db-erneuern.site Open in urlscan Pro
2606:4700:3031::ac43:ab6e  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request start Show response db-erneuern.site/	17 KB 5 KB	771ms 468ms	Document text/html	2606:4700:3031::ac43:ab6e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://db-erneuern.site/start Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab6e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa19f26f45d8d022c6fd3f2c5ad6c186b0daa6db86fc798a6572ee2d0a80ab13 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8257f0e9ef4d5f20-MIA content-encoding br content-type text/html; charset=UTF-8 date Mon, 13 Nov 2023 15:10:22 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7ma4SmMBGeXRlbxqEcEIf7L%2Bw5I3inlgci2VoR0Vy8BWRLCnEIxrDpzq4obouOnEklIbNZ28EC4NLBUkUl9%2FHnGx2tvPZ9QXEx8K8eL%2FOixZ5GPzWwQFSvqMwonUGfTNWOWfGRsIdu5BdTvIWYG"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	styles.css db-erneuern.site/assets/css/	400 KB 58 KB	806ms 805ms	Stylesheet text/css	2606:4700:3031::ac43:ab6e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://db-erneuern.site/assets/css/styles.css Requested by Host: db-erneuern.site URL: https://db-erneuern.site/start Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab6e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c1aacf8abd0859dda56d2fe60300db1cd38631a0d8380c2e8701dcd04c9f0cf Request headers accept-language en-US,en;q=0.9 Referer https://db-erneuern.site/start User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:10:23 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 10 Nov 2023 13:54:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64067-609cca9879094-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vhm7flDWWAhVUKMhy0CH6r7QalcrPRup1qhUuVDD9kaJxSMN76O2oXRNMeGRsPuNe4GBB8plTKlZWSORKZH1E%2BL8MkimEme19Z%2BgCv1kkCUG8ukGvlMEQk0rSLr4%2FTX3c60bio7bPxxv0KSVvKVO"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8257f0ed9e955f20-MIA alt-svc h3=":443"; ma=86400
GET H2	200	logo_db.gif db-erneuern.site/assets/images/	2 KB 2 KB	473ms 472ms	Image image/gif	2606:4700:3031::ac43:ab6e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://db-erneuern.site/assets/images/logo_db.gif Requested by Host: db-erneuern.site URL: https://db-erneuern.site/start Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab6e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 102d5e9253625aeb5d47ad0350763b534b95a92a240f353e8bd9bb43ef1722c2 Request headers accept-language en-US,en;q=0.9 Referer https://db-erneuern.site/start User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:10:22 GMT cf-cache-status REVALIDATED last-modified Fri, 10 Nov 2023 13:54:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "774-609ccaa749113" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5AAGEySyM5a0lhSu8isqQtG8ctVEt3X4eSLWjlqnPWhwyReqGCUSSCKiatphjTad78TLKO9TzTJZY6a%2BMFDmmNLkw8xrSfsWYdQfFw5NslebQtO81zB6uCS6GSgrY2ZJt%2FPWTubMiibxNcHzoJ8"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 8257f0ed9e965f20-MIA alt-svc h3=":443"; ma=86400 content-length 1908
GET H2	200	print.css db-erneuern.site/assets/css/	12 KB 4 KB	481ms 481ms	Stylesheet text/css	2606:4700:3031::ac43:ab6e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://db-erneuern.site/assets/css/print.css Requested by Host: db-erneuern.site URL: https://db-erneuern.site/start Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab6e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ad8478925b9c5d28672c14ad7b15aa406d0f6dd0f16946652c32248b4f4ba2c Request headers accept-language en-US,en;q=0.9 Referer https://db-erneuern.site/start User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:10:22 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 10 Nov 2023 13:54:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"30f5-609cca969e6c0-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCWWjsQd4kKJjm%2F7kbFWPxs4qy1SKnwq6%2F4GPEwIV8mKBZnekcspzRWFn%2Fkz5xsbHTZL9%2FblCDmHP4cco15nPpLv5vBTmBeuYjswWkQaupeP6dIZtdxC9FpiTJ3b%2FVyHcG5l%2BCbdwZENTIS6Ydlw"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8257f0edbec65f20-MIA alt-svc h3=":443"; ma=86400
GET H3	200	bg_headerContainer.svg db-erneuern.site/assets/images/	24 KB 9 KB	648ms 647ms	Image image/svg+xml	2606:4700:3031::ac43:ab6e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://db-erneuern.site/assets/images/bg_headerContainer.svg Requested by Host: db-erneuern.site URL: https://db-erneuern.site/start Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab6e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9262dbfa53a29e4577d36a4fc360759764771809c70c47d6ec713f2c889caf74 Request headers accept-language en-US,en;q=0.9 Referer https://db-erneuern.site/start User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:10:23 GMT content-encoding br cf-cache-status MISS last-modified Fri, 10 Nov 2023 13:54:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"602b-609ccaa509ddb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0UkspW6t%2FGHJqCABP4jJoXHguC%2BXr8ZgiDCD6jCZPtL3Rza6EK0GwnEcsOYXB6UiPDpmBF2%2BALjjMd%2BEtsoTYhinCiV2BGbsUpqOoQsIk7gkJMjPkOKjVPLdlOQFC9FwhNcXEsjDIJCtWRm7MXb"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 8257f0f2b944dacd-MIA alt-svc h3=":443"; ma=86400
GET H3	404	bg_additionalInfos.png db-erneuern.site/assets/css/	278 B 278 B	491ms 490ms	Image text/html	2606:4700:3031::ac43:ab6e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://db-erneuern.site/assets/css/bg_additionalInfos.png Requested by Host: db-erneuern.site URL: https://db-erneuern.site/assets/css/styles.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab6e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79aef6808d947b1749c715747f5056c0ba7d6d13b211a61ef9f9ae61a3033540 Request headers accept-language en-US,en;q=0.9 Referer https://db-erneuern.site/assets/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:10:23 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROup%2FoUIzU9bPZz4EBxXusI%2B%2FfSgva7uFJFbwPF41rq5YfLHsyiEnSuMQSpcYIna%2BXkJPBiFup%2BL2xieTFYjSNRFPTRwssLYP%2FY3UxunkBJC6GLT6%2FihBoFut3%2Fe5vsS4bL2LiE%2BvZokMGCR6E60"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 8257f0f2b949dacd-MIA alt-svc h3=":443"; ma=86400
GET H3	200	pfbicons.woff db-erneuern.site/assets/fonts/	57 KB 57 KB	794ms 794ms	Font font/woff	2606:4700:3031::ac43:ab6e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://db-erneuern.site/assets/fonts/pfbicons.woff Requested by Host: db-erneuern.site URL: https://db-erneuern.site/assets/css/styles.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab6e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7274c97d9d713e6c4a515d61678edb6a3cb6e61d855276a64f37d41c3e25e354 Request headers Referer https://db-erneuern.site/assets/css/styles.css Origin https://db-erneuern.site accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:10:23 GMT cf-cache-status MISS last-modified Fri, 10 Nov 2023 13:54:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "e2c4-609ccaa3d44ae" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIEKEdN883daO8mgPgOdQvHH5E6AihYrIBST7IR6Bb6wqiImUXTdZiaGcZqpYuPphyhXcm9xZKwFJv%2F3XUhhJUYdFf%2FLZRUPo9Ci514QxovxwoE8JDgxws53%2FgytR17IWdL8RvOr786%2FmZykU0kT"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 8257f0f2b94adacd-MIA alt-svc h3=":443"; ma=86400 content-length 58052
GET H3	404	bg_phishingDistractor.png db-erneuern.site/assets/css/	278 B 278 B	468ms 467ms	Image text/html	2606:4700:3031::ac43:ab6e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://db-erneuern.site/assets/css/bg_phishingDistractor.png Requested by Host: db-erneuern.site URL: https://db-erneuern.site/assets/css/styles.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab6e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79aef6808d947b1749c715747f5056c0ba7d6d13b211a61ef9f9ae61a3033540 Request headers accept-language en-US,en;q=0.9 Referer https://db-erneuern.site/assets/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:10:23 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPOrqE2PI%2FT3JggshY1GrPlJ1ZobXknGXZddmEytfb9%2BWNr3JfmBrMDSeMKWdSyHTfHR1CUI14ekhju22rbt0zgsvTexVQA7tAJh2tBB1NHO9as66NNekTO2%2F7XLFAgdJI2Xr9QU0lCuYoy4qUoq"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 8257f0f2c975dacd-MIA alt-svc h3=":443"; ma=86400
GET H3	200	bt_primary_default.png db-erneuern.site/assets/images/	397 B 867 B	474ms 473ms	Image image/png	2606:4700:3031::ac43:ab6e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://db-erneuern.site/assets/images/bt_primary_default.png Requested by Host: db-erneuern.site URL: https://db-erneuern.site/start Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab6e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c2bceb05d1e6ffbad84c59a08f4943d37a1323fe48573d7ad9afc5121cbc95f Request headers accept-language en-US,en;q=0.9 Referer https://db-erneuern.site/start User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:10:23 GMT cf-cache-status MISS last-modified Fri, 10 Nov 2023 13:54:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "18d-609ccaa57e140" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30kJXNHpJtz1fz5p45%2F%2BbO%2FM8IHHWIXBSihU0zcbyKC2FISs%2BGfjHwvz6YqWec8BB5NK3q7bwMuOAxnxE%2Fe2UUlzR%2BZWXl4sGk3aqVWhwLauJU3IXe%2FpXJURWLS%2BYU13nnApjkl0pKbhv7zoOauc"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8257f0f2c977dacd-MIA alt-svc h3=":443"; ma=86400 content-length 397

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Deutsche Bank (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| staticSrcDir string| staticSrcCommonsDir function| checkCapsLock function| disableSubmitButton function| doNext function| setFocusNext number| timeLeft number| setTimer

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			db-erneuern.site/	1969-12-31 23:59:59	Name: PHPSESSID Value: c9eg8fkgojm09nsvlsseioj2hb

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://db-erneuern.site/assets/css/bg_phishingDistractor.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://db-erneuern.site/assets/css/bg_additionalInfos.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

db-erneuern.site
2606:4700:3031::ac43:ab6e
102d5e9253625aeb5d47ad0350763b534b95a92a240f353e8bd9bb43ef1722c2
4c1aacf8abd0859dda56d2fe60300db1cd38631a0d8380c2e8701dcd04c9f0cf
7274c97d9d713e6c4a515d61678edb6a3cb6e61d855276a64f37d41c3e25e354
79aef6808d947b1749c715747f5056c0ba7d6d13b211a61ef9f9ae61a3033540
7c2bceb05d1e6ffbad84c59a08f4943d37a1323fe48573d7ad9afc5121cbc95f
9262dbfa53a29e4577d36a4fc360759764771809c70c47d6ec713f2c889caf74
9ad8478925b9c5d28672c14ad7b15aa406d0f6dd0f16946652c32248b4f4ba2c
fa19f26f45d8d022c6fd3f2c5ad6c186b0daa6db86fc798a6572ee2d0a80ab13