urlscan.io logo urlscan.io
SecurityTrails logo

silke.simazac.de Open in urlscan Pro
2001:1520:a:78::  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://silke.simazac.de/.xx/D/manage/login.php
Submission: On September 30 via manual from ES — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 2001:1520:a:78::, located in Strasbourg, France and belongs to GD-EMEA-DC-SXB1, DE. The main domain is silke.simazac.de.
This is the only time silke.simazac.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixabank (Banking)

Domain & IP information

IP Address AS Autonomous System
13 2001:1520:a:78:: 8972 (GD-EMEA-D...)
13 1
Apex Domain
Subdomains		 Transfer
13 simazac.de
silke.simazac.de
348 KB
13 1
Domain Requested by
13 silke.simazac.de silke.simazac.de
13 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://silke.simazac.de/.xx/D/manage/login.php
Frame ID: 9C74CFF6B1EDD7184D4366A35A4E4F2D
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CaixaBank | banca digital CaixaBankNow

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

13
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

348 kB
Transfer

368 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
silke.simazac.de/.xx/D/manage/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://silke.simazac.de/.xx/D/manage/login.php
Protocol
HTTP/1.1
Server
2001:1520:a:78:: Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
c6b1dc122c9b3b1f6eb705588889070729998a605427a03458bfe705ea5f4c18

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Sep 2023 16:51:50 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache-Status
BYPASS
lo_postlogon.css
silke.simazac.de/.xx/D/manage/APPS/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://silke.simazac.de/.xx/D/manage/APPS/lo_postlogon.css
Requested by
Host: silke.simazac.de
URL: http://silke.simazac.de/.xx/D/manage/login.php
Protocol
HTTP/1.1
Server
2001:1520:a:78:: Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
764c2352c486106fae2a2f995f4f8acb1fd08210d1810f219276f282abafbb46

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://silke.simazac.de/.xx/D/manage/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Sat, 30 Sep 2023 16:51:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Sep 2020 19:19:42 GMT
Server
nginx
ETag
W/"2d67-5ae6da2598f80"
X-Cache-Status
BYPASS
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
logo_caixabank_40.png
silke.simazac.de/.xx/D/manage/APPS/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://silke.simazac.de/.xx/D/manage/APPS/logo_caixabank_40.png
Requested by
Host: silke.simazac.de
URL: http://silke.simazac.de/.xx/D/manage/login.php
Protocol
HTTP/1.1
Server
2001:1520:a:78:: Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
243e7d9077b620eb71838d4b489c0aa63b453912cfa2ca71b5f68a08c69959e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://silke.simazac.de/.xx/D/manage/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Sat, 30 Sep 2023 16:51:50 GMT
Last-Modified
Wed, 29 Jul 2020 15:13:42 GMT
Server
nginx
ETag
"f1f-5ab96004c5580"
X-Cache-Status
BYPASS
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3871
logo_caixabanknow_postlogon.svg
silke.simazac.de/.xx/D/manage/APPS/ 		17 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://silke.simazac.de/.xx/D/manage/APPS/logo_caixabanknow_postlogon.svg
Requested by
Host: silke.simazac.de
URL: http://silke.simazac.de/.xx/D/manage/login.php
Protocol
HTTP/1.1
Server
2001:1520:a:78:: Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
c415773700f762431df5906021fa4dc781add89e496394e999b265ff2a8ed66c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://silke.simazac.de/.xx/D/manage/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Sat, 30 Sep 2023 16:51:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Jul 2020 15:13:48 GMT
Server
nginx
ETag
W/"45b7-5ab9600a7e300"
X-Cache-Status
BYPASS
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
keep-alive
candado.png
silke.simazac.de/.xx/D/manage/APPS/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://silke.simazac.de/.xx/D/manage/APPS/candado.png
Requested by
Host: silke.simazac.de
URL: http://silke.simazac.de/.xx/D/manage/login.php
Protocol
HTTP/1.1
Server
2001:1520:a:78:: Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
9723a6d5f5ea669e43fd75e6af8770704573ebc065e148c13c78c334654f9007

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://silke.simazac.de/.xx/D/manage/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Sat, 30 Sep 2023 16:51:50 GMT
Last-Modified
Wed, 29 Jul 2020 15:13:54 GMT
Server
nginx
ETag
"6a2-5ab9601037080"
X-Cache-Status
BYPASS
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1698
rules.js
silke.simazac.de/.xx/D/manage/ 		562 B
621 B 		Script
General
Check archive.org
Download Go to
Full URL
http://silke.simazac.de/.xx/D/manage/rules.js
Requested by
Host: silke.simazac.de
URL: http://silke.simazac.de/.xx/D/manage/login.php
Protocol
HTTP/1.1
Server
2001:1520:a:78:: Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
be234dfe69c4d0d0c653ceba4c02529658a50cca64f851a0e3242eb90e885ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://silke.simazac.de/.xx/D/manage/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Sat, 30 Sep 2023 16:51:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Jul 2020 15:40:28 GMT
Server
nginx
ETag
W/"232-5ab966005f300"
X-Cache-Status
BYPASS
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
eloautp000002.jpg
silke.simazac.de/.xx/D/manage/APPS/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://silke.simazac.de/.xx/D/manage/APPS/eloautp000002.jpg
Requested by
Host: silke.simazac.de
URL: http://silke.simazac.de/.xx/D/manage/login.php
Protocol
HTTP/1.1
Server
2001:1520:a:78:: Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
bb963584a0e359f64bc1448936ddda6698847220293080eec8636ea37f7ced81

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://silke.simazac.de/.xx/D/manage/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Sat, 30 Sep 2023 16:51:50 GMT
Last-Modified
Wed, 29 Jul 2020 15:18:18 GMT
Server
nginx
ETag
"32b4-5ab9610bfc280"
X-Cache-Status
BYPASS
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12980
ico_world_simple.png
silke.simazac.de/.xx/D/manage/APPS/ 		577 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://silke.simazac.de/.xx/D/manage/APPS/ico_world_simple.png
Requested by
Host: silke.simazac.de
URL: http://silke.simazac.de/.xx/D/manage/APPS/lo_postlogon.css
Protocol
HTTP/1.1
Server
2001:1520:a:78:: Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
5ac009489ecf0eb04acecc023afe768a7d42e3f90eba65f46353dd2d8d2f6698

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://silke.simazac.de/.xx/D/manage/APPS/lo_postlogon.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Sat, 30 Sep 2023 16:51:50 GMT
Last-Modified
Wed, 29 Jul 2020 15:26:02 GMT
Server
nginx
ETag
"241-5ab962c67d680"
X-Cache-Status
BYPASS
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
577
OpenSans-Semibold-webfont.woff
silke.simazac.de/.xx/D/manage/fonts/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://silke.simazac.de/.xx/D/manage/fonts/OpenSans-Semibold-webfont.woff
Requested by
Host: silke.simazac.de
URL: http://silke.simazac.de/.xx/D/manage/APPS/lo_postlogon.css
Protocol
HTTP/1.1
Server
2001:1520:a:78:: Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
ab823b2f6201651b4f8d0fc7afa16f0808ff92a96bd5a73273239151bf0e10d0

Request headers

Referer
http://silke.simazac.de/.xx/D/manage/APPS/lo_postlogon.css
Origin
http://silke.simazac.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Sat, 30 Sep 2023 16:51:50 GMT
Last-Modified
Wed, 29 Jul 2020 15:24:48 GMT
Server
nginx
ETag
"180a0-5ab9627feb000"
X-Cache-Status
BYPASS
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
98464
ico_check.png
silke.simazac.de/.xx/D/manage/c-images/css-images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://silke.simazac.de/.xx/D/manage/c-images/css-images/ico_check.png
Requested by
Host: silke.simazac.de
URL: http://silke.simazac.de/.xx/D/manage/APPS/lo_postlogon.css
Protocol
HTTP/1.1
Server
2001:1520:a:78:: Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
1869d728833a0f8b5a4e8b89a904125b6272fe8ce35e7d6b08666d5a6dacb730

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://silke.simazac.de/.xx/D/manage/APPS/lo_postlogon.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Wed, 11 Jan 1984 05:00:00 GMT
Date
Sat, 30 Sep 2023 16:51:50 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Link
<http://silke.simazac.de/wp-json/>; rel="https://api.w.org/"
X-UA-Compatible
IE=edge
ico_teclado.png
silke.simazac.de/.xx/D/manage/c-images/css-images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://silke.simazac.de/.xx/D/manage/c-images/css-images/ico_teclado.png
Requested by
Host: silke.simazac.de
URL: http://silke.simazac.de/.xx/D/manage/APPS/lo_postlogon.css
Protocol
HTTP/1.1
Server
2001:1520:a:78:: Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
1869d728833a0f8b5a4e8b89a904125b6272fe8ce35e7d6b08666d5a6dacb730

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://silke.simazac.de/.xx/D/manage/APPS/lo_postlogon.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Wed, 11 Jan 1984 05:00:00 GMT
Date
Sat, 30 Sep 2023 16:51:50 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Link
<http://silke.simazac.de/wp-json/>; rel="https://api.w.org/"
X-UA-Compatible
IE=edge
OpenSans-Regular-webfont.woff
silke.simazac.de/.xx/D/manage/fonts/ 		94 KB
94 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://silke.simazac.de/.xx/D/manage/fonts/OpenSans-Regular-webfont.woff
Requested by
Host: silke.simazac.de
URL: http://silke.simazac.de/.xx/D/manage/APPS/lo_postlogon.css
Protocol
HTTP/1.1
Server
2001:1520:a:78:: Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
3c669add48bf3a45fa266a020fcaac2e6da0fc72d1dd95ba78ac9b77e0afba32

Request headers

Referer
http://silke.simazac.de/.xx/D/manage/APPS/lo_postlogon.css
Origin
http://silke.simazac.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Sat, 30 Sep 2023 16:51:50 GMT
Last-Modified
Wed, 29 Jul 2020 15:24:48 GMT
Server
nginx
ETag
"17774-5ab9627feb000"
X-Cache-Status
BYPASS
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96116
icon_tornartit.png
silke.simazac.de/.xx/D/manage/c-images/css-images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://silke.simazac.de/.xx/D/manage/c-images/css-images/icon_tornartit.png
Requested by
Host: silke.simazac.de
URL: http://silke.simazac.de/.xx/D/manage/APPS/lo_postlogon.css
Protocol
HTTP/1.1
Server
2001:1520:a:78:: Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
1869d728833a0f8b5a4e8b89a904125b6272fe8ce35e7d6b08666d5a6dacb730

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://silke.simazac.de/.xx/D/manage/APPS/lo_postlogon.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
Wed, 11 Jan 1984 05:00:00 GMT
Date
Sat, 30 Sep 2023 16:51:50 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Link
<http://silke.simazac.de/wp-json/>; rel="https://api.w.org/"
X-UA-Compatible
IE=edge

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixabank (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| vide1 function| addCode

1 Cookies

Domain/Path Name / Value
silke.simazac.de/ Name: PHPSESSID
Value: nuomcuss05vlkc530k93d2o5jq

3 Console Messages

Source Level URL
Text
network error URL: http://silke.simazac.de/.xx/D/manage/c-images/css-images/ico_teclado.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://silke.simazac.de/.xx/D/manage/c-images/css-images/ico_check.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://silke.simazac.de/.xx/D/manage/c-images/css-images/icon_tornartit.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)