www.ploufpiscine.be Open in urlscan Pro
2001:1600:4:9:f816:3eff:fe66:545a Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ploufpiscine.be/meine.bank99.at/b99/front/
Effective URL:
https://www.ploufpiscine.be/meine.bank99.at/b99/front/
Submission: On July 27 via api (July 27th 2022, 8:25:10 am UTC) from IE — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 15 HTTP transactions. The main IP is 2001:1600:4:9:f816:3eff:fe66:545a, located in Geneva, Switzerland and belongs to INFOMANIAK-AS, CH. The main domain is www.ploufpiscine.be.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 4th 2022. Valid for: a year.

This is the only time www.ploufpiscine.be was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: bank99 (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 6	2001:1600:4:9... 2001:1600:4:9:f816:3eff:fe66:545a	29222 (INFOMANIA...) (INFOMANIAK-AS)
1 2	2606:4700:20:... 2606:4700:20::681a:95b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6ea0:c70... 2a02:6ea0:c700::20	60068 (CDN77 ^_^) (CDN77 ^_^)
2	193.110.183.243 193.110.183.243	24656 (ARZ) (ARZ)
4	2606:4700:303... 2606:4700:3032::6815:1e29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	7

6 2001:1600:4:9:f816:3eff:fe66:545a (Geneva, Switzerland) 1 redirects

ASN29222 (INFOMANIAK-AS, CH)

www.ploufpiscine.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:95b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::20 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

img.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.110.183.243 (Vienna, Austria)

ASN24656 (ARZ, AT)
PTR: arz-193-110-183-243.arz.at

meine.bank99.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::6815:1e29 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	ploufpiscine.be 1 redirects www.ploufpiscine.be	381 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1888 ka-f.fontawesome.com — Cisco Umbrella Rank: 4402	32 KB
2	bank99.at meine.bank99.at	130 KB
2	tailwindcss.com 1 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 136385	97 KB
1	icons8.com img.icons8.com — Cisco Umbrella Rank: 32201	1020 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 303	34 KB
15	6

	Domain	Requested by
6	www.ploufpiscine.be	1 redirects www.ploufpiscine.be
4	ka-f.fontawesome.com	kit.fontawesome.com
2	meine.bank99.at	www.ploufpiscine.be
2	cdn.tailwindcss.com	1 redirects www.ploufpiscine.be
1	img.icons8.com	www.ploufpiscine.be
1	kit.fontawesome.com	www.ploufpiscine.be
1	ajax.googleapis.com	www.ploufpiscine.be
15	7

This site contains no links.

Subject Issuer	Validity	Valid
www.ploufpiscine.be Sectigo RSA Domain Validation Secure Server CA	`2022-06-04` - `2023-06-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
1004834818.rsc.cdn77.org R3	`2022-07-23` - `2022-10-21`	3 months	crt.sh
meine.bank99.at EuropeanSSL Server CA 2	`2022-01-12` - `2023-02-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-12` - `2022-09-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.ploufpiscine.be/meine.bank99.at/b99/front/
Frame ID: 2E289A54242D75B0A747B91763E116AB
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

http://www.ploufpiscine.be/meine.bank99.at/b99/front/ HTTP 302
https://www.ploufpiscine.be/meine.bank99.at/b99/front/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

93 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

674 kB
Transfer

1073 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ploufpiscine.be/meine.bank99.at/b99/front/ HTTP 302
https://www.ploufpiscine.be/meine.bank99.at/b99/front/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cdn.tailwindcss.com/ HTTP 302
https://cdn.tailwindcss.com/3.1.4

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ploufpiscine.be/meine.bank99.at/b99/front/
Redirect Chain

http://www.ploufpiscine.be/meine.bank99.at/b99/front/
https://www.ploufpiscine.be/meine.bank99.at/b99/front/

11 KB
3 KB

109ms
37ms

Document
text/html

2001:1600:4:9:f816:3eff:fe66:545a
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ploufpiscine.be/meine.bank99.at/b99/front/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:9:f816:3eff:fe66:545a Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

5d70b0bcaf5fd3e94c5c81613835cf648545e219735f23f4e249a4248e07667e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=604800
content-encoding: gzip
content-length: 2482
content-type: text/html; charset=utf-8
date: Wed, 27 Jul 2022 08:25:04 GMT
etag: "2c69-5df7e6ef55b00-gzip"
expires: Wed, 03 Aug 2022 08:25:04 GMT
last-modified: Sat, 21 May 2022 04:56:44 GMT
server: Apache
strict-transport-security: max-age=16000000
vary: Accept-Encoding

Redirect headers

Cache-Control: max-age=604800
Content-Length: 238
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 27 Jul 2022 08:25:04 GMT
Expires: Wed, 03 Aug 2022 08:25:04 GMT
Location: https://www.ploufpiscine.be/meine.bank99.at/b99/front/
Server: Apache

GET
H2

200

3.1.4 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/
https://cdn.tailwindcss.com/3.1.4

318 KB
96 KB

44ms
44ms

Script
text/javascript

2606:4700:20::681a:95b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.1.4

Requested by

Host: www.ploufpiscine.be
URL: https://www.ploufpiscine.be/meine.bank99.at/b99/front/

Protocol

Server

2606:4700:20::681a:95b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93e12f7279f0a52eb911f8e36ddc01ebbe118a3039fac8b7799f4e8bcc8364f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ploufpiscine.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:25:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2300016
last-modified: Thu, 30 Jun 2022 17:21:18 GMT
server: cloudflare
x-vercel-id: syd1::iad1::jcnnr-1656609676667-05a152e1b5bb
x-vercel-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUkZedKJT4zdEkl4udDoSGamMA%2B2Jtxepnxjg9y84%2BanUnuuJ3O2dPB7ebDsu9GOzuLHKyfN7ZzIF1Ar2%2BCtKtiDi%2BigDbxs3sGZBvMVNYMqwmVAe6ypJ3Zko6MjhQQnfMDvhedeePu8oQ8ge1FMdos%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 7313fb7bb9035995-MXP

Redirect headers

date: Wed, 27 Jul 2022 08:25:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id: syd1::iad1::wnbwm-1658909529049-3ed793b022e2
age: 22
x-vercel-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtQt8%2B2oVI7Ubh%2Bm2lyHZezVg3POz4NEo5y6spLo9lDnMFXsv8A%2BXkncZk1R%2B7bDxVUGfdtfCkpgz1TUaySrZaR5uz1T06gsR2kdh7LUUZk9HSm8DJO%2BgSCwGQVmGhUJH8pwvrz0dFTlyPWuY2CAXBU%3D"}],"group":"cf-nel","max_age":604800}
location: /3.1.4
cache-control: max-age=14400
strict-transport-security: max-age=63072000
cf-ray: 7313fb7b788f5995-MXP
content-length: 0
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 57ms
16ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.ploufpiscine.be
URL: https://www.ploufpiscine.be/meine.bank99.at/b99/front/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ploufpiscine.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 04:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 04:13:41 GMT

GET
H2 200 887a93ffa3.js Show response
kit.fontawesome.com/ 11 KB
4 KB 131ms
72ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/887a93ffa3.js

Requested by

Host: www.ploufpiscine.be
URL: https://www.ploufpiscine.be/meine.bank99.at/b99/front/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0b4b002b36ee57604354d891a5c73a6864391ee7f3ff250dec05b01bbd81bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.ploufpiscine.be/
Origin: https://www.ploufpiscine.be
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:25:04 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 7313fb7b5bcecc36-ZRH
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FwWblMXOesD5V-8K3dkh

GET
H2 200 style.css
www.ploufpiscine.be/meine.bank99.at/b99/front/ 4 KB
1 KB 33ms
32ms Stylesheet
text/css 2001:1600:4:9:f816:3eff:fe66:545a
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ploufpiscine.be/meine.bank99.at/b99/front/style.css

Requested by

Host: www.ploufpiscine.be
URL: https://www.ploufpiscine.be/meine.bank99.at/b99/front/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:9:f816:3eff:fe66:545a Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

35622e99a9a2b6b14de336a558b99b748d5e304ebbdb12cea2db206fe1db2ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ploufpiscine.be/meine.bank99.at/b99/front/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:25:04 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2022 18:43:00 GMT
server: Apache
etag: "f49-5df75dc13b500-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
strict-transport-security: max-age=16000000
accept-ranges: bytes
content-length: 889
expires: Wed, 03 Aug 2022 08:25:04 GMT

GET
H2 200 logo.png
www.ploufpiscine.be/meine.bank99.at/b99/front/assets/ 30 KB
30 KB 63ms
63ms Image
image/png 2001:1600:4:9:f816:3eff:fe66:545a
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ploufpiscine.be/meine.bank99.at/b99/front/assets/logo.png

Requested by

Host: www.ploufpiscine.be
URL: https://www.ploufpiscine.be/meine.bank99.at/b99/front/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:9:f816:3eff:fe66:545a Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

9a48abc1c0966ae27ea445a3af3f6602ffc5de898fcf007c1b32800cda33f787

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ploufpiscine.be/meine.bank99.at/b99/front/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:25:04 GMT
last-modified: Thu, 19 May 2022 17:00:22 GMT
server: Apache
etag: "76ff-5df604f30b580"
strict-transport-security: max-age=16000000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 30463
expires: Wed, 03 Aug 2022 08:25:04 GMT

GET
H2 200 chevron.svg
www.ploufpiscine.be/meine.bank99.at/b99/front/assets/ 141 B
420 B 33ms
32ms Image
image/svg+xml 2001:1600:4:9:f816:3eff:fe66:545a
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ploufpiscine.be/meine.bank99.at/b99/front/assets/chevron.svg

Requested by

Host: www.ploufpiscine.be
URL: https://www.ploufpiscine.be/meine.bank99.at/b99/front/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:9:f816:3eff:fe66:545a Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

0de36e547f6703f8416190d4d94fee1f1c149e42f850150dfc787aca3f071095

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ploufpiscine.be/meine.bank99.at/b99/front/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:25:04 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2022 18:18:52 GMT
server: Apache
etag: "8d-5df7585c4fb00-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
strict-transport-security: max-age=16000000
accept-ranges: bytes
content-length: 135
expires: Wed, 03 Aug 2022 08:25:04 GMT

GET
H2 200 multiply.png
img.icons8.com/ios-filled/50/000000/ 398 B
1020 B 400ms
321ms Image
image/png 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.icons8.com/ios-filled/50/000000/multiply.png

Requested by

Host: www.ploufpiscine.be
URL: https://www.ploufpiscine.be/meine.bank99.at/b99/front/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

0d14ef4e270ba8b5419f93c97f8abf14b27199528509416524877164fe264793

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ploufpiscine.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Jul 2022 08:25:05 GMT
icon-size: 50
x-content-type-options: nosniff
memory-svg-cache: false
access-control-allow-origin: *
from-cache: false
from-svg-cache: true
icon-format: png
x-cache: MISS
strict-transport-security: max-age=15724800; includeSubDomains
x-dns-prefetch-control: off
content-length: 398
x-xss-protection: 1; mode=block
x-77-nzt: AdRmOI2U5cXB
x-accel-expires: @1659212705
not-found-platform: false
last-modified: Wed, 27 Jul 2022 00:23:50 GMT
server: CDN77-Turbo
x-77-nzt-ray: IX6xK8gR6g0
x-download-options: noopen
x-77-cache: MISS
content-type: image/png
memory-cache: false
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=302400
icon-id: 9433
accept-ranges: bytes
version: 0.1.0-SNAPSHOT.20220624120708072

GET
H/1.1 200
OK loading-animation.gif
meine.bank99.at/banking/resource/18c355e592860e98ced912b321b615408d8e1a63/m122/images/ 108 KB
108 KB 172ms
74ms Image
image/gif 193.110.183.243
ARZ

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meine.bank99.at/banking/resource/18c355e592860e98ced912b321b615408d8e1a63/m122/images/loading-animation.gif

Requested by

Host: www.ploufpiscine.be
URL: https://www.ploufpiscine.be/meine.bank99.at/b99/front/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.110.183.243 Vienna, Austria, ASN24656 (ARZ, AT),

Reverse DNS

arz-193-110-183-243.arz.at

Software

nginx /

Resource Hash

a6042095c8394001a87eae5196a219e0b53c3596cef31784e6d033a710039639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ploufpiscine.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
Date: Wed, 27 Jul 2022 08:25:04 GMT
Strict-Transport-Security: max-age=31536000
Server: nginx
X-Frame-Options: DENY
Content-Language: en-US
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=2419200,must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=15, max=100
content-length: 110541
Expires: Wed, 24 Aug 2022 08:25:04 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.1.2/css/ 100 KB
21 KB 100ms
37ms Fetch
text/css 2606:4700:3032::6815:1e29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.1.2/css/free.min.css?token=887a93ffa3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/887a93ffa3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e7dfb3770b62bcfa8623c327404f5080e7ba6e2a219c41ad252f4c38ebd7a7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ploufpiscine.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:25:04 GMT
via: 1.1 4cf158854c817356f28b2e3ce834552e.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5297
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jul 2022 14:58:26 GMT
server: cloudflare
etag: W/"0b7dc322d4f737c2bf1d43de22f920a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thPiNr1wRDHfhYIAjaOhHkAsKdlnDk%2FyEa7vC%2BoX%2Fq91NS2mCU8HIkIP0wreePiOlXfYbabf40X%2FxncE2YnHlDJEca7JSb8%2BuadTL6VMhCKhBRxIPzx7hW12XRoPap0fwuoQ3399Em9Epmm04orMjd56VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP64-C3
cf-ray: 7313fb7cdee23746-MXP
access-control-allow-headers: fa-kit-token
x-amz-cf-id: CCINB0GuiU1sjpEkqhMHmsuHIOKpQAo-jkWVjRhfLsR8ZKjYH8sg5Q==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.1.2/css/ 27 KB
5 KB 96ms
33ms Fetch
text/css 2606:4700:3032::6815:1e29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.1.2/css/free-v4-shims.min.css?token=887a93ffa3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/887a93ffa3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 683ea60cc3dbfde397282a60bb8d073389b2217f9f04aaa25822e43dd3b16c2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ploufpiscine.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:25:04 GMT
via: 1.1 ab6f11597d22bd0292d6b657e4418dd2.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61184
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jul 2022 14:58:25 GMT
server: cloudflare
etag: W/"96816d3771234767a5fa14b975c670b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVW8IEBy0SdXSq6dCTthSPQ2EESKPzlRzuZJ8uCX95F7ll2u72L9KBxOQzAdxmO%2FZi2vNHU3X04YE3b5ZHY132%2B2R5NSPByYP8NjwGKEzMWbRSG2CCbKy%2B8gUrZq00wZAbWduFinSMouwV3O1G83gL%2FX6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP64-C1
cf-ray: 7313fb7cdee33746-MXP
access-control-allow-headers: fa-kit-token
x-amz-cf-id: kztDS2nQpYwmI2smnM4-Bi754tRNkuh2LVOVbdUlGsSH9I1GjDpvEA==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.1.2/css/ 823 B
723 B 98ms
35ms Fetch
text/css 2606:4700:3032::6815:1e29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.1.2/css/free-v5-font-face.min.css?token=887a93ffa3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/887a93ffa3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c51a12212db6797d3298cc0f1797ba121e45cd26e0d11222389d82800e905a71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ploufpiscine.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:25:04 GMT
via: 1.1 3f89e37587211b5ffd0fe59e12bf92d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61184
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jul 2022 14:58:25 GMT
server: cloudflare
etag: W/"65040fb03ef1332cf437c545afd7431f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hVMpEq2kWXrKmK5tNGZPxP%2B2GSCQLQlPq1qZHP4ItxARPUmtG0z%2Fv9xLuKFrBVe%2FBe64q0hbIPsmaZMa2VAt4A%2BulkzxSL1j8zq%2FNvoxNDCDsaGgMtg%2BeY6t9hwCqHrohJwY9F54ni63P4Zl6F8KTLr5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP64-C1
cf-ray: 7313fb7cdee43746-MXP
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ZybARw-0jb7y0l23fRwbdp5nyY1wXXK-DL9B3LkF1GrKw-mLjQKBWQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.1.2/css/ 2 KB
1 KB 97ms
34ms Fetch
text/css 2606:4700:3032::6815:1e29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.1.2/css/free-v4-font-face.min.css?token=887a93ffa3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/887a93ffa3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 040b6a6257f4e9b03d02543c254b47fc2287a93913e6b8e4aef00e72c4b46cfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ploufpiscine.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:25:04 GMT
via: 1.1 521484bc87dc7b3d509c41618270e818.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5297
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jul 2022 14:58:25 GMT
server: cloudflare
etag: W/"fe830daeb85511a2662ffb7f0f591490"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndjNAWYxZe8T9LXaduDdxJ%2Fl5LN4l9JIqJwgDz6MuFSM2bkylvR8pUKi6rQoxJ13WoZs%2BkeNEfYPXuFPsHG7iGm5qlxhuM1X0DGomdAaHqafUCUY5u%2F18O7kUpxysFSghVNC2qOKjzkBji4AmHn%2F%2BChcOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP64-C3
cf-ray: 7313fb7cdee53746-MXP
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 3pxKK88pxDKlfMilWraMK8eQTwc5Y68Fpy6LUbbBTzKXAVOtpLZU5g==

GET
H2 200 login-background.jpg
www.ploufpiscine.be/meine.bank99.at/b99/front/assets/ 346 KB
346 KB 34ms
33ms Image
image/jpeg 2001:1600:4:9:f816:3eff:fe66:545a
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ploufpiscine.be/meine.bank99.at/b99/front/assets/login-background.jpg

Requested by

Host: www.ploufpiscine.be
URL: https://www.ploufpiscine.be/meine.bank99.at/b99/front/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:9:f816:3eff:fe66:545a Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

7e2e5b98761af2ad33e704867bd4ffca9206c60144e68b6d05ce8eab6298dfbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ploufpiscine.be/meine.bank99.at/b99/front/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:25:04 GMT
last-modified: Thu, 19 May 2022 20:53:54 GMT
server: Apache
etag: "56647-5df63925edc80"
strict-transport-security: max-age=16000000
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 353863
expires: Wed, 03 Aug 2022 08:25:04 GMT

GET
H/1.1 200
OK PostSans-Regular.woff2
meine.bank99.at/banking/resource/18c355e592860e98ced912b321b615408d8e1a63/m122/fonts/ 21 KB
21 KB 156ms
85ms Font
application/octet-stream 193.110.183.243
ARZ

General

Check archive.org

Show headers Download Go to

Full URL

https://meine.bank99.at/banking/resource/18c355e592860e98ced912b321b615408d8e1a63/m122/fonts/PostSans-Regular.woff2

Requested by

Host: www.ploufpiscine.be
URL: https://www.ploufpiscine.be/meine.bank99.at/b99/front/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.110.183.243 Vienna, Austria, ASN24656 (ARZ, AT),

Reverse DNS

arz-193-110-183-243.arz.at

Software

nginx /

Resource Hash

a3b9b469d31790096180616fae0155d3af8088924ef1d724bfd085ff3d12f075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://www.ploufpiscine.be/
Origin: https://www.ploufpiscine.be
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
Date: Wed, 27 Jul 2022 08:25:04 GMT
Strict-Transport-Security: max-age=31536000
Server: nginx
X-Frame-Options: DENY
Content-Language: en-US
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=2419200,must-revalidate
Connection: Keep-Alive
Content-Type: text/plain
Keep-Alive: timeout=15, max=100
Content-Length: 21296
Expires: Wed, 24 Aug 2022 08:25:04 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: bank99 (Banking)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16000000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.tailwindcss.com
img.icons8.com
ka-f.fontawesome.com
kit.fontawesome.com
meine.bank99.at
www.ploufpiscine.be
193.110.183.243
2001:1600:4:9:f816:3eff:fe66:545a
2606:4700:20::681a:95b
2606:4700:3032::6815:1e29
2606:4700::6812:1634
2a00:1450:4001:82b::200a
2a02:6ea0:c700::20
040b6a6257f4e9b03d02543c254b47fc2287a93913e6b8e4aef00e72c4b46cfc
0d14ef4e270ba8b5419f93c97f8abf14b27199528509416524877164fe264793
0de36e547f6703f8416190d4d94fee1f1c149e42f850150dfc787aca3f071095
35622e99a9a2b6b14de336a558b99b748d5e304ebbdb12cea2db206fe1db2ae5
5d70b0bcaf5fd3e94c5c81613835cf648545e219735f23f4e249a4248e07667e
5e7dfb3770b62bcfa8623c327404f5080e7ba6e2a219c41ad252f4c38ebd7a7d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
683ea60cc3dbfde397282a60bb8d073389b2217f9f04aaa25822e43dd3b16c2e
7e2e5b98761af2ad33e704867bd4ffca9206c60144e68b6d05ce8eab6298dfbd
93e12f7279f0a52eb911f8e36ddc01ebbe118a3039fac8b7799f4e8bcc8364f8
9a48abc1c0966ae27ea445a3af3f6602ffc5de898fcf007c1b32800cda33f787
a3b9b469d31790096180616fae0155d3af8088924ef1d724bfd085ff3d12f075
a6042095c8394001a87eae5196a219e0b53c3596cef31784e6d033a710039639
c51a12212db6797d3298cc0f1797ba121e45cd26e0d11222389d82800e905a71
e0b4b002b36ee57604354d891a5c73a6864391ee7f3ff250dec05b01bbd81bad

www.ploufpiscine.be Open in urlscan Pro 2001:1600:4:9:f816:3eff:fe66:545a Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

86 %IPv6

6 Domains

7 Subdomains

7 IPs

4 Countries

674 kBTransfer

1073 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.ploufpiscine.be Open in urlscan Pro
2001:1600:4:9:f816:3eff:fe66:545a Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

674 kB
Transfer

1073 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!