urlscan.io logo urlscan.io
SecurityTrails logo

landes-mtan.herokuapp.com Open in urlscan Pro
52.21.147.48  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://landes-mtan.herokuapp.com/
Effective URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Submission: On October 17 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 52.21.147.48, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is landes-mtan.herokuapp.com.
This is the only time landes-mtan.herokuapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Landesbank Berlin (Banking)

Domain & IP information

IP Address AS Autonomous System
5 52.21.147.48 14618 (AMAZON-AES)
1 16 142.93.108.123 14061 (DIGITALOC...)
2 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
21 3
Apex Domain
Subdomains		 Transfer
16 netlify.com
msdn-lbb-de.netlify.com
105 KB
5 herokuapp.com
landes-mtan.herokuapp.com
16 KB
3 pastebin.com
pastebin.com
830 B
21 3
Domain Requested by
16 msdn-lbb-de.netlify.com 1 redirects landes-mtan.herokuapp.com
5 landes-mtan.herokuapp.com landes-mtan.herokuapp.com
3 pastebin.com 2 redirects landes-mtan.herokuapp.com
21 3

This site contains no links.

Subject Issuer Validity Valid
*.netlify.com
AlphaSSL CA - SHA256 - G2		 2018-10-12 -
2020-12-24		 2 years crt.sh
ssl509085.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-10-05 -
2019-04-13		 6 months crt.sh

This page contains 1 frames:

Primary Page: http://landes-mtan.herokuapp.com/1200_LBB.html
Frame ID: 43BD5D862926A01AE92290AE38E925EE
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://landes-mtan.herokuapp.com/ Page URL
  2. http://landes-mtan.herokuapp.com/1200_LBB.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

21
Requests

76 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

121 kB
Transfer

250 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://landes-mtan.herokuapp.com/ Page URL
  2. http://landes-mtan.herokuapp.com/1200_LBB.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://msdn-lbb-de.netlify.com/js/jquery.min.js HTTP 301
  • https://msdn-lbb-de.netlify.com/js/jquery.min.js
Request Chain 3
  • http://msdn-lbb-de.netlify.com/css/lbb.css HTTP 307
  • https://msdn-lbb-de.netlify.com/css/lbb.css
Request Chain 4
  • http://msdn-lbb-de.netlify.com/img/Titellogo1.gif HTTP 307
  • https://msdn-lbb-de.netlify.com/img/Titellogo1.gif
Request Chain 5
  • http://msdn-lbb-de.netlify.com/img/LBB_login_links.gif HTTP 307
  • https://msdn-lbb-de.netlify.com/img/LBB_login_links.gif
Request Chain 6
  • http://msdn-lbb-de.netlify.com/img/metaarea.gif HTTP 307
  • https://msdn-lbb-de.netlify.com/img/metaarea.gif
Request Chain 7
  • http://msdn-lbb-de.netlify.com/img/Banklogo.gif HTTP 307
  • https://msdn-lbb-de.netlify.com/img/Banklogo.gif
Request Chain 8
  • http://msdn-lbb-de.netlify.com/img/LBB_login_rechts.gif HTTP 307
  • https://msdn-lbb-de.netlify.com/img/LBB_login_rechts.gif
Request Chain 9
  • http://msdn-lbb-de.netlify.com/js/jquery.min.js HTTP 307
  • https://msdn-lbb-de.netlify.com/js/jquery.min.js
Request Chain 10
  • http://msdn-lbb-de.netlify.com/js/jquery.creditCardValidator.js HTTP 307
  • https://msdn-lbb-de.netlify.com/js/jquery.creditCardValidator.js
Request Chain 11
  • http://msdn-lbb-de.netlify.com/js/jquery.mask.min.js HTTP 307
  • https://msdn-lbb-de.netlify.com/js/jquery.mask.min.js
Request Chain 12
  • http://msdn-lbb-de.netlify.com/js/spin.js HTTP 307
  • https://msdn-lbb-de.netlify.com/js/spin.js
Request Chain 15
  • http://pastebin.com/raw/LvaVEqnq HTTP 302
  • http://pastebin.com/LvaVEqnq HTTP 301
  • https://pastebin.com/LvaVEqnq

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
landes-mtan.herokuapp.com/ 		635 B
888 B 		Document
General
Check archive.org
Download Go to
Full URL
http://landes-mtan.herokuapp.com/
Protocol
HTTP/1.1
Server
52.21.147.48 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-21-147-48.compute-1.amazonaws.com
Software
Apache /
Resource Hash
22f05e18ba9927f1a60924ec6e03b303ea01beebe64f714660e99e99685a56ee

Request headers

Host
landes-mtan.herokuapp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 17 Oct 2018 14:21:10 GMT
Server
Apache
Last-Modified
Sat, 13 Oct 2018 02:01:50 GMT
Etag
"27b-57812964e1f80"
Accept-Ranges
bytes
Content-Length
635
Content-Type
text/html
Via
1.1 vegur
jquery.min.js
msdn-lbb-de.netlify.com/js/
Redirect Chain
  • http://msdn-lbb-de.netlify.com/js/jquery.min.js
  • https://msdn-lbb-de.netlify.com/js/jquery.min.js
85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msdn-lbb-de.netlify.com/js/jquery.min.js
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://landes-mtan.herokuapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1821793
date
Wed, 17 Oct 2018 14:21:10 GMT
content-encoding
gzip
server
Netlify
age
2
etag
"40d5f29aaf9987cd6cc2e647a2972a5e-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes

Redirect headers

X-NF-Request-ID
c2046391-1999-4983-b903-11699e3c0e0a-1821665
Date
Wed, 17 Oct 2018 14:21:10 GMT
Server
Netlify
Age
0
Content-Type
text/plain
Location
https://msdn-lbb-de.netlify.com/js/jquery.min.js
Cache-Control
public, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
64
js.cookie.min.js
landes-mtan.herokuapp.com/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://landes-mtan.herokuapp.com/assets/js/js.cookie.min.js
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/
Protocol
HTTP/1.1
Server
52.21.147.48 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-21-147-48.compute-1.amazonaws.com
Software
Apache /
Resource Hash
8b7fe7b684bccdc8719514b506dadf04a16effad37d64845505c0cfba3880e81

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
landes-mtan.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://landes-mtan.herokuapp.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://landes-mtan.herokuapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 17 Oct 2018 14:21:10 GMT
Via
1.1 vegur
Last-Modified
Sat, 13 Oct 2018 02:01:50 GMT
Server
Apache
Etag
"7e7-57812964e1f80"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2023
Primary Request 1200_LBB.html
landes-mtan.herokuapp.com/ 		10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://landes-mtan.herokuapp.com/1200_LBB.html
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/
Protocol
HTTP/1.1
Server
52.21.147.48 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-21-147-48.compute-1.amazonaws.com
Software
Apache /
Resource Hash
8acccfbcc0c2168ec9c5a58f3983f07549471e379ea9e3e9af63a6d278618194

Request headers

Host
landes-mtan.herokuapp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://landes-mtan.herokuapp.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://landes-mtan.herokuapp.com/

Response headers

Connection
keep-alive
Date
Wed, 17 Oct 2018 14:21:11 GMT
Server
Apache
Last-Modified
Sat, 13 Oct 2018 02:01:50 GMT
Etag
"2987-57812964e1f80"
Accept-Ranges
bytes
Content-Length
10631
Content-Type
text/html
Via
1.1 vegur
lbb.css
msdn-lbb-de.netlify.com/css/
Redirect Chain
  • http://msdn-lbb-de.netlify.com/css/lbb.css
  • https://msdn-lbb-de.netlify.com/css/lbb.css
8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://msdn-lbb-de.netlify.com/css/lbb.css
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
4b842affe29896a5f5b945a32191a795b5aaf47a694a05c471c4a25057a8e90b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1822233
date
Wed, 17 Oct 2018 14:21:11 GMT
content-encoding
gzip
server
Netlify
age
0
etag
"8ab4ac0d810b2eb34cf542337662c0dc-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes

Redirect headers

Location
https://msdn-lbb-de.netlify.com/css/lbb.css
Non-Authoritative-Reason
HSTS
Titellogo1.gif
msdn-lbb-de.netlify.com/img/
Redirect Chain
  • http://msdn-lbb-de.netlify.com/img/Titellogo1.gif
  • https://msdn-lbb-de.netlify.com/img/Titellogo1.gif
43 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msdn-lbb-de.netlify.com/img/Titellogo1.gif
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1822234
date
Wed, 17 Oct 2018 14:21:11 GMT
server
Netlify
age
0
etag
"647ed87664e564ec68421b7e58f7eb87-ssl"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
43

Redirect headers

Location
https://msdn-lbb-de.netlify.com/img/Titellogo1.gif
Non-Authoritative-Reason
HSTS
LBB_login_links.gif
msdn-lbb-de.netlify.com/img/
Redirect Chain
  • http://msdn-lbb-de.netlify.com/img/LBB_login_links.gif
  • https://msdn-lbb-de.netlify.com/img/LBB_login_links.gif
59 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msdn-lbb-de.netlify.com/img/LBB_login_links.gif
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
34e7d2a8a056c839bc78c85e05fb8f8a4989a94dd78697b6237ba15f749d0484
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1822235
date
Wed, 17 Oct 2018 14:21:11 GMT
server
Netlify
age
0
etag
"9c2be2689cf4958a8335958745f7d5f2-ssl"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
59

Redirect headers

Location
https://msdn-lbb-de.netlify.com/img/LBB_login_links.gif
Non-Authoritative-Reason
HSTS
metaarea.gif
msdn-lbb-de.netlify.com/img/
Redirect Chain
  • http://msdn-lbb-de.netlify.com/img/metaarea.gif
  • https://msdn-lbb-de.netlify.com/img/metaarea.gif
49 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msdn-lbb-de.netlify.com/img/metaarea.gif
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1822316
date
Wed, 17 Oct 2018 14:21:11 GMT
server
Netlify
age
0
etag
"6c2159777928184f26d0262612b1d9dc-ssl"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
49

Redirect headers

Location
https://msdn-lbb-de.netlify.com/img/metaarea.gif
Non-Authoritative-Reason
HSTS
Banklogo.gif
msdn-lbb-de.netlify.com/img/
Redirect Chain
  • http://msdn-lbb-de.netlify.com/img/Banklogo.gif
  • https://msdn-lbb-de.netlify.com/img/Banklogo.gif
43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msdn-lbb-de.netlify.com/img/Banklogo.gif
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1822352
date
Wed, 17 Oct 2018 14:21:11 GMT
server
Netlify
age
0
etag
"647ed87664e564ec68421b7e58f7eb87-ssl"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
43

Redirect headers

Location
https://msdn-lbb-de.netlify.com/img/Banklogo.gif
Non-Authoritative-Reason
HSTS
LBB_login_rechts.gif
msdn-lbb-de.netlify.com/img/
Redirect Chain
  • http://msdn-lbb-de.netlify.com/img/LBB_login_rechts.gif
  • https://msdn-lbb-de.netlify.com/img/LBB_login_rechts.gif
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msdn-lbb-de.netlify.com/img/LBB_login_rechts.gif
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
dba31482c5758be14143eec2611b9bf10a06d7c5563a653b3ae7c75711c1f246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1822355
date
Wed, 17 Oct 2018 14:21:11 GMT
server
Netlify
age
0
etag
"d57bfa9ec32951b4a7293c1af64cd7b4-ssl"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
10756

Redirect headers

Location
https://msdn-lbb-de.netlify.com/img/LBB_login_rechts.gif
Non-Authoritative-Reason
HSTS
jquery.min.js
msdn-lbb-de.netlify.com/js/
Redirect Chain
  • http://msdn-lbb-de.netlify.com/js/jquery.min.js
  • https://msdn-lbb-de.netlify.com/js/jquery.min.js
85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msdn-lbb-de.netlify.com/js/jquery.min.js
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1822236
date
Wed, 17 Oct 2018 14:21:10 GMT
content-encoding
gzip
server
Netlify
age
2
etag
"40d5f29aaf9987cd6cc2e647a2972a5e-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
30138

Redirect headers

Location
https://msdn-lbb-de.netlify.com/js/jquery.min.js
Non-Authoritative-Reason
HSTS
jquery.creditCardValidator.js
msdn-lbb-de.netlify.com/js/
Redirect Chain
  • http://msdn-lbb-de.netlify.com/js/jquery.creditCardValidator.js
  • https://msdn-lbb-de.netlify.com/js/jquery.creditCardValidator.js
10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msdn-lbb-de.netlify.com/js/jquery.creditCardValidator.js
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
2b7557682a283ba78e7db070625e49f99a78e6415b68cf0577de6c07a50008d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1822237
date
Wed, 17 Oct 2018 14:21:11 GMT
content-encoding
gzip
server
Netlify
age
0
etag
"72a04158a8cd940b36661b61827e4df8-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes

Redirect headers

Location
https://msdn-lbb-de.netlify.com/js/jquery.creditCardValidator.js
Non-Authoritative-Reason
HSTS
jquery.mask.min.js
msdn-lbb-de.netlify.com/js/
Redirect Chain
  • http://msdn-lbb-de.netlify.com/js/jquery.mask.min.js
  • https://msdn-lbb-de.netlify.com/js/jquery.mask.min.js
8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msdn-lbb-de.netlify.com/js/jquery.mask.min.js
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
7f81fd50565c42b28d0c131ee55dce21472cfe3ef3f5572e04f279b9898149d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1822238
date
Wed, 17 Oct 2018 14:21:11 GMT
content-encoding
gzip
server
Netlify
age
0
etag
"2d3e70b1e393f4026507bf6cd89247df-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
3353

Redirect headers

Location
https://msdn-lbb-de.netlify.com/js/jquery.mask.min.js
Non-Authoritative-Reason
HSTS
spin.js
msdn-lbb-de.netlify.com/js/
Redirect Chain
  • http://msdn-lbb-de.netlify.com/js/spin.js
  • https://msdn-lbb-de.netlify.com/js/spin.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msdn-lbb-de.netlify.com/js/spin.js
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
a6a67a3a5760af57c7718d2aa311c497ff1bbdf6481d4d2549b2d3e6835d1206
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1822247
date
Wed, 17 Oct 2018 14:21:11 GMT
content-encoding
gzip
server
Netlify
age
0
etag
"0bff12956150626412169cd8bd908833-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
2015

Redirect headers

Location
https://msdn-lbb-de.netlify.com/js/spin.js
Non-Authoritative-Reason
HSTS
js.cookie.min.js
landes-mtan.herokuapp.com/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://landes-mtan.herokuapp.com/assets/js/js.cookie.min.js
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
HTTP/1.1
Server
52.21.147.48 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-21-147-48.compute-1.amazonaws.com
Software
Apache /
Resource Hash
8b7fe7b684bccdc8719514b506dadf04a16effad37d64845505c0cfba3880e81

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
landes-mtan.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 17 Oct 2018 14:21:11 GMT
Via
1.1 vegur
Last-Modified
Sat, 13 Oct 2018 02:01:50 GMT
Server
Apache
Etag
"7e7-57812964e1f80"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2023
config.js
landes-mtan.herokuapp.com/assets/js/ 		193 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
http://landes-mtan.herokuapp.com/assets/js/config.js
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
HTTP/1.1
Server
52.21.147.48 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-21-147-48.compute-1.amazonaws.com
Software
Apache /
Resource Hash
1d519a6afc0f97ea9fd1b8b22edb11a5ce564a6b5f12cee07f75aa329183d751

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
landes-mtan.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 17 Oct 2018 14:21:11 GMT
Via
1.1 vegur
Last-Modified
Sat, 13 Oct 2018 02:01:50 GMT
Server
Apache
Etag
"c1-57812964e1f80"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
193
LvaVEqnq
pastebin.com/
Redirect Chain
  • http://pastebin.com/raw/LvaVEqnq
  • http://pastebin.com/LvaVEqnq
  • https://pastebin.com/LvaVEqnq
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/LvaVEqnq
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:10::6814:d015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://landes-mtan.herokuapp.com/1200_LBB.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type
text/html; charset=utf-8

Redirect headers

Date
Wed, 17 Oct 2018 14:21:11 GMT
Server
cloudflare
Transfer-Encoding
chunked
Content-Type
text/html
location
https://pastebin.com/LvaVEqnq
Connection
keep-alive
CF-RAY
46b36903d6febebc-FRA
X-XSS-Protection
1; mode=block
background.gif
msdn-lbb-de.netlify.com/img/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msdn-lbb-de.netlify.com/img/background.gif
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
c7808138a4b8a00e35e54c062201202e9e5523a2af47b5f3f480a89929279182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://msdn-lbb-de.netlify.com/css/lbb.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1822393
date
Wed, 17 Oct 2018 14:21:11 GMT
server
Netlify
age
0
etag
"d4a028c45fb2641c7d80d620cd95c35c-ssl"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
24406
link.gif
msdn-lbb-de.netlify.com/img/ 		67 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msdn-lbb-de.netlify.com/img/link.gif
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
f8ff5491f83963d4027ce74232bfabbcb7a089e5a8331282913ccb377d7a1186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://msdn-lbb-de.netlify.com/css/lbb.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1822394
date
Wed, 17 Oct 2018 14:21:11 GMT
server
Netlify
age
0
etag
"44facc80ed33c82eb394e853f8aa54c0-ssl"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
67
button.gif
msdn-lbb-de.netlify.com/img/ 		67 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msdn-lbb-de.netlify.com/img/button.gif
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
918eabacb055e7cf2ef8c1a2006f910874383910fb86b6457d26fece62d7aa65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://msdn-lbb-de.netlify.com/css/lbb.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1822395
date
Wed, 17 Oct 2018 14:21:11 GMT
server
Netlify
age
0
etag
"ebe752670fd8af59238b83bd86cb9793-ssl"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
67
meta.gif
msdn-lbb-de.netlify.com/img/ 		81 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msdn-lbb-de.netlify.com/img/meta.gif
Requested by
Host: landes-mtan.herokuapp.com
URL: http://landes-mtan.herokuapp.com/1200_LBB.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.108.123 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
b8db428a0d53deeaa8ff46ba403fb22afcb0e9ef754fafd1aee08957f58c856a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://msdn-lbb-de.netlify.com/css/lbb.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id
c2046391-1999-4983-b903-11699e3c0e0a-1822396
date
Wed, 17 Oct 2018 14:21:11 GMT
server
Netlify
age
0
etag
"7eb3f514224ae469416a132807cda816-ssl"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
81

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Landesbank Berlin (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| $jscomp function| Spinner function| Cookies string| loginChecker string| emailChecker

0 Cookies