banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz Open in urlscan Pro
87.120.37.156 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kids-expo.ideasight.tech/ungear.php
Effective URL:
http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Submission: On October 01 via manual (October 1st 2021, 7:58:34 am UTC) from DE — Scanned from DE

Summary HTTP 18 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 18 HTTP transactions. The main IP is 87.120.37.156, located in Bulgaria and belongs to NETERRA-AS, BG. The main domain is banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz.

This is the only time banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2	103.253.212.224 103.253.212.224	58487 (RUMAHWEB-...) (RUMAHWEB-AS-ID Rumahweb Indonesia CV.)
7	87.120.37.156 87.120.37.156	34224 (NETERRA-AS) (NETERRA-AS)
9	194.149.254.20 194.149.254.20	15590 (FIDUCIA) (FIDUCIA)
18	4

2 103.253.212.224 (Indonesia)

ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID)
PTR: ranu.satu.rumahweb.com

kids-expo.ideasight.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 87.120.37.156 (Bulgaria)

ASN34224 (NETERRA-AS, BG)

banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 194.149.254.20 (Germany)

ASN15590 (FIDUCIA, DE)

www.volksbank-eg.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	volksbank-eg.de www.volksbank-eg.de	51 KB
7	de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz	412 KB
2	ideasight.tech kids-expo.ideasight.tech	973 B
18	3

	Domain	Requested by
9	www.volksbank-eg.de	banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
7	banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz	banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
2	kids-expo.ideasight.tech	kids-expo.ideasight.tech
18	3

This site contains links to these domains. Also see Links.

Domain
www.schwaebisch-hall.de
www.union-investment.de
www.ruv.de
www.easycredit.de
www.dzbank.de
www.dz-privatbank.com
www.vr-smart-finanz.de
www.dzhyp.de
www.muenchenerhyp.de

Subject Issuer	Validity	Valid
www.kids-expo.ideasight.tech R3	`2021-08-06` - `2021-11-04`	3 months	crt.sh
volksbank-eg.de QuoVadis Europe EV SSL CA G1	`2021-08-11` - `2022-08-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Frame ID: 3C07E2466C8BA8D8AFE38AE6E2CDB7BB
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Volksbank eG

Page URL History Show full URLs

https://kids-expo.ideasight.tech/ungear.php Page URL
https://kids-expo.ideasight.tech/ungear.php Page URL
http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

61 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

512 kB
Transfer

1431 kB
Size

3
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.schwaebisch-hall.de/

Search URL Search Domain Scan URL

URL: https://www.union-investment.de/

Search URL Search Domain Scan URL

URL: https://www.ruv.de/

Search URL Search Domain Scan URL

URL: https://www.easycredit.de/

Search URL Search Domain Scan URL

URL: https://www.dzbank.de/

Search URL Search Domain Scan URL

URL: https://www.dz-privatbank.com/

Search URL Search Domain Scan URL

URL: https://www.vr-smart-finanz.de/

Search URL Search Domain Scan URL

URL: https://www.dzhyp.de/

Search URL Search Domain Scan URL

URL: https://www.muenchenerhyp.de/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kids-expo.ideasight.tech/ungear.php Page URL
https://kids-expo.ideasight.tech/ungear.php Page URL
http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 ungear.php Show response
kids-expo.ideasight.tech/ 937 B
481 B 674ms
285ms Document
text/html 103.253.212.224
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://kids-expo.ideasight.tech/ungear.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.253.212.224 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: ranu.satu.rumahweb.com
Software: Apache /
Resource Hash: 2f58ac50edbc16d8aa708d2f6b928076c3411a2fdeefa3031013148ec59ad6fe

Request headers

:method: GET
:authority: kids-expo.ideasight.tech
:scheme: https
:path: /ungear.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 01 Oct 2021 07:58:28 GMT
server: Apache
vary: Accept-Encoding
content-encoding: br
content-length: 385
content-type: text/html; charset=UTF-8

GET
H2 200 ungear.php Show response
kids-expo.ideasight.tech/ 1012 B
492 B 626ms
626ms Document
text/html 103.253.212.224
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://kids-expo.ideasight.tech/ungear.php
Requested by: Host: kids-expo.ideasight.tech
URL: https://kids-expo.ideasight.tech/ungear.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.253.212.224 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: ranu.satu.rumahweb.com
Software: Apache /
Resource Hash: 53543471354d0466576ebb81ad502152ed7e32668eebf47d4a347a4b2d9c4fe9

Request headers

:method: GET
:authority: kids-expo.ideasight.tech
:scheme: https
:path: /ungear.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://kids-expo.ideasight.tech/ungear.php
accept-encoding: gzip, deflate, br
cookie: d=0; n=Etc/Unknown
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kids-expo.ideasight.tech/ungear.php

Response headers

date: Fri, 01 Oct 2021 07:58:28 GMT
server: Apache
vary: Accept-Encoding
content-encoding: br
content-length: 462
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK Primary Request Cookie set / Show response
banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/ 991 KB
326 KB 291ms
168ms Document
text/html 87.120.37.156
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Protocol: HTTP/1.1
Server: 87.120.37.156 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6adda37cef13dbee27bf2a1bc2d3318de6450723f0b247e3ef722f2f500869a0

Request headers

Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 01 Oct 2021 07:58:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=nmlh3kh0uro1nia9h9orsqffug; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK jquery.js Show response
banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/dist/js/ 87 KB
30 KB 181ms
180ms Script
application/javascript 87.120.37.156
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/dist/js/jquery.js
Requested by: Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Protocol: HTTP/1.1
Server: 87.120.37.156 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Cookie: PHPSESSID=nmlh3kh0uro1nia9h9orsqffug
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 07:58:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 01:19:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "15d9d-5cc9f6bd468d2-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30902

GET
H/1.1 200
OK styles_new.css
banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/dist/css/ 181 KB
28 KB 143ms
143ms Stylesheet
text/css 87.120.37.156
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/dist/css/styles_new.css
Requested by: Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Protocol: HTTP/1.1
Server: 87.120.37.156 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5d49b77a34a6f213db17404ae95f54bdfd4bf7f7d79f351296c37d81b42611b0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Cookie: PHPSESSID=nmlh3kh0uro1nia9h9orsqffug
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 07:58:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 01:19:27 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2d59f-5cc9f6c028d54-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27925

GET
H/1.1 200
OK selectize_style.css
banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/dist/css/ 2 KB
1023 B 136ms
136ms Stylesheet
text/css 87.120.37.156
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/dist/css/selectize_style.css
Requested by: Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Protocol: HTTP/1.1
Server: 87.120.37.156 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: df4a0668029d59c3df311bb16b21dd558df3d7cfb9e8e7d764cf66d3e6d633ef

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Cookie: PHPSESSID=nmlh3kh0uro1nia9h9orsqffug
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 07:58:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 01:19:27 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "861-5cc9f6c0490f4-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 720

GET
H/1.1 200
OK logo_small.gif
banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/dist/img/ 8 KB
8 KB 161ms
159ms Image
image/gif 87.120.37.156
NETERRA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/dist/img/logo_small.gif
Requested by: Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Protocol: HTTP/1.1
Server: 87.120.37.156 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a3708350c240900a4a051335e681cfa3e891f05bb59f7946b7933692fa42bb2c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Cookie: PHPSESSID=nmlh3kh0uro1nia9h9orsqffug
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 07:58:29 GMT
Last-Modified: Thu, 23 Sep 2021 01:19:25 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1ffc-5cc9f6be8ead3"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8188

GET
H2 200 SchwaebischHall.png
www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/ 3 KB
3 KB 401ms
295ms Image
image/png 194.149.254.20
FIDUCIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/SchwaebischHall.png

Requested by

Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.149.254.20 , Germany, ASN15590 (FIDUCIA, DE),

Reverse DNS

Software

Resource Hash

d56807f65e393800ada22487f9a50c8ad756e09d5c975763d671bda326d474f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 10 Aug 2017 14:12:44 GMT
age: 2
date: Fri, 01 Oct 2021 07:58:29 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
x-oneagent-js-injection: true
cache-control: max-age=1209600, stale-if-error=3600, stale-while-revalidate=3600, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 2628
x-xss-protection: 1; mode=block

GET
H2 200 UnionInvestment.png
www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/ 6 KB
6 KB 150ms
44ms Image
image/png 194.149.254.20
FIDUCIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/UnionInvestment.png

Requested by

Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.149.254.20 , Germany, ASN15590 (FIDUCIA, DE),

Reverse DNS

Software

Resource Hash

93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 20:01:18 GMT
age: 0
date: Fri, 01 Oct 2021 07:58:29 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
x-oneagent-js-injection: true
cache-control: max-age=1209600, stale-if-error=3600, stale-while-revalidate=3600, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 6142
x-xss-protection: 1; mode=block

GET
H2 200 RundV.png
www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/ 5 KB
5 KB 135ms
29ms Image
image/png 194.149.254.20
FIDUCIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/RundV.png

Requested by

Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.149.254.20 , Germany, ASN15590 (FIDUCIA, DE),

Reverse DNS

Software

Resource Hash

33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 20:01:20 GMT
age: 0
date: Fri, 01 Oct 2021 07:58:29 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
x-oneagent-js-injection: true
cache-control: max-age=1209600, stale-if-error=3600, stale-while-revalidate=3600, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 4917
x-xss-protection: 1; mode=block

GET
H2 200 easyCredit.png
www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/ 5 KB
5 KB 405ms
299ms Image
image/png 194.149.254.20
FIDUCIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/easyCredit.png

Requested by

Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.149.254.20 , Germany, ASN15590 (FIDUCIA, DE),

Reverse DNS

Software

Resource Hash

ab26bc72d10a5d80984e1a1bbe9f5d12c38013e35070f3ab382908c1f08594ec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 10 Aug 2017 14:12:44 GMT
age: 2
date: Fri, 01 Oct 2021 07:58:29 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
x-oneagent-js-injection: true
cache-control: max-age=1209600, stale-if-error=3600, stale-while-revalidate=3600, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 5085
x-xss-protection: 1; mode=block

GET
H2 200 DZBANK_Initiativbank.png
www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/ 16 KB
17 KB 213ms
108ms Image
image/png 194.149.254.20
FIDUCIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/DZBANK_Initiativbank.png

Requested by

Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.149.254.20 , Germany, ASN15590 (FIDUCIA, DE),

Reverse DNS

Software

Resource Hash

60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 10 Aug 2017 13:56:41 GMT
age: 9
date: Fri, 01 Oct 2021 07:58:21 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
x-oneagent-js-injection: true
cache-control: max-age=1209600, stale-if-error=3600, stale-while-revalidate=3600, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 16788
x-xss-protection: 1; mode=block

GET
H2 200 DZPrivatbank.png
www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/ 3 KB
3 KB 133ms
28ms Image
image/png 194.149.254.20
FIDUCIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/DZPrivatbank.png

Requested by

Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.149.254.20 , Germany, ASN15590 (FIDUCIA, DE),

Reverse DNS

Software

Resource Hash

bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 10 Aug 2017 14:28:43 GMT
age: 0
date: Fri, 01 Oct 2021 07:58:29 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
x-oneagent-js-injection: true
cache-control: max-age=1209600, stale-if-error=3600, stale-while-revalidate=3600, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 3090
x-xss-protection: 1; mode=block

GET
H2 200 VR_Smart_Finanz.png
www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/ 4 KB
4 KB 30ms
30ms Image
image/png 194.149.254.20
FIDUCIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/VR_Smart_Finanz.png

Requested by

Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.149.254.20 , Germany, ASN15590 (FIDUCIA, DE),

Reverse DNS

Software

Resource Hash

3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 01 Aug 2018 12:15:44 GMT
age: 0
date: Fri, 01 Oct 2021 07:58:29 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
x-oneagent-js-injection: true
cache-control: max-age=1209600, stale-if-error=3600, stale-while-revalidate=3600, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 3727
x-xss-protection: 1; mode=block

GET
H2 200 DGHYP.png
www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/ 2 KB
2 KB 30ms
29ms Image
image/png 194.149.254.20
FIDUCIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/DGHYP.png

Requested by

Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.149.254.20 , Germany, ASN15590 (FIDUCIA, DE),

Reverse DNS

Software

Resource Hash

193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 01 Aug 2018 12:15:44 GMT
age: 0
date: Fri, 01 Oct 2021 07:58:29 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
x-oneagent-js-injection: true
cache-control: max-age=1209600, stale-if-error=3600, stale-while-revalidate=3600, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 1883
x-xss-protection: 1; mode=block

GET
H2 200 M%C3%BCnchenerHyp.png
www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/ 6 KB
6 KB 41ms
41ms Image
image/png 194.149.254.20
FIDUCIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.volksbank-eg.de/content/dam/allgemeines/logoleisterefreshdesign/M%C3%BCnchenerHyp.png

Requested by

Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.149.254.20 , Germany, ASN15590 (FIDUCIA, DE),

Reverse DNS

Software

Resource Hash

f00e05e6fcb48cbf33e15e7393b71041234246e48727fc225310c153cfa6cc31

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 10 Aug 2017 13:57:22 GMT
age: 0
date: Fri, 01 Oct 2021 07:58:29 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
x-oneagent-js-injection: true
cache-control: max-age=1209600, stale-if-error=3600, stale-while-revalidate=3600, public, must-revalidate
strict-transport-security: max-age=31536000
content-length: 5806
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK login-js.js Show response
banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/dist/js/ 1 KB
620 B 163ms
160ms Script
application/javascript 87.120.37.156
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/dist/js/login-js.js
Requested by: Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Protocol: HTTP/1.1
Server: 87.120.37.156 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 87d66b64a908815a367022932ea1a8b2fd1a192d3251f00ae2bc92decdc89bec

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Cookie: PHPSESSID=nmlh3kh0uro1nia9h9orsqffug
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 07:58:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 01:19:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4bb-5cc9f6bd1e832-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 303

GET
H/1.1 200
OK selectize.min.js Show response
banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/dist/js/ 61 KB
18 KB 183ms
181ms Script
application/javascript 87.120.37.156
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/dist/js/selectize.min.js
Requested by: Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
URL: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Protocol: HTTP/1.1
Server: 87.120.37.156 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3b12d22ad3911a57b6d862ce7c9be4bb72423b9226c1b991c252d5160bf01e1c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Cookie: PHPSESSID=nmlh3kh0uro1nia9h9orsqffug
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 07:58:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 01:19:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "f3d1-5cc9f6bcecb52-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18283

GET
DATA 200
OK truncated
/ 24 KB
24 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e51c27572746b9de1a6a24066e439aa07a35264f682f921f2d9afab0ada66d6a

Request headers

Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Origin: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 24 KB
24 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d2c8a5d8e4077c48189b3b22abe9d735c9534bada852e47d183e3b92a140ed9

Request headers

Referer: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/
Origin: http://banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kids-expo.ideasight.tech/	1970-01-19 21:37:55	Name: d Value: 0
kids-expo.ideasight.tech/	1970-01-19 21:37:55	Name: n Value: Etc/Unknown
banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: nmlh3kh0uro1nia9h9orsqffug

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz
kids-expo.ideasight.tech
www.volksbank-eg.de
103.253.212.224
194.149.254.20
87.120.37.156
193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6
1d2c8a5d8e4077c48189b3b22abe9d735c9534bada852e47d183e3b92a140ed9
2f58ac50edbc16d8aa708d2f6b928076c3411a2fdeefa3031013148ec59ad6fe
3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6
33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb
3b12d22ad3911a57b6d862ce7c9be4bb72423b9226c1b991c252d5160bf01e1c
53543471354d0466576ebb81ad502152ed7e32668eebf47d4a347a4b2d9c4fe9
5d49b77a34a6f213db17404ae95f54bdfd4bf7f7d79f351296c37d81b42611b0
60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c
6adda37cef13dbee27bf2a1bc2d3318de6450723f0b247e3ef722f2f500869a0
87d66b64a908815a367022932ea1a8b2fd1a192d3251f00ae2bc92decdc89bec
93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47
a3708350c240900a4a051335e681cfa3e891f05bb59f7946b7933692fa42bb2c
ab26bc72d10a5d80984e1a1bbe9f5d12c38013e35070f3ab382908c1f08594ec
bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168
d56807f65e393800ada22487f9a50c8ad756e09d5c975763d671bda326d474f2
df4a0668029d59c3df311bb16b21dd558df3d7cfb9e8e7d764cf66d3e6d633ef
e51c27572746b9de1a6a24066e439aa07a35264f682f921f2d9afab0ada66d6a
f00e05e6fcb48cbf33e15e7393b71041234246e48727fc225310c153cfa6cc31
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz Open in urlscan Pro 87.120.37.156 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

61 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

512 kBTransfer

1431 kBSize

3 Cookies

9 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

3 Cookies

Indicators

banking.volksbank.de-id18cbnbg17bc91vc871vzvzuacv17v8c1vbzh281gb71g.xyz Open in urlscan Pro
87.120.37.156 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

61 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

512 kB
Transfer

1431 kB
Size

3
Cookies

18 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!