repository.regione.veneto.it Open in urlscan Pro
89.17.160.90 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ftp.cnc.fr/DK-B
Effective URL:
https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?=
Submission: On February 28 via automatic, source phishtank (February 28th 2022, 11:08:00 pm UTC) — Scanned from FR

Summary HTTP 11 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 89.17.160.90, located in Resana, Italy and belongs to ASN-RVE National AS, IT. The main domain is repository.regione.veneto.it.
TLS certificate: Issued by Actalis Domain Validation Server CA G3 on August 28th 2020. Valid for: 2 years.

This is the only time repository.regione.veneto.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DKB (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 2	185.113.40.118 185.113.40.118	12601 (CEGEDIM) (CEGEDIM)
6	89.17.160.90 89.17.160.90	41651 (ASN-RVE N...) (ASN-RVE National AS)
11	3

2 185.113.40.118 (France) 1 redirects

ASN12601 (CEGEDIM, FR)
PTR: ip-185-113-40-118.infra.cegedim.org

ftp.cnc.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 89.17.160.90 (Resana, Italy)

ASN41651 (ASN-RVE National AS, IT)
PTR: h-090.c-160.17-89.regione.veneto.it

repository.regione.veneto.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	regione.veneto.it repository.regione.veneto.it	1 MB
2	cnc.fr 1 redirects ftp.cnc.fr	717 B
0	Failed function sub() { [native code] }. Failed
11	3

	Domain	Requested by
6	repository.regione.veneto.it	repository.regione.veneto.it
2	ftp.cnc.fr	1 redirects
0	Failed	repository.regione.veneto.it
11	3

This site contains links to these domains. Also see Links.

Domain
finanzwissen.dkb.de
www.facebook.com
www.instagram.com
www.twitter.com
www.youtube.com
www.linkedin.com
www.xing.com
www.das-kann-bank.de
treuhand.dkb.de
fragen.dkb.de

Subject Issuer	Validity	Valid
*.cnc.fr Sectigo RSA Organization Validation Secure Server CA	`2021-09-16` - `2022-09-16`	a year	crt.sh
*.regione.veneto.it Actalis Domain Validation Server CA G3	`2020-08-28` - `2022-08-28`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?=
Frame ID: 252B7D493505617410D4EA92FE87D2E1
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DKB - Deutsche Kreditbank AG - Internet Banking

Page URL History Show full URLs

https://ftp.cnc.fr/DK-B HTTP 301
http://ftp.cnc.fr/DK-B/ HTTP 307
https://ftp.cnc.fr/DK-B/ Page URL
https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?= Page URL

Page Statistics

11
Requests

64 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1208 kB
Transfer

1227 kB
Size

4
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://finanzwissen.dkb.de/
Title: Finanzwissen

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Deutsche.Kreditbank
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dkb.de/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.twitter.com/dkb_de
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/DeutscheKreditbankAG
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dkb
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.xing.com/companies/deutschekreditbankag
Title: Xing

Search URL Search Domain Scan URL

URL: https://www.das-kann-bank.de/
Title: Das kann Bank

Search URL Search Domain Scan URL

URL: https://treuhand.dkb.de/thk/?referer=vwpf
Title: Verwalterplattform

Search URL Search Domain Scan URL

URL: https://treuhand.dkb.de/thk/?referer=thpf
Title: Treuhänderplattform

Search URL Search Domain Scan URL

URL: https://fragen.dkb.de/
Title: Fragen & Antworten

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ftp.cnc.fr/DK-B HTTP 301
http://ftp.cnc.fr/DK-B/ HTTP 307
https://ftp.cnc.fr/DK-B/ Page URL
https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://ftp.cnc.fr/DK-B HTTP 301
http://ftp.cnc.fr/DK-B/ HTTP 307
https://ftp.cnc.fr/DK-B/

11 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
ftp.cnc.fr/DK-B/
Redirect Chain

https://ftp.cnc.fr/DK-B?
http://ftp.cnc.fr/DK-B/?
https://ftp.cnc.fr/DK-B/?

193 B
461 B

19ms
19ms

Document
text/html

185.113.40.118
CEGEDIM

General

Check archive.org

Show headers Download Go to

Full URL

https://ftp.cnc.fr/DK-B/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.113.40.118 , France, ASN12601 (CEGEDIM, FR),

Reverse DNS

ip-185-113-40-118.infra.cegedim.org

Software

Resource Hash

c36959a2e2ce728424e61ed5316e2e23a1e71f156122d990f998901ab392b6f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

Date: Mon, 28 Feb 2022 23:07:54 GMT
Last-Modified: Mon, 28 Feb 2022 07:24:00 GMT
Accept-Ranges: bytes
Content-Length: 193
X-Cnection: close
Content-Type: text/html; charset=UTF-8
Strict-Transport-Security: max-age=31536000; includeSubDomains

Redirect headers

Location: https://ftp.cnc.fr/DK-B/?
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK Primary Request / Show response
repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/ 132 KB
132 KB 424ms
302ms Document
text/html 89.17.160.90
ASN-RVE National AS

General

Check archive.org

Show headers Download Go to

Full URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 89.17.160.90 Resana, Italy, ASN41651 (ASN-RVE National AS, IT),
Reverse DNS: h-090.c-160.17-89.regione.veneto.it
Software: Apache/2.2.15 (Red Hat) / PHP/5.4.45
Resource Hash: aa723d6abbb729d134eb2a7a72e3fa0964025b59e51951a044b189d06cab47c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://ftp.cnc.fr/

Response headers

Date: Mon, 28 Feb 2022 23:07:54 GMT
Server: Apache/2.2.15 (Red Hat)
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=15, max=1000
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK dkb-global.css
repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/blling_files/ 235 KB
236 KB 339ms
268ms Stylesheet
text/css 89.17.160.90
ASN-RVE National AS

General

Check archive.org

Show headers Download Go to

Full URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/blling_files/dkb-global.css
Requested by: Host: repository.regione.veneto.it
URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 89.17.160.90 Resana, Italy, ASN41651 (ASN-RVE National AS, IT),
Reverse DNS: h-090.c-160.17-89.regione.veneto.it
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: db6eb1b520d71a9abc8ea2e8fd5f4bc76ea3bcfcff7d8344ce6ccd2b2b7a6cf0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 23:07:55 GMT
Last-Modified: Sat, 25 Dec 2021 13:48:00 GMT
Server: Apache/2.2.15 (Red Hat)
ETag: "b8175c-3acec-5d3f8b83e6400"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=999
Content-Length: 240876

GET
H/1.1 200
OK dkb_responsive.min.css
repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/blling_files/ 620 KB
621 KB 393ms
313ms Stylesheet
text/css 89.17.160.90
ASN-RVE National AS

General

Check archive.org

Show headers Download Go to

Full URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/blling_files/dkb_responsive.min.css
Requested by: Host: repository.regione.veneto.it
URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 89.17.160.90 Resana, Italy, ASN41651 (ASN-RVE National AS, IT),
Reverse DNS: h-090.c-160.17-89.regione.veneto.it
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 38af949586d620cd21ff714742fb9eca95bcd2d70a22a3c1d9b35b75820020c6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 23:07:55 GMT
Last-Modified: Sat, 25 Dec 2021 13:48:00 GMT
Server: Apache/2.2.15 (Red Hat)
ETag: "b8175d-9b1fb-5d3f8b83e6400"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=1000
Content-Length: 635387

GET
H/1.1 200
OK dkb-global-print.css
repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/blling_files/ 219 KB
219 KB 240ms
240ms Stylesheet
text/css 89.17.160.90
ASN-RVE National AS

General

Check archive.org

Show headers Download Go to

Full URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/blling_files/dkb-global-print.css
Requested by: Host: repository.regione.veneto.it
URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 89.17.160.90 Resana, Italy, ASN41651 (ASN-RVE National AS, IT),
Reverse DNS: h-090.c-160.17-89.regione.veneto.it
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 3a9d6df8559323a7136024192cabaa9b231e9ae5dafae839573430e9edba9113

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 23:07:55 GMT
Last-Modified: Sat, 25 Dec 2021 13:48:00 GMT
Server: Apache/2.2.15 (Red Hat)
ETag: "b8175b-36ba9-5d3f8b83e6400"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=998
Content-Length: 224169

GET ruxitagentjs_ICA2SVfhjqrux_10191200518082328.js.t%C3%A9l%C3%A9chargement
/C:/Users/R/Desktop/photo%20mama/desko040221/DKB/DKB%20-%20Deutsche%20Kreditbank%20AG%20%20billing-%20Internet%20Banking_files/ 0
0

GET
H/1.1 404
NOT FOUND axios.js.t%C3%A9l%C3%A9chargement
repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/blling_files/ 0
0 295ms
286ms Script
text/html 89.17.160.90
ASN-RVE National AS

General

Check archive.org

Show headers Download Go to

Full URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/blling_files/axios.js.t%C3%A9l%C3%A9chargement
Requested by: Host: repository.regione.veneto.it
URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 89.17.160.90 Resana, Italy, ASN41651 (ASN-RVE National AS, IT),
Reverse DNS: h-090.c-160.17-89.regione.veneto.it
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

User-Agent: LBL-LoadBalancer/9.9
Connection: close
Content-length: 50391
Content-Type: text/html; charset=utf-8

GET product-global.js.t%C3%A9l%C3%A9chargement
/C:/Users/R/Desktop/photo%20mama/desko040221/DKB/DKB%20-%20Deutsche%20Kreditbank%20AG%20%20billing-%20Internet%20Banking_files/ 0
0

GET dkb-global.js.t%C3%A9l%C3%A9chargement
/C:/Users/R/Desktop/photo%20mama/desko040221/DKB/DKB%20-%20Deutsche%20Kreditbank%20AG%20%20billing-%20Internet%20Banking_files/ 0
0

GET dynatrace-agent.js.t%C3%A9l%C3%A9chargement
/C:/Users/R/Desktop/photo%20mama/desko040221/DKB/DKB%20-%20Deutsche%20Kreditbank%20AG%20%20billing-%20Internet%20Banking_files/ 0
0

GET
H/1.1 404
NOT FOUND axios.js.t%C3%A9l%C3%A9chargement
repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/blling_files/ 0
0 232ms
232ms Script
text/html 89.17.160.90
ASN-RVE National AS

General

Check archive.org

Show headers Download Go to

Full URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/blling_files/axios.js.t%C3%A9l%C3%A9chargement
Requested by: Host: repository.regione.veneto.it
URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 89.17.160.90 Resana, Italy, ASN41651 (ASN-RVE National AS, IT),
Reverse DNS: h-090.c-160.17-89.regione.veneto.it
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

User-Agent: LBL-LoadBalancer/9.9
Connection: close
Content-length: 50391
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6095c4b2fc25c6534e68ddcbcd1fb58f2634036f75262042c215c74a9285bc79

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 719 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64d73ea98d63b2a71d243c364e4b13ac0ca1b9f49b032eae966e72afce3464e6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 475 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24483b4771b2128af4110c159a9dcb59d15557460f8ecbf0bd0805f0fad5816e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 773 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7da6bd0203d7f12ee4e9f8c44ac84b54260827f06b43fd719b2a22d3d355036

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72e1af139f74424d56589a3d06474355afb141c3bd72a38d141c19f851bbc2ca

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 667bbf61c002ca7a7cce5dea4adadbef097da7356f9f58c9d13281ecbb989745

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 691a8ec1c72b83e3101713f070cd278d31dc35964d8c47ea41485e6b3561b09d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 488 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e98e960d3fc57e26cc292b4e673fc28c65e49bbb68c91376fa488cc480564b5f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 139 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1218e67823005a9b52daf99e23ae0233439033029c39e6a69cf504eecd1ae155

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05fc7edd1ab3b4d7cf9fb6882848dc5502954b8bb779a8e42138236c02583686

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 846 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3192ba93cb31f7fecf507ab899b4279ced7d91716f9fd5e3b200410375a6cbf0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 202 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5588cc2abf03fafbbab54851b83c41c18856a2c2532d316693b4cf927224759

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 686 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b969bfdbb0496aa56664660247d76c9696b29a6e79a126c38acb9983e058ee9

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe73e87e02eadba5240358a4eeebeb334e6d8e7eaa9d024f41644241f3adaadd

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 856 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d75a13cddae198bbb040efae849b4daa89b3059e03d928714b074c37a4a8ecf7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 669 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a30c546ea7a8f0861fbe49a030bc0fcc707c7de128c265881d4010906d1e5fcb

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 864 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44916913841d34baa376b3b72911ed27f16629909ed5c4f1a59be98af036e8af

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 871 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54d31025c9536bf38b4f89d7fdc5261bb87dfe924d7445a7d56b43533c86e8cb

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c9524bad0ee009f3f9e6af79cf3363acbcd6a4f03eec2ca8c16ff794358d81d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5aa97ee206d9655910ece7996d461dc1cdf1550a4487a53d04815c5570bb78ae

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
URL: file:///C:/Users/R/Desktop/photo%20mama/desko040221/DKB/DKB%20-%20Deutsche%20Kreditbank%20AG%20%20billing-%20Internet%20Banking_files/ruxitagentjs_ICA2SVfhjqrux_10191200518082328.js.t%C3%A9l%C3%A9chargement

Domain
URL: file:///C:/Users/R/Desktop/photo%20mama/desko040221/DKB/DKB%20-%20Deutsche%20Kreditbank%20AG%20%20billing-%20Internet%20Banking_files/product-global.js.t%C3%A9l%C3%A9chargement

Domain
URL: file:///C:/Users/R/Desktop/photo%20mama/desko040221/DKB/DKB%20-%20Deutsche%20Kreditbank%20AG%20%20billing-%20Internet%20Banking_files/dkb-global.js.t%C3%A9l%C3%A9chargement

Domain
URL: file:///C:/Users/R/Desktop/photo%20mama/desko040221/DKB/DKB%20-%20Deutsche%20Kreditbank%20AG%20%20billing-%20Internet%20Banking_files/dynatrace-agent.js.t%C3%A9l%C3%A9chargement

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DKB (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
repository.regione.veneto.it/	1969-12-31 23:59:59	Name: PHPSESSID Value: c5m21u20faeru46pqe2qeo4be7
repository.regione.veneto.it/	1969-12-31 23:59:59	Name: REGIONEcookieID Value: OPLON-ADC1646089675026
repository.regione.veneto.it/	1969-12-31 23:59:59	Name: LBLSESSIONID Value: 1647204452647
repository.regione.veneto.it/	1970-01-20 01:16:16	Name: ALT_SERVER_ID Value: null

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?= Message: Not allowed to load local resource: file:///C:/Users/R/Desktop/photo%20mama/desko040221/DKB/DKB%20-%20Deutsche%20Kreditbank%20AG%20%20billing-%20Internet%20Banking_files/ruxitagentjs_ICA2SVfhjqrux_10191200518082328.js.t%C3%A9l%C3%A9chargement
network	error	URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/blling_files/axios.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 (NOT FOUND)
javascript	error	URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?= Message: Not allowed to load local resource: file:///C:/Users/R/Desktop/photo%20mama/desko040221/DKB/DKB%20-%20Deutsche%20Kreditbank%20AG%20%20billing-%20Internet%20Banking_files/product-global.js.t%C3%A9l%C3%A9chargement
javascript	error	URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?= Message: Not allowed to load local resource: file:///C:/Users/R/Desktop/photo%20mama/desko040221/DKB/DKB%20-%20Deutsche%20Kreditbank%20AG%20%20billing-%20Internet%20Banking_files/dkb-global.js.t%C3%A9l%C3%A9chargement
javascript	error	URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/?= Message: Not allowed to load local resource: file:///C:/Users/R/Desktop/photo%20mama/desko040221/DKB/DKB%20-%20Deutsche%20Kreditbank%20AG%20%20billing-%20Internet%20Banking_files/dynatrace-agent.js.t%C3%A9l%C3%A9chargement
network	error	URL: https://repository.regione.veneto.it/admin/www/Kunden-Gmbh/app/Tan2go/Home/blling_files/axios.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 (NOT FOUND)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.


ftp.cnc.fr
repository.regione.veneto.it

185.113.40.118
89.17.160.90
05fc7edd1ab3b4d7cf9fb6882848dc5502954b8bb779a8e42138236c02583686
0b969bfdbb0496aa56664660247d76c9696b29a6e79a126c38acb9983e058ee9
1218e67823005a9b52daf99e23ae0233439033029c39e6a69cf504eecd1ae155
1c9524bad0ee009f3f9e6af79cf3363acbcd6a4f03eec2ca8c16ff794358d81d
24483b4771b2128af4110c159a9dcb59d15557460f8ecbf0bd0805f0fad5816e
3192ba93cb31f7fecf507ab899b4279ced7d91716f9fd5e3b200410375a6cbf0
38af949586d620cd21ff714742fb9eca95bcd2d70a22a3c1d9b35b75820020c6
3a9d6df8559323a7136024192cabaa9b231e9ae5dafae839573430e9edba9113
44916913841d34baa376b3b72911ed27f16629909ed5c4f1a59be98af036e8af
54d31025c9536bf38b4f89d7fdc5261bb87dfe924d7445a7d56b43533c86e8cb
5aa97ee206d9655910ece7996d461dc1cdf1550a4487a53d04815c5570bb78ae
6095c4b2fc25c6534e68ddcbcd1fb58f2634036f75262042c215c74a9285bc79
64d73ea98d63b2a71d243c364e4b13ac0ca1b9f49b032eae966e72afce3464e6
667bbf61c002ca7a7cce5dea4adadbef097da7356f9f58c9d13281ecbb989745
691a8ec1c72b83e3101713f070cd278d31dc35964d8c47ea41485e6b3561b09d
72e1af139f74424d56589a3d06474355afb141c3bd72a38d141c19f851bbc2ca
a30c546ea7a8f0861fbe49a030bc0fcc707c7de128c265881d4010906d1e5fcb
aa723d6abbb729d134eb2a7a72e3fa0964025b59e51951a044b189d06cab47c9
b5588cc2abf03fafbbab54851b83c41c18856a2c2532d316693b4cf927224759
c36959a2e2ce728424e61ed5316e2e23a1e71f156122d990f998901ab392b6f9
d75a13cddae198bbb040efae849b4daa89b3059e03d928714b074c37a4a8ecf7
db6eb1b520d71a9abc8ea2e8fd5f4bc76ea3bcfcff7d8344ce6ccd2b2b7a6cf0
e7da6bd0203d7f12ee4e9f8c44ac84b54260827f06b43fd719b2a22d3d355036
e98e960d3fc57e26cc292b4e673fc28c65e49bbb68c91376fa488cc480564b5f
fe73e87e02eadba5240358a4eeebeb334e6d8e7eaa9d024f41644241f3adaadd

repository.regione.veneto.it Open in urlscan Pro 89.17.160.90 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

64 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

1208 kBTransfer

1227 kBSize

4 Cookies

11 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

repository.regione.veneto.it Open in urlscan Pro
89.17.160.90 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

64 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1208 kB
Transfer

1227 kB
Size

4
Cookies

11 HTTP transactions
20 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!