www.kauf4.de Open in urlscan Pro
2606:4700:3037::6812:3932  Malicious Activity! Public Scan

URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Submission: On April 04 via automatic, source openphish

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3037::6812:3932, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kauf4.de.
This is the only time www.kauf4.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Suntrust (Banking)

Domain & IP information

IP Address AS Autonomous System
21 2606:4700:303... 13335 (CLOUDFLAR...)
21 2
Apex Domain
Subdomains
Transfer
21 kauf4.de
www.kauf4.de
520 KB
21 1
Domain Requested by
21 www.kauf4.de www.kauf4.de
21 1

This site contains links to these domains. Also see Links.

Domain
onupmovement.suntrust.com
www.suntrust.com
Subject Issuer Validity Valid

This page contains 2 frames:

Primary Page: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Frame ID: 9E9BA93DD1DD3CA067721701A79F8381
Requests: 22 HTTP requests in this frame

Frame: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/dest5.html
Frame ID: 39919E842E474EE19474072464A74B3A
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

21
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

520 kB
Transfer

1675 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set indexhome.html
www.kauf4.de/includes/Suntrust/SunTrust/
59 KB
23 KB
Document
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c669cd144d1c12adcc606fc8d3945016c8dd775ad617bfaa31d840cc62ccc528

Request headers

Host
www.kauf4.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:43 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dcaeaa3118725e8f084ae67d3408d803b1586003863; expires=Mon, 04-May-20 12:37:43 GMT; path=/; domain=.kauf4.de; HttpOnly; SameSite=Lax
Last-Modified
Wed, 01 Apr 2020 10:57:41 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
57eb151219273264-FRA
Content-Encoding
gzip
cf70286481e448e60909d76f02b8774f.js
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
45 KB
16 KB
Script
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/cf70286481e448e60909d76f02b8774f.js
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
544cb99c9225757db910cea8e178595914a091caf8dcdfff5fda09a9dcee442e

Request headers

Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:43 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Apr 2020 10:57:41 GMT
Server
cloudflare
Age
761
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb15134d59c29a-FRA
bf4cf3bcf4cf2282625f8a332f9f28fb.js
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
19 KB
3 KB
Script
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/bf4cf3bcf4cf2282625f8a332f9f28fb.js
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb50598613cbf5b5bb0b45c5287e9d3d347ae05809d8fd4a086c895a04d7d064

Request headers

Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:43 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Apr 2020 10:57:41 GMT
Server
cloudflare
Age
761
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb15134ef7d6c9-FRA
serverComponent.php
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
526 B
586 B
Script
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/serverComponent.php
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29fab74c4548894820212802bd774f75e3e47a97763bb6903d54e3a1388f47b6

Request headers

Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:43 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
CF-RAY
57eb1513494a2736-FRA
cp_common.js
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
176 KB
90 KB
Script
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/cp_common.js
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aef229fd8327195d51b59c46590c49a1a69efbb550d6a9d1fc835eab619b3ee

Request headers

Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:43 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Apr 2020 10:57:41 GMT
Server
cloudflare
Age
761
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb15134db9dfd7-FRA
styles.css
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
15 KB
3 KB
Stylesheet
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/styles.css
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d43a166a9ba8f8b54109bbc72885fface4d6c25fa8fa8270f874776d10b1da

Request headers

Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:43 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Apr 2020 10:57:41 GMT
Server
cloudflare
Age
761
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb15134afabeec-FRA
defaultlogoutoffer.jpg
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
63 KB
63 KB
Image
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/defaultlogoutoffer.jpg
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e1b8d9df19fb3e545263cefc2e1487338514e9ed72cf71ec746b95571cbe4d

Request headers

Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:43 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Apr 2020 10:57:41 GMT
Server
cloudflare
Age
761
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
57eb1513ad693264-FRA
Content-Length
64596
runtime.js
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
1 KB
934 B
Script
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/runtime.js
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99331a4f60f0bb9b7424ce41cde77ea06e3e6808c14bc655a151591b9225060f

Request headers

Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:43 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Apr 2020 10:57:41 GMT
Server
cloudflare
Age
761
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb1513ab3cbeec-FRA
polyfills.js
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
107 KB
36 KB
Script
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/polyfills.js
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a16e4cf91044b333c7d49bc879161a7f91e388369b549e1115bc9979bb684d37

Request headers

Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:43 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Apr 2020 10:57:41 GMT
Server
cloudflare
Age
761
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb1513cd963264-FRA
scripts.js
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
195 KB
61 KB
Script
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/scripts.js
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c0c5bd17aa14e7788f740ec7e009b8e91113345fa1c2b53a3582f4e2ca509b4

Request headers

Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:43 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Apr 2020 10:57:41 GMT
Server
cloudflare
Age
761
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb1513cb58beec-FRA
vendor.js
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
541 KB
131 KB
Script
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/vendor.js
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a6ca8253e36b498be2d3c9eda427008c9ee6479bd22a530fe9284f37e05f00

Request headers

Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:43 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Apr 2020 10:57:43 GMT
Server
cloudflare
Age
761
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb15140b87beec-FRA
main.js
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
442 KB
88 KB
Script
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/main.js
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
373016566cb7b441a2ac739736bd4b945d6b41f83df4b03e0341b3895f948dd9

Request headers

Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:43 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Apr 2020 10:57:41 GMT
Server
cloudflare
Age
761
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb15141e613264-FRA
suntrust-img-sprite.acb6d3e68c48c2b70453.png
www.kauf4.de/includes/Suntrust/SunTrust/dist/
0
269 B
Image
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/dist/suntrust-img-sprite.acb6d3e68c48c2b70453.png
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:44 GMT
CF-Cache-Status
BYPASS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb1514e9e02736-FRA
fs_albert-webfont.9f15d8cb81d8cbf3ed54.woff
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
0
0
Font
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/fs_albert-webfont.9f15d8cb81d8cbf3ed54.woff
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Origin
http://www.kauf4.de
Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:44 GMT
CF-Cache-Status
BYPASS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb1514ec4bbeec-FRA
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72a01ca0dd2f72570e26ed0e2fcb2e8d691c878ff3419170810c387ca6a68ab9

Request headers

Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc6fe09d0f4d476f51fb63a231142cb285cc54777ca7e04e83537191ee292918

Request headers

Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
fs_albert-bold-webfont.d46fe14537798ac2f2d0.woff
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
0
0
Font
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/fs_albert-bold-webfont.d46fe14537798ac2f2d0.woff
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Origin
http://www.kauf4.de
Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:44 GMT
CF-Cache-Status
BYPASS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb1514e8213264-FRA
icons.4c86af233caf40feedff.woff
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
0
0
Font
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/icons.4c86af233caf40feedff.woff
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Origin
http://www.kauf4.de
Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:44 GMT
CF-Cache-Status
BYPASS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb1514e9c1dfd7-FRA
config.json
www.kauf4.de/includes/Suntrust/SunTrust/config/
0
247 B
XHR
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/config/config.json?_=1586003863887
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/polyfills.js
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:44 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Connection
keep-alive
CF-RAY
57eb15157cb4d6c9-FRA
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8
dest5.html
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/ Frame 3991
7 KB
3 KB
Document
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/dest5.html
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802248062600554e6013a94e57fc83ad912dfbc041f9a85d64260aeb420d9c85

Request headers

Host
www.kauf4.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=dcaeaa3118725e8f084ae67d3408d803b1586003863
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html

Response headers

Date
Sat, 04 Apr 2020 12:37:44 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 01 Apr 2020 10:57:41 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
57eb15157a8dc29a-FRA
Content-Encoding
gzip
fs_albert-bold-webfont.e43a5c44dd83c0be15f4.ttf
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
0
0
Font
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/fs_albert-bold-webfont.e43a5c44dd83c0be15f4.ttf
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Origin
http://www.kauf4.de
Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:44 GMT
CF-Cache-Status
BYPASS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb15185f9a3264-FRA
fs_albert-webfont.8d09e8367de12af210fa.ttf
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
0
0
Font
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/fs_albert-webfont.8d09e8367de12af210fa.ttf
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Origin
http://www.kauf4.de
Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:44 GMT
CF-Cache-Status
BYPASS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb1518cb522736-FRA
icons.c620bb609a5976464c5c.ttf
www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/
0
0
Font
General
Full URL
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/icons.c620bb609a5976464c5c.ttf
Requested by
Host: www.kauf4.de
URL: http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome.html
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:3932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Origin
http://www.kauf4.de
Referer
http://www.kauf4.de/includes/Suntrust/SunTrust/indexhome_files/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 04 Apr 2020 12:37:44 GMT
CF-Cache-Status
BYPASS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57eb1518cbdadfd7-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Suntrust (Banking)

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| webpackJsonp object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnSquare function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse object| lowprimes number| lplim function| bnIsProbablePrime function| bnpMillerRabin function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| oaep_mgf1_arr number| SHA1_SIZE function| oaep_pad function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt function| RSAEncryptOAEP string| b64map string| b64pad function| hex2b64 function| b64tohex function| b64toBA object| ASN1HEX function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize object| KEYUTIL undefined| rng_state object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time number| t undefined| z function| rng_get_byte function| rng_get_bytes function| SecureRandom object| CryptoJS function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| TimestampCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| IsRequiredFlashInstalled function| ReadFlashToken function| WriteFlashToken object| __zone_symbol__loadfalse function| $ function| jQuery object| KJUR function| forceIE89Synchronicity function| __zone_symbol__ON_PROPERTYfocus object| __zone_symbol__focusfalse function| __zone_symbol__ON_PROPERTYblur object| __zone_symbol__blurfalse boolean| ngDevMode object| dataLayer function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

1 Cookies

Domain/Path Name / Value
.kauf4.de/ Name: __cfduid
Value: dcaeaa3118725e8f084ae67d3408d803b1586003863