 09:48:49 GMT
server: nginx
etag: W/"66263281-5aa"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 navigation.js Show response
finja-finanz.de/build/ 87 KB
31 KB 83ms
82ms Script
application/javascript 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finja-finanz.de/build/navigation.js?1713779329
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: a5cd52733b0f9c25e193616ed4ae45159851d8c386c4db1dc8a6d1b3ea1bc9e2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://finja-finanz.de/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
content-encoding: br
last-modified: Mon, 22 Apr 2024 09:48:49 GMT
server: nginx
etag: W/"66263281-15bfd"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 tile.js Show response
finja-finanz.de/build/ 86 KB
31 KB 83ms
82ms Script
application/javascript 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finja-finanz.de/build/tile.js?1713779329
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: fba3e40d5465b3a879aadda7c000d26182e6c0b09791f9415ff473c2f904e80a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://finja-finanz.de/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
content-encoding: br
last-modified: Mon, 22 Apr 2024 09:48:49 GMT
server: nginx
etag: W/"66263281-157b4"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 forms.js Show response
finja-finanz.de/build/ 86 KB
31 KB 83ms
82ms Script
application/javascript 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finja-finanz.de/build/forms.js?1713779329
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: 373a55a8d3d3e7191d4f6ee65109fc87aa44e618953d1747fcec6a8796eceabb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://finja-finanz.de/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
content-encoding: br
last-modified: Mon, 22 Apr 2024 09:48:49 GMT
server: nginx
etag: W/"66263281-157a4"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 accordion.js Show response
finja-finanz.de/build/ 2 KB
722 B 82ms
82ms Script
application/javascript 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finja-finanz.de/build/accordion.js?1713779329
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: 8bc98717108fd1b0ac88b10081e79ce26dc45fb19e968e4f89dd5682d53012ad

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://finja-finanz.de/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
content-encoding: br
last-modified: Mon, 22 Apr 2024 09:48:49 GMT
server: nginx
etag: W/"66263281-6bc"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 spinner.svg
finja-finanz.de/_assets/1ee1d3e909b58d32e30dcea666dd3224/Icons/T3Icons/sprites/ 561 B
441 B 79ms
79ms Other
image/svg+xml 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finja-finanz.de/_assets/1ee1d3e909b58d32e30dcea666dd3224/Icons/T3Icons/sprites/spinner.svg
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: e61a20eacce94cb382dc0299d4f1dd827faed030543f8a7a5982188c5e9e9b7b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://finja-finanz.de/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
content-encoding: br
last-modified: Tue, 09 Apr 2024 13:09:18 GMT
server: nginx
etag: W/"66153dfe-231"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 206 finja-finanzberatung-brand-visual-rot-animation.mp4
finja-finanz.de/fileadmin/finja/00_Visual/01_Rot/ 64 KB
0 74ms
73ms Media
video/mp4 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://finja-finanz.de/fileadmin/finja/00_Visual/01_Rot/finja-finanzberatung-brand-visual-rot-animation.mp4

Requested by

Host: finja-finanz.de
URL: https://finja-finanz.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

ip138-201-13-228.timmeserver.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';

Request headers

Referer: https://finja-finanz.de/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Range: bytes=0-

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
content-security-policy: default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
last-modified: Tue, 05 Sep 2023 08:01:21 GMT
server: nginx
etag: "64f6e051-8a978c"
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 0-9082763/9082764
Content-Length: 9082764

GET
H2 206 finja-finanzberatung-brand-visual-rot-animation.mp4
finja-finanz.de/fileadmin/finja/00_Visual/01_Rot/ 96 KB
0 210ms
137ms Media
video/mp4 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://finja-finanz.de/fileadmin/finja/00_Visual/01_Rot/finja-finanzberatung-brand-visual-rot-animation.mp4

Requested by

Host: finja-finanz.de
URL: https://finja-finanz.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

ip138-201-13-228.timmeserver.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';

Request headers

Referer: https://finja-finanz.de/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Range: bytes=0-

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
content-security-policy: default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
last-modified: Tue, 05 Sep 2023 08:01:21 GMT
server: nginx
etag: "64f6e051-8a978c"
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 0-9082763/9082764
Content-Length: 9082764

GET
H2 200 sparkasse_web_rg.woff2
finja-finanz.de/build/fonts/ 31 KB
31 KB 105ms
104ms Font
font/woff2 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finja-finanz.de/build/fonts/sparkasse_web_rg.woff2
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/typo3temp/assets/compressed/merged-0811dbbe63aa280b933155173d4495de-97fdb8cd1b7cba8d1256804d7f65c08e.css?1713779896
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: a1526819ed10b3c4d9a1f6e956e673b47f295e58ac66e27391777e58e870331d

Request headers

Referer: https://finja-finanz.de/typo3temp/assets/compressed/merged-0811dbbe63aa280b933155173d4495de-97fdb8cd1b7cba8d1256804d7f65c08e.css?1713779896
Origin: https://finja-finanz.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
last-modified: Mon, 22 Apr 2024 09:48:49 GMT
server: nginx
etag: "66263281-7c14"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 31764
expires: Sat, 01 Jun 2024 11:26:41 GMT

GET
H2 200 sparkasse_web_md.woff2
finja-finanz.de/build/fonts/ 26 KB
26 KB 106ms
105ms Font
font/woff2 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finja-finanz.de/build/fonts/sparkasse_web_md.woff2
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/typo3temp/assets/compressed/merged-0811dbbe63aa280b933155173d4495de-97fdb8cd1b7cba8d1256804d7f65c08e.css?1713779896
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: f242ffcd6fdfa46d721c369cc0f25e42c7e20721308100a03b9e4057b424e985

Request headers

Referer: https://finja-finanz.de/typo3temp/assets/compressed/merged-0811dbbe63aa280b933155173d4495de-97fdb8cd1b7cba8d1256804d7f65c08e.css?1713779896
Origin: https://finja-finanz.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
last-modified: Mon, 22 Apr 2024 09:48:49 GMT
server: nginx
etag: "66263281-6678"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 26232
expires: Sat, 01 Jun 2024 11:26:41 GMT

GET
H2 200 sparkasse-serif_italic.woff2
finja-finanz.de/build/fonts/ 33 KB
33 KB 106ms
106ms Font
font/woff2 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finja-finanz.de/build/fonts/sparkasse-serif_italic.woff2
Requested by: Host: finja-finanz.de
URL: https://finja-finanz.de/typo3temp/assets/compressed/merged-0811dbbe63aa280b933155173d4495de-97fdb8cd1b7cba8d1256804d7f65c08e.css?1713779896
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: 5c4bb57e9101880b395e58270763412ce8f4807a34f6976598302b053efcbf09

Request headers

Referer: https://finja-finanz.de/typo3temp/assets/compressed/merged-0811dbbe63aa280b933155173d4495de-97fdb8cd1b7cba8d1256804d7f65c08e.css?1713779896
Origin: https://finja-finanz.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
last-modified: Mon, 22 Apr 2024 09:48:49 GMT
server: nginx
etag: "66263281-837c"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33660
expires: Sat, 01 Jun 2024 11:26:41 GMT

GET
H2 206 finja-finanzberatung-brand-visual-rot-animation.mp4
finja-finanz.de/fileadmin/finja/00_Visual/01_Rot/ 6 KB
6 KB 140ms
45ms Media
video/mp4 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://finja-finanz.de/fileadmin/finja/00_Visual/01_Rot/finja-finanzberatung-brand-visual-rot-animation.mp4

Requested by

Host: finja-finanz.de
URL: https://finja-finanz.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

ip138-201-13-228.timmeserver.de

Software

nginx /

Resource Hash

36e6b2e70a5026ee7f272de19f9649c7a7dbe849931dcd983cbcc9c5a238db57

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';

Request headers

Referer: https://finja-finanz.de/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Range: bytes=9076736-

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
content-security-policy: default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
last-modified: Tue, 05 Sep 2023 08:01:21 GMT
server: nginx
etag: "64f6e051-8a978c"
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 9076736-9082763/9082764
Content-Length: 6028

GET
H2 206 finja-finanzberatung-brand-visual-rot-animation.mp4
finja-finanz.de/fileadmin/finja/00_Visual/01_Rot/ 9 MB
0 0ms
0ms Media
video/mp4 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://finja-finanz.de/fileadmin/finja/00_Visual/01_Rot/finja-finanzberatung-brand-visual-rot-animation.mp4

Requested by

Host: finja-finanz.de
URL: https://finja-finanz.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

ip138-201-13-228.timmeserver.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';

Request headers

Referer: https://finja-finanz.de/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Range: bytes=65536-

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
content-security-policy: default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
last-modified: Tue, 05 Sep 2023 08:01:21 GMT
server: nginx
etag: "64f6e051-8a978c"
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 65536-9082763/9082764
Content-Length: 9017228

GET
H2 200 favicon.svg
finja-finanz.de/build/assets/favicon/ 1 KB
801 B 206ms
206ms Other
image/svg+xml 138.201.13.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://finja-finanz.de/build/assets/favicon/favicon.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.13.228 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ip138-201-13-228.timmeserver.de
Software: nginx /
Resource Hash: 44b0c4ac153120bfb8ea5eb1b894e4c48aeea9e45e7402a8a4f6a19c95c49a59

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://finja-finanz.de/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 02 May 2024 11:26:41 GMT
content-encoding: br
last-modified: Mon, 22 Apr 2024 09:48:49 GMT
server: nginx
etag: W/"66263281-49b"
vary: Accept-Encoding
content-type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkfinja_frontend object| klaro object| klaroConfig

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'nonce-h0WqQ24WYb_WDXTSdT-_MRcQmv6NxvKPOk7c_hmssatnEacjqBQwVg' 'sha256-oBaG/9F7h3NDynR4lPSnzusxtEgfZWT8AD5xlbCNokw=' 'sha256-vDbNjLRjLKvcOlYmDpzHQXAiQM2mDWJCjadnb2dOoDs=' 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: .ytimg.com .vimeocdn.com https://www.googletagmanager.com; base-uri 'self'; frame-src 'self' .youtube-nocookie.com .youtube.com .vimeo.com; script-src-elem 'self' 'nonce-h0WqQ24WYb_WDXTSdT-_MRcQmv6NxvKPOk7c_hmssatnEacjqBQwVg' 'sha256-oBaG/9F7h3NDynR4lPSnzusxtEgfZWT8AD5xlbCNokw=' 'sha256-vDbNjLRjLKvcOlYmDpzHQXAiQM2mDWJCjadnb2dOoDs=' https://www.googletagmanager.com 'report-sample'; connect-src 'self' https://.google-analytics.com; style-src 'self' 'unsafe-inline' 'report-sample'; report-uri https://finja-finanz.de/@http-reporting?csp=report&requestTime=1714649200966060

Header

Value

Content-Security-Policy

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

finja-finanz.de
finjafinanz.de
138.201.13.228
2a03:2a00:1400:0:1::4966
113f7f2541d145bc29f7c928b756732706dbdf50b92745a33cca3ae7054da052
13beaabd6846e15380247e93e6af137ac997e7530c4d1b684552657cc2e6329c
2a455fb7ca7d8722ea783193987ac64d9a156151c5643f10a8739f49611138a7
36e6b2e70a5026ee7f272de19f9649c7a7dbe849931dcd983cbcc9c5a238db57
373a55a8d3d3e7191d4f6ee65109fc87aa44e618953d1747fcec6a8796eceabb
39abc0c65f5dff363878cb7d7f8614bc97aa7574e68e1c2eb54e5f4dc758a1e3
44b0c4ac153120bfb8ea5eb1b894e4c48aeea9e45e7402a8a4f6a19c95c49a59
5c4bb57e9101880b395e58270763412ce8f4807a34f6976598302b053efcbf09
75d61927281ab8a0c01d0e60cdc0d5a11dd80603c0cc1f49408770eb7df66ae5
8bc98717108fd1b0ac88b10081e79ce26dc45fb19e968e4f89dd5682d53012ad
a1526819ed10b3c4d9a1f6e956e673b47f295e58ac66e27391777e58e870331d
a5cd52733b0f9c25e193616ed4ae45159851d8c386c4db1dc8a6d1b3ea1bc9e2
b478987c2dd8f048fadfe689b59a69925cad18428f05f15cd26974484c1629e2
e579bfbdd90ef10a02027b7c0ee81a283674899b02b174eeac41bb3778889e4e
e61a20eacce94cb382dc0299d4f1dd827faed030543f8a7a5982188c5e9e9b7b
ef6f47671207c6c8b29f9a2396086c9a31337a3cda614ab1a44e1824af7dfa30
f242ffcd6fdfa46d721c369cc0f25e42c7e20721308100a03b9e4057b424e985
fba3e40d5465b3a879aadda7c000d26182e6c0b09791f9415ff473c2f904e80a

finja-finanz.de Open in urlscan Pro 138.201.13.228 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

565 kBTransfer

9942 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

finja-finanz.de Open in urlscan Pro
138.201.13.228 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

565 kB
Transfer

9942 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!