peruix.net Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response peruix.net/wp-content/themes/seotheme/theme/PostBank.de/meine/	2 MB 944 KB	1078ms 967ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peruix.net/wp-content/themes/seotheme/theme/PostBank.de/meine/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a2dd60e3fe00326e0ee9c5e1516b243a20cdb97cc78fa78f4fd627cbbd3ec71 Security Headers Name Value X-Content-Type-Options nosniff nosniff X-Frame-Options SAMEORIGIN SAMEORIGIN X-Xss-Protection 1; mode=block 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=0, no-cache cf-cache-status DYNAMIC cf-ray 7d8dc7f0dfb7bb5f-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 17 Jun 2023 19:43:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy same-origin same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULLkIsMYvEiEOShbpsvxbDYuEpv9sLxiKwFjrPdys2ulVVKJd4NM0Qj3DdKoL1bCR4Yn5ykALlcasNftC%2BimkKTcs3H9zj2wr9scnJs2OI9anuo7fPSyEphm%2B6zNBfoSOTvIbw0nD0JK"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff nosniff x-frame-options SAMEORIGIN SAMEORIGIN x-page-speed 1 x-permitted-cross-domain-policies master-only master-only x-xss-protection 1; mode=block 1; mode=block
GET H2	200	1.JiBnMqyl6S.gif peruix.net/pagespeed_static/	53 B 419 B	47ms 46ms	Image image/gif	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://peruix.net/pagespeed_static/1.JiBnMqyl6S.gif Requested by Host: peruix.net URL: https://peruix.net/wp-content/themes/seotheme/theme/PostBank.de/meine/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://peruix.net/wp-content/themes/seotheme/theme/PostBank.de/meine/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 19:43:23 GMT x-content-type-options nosniff, nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only age 250517 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Wed, 14 Jun 2023 22:08:06 GMT server cloudflare etag W/"0" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/gif report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SktHzR0cwmqESSQU2xvORq4Pg8DDkDHFbNsL%2FCHTcPZD5ZkWskHStyx2R1orYQqYv0fv3jRiPnOb741tGdZh2pMTdtTQSGOIvLn8l%2B4anHV6eCEuvHgtT%2FgSEFZi6SZXnn6wFHWvW%2F59"}],"group":"cf-nel","max_age":604800} cache-control max-age=31536000 cf-ray 7d8dc7fd9fbebb5f-FRA
GET H2	404	svg-icon-sprite.svg peruix.net/wp-content/themes/seotheme/theme/PostBank.de/meine/bundles/@pbs/patternlib_pb/lib/runtime/assets/images/	0 0	733ms 732ms	Other text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peruix.net/wp-content/themes/seotheme/theme/PostBank.de/meine/bundles/@pbs/patternlib_pb/lib/runtime/assets/images/svg-icon-sprite.svg Requested by Host: peruix.net URL: https://peruix.net/wp-content/themes/seotheme/theme/PostBank.de/meine/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://peruix.net/wp-content/themes/seotheme/theme/PostBank.de/meine/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 19:43:24 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WP99bf7iqFOdG1SmUHUT9jD%2B3cDFt4M1MEhA9hbYMiZBGQbZkX03l7ungAnr9Jt1DFTqDL6DsvQ6MCUrq%2F0ppmDYMpmTwyEkg6hY4pZz4ZwAwoLLe7kNWyS7rMDbvgEOYQnN8sQNruwW"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400, s-maxage=10 cf-ray 7d8dc7fd9fbfbb5f-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44a485e43d7c032784496d17e884bdc41683d3ad3d9999287fa848a2f698ac20 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fe5103f855975085f28d2a255145a386f30d2afe2a1b26fa9943d74b54859b7b Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	xrenice.png.pagespeed.ic.VNPyoMPwZc.webp peruix.net/wp-content/themes/seotheme/theme/PostBank.de/meine/index_files/	620 B 1 KB	46ms 46ms	Image image/webp	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://peruix.net/wp-content/themes/seotheme/theme/PostBank.de/meine/index_files/xrenice.png.pagespeed.ic.VNPyoMPwZc.webp Requested by Host: peruix.net URL: https://peruix.net/wp-content/themes/seotheme/theme/PostBank.de/meine/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4868a82be3d8392e5070fdfb00f472063b2b08fbd5d8332cec679a71ffb494d4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://peruix.net/wp-content/themes/seotheme/theme/PostBank.de/meine/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 19:43:23 GMT cf-cache-status HIT x-original-content-length 1373 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 209267 alt-svc h3=":443"; ma=86400 content-length 620 x-page-speed 1 last-modified Wed, 14 Jun 2023 21:41:44 GMT server cloudflare etag W/"0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LthXboxVdgvVvOxSTE9Nw5HNa%2BgcZarNYv1QZAu74DeToWWS11gAYpXSPIoLvYUcwxvzcTTS1d3McTm5jkgoLjQcXxKm8rrXVgG45N5pugUjxGAVvh1Eg%2F6jyA4uVdz72jwcQ9cIJZ8n"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 7d8dc7fd9fc2bb5f-FRA link <https://peruix.net/wp-content/themes/seotheme/theme/PostBank.de/meine/index_files/renice.png>; rel="canonical" expires Thu, 13 Jun 2024 21:41:44 GMT
GET DATA	200 OK	truncated /	1016 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2b46a500fcaaee5c95cbe3ebeb539f6f9a7a14978387f696ab6f092838e9c920 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	48 KB 48 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0392b37cafa1d3eaf5f00c2594df53bea1f7c7059180098d4185a2425d580d1c Request headers Referer Origin https://peruix.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	41 KB 41 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 33f227be2f5d1077c023bf5bfaa69f4498c74c3771d820ac23e2e2ca2a2bcd0d Request headers Referer Origin https://peruix.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	612 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 545d99b57daa48a5fd7781e1ace4be2422a069625a8c71924d2a245998755df7 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	15 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2afc1ff4a798ce317d694abd9ecb5dc5f7e1211f80e3864902c0f6da65746c14 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	50 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1dba4aed649c01e3a9864ed3313c4b506525c74e107760f113b31dc044a0f452 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/jpeg

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Postbank (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| savepage_ShadowLoader object| pagespeed

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://peruix.net/wp-content/themes/seotheme/theme/PostBank.de/meine/bundles/@pbs/patternlib_pb/lib/runtime/assets/images/svg-icon-sprite.svg#icon-info Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

peruix.net
2a06:98c1:3120::3
0392b37cafa1d3eaf5f00c2594df53bea1f7c7059180098d4185a2425d580d1c
0a2dd60e3fe00326e0ee9c5e1516b243a20cdb97cc78fa78f4fd627cbbd3ec71
1dba4aed649c01e3a9864ed3313c4b506525c74e107760f113b31dc044a0f452
1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a
2afc1ff4a798ce317d694abd9ecb5dc5f7e1211f80e3864902c0f6da65746c14
2b46a500fcaaee5c95cbe3ebeb539f6f9a7a14978387f696ab6f092838e9c920
33f227be2f5d1077c023bf5bfaa69f4498c74c3771d820ac23e2e2ca2a2bcd0d
44a485e43d7c032784496d17e884bdc41683d3ad3d9999287fa848a2f698ac20
4868a82be3d8392e5070fdfb00f472063b2b08fbd5d8332cec679a71ffb494d4
545d99b57daa48a5fd7781e1ace4be2422a069625a8c71924d2a245998755df7
fe5103f855975085f28d2a255145a386f30d2afe2a1b26fa9943d74b54859b7b