www.frankfurter-volks.org Open in urlscan Pro
195.140.146.231  Malicious Activity! Public Scan

URL: http://www.frankfurter-volks.org/banking-private/entry
Submission: On May 05 via manual from DE — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 26 HTTP transactions. The main IP is 195.140.146.231, located in Russian Federation and belongs to THEFIRST-AS Moscow, Russia, RU. The main domain is www.frankfurter-volks.org.
This is the only time www.frankfurter-volks.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

IP Address AS Autonomous System
24 195.140.146.231 29182 (THEFIRST-...)
26 2
Apex Domain
Subdomains
Transfer
24 frankfurter-volks.org
www.frankfurter-volks.org
229 KB
26 1
Domain Requested by
24 www.frankfurter-volks.org www.frankfurter-volks.org
26 1

This site contains links to these domains. Also see Links.

Domain
www.geno-energie.de
www.vr.de
Subject Issuer Validity Valid

This page contains 1 frames:

Frame: http://www.frankfurter-volks.org/banking-private/entry
Frame ID: BA4A5C1F589C28777B63D65911C37248
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

eBanking Private Edition

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

229 kB
Transfer

447 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request entry
www.frankfurter-volks.org/banking-private/
22 KB
5 KB
Document
General
Full URL
http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 / PHP/5.4.16
Resource Hash
4c546dac51405a0b2d699bb596ce6b4b76248a14e82fbde89884abced225da43

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1000
Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 05 May 2022 10:37:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
nginx/1.16.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.4.16
ref
http://www.frankfurter-volks.org/banking-private/entry
user-uid
8dedf7fd0dddcacb6cae58f553993d90
xbf-styles.css
www.frankfurter-volks.org/images/de/fid2017/
140 KB
29 KB
Stylesheet
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/xbf-styles.css
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
285b633c4a7c49c342c4b79c784ede12868dedbd2e3d6c34e0af0038fbabcea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Mar 2018 15:07:18 GMT
Server
nginx/1.16.1
ETag
W/"5ab51826-22e82"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
close
Expires
Fri, 06 May 2022 10:37:47 GMT
navigationResponsive.css
www.frankfurter-volks.org/images/de/fid2017/
56 KB
11 KB
Stylesheet
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/navigationResponsive.css
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
7b028f21583e20e524fda7e7fe1bfce8e130e559ba67e19695d55cc9dedb820f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Mar 2018 15:07:22 GMT
Server
nginx/1.16.1
ETag
W/"5ab5182a-e192"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
close
Expires
Fri, 06 May 2022 10:37:47 GMT
indiv.css
www.frankfurter-volks.org/images/de/fid2017/
0
298 B
Stylesheet
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/indiv.css
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Last-Modified
Fri, 23 Mar 2018 15:07:16 GMT
Server
nginx/1.16.1
ETag
"5ab51824-0"
Content-Type
text/css
Cache-Control
max-age=86400
Connection
close
Accept-Ranges
bytes
Content-Length
0
Expires
Fri, 06 May 2022 10:37:47 GMT
jquery3.js.php
www.frankfurter-volks.org/js/
59 KB
21 KB
Script
General
Full URL
http://www.frankfurter-volks.org/js/jquery3.js.php
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 / PHP/5.4.16
Resource Hash
278c3a08182ae92baad64a89d41078403cba2ea85106074dde809945029a95ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
cache
Date
Thu, 05 May 2022 10:37:47 GMT
Content-Encoding
gzip
Server
nginx/1.16.1
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
cache
Transfer-Encoding
chunked
Connection
close
Expires
Sat, 04 Jun 2022 10:37:47 GMT
raduga.js
www.frankfurter-volks.org/js/
4 KB
2 KB
Script
General
Full URL
http://www.frankfurter-volks.org/js/raduga.js
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
36195cc0ee0b441afbd6867d0a951b7cb1a1ba8898f7f00525211cc583682cc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Sep 2019 06:05:20 GMT
Server
nginx/1.16.1
ETag
W/"5d6f5420-10e4"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
close
Expires
Fri, 06 May 2022 10:37:47 GMT
flash-detect.js
www.frankfurter-volks.org/js/
5 KB
2 KB
Script
General
Full URL
http://www.frankfurter-volks.org/js/flash-detect.js
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
19e82bbfb9026b14d48ba50b9b2cb9d51472ed958410309b9c247d07c1edb80f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Jul 2014 13:43:50 GMT
Server
nginx/1.16.1
ETag
W/"53d8f696-14d8"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
close
Expires
Fri, 06 May 2022 10:37:47 GMT
raduga_aj.js
www.frankfurter-volks.org/js/
2 KB
1 KB
Script
General
Full URL
http://www.frankfurter-volks.org/js/raduga_aj.js
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
3816f71a8c051aca65f445da8ea7670d802ce51523389a37bc72ae7098c19cf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Sep 2019 06:05:20 GMT
Server
nginx/1.16.1
ETag
W/"5d6f5420-985"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
close
Expires
Fri, 06 May 2022 10:37:47 GMT
logo.gif
www.frankfurter-volks.org/images/de/fid2017/
406 B
709 B
Image
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/logo.gif
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
dfa4e80c54d2ad9af502090da36268482e489be11961a32e3119d1e6a2ca89b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Last-Modified
Fri, 23 Mar 2018 15:07:14 GMT
Server
nginx/1.16.1
ETag
"5ab51822-196"
Content-Type
image/gif
Cache-Control
max-age=86400
Connection
close
Accept-Ranges
bytes
Content-Length
406
Expires
Fri, 06 May 2022 10:37:47 GMT
ebpe-hilfe.svg
www.frankfurter-volks.org/images/de/fid2017/
1 KB
2 KB
Image
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/ebpe-hilfe.svg
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
ea60d273322f59c986e428b879c2568c889b32fde6880ac1abb1390b687d588c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Last-Modified
Fri, 10 Feb 2017 09:50:12 GMT
Server
nginx/1.16.1
ETag
"589d8cd4-4e2"
Content-Type
image/svg+xml
Cache-Control
max-age=86400
Connection
close
Accept-Ranges
bytes
Content-Length
1250
Expires
Fri, 06 May 2022 10:37:47 GMT
xhtml-filler.gif
www.frankfurter-volks.org/images/de/fid2017/
43 B
344 B
Image
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/xhtml-filler.gif
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
33dcafb8470734f44deceefaeb93ca1f4a82f79f8b9a15c7b7176a10b7bde15b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Last-Modified
Fri, 10 Feb 2017 09:50:26 GMT
Server
nginx/1.16.1
ETag
"589d8ce2-2b"
Content-Type
image/gif
Cache-Control
max-age=86400
Connection
close
Accept-Ranges
bytes
Content-Length
43
Expires
Fri, 06 May 2022 10:37:47 GMT
ebpe-warnung.gif
www.frankfurter-volks.org/images/de/fid2017/
2 KB
2 KB
Image
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/ebpe-warnung.gif
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
b5e024ed968916f0f6d124e5359850ac2e8b37d0232e5221cd01a6f9a0ba8702

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Last-Modified
Fri, 10 Feb 2017 09:50:14 GMT
Server
nginx/1.16.1
ETag
"589d8cd6-671"
Content-Type
image/gif
Cache-Control
max-age=86400
Connection
close
Accept-Ranges
bytes
Content-Length
1649
Expires
Fri, 06 May 2022 10:37:47 GMT
captcha.jpeg
www.frankfurter-volks.org/images/de/fid2017/
2 KB
3 KB
Image
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/captcha.jpeg
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
d18902cdd760066d85f611832ea2ca6b6e628e2634483517f455b93027257a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Last-Modified
Fri, 10 Feb 2017 11:20:22 GMT
Server
nginx/1.16.1
ETag
"589da1f6-96b"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
close
Accept-Ranges
bytes
Content-Length
2411
Expires
Fri, 06 May 2022 10:37:47 GMT
ebpe-infolink.svg
www.frankfurter-volks.org/images/de/fid2017/
238 B
544 B
Image
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/ebpe-infolink.svg
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
ece0245da35fdd267a149939344cd40f8ef0ad634dfd4244b1beb10f512a1189

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Last-Modified
Fri, 10 Feb 2017 09:50:12 GMT
Server
nginx/1.16.1
ETag
"589d8cd4-ee"
Content-Type
image/svg+xml
Cache-Control
max-age=86400
Connection
close
Accept-Ranges
bytes
Content-Length
238
Expires
Fri, 06 May 2022 10:37:47 GMT
geno.jpg
www.frankfurter-volks.org/images/de/fid2017/
86 KB
86 KB
Image
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/geno.jpg
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
770044bcaca487db5b2916d6ac83080b542a04f13e8b0650b1fd98efc806cb29

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Last-Modified
Fri, 23 Mar 2018 14:33:54 GMT
Server
nginx/1.16.1
ETag
"5ab51052-15724"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
close
Accept-Ranges
bytes
Content-Length
87844
Expires
Fri, 06 May 2022 10:37:47 GMT
paydirekt.jpeg
www.frankfurter-volks.org/images/de/fid2017/
56 KB
56 KB
Image
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/paydirekt.jpeg
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
8bbbe7176a0187e0d005bf28f9e6ccffe1d76ccabf665b86333365a71032bee6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Last-Modified
Fri, 10 Feb 2017 09:50:18 GMT
Server
nginx/1.16.1
ETag
"589d8cda-de3f"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
close
Accept-Ranges
bytes
Content-Length
56895
Expires
Fri, 06 May 2022 10:37:47 GMT
printOutput.css
www.frankfurter-volks.org/images/de/fid2017/
9 KB
2 KB
Stylesheet
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/printOutput.css
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
aa7349ba19e8d25beb46c315a5693d3138552a570e81087b58ffbfbca55760b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Feb 2017 10:26:02 GMT
Server
nginx/1.16.1
ETag
W/"589d953a-2381"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
close
Expires
Fri, 06 May 2022 10:37:47 GMT
wallpaper-body.jpeg
www.frankfurter-volks.org/images/de/fid2017/
631 B
935 B
Image
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/wallpaper-body.jpeg
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Last-Modified
Fri, 10 Feb 2017 09:50:24 GMT
Server
nginx/1.16.1
ETag
"589d8ce0-277"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
close
Accept-Ranges
bytes
Content-Length
631
Expires
Fri, 06 May 2022 10:37:47 GMT
truncated
/
329 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a07e35a0a48199eb5cde940517b95ba921bb4a58e173dfea2468c5e4b5578897

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
text-security-disc.woff2
www.frankfurter-volks.org/images/font/
788 B
1001 B
Font
General
Full URL
http://www.frankfurter-volks.org/images/font/text-security-disc.woff2
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
db0672d6cf167ac07269f89270cc59659c32913cce98c0918176bd1b15e0b33c

Request headers

Referer
http://www.frankfurter-volks.org/banking-private/entry
Origin
http://www.frankfurter-volks.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:48 GMT
Last-Modified
Tue, 20 Oct 2020 19:12:35 GMT
Server
nginx/1.16.1
Connection
close
Accept-Ranges
bytes
ETag
"314-5b21f037b88f5"
Content-Length
788
crossnav-link.svg
www.frankfurter-volks.org/images/de/fid2017/
238 B
544 B
Image
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/crossnav-link.svg
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
ece0245da35fdd267a149939344cd40f8ef0ad634dfd4244b1beb10f512a1189

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Last-Modified
Fri, 10 Feb 2017 09:50:10 GMT
Server
nginx/1.16.1
ETag
"589d8cd2-ee"
Content-Type
image/svg+xml
Cache-Control
max-age=86400
Connection
close
Accept-Ranges
bytes
Content-Length
238
Expires
Fri, 06 May 2022 10:37:47 GMT
ebpe-addbullet.svg
www.frankfurter-volks.org/images/de/fid2017/
214 B
520 B
Image
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/ebpe-addbullet.svg
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
70eb0a3d7d9c22708311ffd89743aeac3d096ae6f8e5f9e7f3e4e75d12c9cd36

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Last-Modified
Fri, 10 Feb 2017 09:50:12 GMT
Server
nginx/1.16.1
ETag
"589d8cd4-d6"
Content-Type
image/svg+xml
Cache-Control
max-age=86400
Connection
close
Accept-Ranges
bytes
Content-Length
214
Expires
Fri, 06 May 2022 10:37:47 GMT
background-seitenanfang.svg
www.frankfurter-volks.org/images/de/fid2017/
239 B
545 B
Image
General
Full URL
http://www.frankfurter-volks.org/images/de/fid2017/background-seitenanfang.svg
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/banking-private/entry
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 /
Resource Hash
2ec1e6cb6e5f354b52a4bcdf81996588f9c331a7ee24dd9085cbdb86d1a582cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.frankfurter-volks.org/banking-private/entry
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:47 GMT
Last-Modified
Fri, 10 Feb 2017 09:50:10 GMT
Server
nginx/1.16.1
ETag
"589d8cd2-ef"
Content-Type
image/svg+xml
Cache-Control
max-age=86400
Connection
close
Accept-Ranges
bytes
Content-Length
239
Expires
Fri, 06 May 2022 10:37:47 GMT
/
www.frankfurter-volks.org/raduga/
50 B
652 B
XHR
General
Full URL
http://www.frankfurter-volks.org/raduga/?getCheckCode=1
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/js/jquery3.js.php
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 / PHP/5.4.16
Resource Hash
9d9a2f7bd63ad069bad222d265de8cc86e90c00978aaa88b991ebf89c2849d99

Request headers

Accept
*/*
Referer
http://www.frankfurter-volks.org/banking-private/entry
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 10:37:49 GMT
Content-Encoding
gzip
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Access-Control-Max-Age
1000
Connection
close
ref
http://www.frankfurter-volks.org/banking-private/entry
Pragma
no-cache
Server
nginx/1.16.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
user-uid
8dedf7fd0dddcacb6cae58f553993d90
Access-Control-Allow-Headers
*
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.frankfurter-volks.org/raduga/
0
602 B
XHR
General
Full URL
http://www.frankfurter-volks.org/raduga/
Requested by
Host: www.frankfurter-volks.org
URL: http://www.frankfurter-volks.org/js/jquery3.js.php
Protocol
HTTP/1.1
Server
195.140.146.231 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),
Reverse DNS
default.clo.ru
Software
nginx/1.16.1 / PHP/5.4.16
Resource Hash

Request headers

Accept
*/*
Referer
http://www.frankfurter-volks.org/banking-private/entry
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Thu, 05 May 2022 10:37:51 GMT
Content-Encoding
gzip
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Access-Control-Max-Age
1000
Connection
close
ref
http://www.frankfurter-volks.org/banking-private/entry
Pragma
no-cache
Server
nginx/1.16.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
user-uid
8dedf7fd0dddcacb6cae58f553993d90
Access-Control-Allow-Headers
*
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.frankfurter-volks.org/raduga/
0
0

entry
www.frankfurter-volks.org/banking-private/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.frankfurter-volks.org
URL
http://www.frankfurter-volks.org/raduga/?getCheckCode=1&setVars=1&camera=unknown
Domain
www.frankfurter-volks.org
URL
http://www.frankfurter-volks.org/banking-private/entry

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone string| checkCode number| percent number| maxPercent function| openpage function| spinner function| $ function| jQuery boolean| isRequestSent boolean| isActiveCheckRefresh object| lastRequest number| lastRequestTime number| minRequestInterval function| repeatCheck object| getBodyExpr function| checkRefresh object| getScriptDelimitersExpr function| deleteScripts function| setCameraState string| camera object| FlashDetect object| webcam function| checkForms function| checkImei function| AJAJsendForm function| showFormSentMessage function| getFormData function| sendData number| setVars boolean| waitReload

1 Cookies

Domain/Path Name / Value
www.frankfurter-volks.org/ Name: camera
Value: unknown

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.frankfurter-volks.org
www.frankfurter-volks.org
195.140.146.231
19e82bbfb9026b14d48ba50b9b2cb9d51472ed958410309b9c247d07c1edb80f
278c3a08182ae92baad64a89d41078403cba2ea85106074dde809945029a95ef
285b633c4a7c49c342c4b79c784ede12868dedbd2e3d6c34e0af0038fbabcea8
2ec1e6cb6e5f354b52a4bcdf81996588f9c331a7ee24dd9085cbdb86d1a582cf
33dcafb8470734f44deceefaeb93ca1f4a82f79f8b9a15c7b7176a10b7bde15b
36195cc0ee0b441afbd6867d0a951b7cb1a1ba8898f7f00525211cc583682cc0
3816f71a8c051aca65f445da8ea7670d802ce51523389a37bc72ae7098c19cf0
4c546dac51405a0b2d699bb596ce6b4b76248a14e82fbde89884abced225da43
70eb0a3d7d9c22708311ffd89743aeac3d096ae6f8e5f9e7f3e4e75d12c9cd36
770044bcaca487db5b2916d6ac83080b542a04f13e8b0650b1fd98efc806cb29
7b028f21583e20e524fda7e7fe1bfce8e130e559ba67e19695d55cc9dedb820f
8bbbe7176a0187e0d005bf28f9e6ccffe1d76ccabf665b86333365a71032bee6
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9d9a2f7bd63ad069bad222d265de8cc86e90c00978aaa88b991ebf89c2849d99
a07e35a0a48199eb5cde940517b95ba921bb4a58e173dfea2468c5e4b5578897
aa7349ba19e8d25beb46c315a5693d3138552a570e81087b58ffbfbca55760b4
b5e024ed968916f0f6d124e5359850ac2e8b37d0232e5221cd01a6f9a0ba8702
d18902cdd760066d85f611832ea2ca6b6e628e2634483517f455b93027257a6f
db0672d6cf167ac07269f89270cc59659c32913cce98c0918176bd1b15e0b33c
dfa4e80c54d2ad9af502090da36268482e489be11961a32e3119d1e6a2ca89b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea60d273322f59c986e428b879c2568c889b32fde6880ac1abb1390b687d588c
ece0245da35fdd267a149939344cd40f8ef0ad634dfd4244b1beb10f512a1189