vrzentralverwaltung.com
Open in
urlscan Pro
47.251.12.195
Malicious Activity!
Public Scan
Effective URL: https://vrzentralverwaltung.com/LAXWYX3Y2E
Submission: On December 04 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on November 30th 2021. Valid for: 3 months.
This is the only time vrzentralverwaltung.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Volksbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 185.7.214.60 185.7.214.60 | 57523 (CHANGWAY-AS) (CHANGWAY-AS) | |
24 | 47.251.12.195 47.251.12.195 | 45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.) | |
1 | 2606:4700::68... 2606:4700::6810:135e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
27 | 4 |
ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
vrzentralverwaltung.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
vrzentralverwaltung.com
vrzentralverwaltung.com |
472 KB |
1 |
jquery.com
code.jquery.com |
122 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
28 KB |
1 |
mariolarocque.com
mariolarocque.com |
363 B |
27 | 4 |
Domain | Requested by | |
---|---|---|
24 | vrzentralverwaltung.com |
vrzentralverwaltung.com
|
1 | code.jquery.com |
vrzentralverwaltung.com
|
1 | cdnjs.cloudflare.com |
vrzentralverwaltung.com
|
1 | mariolarocque.com | |
27 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
nxsource.ca R3 |
2021-11-30 - 2022-02-28 |
3 months | crt.sh |
vrzentralverwaltung.com R3 |
2021-11-30 - 2022-02-28 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://vrzentralverwaltung.com/LAXWYX3Y2E
Frame ID: 20918304BDDA062E55FF5BAAD4877A63
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
Portal für Privatkunden - Volksbank Raiffeisenbankline-searchtopdownprevline-menuline-loginline-closelinknextE-MailRückrufPage URL History Show full URLs
- https://mariolarocque.com/tnr5s Page URL
- https://vrzentralverwaltung.com/LAXWYX3Y2E Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://mariolarocque.com/tnr5s Page URL
- https://vrzentralverwaltung.com/LAXWYX3Y2E Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
tnr5s
mariolarocque.com/ |
83 B 363 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
LAXWYX3Y2E
vrzentralverwaltung.com/ |
94 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout.css
vrzentralverwaltung.com/apps/settings/wcm/designs/webcenter/page_z/20_1_2/layout/css-source/ |
330 KB 330 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-vr.svg
vrzentralverwaltung.com/ |
11 KB 11 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
corona-verteilerseite-vrnw-kampagne-schmal-nur-webbank.jpg
vrzentralverwaltung.com/content/ |
43 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
card-lock.png
vrzentralverwaltung.com/content/ |
316 B 547 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
security.png
vrzentralverwaltung.com/content/ |
454 B 685 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
karriere.png
vrzentralverwaltung.com/content/ |
432 B 663 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magazin.png
vrzentralverwaltung.com/content/ |
364 B 595 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bankingapp.png
vrzentralverwaltung.com/content/ |
374 B 605 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
servicecenter.png
vrzentralverwaltung.com/content/ |
294 B 525 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook-RefreshDesign.png
vrzentralverwaltung.com/content/ |
954 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wikipedia-RefreshDesign.png
vrzentralverwaltung.com/content/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gute-banken-RefreshDesign.png
vrzentralverwaltung.com/content/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
whatsapp-RefreshDesign.png
vrzentralverwaltung.com/content/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instagram-RefreshDesign.png
vrzentralverwaltung.com/content/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SchwaebischHall.png
vrzentralverwaltung.com/content/dam/allgemeines/logoleisterefreshdesign/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UnionInvestment.png
vrzentralverwaltung.com/content/dam/allgemeines/logoleisterefreshdesign/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RundV.png
vrzentralverwaltung.com/content/dam/allgemeines/logoleisterefreshdesign/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
easyCredit.png
vrzentralverwaltung.com/content/dam/allgemeines/logoleisterefreshdesign/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DZBANK_Initiativbank.png
vrzentralverwaltung.com/content/dam/allgemeines/logoleisterefreshdesign/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DZPrivatbank.png
vrzentralverwaltung.com/content/dam/allgemeines/logoleisterefreshdesign/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VR_Smart_Finanz.png
vrzentralverwaltung.com/content/dam/allgemeines/logoleisterefreshdesign/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DGHYP.png
vrzentralverwaltung.com/content/dam/allgemeines/logoleisterefreshdesign/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
M%c3%bcnchenerHyp.png
vrzentralverwaltung.com/content/dam/allgemeines/logoleisterefreshdesign/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.js
code.jquery.com/ui/1.12.1/ |
509 KB 122 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Volksbank (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
vrzentralverwaltung.com/ | Name: PHPSESSID Value: 74df0jbl10k21p3jh31im3dacp |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
code.jquery.com
mariolarocque.com
vrzentralverwaltung.com
185.7.214.60
2001:4de0:ac18::1:a:3b
2606:4700::6810:135e
47.251.12.195
13e65870ced69a64ea10ab710dcf909e3a7edb8ba36077070e9d77ae5ae9e085
193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6
3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6
33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
502a7fb4c1bf365963de3fdd9688af0029b1f84ba6e7dd92e999ac999d87c844
60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c
6493f9583b0a7d16dc68a0cb303e7406ed80fd540283135f215c3f17f1a2d38f
72ee1d1ee4b126565e177c4f16ac0e13e4b04ec0747573ea613f35fa7948f395
799944aa8de59898e648f6c0a90abf60ca9fc3f1125313d3ec8024a9e9f79cbe
7a6fc3d129abe7320a02c6f0106a823ccb3c5432200c73bea311bef712dc91e7
8de18a359a7d571ac0dd24470362ee236e131e871271de81dc6f4c40a72cb9a1
93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47
94067b4b514cea9806b84ceb098da000ce37932ee2caf0aa79cbc750e808caa1
9a5bc2bf10f2bce809831721fed58e22c7363139c3bfed97bb6fd660ee11001d
a98221c9155dc607127fe88bbcbc7d88296b084a56661ff27f627e7913dc5c8f
ab26bc72d10a5d80984e1a1bbe9f5d12c38013e35070f3ab382908c1f08594ec
af33e751820b3c1578047365cff0537fd0c45dfd204f577bbb473f91533d8be7
b4e4d75e2a154aecbebb502d3a7ce19798922e864c777c3b93f72cb56d724698
bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168
d56807f65e393800ada22487f9a50c8ad756e09d5c975763d671bda326d474f2
d9d36347f3d29c1b55cc381c77af923de68be504117d55329ef4d247a4a9ff14
e7c484e66741a570ce1b1c468dcdffa022c593621b3f06fc64f30b1c0f729172
ef39872d03e8907fceb24cbd2bada86876a9125f5d4b1377ea98bfcff4ee9fc0
f00e05e6fcb48cbf33e15e7393b71041234246e48727fc225310c153cfa6cc31
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fef43548a240a831c7be9bd0114fcb3f3e45dfdf4f3d723a8cdaa94028edf64b