ScanMalware.com

Security Scan Report: kunden-spk-push.sbs

Redirected to: https://www.sparkasse.de/

Site favicon
Submitted: Oct 30, 2025, 7:32:49 PMCompleted: Oct 30, 2025, 7:34:17 PMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 93 HTTP transactions. The main domain is sparkasse.de.

Submitted URL: https://kunden-spk-push.sbs/

Effective URL: https://www.sparkasse.de/Redirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Impersonates Sparkasse on a newly registered unranked domain; classified as confirmed phishing scam.

Risk Factors
Brand impersonation on a newly registered, unranked domain
Use of an unusual domain (kunden-spk-push.sbs) to host Sparkasse branding
Redirect from suspicious domain to official site without legitimate redirect service
Domain age information unavailable

Details

Page Title

Sparkasse: Produkte und Services | Sparkasse.de

Scan Type

public

Language

🇩🇪

German

(80% confidence)

Category

other

(93%)

Domain Information

The domain 'kunden-spk-push.sbs' uses the .sbs top-level domain without a subdomain. The second-level label 'kunden-spk-push' is 15 characters long split between three vowels and 10 consonants; bonus characters include two hyphens. Splitting it apart reveals five words: ku, nden, s, pk, push. Expect 2 characters per word on average. 'ku' most strongly signals Chinese (Zhuyin). It also appears in German and Slovak contexts. Taken together, it feels Chinese (Zhuyin) with character flair.

Screenshot

Security scan screenshot of https://kunden-spk-push.sbs/

Page Load Overview

22.55s
Total Load Time
93
HTTP Requests
4
Domains
1.3 MB
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:de
Text Length:7,454 chars
Detector Agreement:100%

Website Classification

Primary Category

other93% confidence
Type: static
Method: ml+structural

All Detected Categories

other
93%
corporate
25%

Detected Features

Search
OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
18185.85.1.81Germany
AS20546SOPRADO GmbH
1534.120.62.213Kansas City, Missouri, United States
AS396982GOOGLE-CLOUD-PLATFORM
15142.250.186.168United States
AS15169GOOGLE
1578.135.73.16Turkey
AS210099Tigova Network Limited
15142.250.185.72United States
AS15169GOOGLE
152a00:1450:4001:81d::2008Frankfurt am Main, Hesse, Germany
AS15169GOOGLE
936--

Detected Technologies1

Ubuntu
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T15104C8E8834420B7C1039FA7F8221789615FE03BE90ABF959F9947C72ED7E55840B74A

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:yOD0W9xnXd/nnx5HnHDG+/V1L9lV3/FV1ZMiKzSbq:swxnXd/nnx5HnHDc

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:175791:giJAVEONIQCTEQkNAwRUAmUohKaBqiBRWcAwBSDEMAtkRuAeEaXXlQAAjAAiAORAggNxxgTCQBVFEKQGGgEAAjMeGA4KoBDK

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00387074740028ff
Perceptual Hash:c244bd3be635b0c6
Difference Hash:8de0e2e4e599586c
Wavelet Hash:003870767c0d3eff
Color Hash:#ae87c5

Other Hashes

Crop Resistant:8de0e2e4e599586c,737333333373d8f0,8ce0e2e4e4ed9b60

Scan History

Scan history not available

Unable to load historical scan data