2.wcfgt.vier-pfoten-liebe.de Open in urlscan Pro
95.216.167.9  Malicious Activity! Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request comerica-wiring-instructions.html Show response 2.wcfgt.vier-pfoten-liebe.de/kter/	24 KB 6 KB	4602ms 1258ms	Document text/html	95.216.167.9 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Server 95.216.167.9 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.167.216.95.clients.your-server.de Software nginx / Resource Hash 4061a6bf450b191766e7a68fea9534133ce8c086ae13bd5f78c0a5fb302124b4 Request headers Host 2.wcfgt.vier-pfoten-liebe.de Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Wed, 31 Jul 2019 10:28:40 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Link <http://95.216.167.9/wp-json/>; rel="https://api.w.org/" Content-Encoding gzip
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/	118 KB 20 KB	1112ms 31ms	Stylesheet text/css	209.197.3.15 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip0x00f.map2.ssl.hwcdn.net Software / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 31 Jul 2019 10:28:42 GMT content-encoding gzip last-modified Wed, 12 Dec 2018 18:34:07 GMT access-control-allow-origin * etag "1544639647" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 status 200 cache-control public, max-age=31536000 x-hello-human Say hello back! @getBootstrapCDN on Twitter accept-ranges bytes timing-allow-origin * content-length 19740
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.1.1/	85 KB 30 KB	26ms 5ms	Script text/javascript	2a00:1450:4001:809::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 09 Jul 2019 05:50:32 GMT content-encoding gzip x-content-type-options nosniff age 1917489 status 200 alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 30244 x-xss-protection 0 last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 08 Jul 2020 05:50:32 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/	36 KB 10 KB	1115ms 35ms	Script text/javascript	209.197.3.15 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip0x00f.map2.ssl.hwcdn.net Software / Resource Hash 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 31 Jul 2019 10:28:42 GMT content-encoding gzip last-modified Wed, 12 Dec 2018 18:33:51 GMT access-control-allow-origin * etag "1544639631" vary Accept-Encoding x-cache HIT content-type text/javascript; charset=utf-8 status 200 cache-control public, max-age=31536000 x-hello-human Say hello back! @getBootstrapCDN on Twitter accept-ranges bytes timing-allow-origin * content-length 9832
GET H/1.1	200 OK	style.css 95.216.167.9/wp-content/themes/gn/	7 KB 2 KB	105ms 53ms	Stylesheet text/css	95.216.167.9 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://95.216.167.9/wp-content/themes/gn/style.css Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 95.216.167.9 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.167.216.95.clients.your-server.de Software nginx / Resource Hash 9293004ffea27d33c649adfb86cc7a14bffebd27eb61e65be86f93457ba576a0 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 31 Jul 2019 10:28:41 GMT Content-Encoding gzip Last-Modified Wed, 11 Jul 2018 01:05:58 GMT Server nginx ETag W/"1be6-570aed96d6980" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	jquery.mousewheel.pack.js Show response 95.216.167.9/wp-content/themes/gn/images/	2 KB 1 KB	317ms 53ms	Script application/javascript	95.216.167.9 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://95.216.167.9/wp-content/themes/gn/images/jquery.mousewheel.pack.js Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 95.216.167.9 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.167.216.95.clients.your-server.de Software nginx / Resource Hash 3262d61214c051fd1ddc466741e89970ef1755f2044de8ba9d6821a7adfa8841 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 31 Jul 2019 10:28:41 GMT Content-Encoding gzip Last-Modified Thu, 29 Jun 2017 19:37:52 GMT Server nginx ETag W/"735-5531e6fb7e400" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	jquery.fancybox.css 95.216.167.9/wp-content/themes/gn/images/source/	5 KB 2 KB	158ms 53ms	Stylesheet text/css	95.216.167.9 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://95.216.167.9/wp-content/themes/gn/images/source/jquery.fancybox.css Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 95.216.167.9 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.167.216.95.clients.your-server.de Software nginx / Resource Hash 33675f4a8b0e98d8cac9af2b3cd9374abd17070a24de91ee5c4035754c9127f5 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 31 Jul 2019 10:28:41 GMT Content-Encoding gzip Last-Modified Thu, 29 Jun 2017 19:37:52 GMT Server nginx ETag W/"134b-5531e6fb7e400" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	jquery.fancybox.pack.js Show response 95.216.167.9/wp-content/themes/gn/images/source/	23 KB 9 KB	372ms 54ms	Script application/javascript	95.216.167.9 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://95.216.167.9/wp-content/themes/gn/images/source/jquery.fancybox.pack.js Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 95.216.167.9 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.167.216.95.clients.your-server.de Software nginx / Resource Hash 5512f400cac3fbb1fdfbb02989ed098f88a2af5a6e4ba3d88a039bc421ea7ffe Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 31 Jul 2019 10:28:41 GMT Content-Encoding gzip Last-Modified Thu, 29 Jun 2017 19:37:52 GMT Server nginx ETag W/"5a93-5531e6fb7e400" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	jquery.fancybox-buttons.css 95.216.167.9/wp-content/themes/gn/images/source/helpers/	2 KB 1019 B	211ms 53ms	Stylesheet text/css	95.216.167.9 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://95.216.167.9/wp-content/themes/gn/images/source/helpers/jquery.fancybox-buttons.css Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 95.216.167.9 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.167.216.95.clients.your-server.de Software nginx / Resource Hash 9affe5c517b86320fb70fb24812ccfbd9aa27f8078ff6024f9e58c0e2033d4ba Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 31 Jul 2019 10:28:41 GMT Content-Encoding gzip Last-Modified Thu, 29 Jun 2017 19:37:52 GMT Server nginx ETag W/"996-5531e6fb7e400" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	jquery.fancybox-buttons.js Show response 95.216.167.9/wp-content/themes/gn/images/source/helpers/	3 KB 1 KB	426ms 54ms	Script application/javascript	95.216.167.9 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://95.216.167.9/wp-content/themes/gn/images/source/helpers/jquery.fancybox-buttons.js Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 95.216.167.9 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.167.216.95.clients.your-server.de Software nginx / Resource Hash e5039e2221ad6b206c213c77be0b4e477234a47dddd4c39327edabb58f11339a Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 31 Jul 2019 10:28:41 GMT Content-Encoding gzip Last-Modified Thu, 29 Jun 2017 19:37:52 GMT Server nginx ETag W/"be2-5531e6fb7e400" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	jquery.fancybox-media.js Show response 95.216.167.9/wp-content/themes/gn/images/source/helpers/	5 KB 2 KB	481ms 53ms	Script application/javascript	95.216.167.9 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://95.216.167.9/wp-content/themes/gn/images/source/helpers/jquery.fancybox-media.js Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 95.216.167.9 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.167.216.95.clients.your-server.de Software nginx / Resource Hash 350116180d1380c4d6a892badb35ac9e41fa80d165e822a43264ef52dda640ce Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 31 Jul 2019 10:28:42 GMT Content-Encoding gzip Last-Modified Thu, 29 Jun 2017 19:37:52 GMT Server nginx ETag W/"1502-5531e6fb7e400" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	jquery.fancybox-thumbs.css 95.216.167.9/wp-content/themes/gn/images/source/helpers/	735 B 584 B	264ms 52ms	Stylesheet text/css	95.216.167.9 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://95.216.167.9/wp-content/themes/gn/images/source/helpers/jquery.fancybox-thumbs.css Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 95.216.167.9 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.167.216.95.clients.your-server.de Software nginx / Resource Hash d836d81acb5d5e712c55c4f7911d93513fe1d7d0336353085aa5bd0f36b6998c Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 31 Jul 2019 10:28:41 GMT Content-Encoding gzip Last-Modified Thu, 29 Jun 2017 19:37:52 GMT Server nginx ETag W/"2df-5531e6fb7e400" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	jquery.fancybox-thumbs.js Show response 95.216.167.9/wp-content/themes/gn/images/source/helpers/	4 KB 2 KB	537ms 53ms	Script application/javascript	95.216.167.9 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://95.216.167.9/wp-content/themes/gn/images/source/helpers/jquery.fancybox-thumbs.js Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 95.216.167.9 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.167.216.95.clients.your-server.de Software nginx / Resource Hash f51a418aede1e4e22f87a247f4847d94eb87f9f92197ef73284924b5d39dee16 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 31 Jul 2019 10:28:42 GMT Content-Encoding gzip Last-Modified Thu, 29 Jun 2017 19:37:52 GMT Server nginx ETag W/"f38-5531e6fb7e400" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET		xarvest-check.jpg.pagespeed.ic.vNfhYRvYGj.jpg banksonlinelogin.com/wp-content/uploads/	0 0
GET H/1.1	200 OK	Liberty-Check-300x200.jpg ulumgroup.com/wp-content/uploads/2019/04/	10 KB 10 KB	4570ms 179ms	Image image/jpeg	198.54.121.142 Namecheap
General Check archive.org Show headers Download Go to Show image Full URL http://ulumgroup.com/wp-content/uploads/2019/04/Liberty-Check-300x200.jpg Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 198.54.121.142 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS premium67-3.web-hosting.com Software Apache / W3 Total Cache/0.9.7.5 Resource Hash 6a2c1f5fb7f66c4f5ca753f32c323c920d60c8ac0844500a76140f9e171e0ebd Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma public Date Wed, 31 Jul 2019 10:28:46 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Wed, 17 Apr 2019 15:43:23 GMT Server Apache X-Powered-By W3 Total Cache/0.9.7.5 Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 10097 ETag "2771-586bbbee292da" Expires Thu, 30 Jul 2020 10:28:46 GMT
GET H/1.1	200 OK	HSBC-Sample-check-300x200.jpg ulumgroup.com/wp-content/uploads/2019/04/	9 KB 9 KB	3575ms 176ms	Image image/jpeg	198.54.121.142 Namecheap
General Check archive.org Show headers Download Go to Show image Full URL http://ulumgroup.com/wp-content/uploads/2019/04/HSBC-Sample-check-300x200.jpg Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 198.54.121.142 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS premium67-3.web-hosting.com Software Apache / W3 Total Cache/0.9.7.5 Resource Hash 74489f52ef7781aa554acd81873491fde042c1bdfbae1e8d56816a478a734672 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma public Date Wed, 31 Jul 2019 10:28:46 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Sun, 14 Apr 2019 21:47:24 GMT Server Apache X-Powered-By W3 Total Cache/0.9.7.5 Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 9101 ETag "238d-586847b3ac856" Expires Thu, 30 Jul 2020 10:28:46 GMT
GET H/1.1	200 OK	Comerica-Web-Banking-Login-300x200.png ulumgroup.com/wp-content/uploads/2019/03/	13 KB 13 KB	3754ms 179ms	Image image/png	198.54.121.142 Namecheap
General Check archive.org Show headers Download Go to Show image Full URL http://ulumgroup.com/wp-content/uploads/2019/03/Comerica-Web-Banking-Login-300x200.png Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 198.54.121.142 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS premium67-3.web-hosting.com Software Apache / W3 Total Cache/0.9.7.5 Resource Hash d0c58e0033af3165e14f0928b5cb004e98e7ec02376a72f926a00016814dd153 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma public Date Wed, 31 Jul 2019 10:28:46 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Sat, 30 Mar 2019 19:04:41 GMT Server Apache X-Powered-By W3 Total Cache/0.9.7.5 Vary Accept-Encoding Content-Type image/png Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 13016 ETag "32d8-5855475a6a5fb" Expires Thu, 30 Jul 2020 10:28:46 GMT
GET H2	200	016087947_1-878ad3dacda24f74f69ae0e137a6860c.png s2.studylib.net/store/data/	103 KB 103 KB	35ms 13ms	Image image/png	2606:4700:30::6818:7cbc Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://s2.studylib.net/store/data/016087947_1-878ad3dacda24f74f69ae0e137a6860c.png Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:7cbc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 719e98c67ac72a550f76485780742f09b06ebb43ad59951a7dbe9e743f735d26 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 31 Jul 2019 10:28:42 GMT cf-cache-status HIT server cloudflare age 85388 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=2592000 accept-ranges bytes cf-ray 4feee3176be3dfd7-FRA link <https://studylib.net/doc/016087947>; rel="canonical" content-length 105360 expires Fri, 30 Aug 2019 10:28:42 GMT
GET H/1.1	200 OK	routing-number.png www.ekopamag.com/wp-content/uploads/2018/06/	4 KB 4 KB	1310ms 144ms	Image image/png	192.185.14.219 Unified Layer
General Check archive.org Show headers Download Go to Show image Full URL http://www.ekopamag.com/wp-content/uploads/2018/06/routing-number.png Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 192.185.14.219 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS ns8264.websitewelcome.com Software Apache / Resource Hash 9584cf800630d6862549a0bbf1a550c4cd0acac3a6f3182c977f0d48b2315d7e Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 31 Jul 2019 10:28:44 GMT Last-Modified Tue, 12 Jun 2018 03:08:22 GMT Server Apache Upgrade h2,h2c Cache-Control public Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5, max=75 Content-Length 3652 Expires Thu, 30 Jul 2020 10:28:44 GMT
GET		comerica-bank-routing-number-on-checks-300x147.png usaroutingnumber.com/wp-content/uploads/2018/03/	0 0
GET H/1.1	200 OK	IBC-check-International-Bank-of-Commerce-300x200.jpg ulumgroup.com/wp-content/uploads/2019/04/	12 KB 13 KB	3932ms 176ms	Image image/jpeg	198.54.121.142 Namecheap
General Check archive.org Show headers Download Go to Show image Full URL http://ulumgroup.com/wp-content/uploads/2019/04/IBC-check-International-Bank-of-Commerce-300x200.jpg Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 198.54.121.142 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS premium67-3.web-hosting.com Software Apache / W3 Total Cache/0.9.7.5 Resource Hash 8dd5f5084454b17fc73b925cedf350b93f7fe33479d91d510099225660c988b8 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma public Date Wed, 31 Jul 2019 10:28:46 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Mon, 08 Apr 2019 18:41:39 GMT Server Apache X-Powered-By W3 Total Cache/0.9.7.5 Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 12735 ETag "31bf-586092fdd7355" Expires Thu, 30 Jul 2020 10:28:46 GMT
GET		Comercia-Bank-Routing-Number-on-Check-400x215.png howtobankonline.org/wp-content/uploads/	0 0
GET H/1.1	200 OK	Apple-Bank-Personal-check.jpg ulumgroup.com/wp-content/uploads/2018/07/	201 KB 201 KB	4118ms 186ms	Image image/jpeg	198.54.121.142 Namecheap
General Check archive.org Show headers Download Go to Show image Full URL http://ulumgroup.com/wp-content/uploads/2018/07/Apple-Bank-Personal-check.jpg Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 198.54.121.142 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS premium67-3.web-hosting.com Software Apache / W3 Total Cache/0.9.7.5 Resource Hash 5afcf06606923e76f10164d3c7789ad3a9ad3c4e2ae730e8d4c413f7930325a9 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma public Date Wed, 31 Jul 2019 10:28:46 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Sat, 14 Jul 2018 22:45:33 GMT Server Apache X-Powered-By W3 Total Cache/0.9.7.5 Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=31536000, public Accept-Ranges bytes Content-Length 205343 ETag "3221f-570fd5a9f9d40" Expires Thu, 30 Jul 2020 10:28:46 GMT
GET		comerica-enroll-341x300.png online-banking.org/wp-content/uploads/	0 0
GET H2	403	infographic_aba_routing.gif bank-code.net/resources/images/	0 0	64ms 19ms	Image text/html	2606:4700:20::6819:2a65 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://bank-code.net/resources/images/infographic_aba_routing.gif Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:2a65 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H/1.1	200 OK	routing-number-icon-150x150.png www.onlinebankdirectory.com/wp-content/uploads/2017/04/	13 KB 14 KB	1760ms 120ms	Image image/png	146.66.64.218 SingleHop LLC
General Check archive.org Show headers Download Go to Show image Full URL http://www.onlinebankdirectory.com/wp-content/uploads/2017/04/routing-number-icon-150x150.png Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 146.66.64.218 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US), Reverse DNS ip-146-66-64-218.siteground.com Software nginx / Resource Hash a701b3814189c1ae717266b38752a408b6a2f27d3293986ce4cf5102cf6e1b80 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 31 Jul 2019 10:28:44 GMT Last-Modified Thu, 27 Apr 2017 12:29:40 GMT Server nginx ETag "350b-54e251c5a7500" Content-Type image/png Accept-Ranges bytes Connection keep-alive Host-Header b7440e60b07ee7b8044761568fab26e8 Content-Length 13579
GET		Comerica-Bank.jpg listofbank.com/wp-content/uploads/2019/03/	0 0
GET		Comerica-Enroll-in-Online-Banking-1024x600.jpg howtobankonline.org/wp-content/uploads/	0 0
GET H2	200	images encrypted-tbn0.gstatic.com/	6 KB 7 KB	41ms 14ms	Image image/jpeg	2a00:1450:4001:824::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRmNv-CeFEasZIoGdPpjKGk1hgzk6u_ME0Lnd1MkmMJQIeBMX8r Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash cd43edfcd3e2a2d43d6ea61ecc261532ad82770b57abaafb1a69fc682a11336a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 31 Jul 2019 10:28:42 GMT x-content-type-options nosniff last-modified Sat, 03 Nov 2018 07:19:21 GMT server sffe access-control-allow-origin * content-type image/jpeg status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 6482 x-xss-protection 0 expires Thu, 30 Jul 2020 10:28:42 GMT
GET H/1.1	200 OK	secure-icon.png 95.216.167.9/wp-content/themes/gn/images/	18 KB 18 KB	53ms 52ms	Image image/png	95.216.167.9 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://95.216.167.9/wp-content/themes/gn/images/secure-icon.png Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol HTTP/1.1 Security , , Server 95.216.167.9 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.167.216.95.clients.your-server.de Software nginx / Resource Hash 590f387b0eb98f9507c0697fc62872b8f4047201e2daa1c4dd3169fdc5614d43 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 31 Jul 2019 10:28:42 GMT Last-Modified Thu, 30 Mar 2017 01:57:44 GMT Server nginx ETag "4614-54be904d3b600" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 17940
GET		js15_as.js s10.histats.com/	0 0
GET H2	200	images encrypted-tbn0.gstatic.com/	7 KB 7 KB	13ms 13ms	Image image/png	2a00:1450:4001:824::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcS_DJP4oklz9zFUZxZb3bBxiL2CIV0-hZRZDzi4IqcDRx5DZVcc Requested by Host: 2.wcfgt.vier-pfoten-liebe.de URL: http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 5968e9cf52b3c9bdbb74166462fc1ee1d3724487da53db2fed04dcff5bed7af3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://2.wcfgt.vier-pfoten-liebe.de/kter/comerica-wiring-instructions.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 31 Jul 2019 10:28:42 GMT x-content-type-options nosniff last-modified Thu, 21 Sep 2017 02:05:06 GMT server sffe access-control-allow-origin * content-type image/png status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 7091 x-xss-protection 0 expires Thu, 30 Jul 2020 10:28:42 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

banksonlinelogin.com

URL

https://banksonlinelogin.com/wp-content/uploads/xarvest-check.jpg.pagespeed.ic.vNfhYRvYGj.jpg

Domain

usaroutingnumber.com

URL

https://usaroutingnumber.com/wp-content/uploads/2018/03/comerica-bank-routing-number-on-checks-300x147.png

Domain

howtobankonline.org

URL

https://howtobankonline.org/wp-content/uploads/Comercia-Bank-Routing-Number-on-Check-400x215.png

Domain

online-banking.org

URL

http://online-banking.org/wp-content/uploads/comerica-enroll-341x300.png

Domain

listofbank.com

URL

http://listofbank.com/wp-content/uploads/2019/03/Comerica-Bank.jpg

Domain

howtobankonline.org

URL

https://howtobankonline.org/wp-content/uploads/Comerica-Enroll-in-Online-Banking-1024x600.jpg

Domain

s10.histats.com

URL

http://s10.histats.com/js15_as.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Banking (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| _Hasync

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.wcfgt.vier-pfoten-liebe.de
ajax.googleapis.com
bank-code.net
banksonlinelogin.com
encrypted-tbn0.gstatic.com
howtobankonline.org
listofbank.com
maxcdn.bootstrapcdn.com
online-banking.org
s10.histats.com
s2.studylib.net
ulumgroup.com
usaroutingnumber.com
www.ekopamag.com
www.onlinebankdirectory.com
banksonlinelogin.com
howtobankonline.org
listofbank.com
online-banking.org
s10.histats.com
usaroutingnumber.com
146.66.64.218
192.185.14.219
198.54.121.142
209.197.3.15
2606:4700:20::6819:2a65
2606:4700:30::6818:7cbc
2a00:1450:4001:809::200a
2a00:1450:4001:824::200e
95.216.167.9
3262d61214c051fd1ddc466741e89970ef1755f2044de8ba9d6821a7adfa8841
33675f4a8b0e98d8cac9af2b3cd9374abd17070a24de91ee5c4035754c9127f5
350116180d1380c4d6a892badb35ac9e41fa80d165e822a43264ef52dda640ce
4061a6bf450b191766e7a68fea9534133ce8c086ae13bd5f78c0a5fb302124b4
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5512f400cac3fbb1fdfbb02989ed098f88a2af5a6e4ba3d88a039bc421ea7ffe
590f387b0eb98f9507c0697fc62872b8f4047201e2daa1c4dd3169fdc5614d43
5968e9cf52b3c9bdbb74166462fc1ee1d3724487da53db2fed04dcff5bed7af3
5afcf06606923e76f10164d3c7789ad3a9ad3c4e2ae730e8d4c413f7930325a9
6a2c1f5fb7f66c4f5ca753f32c323c920d60c8ac0844500a76140f9e171e0ebd
719e98c67ac72a550f76485780742f09b06ebb43ad59951a7dbe9e743f735d26
74489f52ef7781aa554acd81873491fde042c1bdfbae1e8d56816a478a734672
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8dd5f5084454b17fc73b925cedf350b93f7fe33479d91d510099225660c988b8
9293004ffea27d33c649adfb86cc7a14bffebd27eb61e65be86f93457ba576a0
9584cf800630d6862549a0bbf1a550c4cd0acac3a6f3182c977f0d48b2315d7e
9affe5c517b86320fb70fb24812ccfbd9aa27f8078ff6024f9e58c0e2033d4ba
a701b3814189c1ae717266b38752a408b6a2f27d3293986ce4cf5102cf6e1b80
cd43edfcd3e2a2d43d6ea61ecc261532ad82770b57abaafb1a69fc682a11336a
d0c58e0033af3165e14f0928b5cb004e98e7ec02376a72f926a00016814dd153
d836d81acb5d5e712c55c4f7911d93513fe1d7d0336353085aa5bd0f36b6998c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5039e2221ad6b206c213c77be0b4e477234a47dddd4c39327edabb58f11339a
f51a418aede1e4e22f87a247f4847d94eb87f9f92197ef73284924b5d39dee16
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c