Report - sp-erneuern.de/

Report Overview

Submitted URL
sp-erneuern.de/
IP
84.21.172.159
ASN
#1239 SPRINTLINK
Submitted
2023-05-20 12:32:01
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
110

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	1997-09-15	2015-05-10	2023-05-20	2.3 kB	33 kB	142.250.74.132
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-20	3.3 kB	724 kB	142.250.74.35
api.inetstatic.com	unknown	2022-08-19	2022-08-25	2023-05-19	447 B	837 B	0.0.0.0
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-20	515 B	16 kB	216.58.207.227
sp-erneuern.de	unknown	unknown	2023-03-09	2023-04-19	7.2 kB	3.3 MB	84.21.172.159
code.jquery.com	634	2005-12-10	2012-05-21	2023-05-20	439 B	31 kB	69.16.175.10
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-20	1.3 kB	2.8 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/
2023-05-19	medium	sp-erneuern.de/

PhishTank

Scan Date	Severity	Indicator
2023-03-24	medium	sp-erneuern.de/
2023-03-24	medium	sp-erneuern.de/css/perf-meter.css
2023-03-24	medium	sp-erneuern.de/favicon.ico
2023-03-24	medium	sp-erneuern.de/js/select2.min.js
2023-03-24	medium	sp-erneuern.de/css/select2.min.css
2023-03-24	medium	sp-erneuern.de/fonts/Sparkasse_web_Bd.woff
2023-03-24	medium	sp-erneuern.de/fonts/Sparkasse_web_Bd.ttf
2023-03-24	medium	sp-erneuern.de/css/jquery-ui.css
2023-03-24	medium	sp-erneuern.de/css/ospm_custom.css
2023-03-24	medium	sp-erneuern.de/images/apple-icon-72x72.png
2023-03-24	medium	sp-erneuern.de/css/app.css
2023-03-24	medium	sp-erneuern.de/fonts/Sparkasse_web_Rg.woff
2023-03-24	medium	sp-erneuern.de/css/opttan.css
2023-03-24	medium	sp-erneuern.de/js/jquery-ui.js
2023-03-24	medium	sp-erneuern.de/css/opsm.css
2023-03-24	medium	sp-erneuern.de/js/jquery-3.6.0.js

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-20	medium	sp-erneuern.de/
2023-05-20	medium	sp-erneuern.de/js/select2.min.js
2023-05-20	medium	sp-erneuern.de/fonts/Sparkasse_web_Bd.woff
2023-05-20	medium	sp-erneuern.de/fonts/Sparkasse_web_Bd.ttf
2023-05-20	medium	sp-erneuern.de/fonts/Sparkasse_web_Rg.woff
2023-05-20	medium	sp-erneuern.de/js/jquery-ui.js
2023-05-20	medium	sp-erneuern.de/js/jquery-3.6.0.js

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de
2023-05-20	medium	sp-erneuern.de

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	sp-erneuern.de/js/select2.min.js	74 kB	2023-03-08	2024-04-10
Pretty URL sp-erneuern.de/js/select2.min.js IP 84.21.172.159 ASN #1239 SPRINTLINK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:16:17 Last Seen2024-04-10 06:33:57 Times Seen34 Hash b8c7d4d981a836dfef79883298b6b1dd 05480a7ae0bc26ed490aa3e622ebab4e3ba768fd d7bf5175d05e81bec066f1e5b222d0ca71f1f68311123a9c28271f4be0e01e55 Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq	0 B	2023-03-07	2024-04-25
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 12:32:10 Times Seen37062936 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t	69 B	2023-03-07	2024-04-25
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-25 12:32:09 Times Seen99478 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	sp-erneuern.de/js/jquery-3.6.0.js	289 kB	2023-03-07	2024-04-25
Pretty URL sp-erneuern.de/js/jquery-3.6.0.js IP 84.21.172.159 ASN #1239 SPRINTLINK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:59 Last Seen2024-04-25 10:38:40 Times Seen5771 Hash 2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239 Loading...

	sp-erneuern.de/js/jquery-ui.js	530 kB	2023-03-08	2024-04-10
Pretty URL sp-erneuern.de/js/jquery-ui.js IP 84.21.172.159 ASN #1239 SPRINTLINK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:21:17 Last Seen2024-04-10 06:33:58 Times Seen54 Hash d1590bf63a3eae0884d84a76186b2c20 24fb4d8814f310a53e96d4393af62946361bb207 b0fb363c54d6747d3609153c3cf96424e27e806162de5f7083e7fc37fd540833 Loading...

	sp-erneuern.de/	0 B	2023-03-07	2024-04-25
Pretty URL sp-erneuern.de/ IP 84.21.172.159 ASN #1239 SPRINTLINK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 12:32:10 Times Seen37062936 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	api.inetstatic.com/tracking/script.js?referrer=https://sp-erneuern.de/	205 B	2023-04-11	2023-06-08
Pretty URL api.inetstatic.com/tracking/script.js?referrer=https://sp-erneuern.de/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 15:28:28 Last Seen2023-06-08 19:07:45 Times Seen43 Hash 74b7ab4e1c0c4164347407eb77604b05 7fab35f67dd27aec74f0341752df626b67ac72f5 70c44b4ff69e696f5c1a9cbbbea06cb648720ba20dc04d2e15aa1de7bb4a321c Loading...

	www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js	418 kB	2023-05-18	2023-06-28
Pretty URL www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 01:27:56 Last Seen2023-06-28 00:20:35 Times Seen22262 Hash 213e1a6e418f3df36f2ec077314ef525 7a553e545a48271f3afec47b3ed5f3518cfdd7b4 ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d Loading...

	code.jquery.com/jquery-3.6.1.min.js	90 kB	2023-03-07	2024-04-25
Pretty URL code.jquery.com/jquery-3.6.1.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:27 Last Seen2024-04-25 09:25:37 Times Seen23026 Hash 00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Loading...

	www.google.com/recaptcha/api.js	850 B	2023-05-19	2023-05-26
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-19 05:24:48 Last Seen2023-05-26 00:37:24 Times Seen2423 Hash b7b728964630ecd7e800d650f14695c5 473f7633fea7e2f828c3df9ab19356286f10a692 f4de494b6cfd42ce31b244cd84410cd4259d82773485f6c7b4ffd2a7ca2d6217 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t	44 kB	2023-05-20	2023-05-20
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-20 14:32:04 Last Seen2023-05-20 14:32:04 Times Seen1 Hash f34a8471aef180937061bc761c469ac5 87b0988763ac55c32639f1138f0c6ab0b250c4ef 95df9c37b82d60fbec42014a82b2608640cfde707ff499e1b414f055ab769027 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8d28f897848bf95752aa5ece64a9fbf3	22 kB	2023-05-20	2023-05-20
Pretty Observations First Seen2023-05-20 14:32:04 Last Seen2023-05-20 14:32:04 Times Seen1 Hash 8d28f897848bf95752aa5ece64a9fbf3 df2a2a413f190cbe81753bcf2c1bcb2d7a42dd0e 044d9d0d7305357614d8292ed0b05c55e29781609884078717e17c4e42a308ef Loading...

	#2 Eval - 92ff660bda69c52410c0aaf16bf04e6a	22 B	2023-05-02	2023-05-21
Pretty Observations First Seen2023-05-02 14:58:18 Last Seen2023-05-21 08:57:30 Times Seen764 Hash 92ff660bda69c52410c0aaf16bf04e6a 2d0bed56befb04053d606222a0348f20327a5619 fd7bd65d768e888195882c509ded8b7ff5e753e73218f58b22ab8c424bc2a44d Loading...

	#3 Eval - 17b2c416509c3685415d3452dd9ca40e	64 B	2023-05-02	2023-05-21
Pretty Observations First Seen2023-05-02 14:58:18 Last Seen2023-05-21 08:57:30 Times Seen765 Hash 17b2c416509c3685415d3452dd9ca40e 9ae3341c6807fd89f8c08194e0571d30647eb4c4 b9da887d43cd660deca631172cbbb993d68546b2fb0b32ee8cdc8784774241c0 Loading...

	#4 Eval - e9d4efa88835fc33f4a8dc4bcf1bd142	22 B	2023-05-02	2023-05-21
Pretty Observations First Seen2023-05-02 14:58:18 Last Seen2023-05-21 08:57:30 Times Seen766 Hash e9d4efa88835fc33f4a8dc4bcf1bd142 e0fb556dbb6a7d5b6d6207144a12dfd65256398b fb8b45ad48949fdefb09d292918dbf7cfccda77a8ac2cd903e07182174157eed Loading...

	#5 Eval - ff69082359a0782fda50e45c1dd79d4b	16 kB	2023-05-02	2023-05-21
Pretty Observations First Seen2023-05-02 14:58:18 Last Seen2023-05-21 08:57:30 Times Seen764 Hash ff69082359a0782fda50e45c1dd79d4b c07043a68dcd5d9b3bc87c17db4759a29840709c f763e8ba794d4ebc9bb883c2606185b76ec05289ff3b2e8401179338328cb90f Loading...

HTTP Transactions (34)

URL IP Response Size

sp-erneuern.de/

84.21.172.159

200 OK

2.0 kB

URL User Request GET HTTP/2
sp-erneuern.de/
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
2.0 kB (2012 bytes)
Hash
7cf4b4205807bc7edd0a6c712c7b3029
3fbb58d017fb8324530917ca47388a955c28c376
be0ecb661363818b0edd8db91942964088ef727dcd59787a5db09017b842a18f

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:11 GMT
content-type: text/html; charset=UTF-8
content-length: 2012
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/8.0.28, PleskLin
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.1.min.js

69.16.175.10

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.1.min.js
IP
69.16.175.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://sp-erneuern.de/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (30957 bytes)
Hash
00727d1d5d9c90f7de826f1a4a9cc632
ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

HTTP Headers

GET /jquery-3.6.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sp-erneuern.de
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 May 2023 12:31:43 GMT
content-encoding: gzip
content-length: 30957
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
accept-ranges: bytes
server: nginx
etag: W/"63090485-15e40"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1684585903.dop205.sk1.t,1684585903.cds067.sk1.hn,1684585903.cds206.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bad6d331b2f327f6976120d7dafb0801
a7627c1a59ae7aec692e61584e89961ac0d895f6
eccada31fe68ed2de6288b276fbd2c4bbda6f3759bd4d0210d69341dbf4a6430

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 12:31:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js

142.250.74.132

200 OK

557 B

URL GET HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://sp-erneuern.de/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint85:AD:43:66:C0:73:07:1B:B5:5D:4A:83:4B:76:3F:DA:4B:2B:E1:F8
ValidityMon, 24 Apr 2023 12:01:16 GMT - Mon, 17 Jul 2023 12:01:15 GMT

File type
ASCII text, with very long lines (850), with no line terminators
Size
557 B (557 bytes)
Hash
b7b728964630ecd7e800d650f14695c5
473f7633fea7e2f828c3df9ab19356286f10a692
f4de494b6cfd42ce31b244cd84410cd4259d82773485f6c7b4ffd2a7ca2d6217

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Sat, 20 May 2023 12:31:43 GMT
date: Sat, 20 May 2023 12:31:43 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6ae34f1b0b7f23329d816fd41d52f9f9
7e8d6cfb810b8a53efb71a1231317605f4c5c4cb
ce11304e4a32a1fa7a776214041e337f0dd1dc31f2aae6a62e5a3bc222abc3c8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 12:31:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sp-erneuern.de/css/perf-meter.css

84.21.172.159

200 OK

231 B

URL GET HTTP/2
sp-erneuern.de/css/perf-meter.css
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type
ASCII text
Size
231 B (231 bytes)
Hash
fa82ee4a1e809ce2d8b9896046ba3474
9b7546816bdd1b87a63e3c9d953211a3a200a7ac
f008c09173b9230f184fdbcf0fcbf3c4fc8daf1bea6c41b3614f5a3a11e9d376

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /css/perf-meter.css HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:11 GMT
content-type: text/css
content-length: 231
x-accel-version: 0.01
last-modified: Sat, 15 Oct 2022 04:17:20 GMT
etag: "18e-5eb0b04b9b400-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7f54a940635d0b719df5cde2b396c48c
f37fedef2f4d81c9c32895b8497fc88e916c8e73
9583c204f7a3dbb101eaf29998e006c6e11adf1a9642ed2e2d1766f6264c8b7a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 12:31:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

142.250.74.35

200 OK

167 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166637 bytes)
Hash
213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sp-erneuern.de
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 10:21:18 GMT
expires: Sun, 19 May 2024 10:21:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 7825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sp-erneuern.de/favicon.ico

84.21.172.159

200 OK

4.3 kB

URL GET HTTP/2
sp-erneuern.de/favicon.ico
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
96cbd1e75e96f76131d6dea46f6c84d7
a93258f218d272f11a8c68999beb901a9676ce37
489457bd142e708c03236d71f4aee3739fa5d7ecf6d6c9db2a61417b0ce0aadd

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:12 GMT
content-type: image/vnd.microsoft.icon
content-length: 4286
last-modified: Sat, 15 Oct 2022 04:17:22 GMT
etag: "634a3452-10be"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sp-erneuern.de/js/select2.min.js

84.21.172.159

200 OK

20 kB

URL GET HTTP/2
sp-erneuern.de/js/select2.min.js
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (64127)
Size
20 kB (19566 bytes)
Hash
b8c7d4d981a836dfef79883298b6b1dd
05480a7ae0bc26ed490aa3e622ebab4e3ba768fd
d7bf5175d05e81bec066f1e5b222d0ca71f1f68311123a9c28271f4be0e01e55

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/select2.min.js HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:11 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 04:17:30 GMT
etag: W/"634a345a-11efb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

sp-erneuern.de/css/select2.min.css

84.21.172.159

200 OK

43 kB

URL GET HTTP/2
sp-erneuern.de/css/select2.min.css
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type
ASCII text, with very long lines (16263)
Size
43 kB (43395 bytes)
Hash
e71c39430469a3eea74514a2b48f6536
913f9f7b9535aec790ca3ce9d6e35acfaf369993
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /css/select2.min.css HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:11 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 04:17:20 GMT
etag: W/"634a3450-3f88"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

sp-erneuern.de/fonts/Sparkasse_web_Bd.woff

84.21.172.159

200 OK

37 kB

URL GET HTTP/2
sp-erneuern.de/fonts/Sparkasse_web_Bd.woff
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type
Web Open Font Format, TrueType, length 36892, version 2.2621\012- data
Size
37 kB (36892 bytes)
Hash
5f90fdbed7642f0f8e97ad31db27a26f
456776c5717c5f966415d7f8175c8b57c233e0b1
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/Sparkasse_web_Bd.woff HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/css/app.css
Cookie: PHPREFS=full
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:12 GMT
content-type: font/woff
content-length: 36892
last-modified: Sat, 15 Oct 2022 04:17:28 GMT
etag: "634a3458-901c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7f54a940635d0b719df5cde2b396c48c
f37fedef2f4d81c9c32895b8497fc88e916c8e73
9583c204f7a3dbb101eaf29998e006c6e11adf1a9642ed2e2d1766f6264c8b7a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 12:31:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sp-erneuern.de/fonts/Sparkasse_web_Bd.ttf

84.21.172.159

200 OK

6.6 kB

URL GET HTTP/2
sp-erneuern.de/fonts/Sparkasse_web_Bd.ttf
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
6.6 kB (6607 bytes)
Hash
6bc79c0872753fc4cdc1790293e7dcf9
eee179428bea57df847262bff8b034b7864f6f27
e5b164b679a0d79015acf31d592aee1c15c54ad82956440313d689ce1b33f7bd

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/Sparkasse_web_Bd.ttf HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/css/app.css
Cookie: PHPREFS=full
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:12 GMT
content-type: font/ttf
content-length: 6607
last-modified: Sat, 15 Oct 2022 04:17:28 GMT
etag: "634a3458-19cf"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t

142.250.74.132

200 OK

29 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://sp-erneuern.de/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43939)
Size
29 kB (28597 bytes)
Hash
bbdb9f2e470726672437241597b0bb25
515b547ba35a16d8cd1b3c48e48ac9a23fa14c56
6a2f4d30c8dde2e58ec5f1280a064488b9692a808d68446aa5888d698b9ec8ca

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 May 2023 12:31:43 GMT
content-security-policy: script-src 'nonce-_W5lx6g09K8QBi8GZYIyAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28597
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 10:21:24 GMT
expires: Sun, 19 May 2024 10:21:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/css
vary: Accept-Encoding
age: 7819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

142.250.74.35

200 OK

167 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166637 bytes)
Hash
213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 10:21:18 GMT
expires: Sun, 19 May 2024 10:21:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 7825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/webworker.js?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ

142.250.74.132

200 OK

112 B

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
be5069a814de1331fe3e4cfa1a492239
7e6248c3e94c3dbf09db54f82ebc55954df99f73
3eefcd5ba2f128fa9468549daefb569acd63b7cb080f2105496fee6298c258e0

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 20 May 2023 12:31:43 GMT
date: Sat, 20 May 2023 12:31:43 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sp-erneuern.de/css/jquery-ui.css

84.21.172.159

200 OK

23 kB

URL GET HTTP/2
sp-erneuern.de/css/jquery-ui.css
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type
ASCII text, with very long lines (2363)
Size
23 kB (23141 bytes)
Hash
b962acef2e77a80efe6d5a844d6e24b4
6236e9ee19acc51633570af18106419dfcfaef5e
5af098721b219c4801711bad963757a6cbac2aa2d4cfcde9ee7aec943219c066

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /css/jquery-ui.css HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:11 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 04:17:20 GMT
etag: W/"634a3450-8d18"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 May 2023 21:48:58 GMT
expires: Mon, 22 May 2023 21:48:58 GMT
cache-control: public, max-age=604800
age: 398565
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

142.250.74.35

200 OK

167 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166637 bytes)
Hash
213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 10:21:18 GMT
expires: Sun, 19 May 2024 10:21:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 7825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq

142.250.74.132

200 OK

1.2 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://sp-erneuern.de/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.2 kB (1156 bytes)
Hash
5387168ca5f2f716a9a915b121c1bf8c
d359ebefb27eb90e75556e71f084f22800fa3054
293c51c894e2f388f6a7e4a77e0d915f07944ef1b319d4253d328d3484226254

HTTP Headers

GET /recaptcha/api2/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 May 2023 12:31:44 GMT
content-security-policy: script-src 'nonce-6PWZaHSgeWubHlP7tlAAmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1156
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 10:21:24 GMT
expires: Sun, 19 May 2024 10:21:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/css
vary: Accept-Encoding
age: 7820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

142.250.74.35

200 OK

167 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166637 bytes)
Hash
213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 10:21:18 GMT
expires: Sun, 19 May 2024 10:21:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 7826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sp-erneuern.de/css/ospm_custom.css

84.21.172.159

200 OK

18 kB

URL GET HTTP/2
sp-erneuern.de/css/ospm_custom.css
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type

Size
18 kB (18250 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /css/ospm_custom.css HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:11 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 04:17:20 GMT
etag: W/"634a3450-474a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

sp-erneuern.de/images/apple-icon-72x72.png

84.21.172.159

200 OK

933 B

URL GET HTTP/2
sp-erneuern.de/images/apple-icon-72x72.png
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type
PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Size
933 B (933 bytes)
Hash
786672c15975de08dd0abf368397a8fa
455d867dc00c8940c6f460aa240ec1fd318eb97c
33c844bc8b0556367db3f9d9ca10367b10bc95575bcf952fb3f6ebe6ac3907a0

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /images/apple-icon-72x72.png HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:12 GMT
content-type: image/png
content-length: 933
x-accel-version: 0.01
last-modified: Sat, 15 Oct 2022 04:17:22 GMT
etag: "3a5-5eb0b04d83880"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

sp-erneuern.de/css/app.css

84.21.172.159

200 OK

1.7 MB

URL GET HTTP/2
sp-erneuern.de/css/app.css
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type

Size
1.7 MB (1747253 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /css/app.css HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:11 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 04:17:22 GMT
etag: W/"634a3452-1aa935"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

sp-erneuern.de/fonts/Sparkasse_web_Rg.woff

84.21.172.159

200 OK

42 kB

URL GET HTTP/2
sp-erneuern.de/fonts/Sparkasse_web_Rg.woff
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type
Web Open Font Format, TrueType, length 41472, version 2.2097\012- data
Size
42 kB (41472 bytes)
Hash
1e97dfafb57fb87f40f5cc9941fdab7e
2df97632b25215b1befcd86999b40db1a27c03d0
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/Sparkasse_web_Rg.woff HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/css/app.css
Cookie: PHPREFS=full
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:12 GMT
content-type: font/woff
content-length: 41472
last-modified: Sat, 15 Oct 2022 04:17:28 GMT
etag: "634a3458-a200"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

api.inetstatic.com/tracking/script.js?referrer=https://sp-erneuern.de/

0.0.0.0

0 B

URL GET
api.inetstatic.com/tracking/script.js?referrer=https://sp-erneuern.de/
IP
0.0.0.0:0
ASN
#0

Requested by
https://sp-erneuern.de/
Certificate
IssuerGoogle Trust Services LLC
Subject*.inetstatic.com
FingerprintB8:6C:75:57:58:27:DC:AE:0E:5C:65:EB:25:45:8E:C7:D5:CB:08:A9
ValidityWed, 12 Apr 2023 20:16:44 GMT - Tue, 11 Jul 2023 20:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tracking/script.js?referrer=https://sp-erneuern.de/ HTTP/1.1
Host: api.inetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 May 2023 12:31:44 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/7.2.21
access-control-allow-origin: https://sp-erneuern.de
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYT65ghhR6lqryiyd96FdXfrVR0iFn4S3ITZKhlJTstQMw7oMQJaF5uKP4afdKSh1oxOtLeFgh2LDCurw6HAD8QY26PYk2uATKKE5nMKYUixoqzfvQR2T%2FCFEkU4zKs61%2BP28tg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca4992ede31b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sp-erneuern.de/css/opttan.css

84.21.172.159

200 OK

4.6 kB

URL GET HTTP/2
sp-erneuern.de/css/opttan.css
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type
ASCII text, with very long lines (4934), with no line terminators
Size
4.6 kB (4600 bytes)
Hash
1674420e29f80845f303267e45f1072b
337a9ab45cb57eed0ca734d811d0fa08557b1bd2
6e4497085e5f39b1a652db88cce7a403568e5bcf231eeaf6cab49224f70aa7b0

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /css/opttan.css HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:11 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 04:17:20 GMT
etag: W/"634a3450-11f8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

sp-erneuern.de/js/jquery-ui.js

84.21.172.159

200 OK

530 kB

URL GET HTTP/2
sp-erneuern.de/js/jquery-ui.js
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type
ASCII text, with very long lines (1004)
Size
530 kB (529804 bytes)
Hash
d1590bf63a3eae0884d84a76186b2c20
24fb4d8814f310a53e96d4393af62946361bb207
b0fb363c54d6747d3609153c3cf96424e27e806162de5f7083e7fc37fd540833

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/jquery-ui.js HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:11 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 04:17:30 GMT
etag: W/"634a345a-8158c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

sp-erneuern.de/css/opsm.css

84.21.172.159

200 OK

533 kB

URL GET HTTP/2
sp-erneuern.de/css/opsm.css
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type

Size
533 kB (532942 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /css/opsm.css HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:11 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 04:17:22 GMT
etag: W/"634a3452-821ce"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

sp-erneuern.de/js/jquery-3.6.0.js

84.21.172.159

200 OK

289 kB

URL GET HTTP/2
sp-erneuern.de/js/jquery-3.6.0.js
IP
84.21.172.159:443
ASN
#1239 SPRINTLINK

Requested by
https://sp-erneuern.de/
Certificate
IssuerLet's Encrypt
Subjectsp-erneuern.de
Fingerprint6B:11:24:13:8E:BD:30:87:1F:AB:21:E3:53:13:E8:43:95:3E:A2:06
ValidityThu, 09 Mar 2023 12:13:00 GMT - Wed, 07 Jun 2023 12:12:59 GMT

File type
ASCII text
Size
289 kB (288580 bytes)
Hash
2849239b95f5a9a2aea3f6ed9420bb88
af32f706407ab08f800c5e697cce92466e735847
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Detections

Analyzer	Verdict	Alert
openphish	Sparkasse Bank
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/jquery-3.6.0.js HTTP/1.1
Host: sp-erneuern.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sp-erneuern.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 12:37:11 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 04:17:20 GMT
etag: W/"634a3450-46744"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevfOgkAAAAAEgYW3pwL8rsCdMtRE0qsNxN6rvq&co=aHR0cHM6Ly9zcC1lcm5ldWVybi5kZTo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=9g9tqw1odp8t
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:35 GMT
expires: Thu, 16 May 2024 00:16:35 GMT
cache-control: public, max-age=31536000
age: 303308
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML