propertyandhomes.gq Open in urlscan Pro
2606:4700:30::681f:5ea0 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
Submission: On June 20 via manual (June 20th 2019, 2:19:05 pm UTC) from US

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 18 HTTP transactions. The main IP is 2606:4700:30::681f:5ea0, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is propertyandhomes.gq.

This is the only time propertyandhomes.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:30:... 2606:4700:30::681f:5ea0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
3	160.83.8.144 160.83.8.144	8373 (DEUBA-NET...) (DEUBA-NET Germany)
1 2	2a00:1158:100... 2a00:1158:1000:300::570	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2bc::bf0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	209.182.205.242 209.182.205.242	54641 (INMOTI-1) (INMOTI-1 - InMotion Hosting)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2600:9000:204... 2600:9000:2047:c00:3:946c:3440:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	143.204.101.6 143.204.101.6	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	212.79.62.104 212.79.62.104	20783 (POP) (POP)
1	85.13.129.192 85.13.129.192	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
18	10

7 2606:4700:30::681f:5ea0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

propertyandhomes.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 160.83.8.144 (United States)

ASN8373 (DEUBA-NET Germany, DE)
PTR: deutschebank.tec.db.com

www.deutsche-bank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1158:1000:300::570 (Germany) 1 redirects

ASN8972 (GD-EMEA-DC-SXB1, DE)

www.all-about-security.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2bc::bf0 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

www.chip.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.182.205.242 (Los Angeles, United States)

ASN54641 (INMOTI-1 - InMotion Hosting, Inc., US)
PTR: ded4171.inmotionhosting.com

ccbank.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2047:c00:3:946c:3440:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

images.tecchannel.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.6 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-6.fra50.r.cloudfront.net

api.idg.zone	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.79.62.104 (Hamburg, Germany) 1 redirects

ASN20783 (POP, DE)

www.starmoney.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.13.129.192 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd3232.kasserver.com

www.merkur-bank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	propertyandhomes.gq propertyandhomes.gq	536 KB
3	deutsche-bank.de www.deutsche-bank.de	409 KB
2	starmoney.de 1 redirects www.starmoney.de	290 B
2	tecchannel.de 2 redirects images.tecchannel.de	699 B
2	all-about-security.de 1 redirects www.all-about-security.de	18 KB
1	merkur-bank.de www.merkur-bank.de
1	idg.zone api.idg.zone	353 B
1	ytimg.com i1.ytimg.com	26 KB
1	ccbank.us ccbank.us	101 KB
1	chip.de www.chip.de	254 B
1	jquery.com code.jquery.com	38 KB
18	11

	Domain	Requested by
7	propertyandhomes.gq	propertyandhomes.gq code.jquery.com
3	www.deutsche-bank.de	propertyandhomes.gq
2	www.starmoney.de	1 redirects propertyandhomes.gq
2	images.tecchannel.de	2 redirects
2	www.all-about-security.de	1 redirects propertyandhomes.gq
1	www.merkur-bank.de	propertyandhomes.gq
1	api.idg.zone	propertyandhomes.gq
1	i1.ytimg.com	propertyandhomes.gq
1	ccbank.us	propertyandhomes.gq
1	www.chip.de	propertyandhomes.gq
1	code.jquery.com	propertyandhomes.gq
18	11

This site contains no links.

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
www.deutsche-bank.de DigiCert SHA2 Extended Validation Server CA	`2019-02-01` - `2020-02-29`	a year	crt.sh
*.all-about-security.de AlphaSSL CA - SHA256 - G2	`2019-02-28` - `2021-03-24`	2 years	crt.sh
ccbank.us Let's Encrypt Authority X3	`2019-06-08` - `2019-09-06`	3 months	crt.sh
api.idg.zone Amazon	`2019-03-20` - `2020-04-20`	a year	crt.sh
www.starmoney.de Thawte EV RSA CA 2018	`2018-07-23` - `2019-12-11`	a year	crt.sh
www.merkur-bank.de DigiCert SHA2 Extended Validation Server CA	`2018-04-20` - `2020-05-24`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
Frame ID: 7D29B4972B3150243715877CD5BD5529
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

18
Requests

44 %
HTTPS

45 %
IPv6

11
Domains

11
Subdomains

10
IPs

3
Countries

1129 kB
Transfer

1223 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://www.all-about-security.de/uploads/pics/Fotolia_Online_Banking_Manfred_Amnet_05.jpg HTTP 301
https://www.all-about-security.de/uploads/pics/Fotolia_Online_Banking_Manfred_Amnet_05.jpg

Request Chain 8

http://images.tecchannel.de/images/tecchannel/bdb/366303/890.jpg HTTP 301
https://images.tecchannel.de/images/tecchannel/bdb/366303/890.jpg HTTP 307
https://api.idg.zone/image/test?key=images/tecchannel/bdb/366303/890.jpg

Request Chain 10

http://www.starmoney.de/uploads/pics/StarMoney-90-Umsatzliste_03.jpg HTTP 301
https://www.starmoney.de/uploads/pics/StarMoney-90-Umsatzliste_03.jpg

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set wwwdeutschebankonlinebanking-zu.php Show response
propertyandhomes.gq/xifa/ 11 KB
5 KB 214ms
203ms Document
text/html 2606:4700:30::681f:5ea0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5ea0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0722a937da435bffd67699a78bed1f6bf00f0eb98e8b2153a4658560d956c8ec

Request headers

Host: propertyandhomes.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Jun 2019 14:18:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d963b8d2961e13acec91d61a46338a3241561040326; expires=Fri, 19-Jun-20 14:18:46 GMT; path=/; domain=.propertyandhomes.gq; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4e9e5fb6b8d9d6b5-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK wovezir.css
propertyandhomes.gq/ 47 KB
11 KB 15ms
14ms Stylesheet
text/css 2606:4700:30::681f:5ea0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://propertyandhomes.gq/wovezir.css
Requested by: Host: propertyandhomes.gq
URL: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681f:5ea0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13a23047da2d5dc772761df3cbf1c3c3cda7adeed1d992f949629e59e2e6487

Request headers

Referer: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Jun 2019 14:18:46 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 12 Jan 2018 17:11:42 GMT
Server: cloudflare
ETag: "bdb1-562975bb92f80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4e9e5fb80d83d6b5-FRA
Content-Length: 10644
Expires: Thu, 20 Jun 2019 18:18:46 GMT

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
code.jquery.com/ 93 KB
38 KB 3016ms
8ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-1.7.2.min.js
Requested by: Host: propertyandhomes.gq
URL: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
Protocol: HTTP/1.1
Security: , ,
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Referer: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Jun 2019 14:18:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: nginx
ETag: "54499a47-17278"
Vary: Accept-Encoding
X-HW: 1561040329.dop002.fr8.t,1561040329.cds035.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 38992

GET
H/1.1 200
OK cropped-logo_fon-2.png
propertyandhomes.gq/ 520 KB
521 KB 207ms
200ms Image
image/png 2606:4700:30::681f:5ea0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://propertyandhomes.gq/cropped-logo_fon-2.png
Requested by: Host: propertyandhomes.gq
URL: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681f:5ea0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea999a10acba9ed9e2cca97e0048c68bb1ddd64f40332fcb266b9961e261e3f

Request headers

Referer: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Jun 2019 14:18:46 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 22 Feb 2017 15:58:04 GMT
Server: cloudflare
ETag: "8219a-549208fce5b00"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4e9e5fb80fdd9ab0-FRA
Content-Length: 532890
Expires: Thu, 20 Jun 2019 18:18:46 GMT

GET
H/1.1 200
OK 20150430_macbook.png
www.deutsche-bank.de/pfb/images/ 246 KB
247 KB 1400ms
29ms Image
image/png 160.83.8.144
DEUBA-NET Germany

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.deutsche-bank.de/pfb/images/20150430_macbook.png

Requested by

Host: propertyandhomes.gq
URL: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.83.8.144 , United States, ASN8373 (DEUBA-NET Germany, DE),

Reverse DNS

deutschebank.tec.db.com

Software

Apache /

Resource Hash

4d60b45738a380475dcfd8180f7ab7b91e45a0b016c7b6e99cf092d05d955a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Jun 2019 14:18:47 GMT
Last-Modified: Thu, 30 Apr 2015 08:21:35 GMT
Server: Apache
DB-Nickname: VTJGc2RHVmtYMThDM0tJeXU3amVQR1JobVFhWm9KNnd4MzVUZytQNUFndz0=
Strict-Transport-Security: max-age=31536000
Upgrade: h2,h2c
Cache-Control: must-revalidate, private
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 252013
Expires: -1

GET
H2

200

Fotolia_Online_Banking_Manfred_Amnet_05.jpg
www.all-about-security.de/uploads/pics/
Redirect Chain

http://www.all-about-security.de/uploads/pics/Fotolia_Online_Banking_Manfred_Amnet_05.jpg
https://www.all-about-security.de/uploads/pics/Fotolia_Online_Banking_Manfred_Amnet_05.jpg

17 KB
18 KB

56ms
15ms

Image
image/jpeg

2a00:1158:1000:300::570
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.all-about-security.de/uploads/pics/Fotolia_Online_Banking_Manfred_Amnet_05.jpg

Requested by

Host: propertyandhomes.gq
URL: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1158:1000:300::570 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

Apache/2.4.39 /

Resource Hash

17c05f70dcaf677b45df12693822ed1c8f4df07054ce5116a670bb7f781cd7c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Jun 2019 14:18:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Oct 2017 18:49:27 GMT
server: Apache/2.4.39
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17724
expires: Sat, 20 Jul 2019 14:18:46 GMT

Redirect headers

Date: Thu, 20 Jun 2019 14:18:46 GMT
Server: Apache/2.4.39
Content-Type: text/html; charset=iso-8859-1
Location: https://www.all-about-security.de/uploads/pics/Fotolia_Online_Banking_Manfred_Amnet_05.jpg
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 380
Expires: Thu, 20 Jun 2019 14:18:46 GMT

GET
H/1.1 404
Not Found 7ed4163578aca1b2.jpg
www.chip.de/ii/7/8/1/5/0/4/3/ 1 B
254 B 87ms
42ms Image
text/html 2a02:26f0:6c00:2bc::bf0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.chip.de/ii/7/8/1/5/0/4/3/7ed4163578aca1b2.jpg
Requested by: Host: propertyandhomes.gq
URL: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
Protocol: HTTP/1.1
Security: , ,
Server: 2a02:26f0:6c00:2bc::bf0 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Jun 2019 14:18:46 GMT
Content-Encoding: gzip
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK deutschelogstep2.png
ccbank.us/wp-content/uploads/ 101 KB
101 KB 332ms
99ms Image
image/png 209.182.205.242
InMotion Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccbank.us/wp-content/uploads/deutschelogstep2.png
Requested by: Host: propertyandhomes.gq
URL: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.182.205.242 Los Angeles, United States, ASN54641 (INMOTI-1 - InMotion Hosting, Inc., US),
Reverse DNS: ded4171.inmotionhosting.com
Software: Apache /
Resource Hash: 1233741387a213f3178464a911aecbdcb38e549c7d5115ab82fb9bc7e37e3602

Request headers

Referer: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Jun 2019 14:18:47 GMT
Last-Modified: Mon, 20 Jun 2016 21:34:25 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 103401
Expires: Fri, 19 Jun 2020 14:18:47 GMT

GET
H/1.1 200
OK 0.jpg
i1.ytimg.com/vi/Iam8uywTEd4/ 26 KB
26 KB 17ms
9ms Image
image/jpeg 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://i1.ytimg.com/vi/Iam8uywTEd4/0.jpg

Requested by

Host: propertyandhomes.gq
URL: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

49f413d03934631c3897ee5765b3c55206019ac9064d082d4d845ee9de471fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Jun 2019 14:17:50 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 57
ETag: "1392656090"
Content-Type: image/jpeg
Cache-Control: public, max-age=7200
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 26172
X-XSS-Protection: 0
Expires: Thu, 20 Jun 2019 16:17:50 GMT

GET
H2

404

test
api.idg.zone/image/
Redirect Chain

http://images.tecchannel.de/images/tecchannel/bdb/366303/890.jpg
https://images.tecchannel.de/images/tecchannel/bdb/366303/890.jpg
https://api.idg.zone/image/test?key=images/tecchannel/bdb/366303/890.jpg

9 B
353 B

75ms
25ms

Image
application/json

143.204.101.6
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.idg.zone/image/test?key=images/tecchannel/bdb/366303/890.jpg
Requested by: Host: propertyandhomes.gq
URL: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.6 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-6.fra50.r.cloudfront.net
Software: /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Referer: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Jun 2019 14:18:47 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 519bc131-9366-11e9-913c-499f644ee406
x-cache: Error from cloudfront
content-type: application/json
status: 404
x-amzn-trace-id: Root=1-5d0b95c7-1c5e7c042df6d97c44568734;Sampled=0
x-amz-apigw-id: blRXMHPFliAFnzQ=
content-length: 9
x-amz-cf-id: dwjvrxUiMrmhBc-87xXi1QfZNaIpNh-AX52WMRxbWyLlqseAD7XyvQ==

Redirect headers

date: Thu, 20 Jun 2019 14:18:48 GMT
via: 1.1 492376a657ddc8d381dbc676ab798325.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA53
location: https://api.idg.zone/image/test?key=images/tecchannel/bdb/366303/890.jpg
x-cache: Miss from cloudfront
status: 307
content-length: 0
x-amz-cf-id: I6VUEKOSHAK9Tl7Lb9skt3tThdO-zd2wJWjSJ8Jib2Xkb4_QIxgXUQ==

GET
H/1.1 200
OK prd-tea_onlinebanking.jpg
www.deutsche-bank.de/pfb/images/ 22 KB
23 KB 307ms
24ms Image
image/jpeg 160.83.8.144
DEUBA-NET Germany

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.deutsche-bank.de/pfb/images/prd-tea_onlinebanking.jpg

Requested by

Host: propertyandhomes.gq
URL: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.83.8.144 , United States, ASN8373 (DEUBA-NET Germany, DE),

Reverse DNS

deutschebank.tec.db.com

Software

Apache /

Resource Hash

acece8b2303d25dba0d0894acad788cea542fc995e15ba92b8ebcaef01815bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Jun 2019 14:18:47 GMT
Last-Modified: Thu, 05 Dec 2013 13:59:58 GMT
Server: Apache
DB-Nickname: VTJGc2RHVmtYMThDM0tJeXU3amVQR1JobVFhWm9KNnd4MzVUZytQNUFndz0=
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: must-revalidate, private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 22721
Expires: -1

GET
H/1.1

404
Not Found

StarMoney-90-Umsatzliste_03.jpg
www.starmoney.de/uploads/pics/
Redirect Chain

http://www.starmoney.de/uploads/pics/StarMoney-90-Umsatzliste_03.jpg
https://www.starmoney.de/uploads/pics/StarMoney-90-Umsatzliste_03.jpg

0
0

118ms
20ms

Image
text/html

212.79.62.104
POP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.starmoney.de/uploads/pics/StarMoney-90-Umsatzliste_03.jpg
Requested by: Host: propertyandhomes.gq
URL: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.79.62.104 Hamburg, Germany, ASN20783 (POP, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Location: https://www.starmoney.de/uploads/pics/StarMoney-90-Umsatzliste_03.jpg
Date: Thu, 20 Jun 2019 14:20:34 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 277
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK 1_FinanzPlaner_Startseite.png
www.deutsche-bank.de/pfb/images/ 140 KB
140 KB 39ms
38ms Image
image/png 160.83.8.144
DEUBA-NET Germany

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.deutsche-bank.de/pfb/images/1_FinanzPlaner_Startseite.png

Requested by

Host: propertyandhomes.gq
URL: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.83.8.144 , United States, ASN8373 (DEUBA-NET Germany, DE),

Reverse DNS

deutschebank.tec.db.com

Software

Apache /

Resource Hash

8fc56c413624ef0e15c5d70b16906884f6b1cb6c332274c5d48265d12076b167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Jun 2019 14:18:48 GMT
Last-Modified: Thu, 06 Nov 2014 17:11:28 GMT
Server: Apache
DB-Nickname: VTJGc2RHVmtYMThDM0tJeXU3amVQR1JobVFhWm9KNnd4MzVUZytQNUFndz0=
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: must-revalidate, private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 142886
Expires: -1

GET
H/1.1 404
Not Found 48_onlinebankonlinepostfach.jpg
www.merkur-bank.de/images/ 0
0 198ms
31ms Image
text/html 85.13.129.192
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.merkur-bank.de/images/48_onlinebankonlinepostfach.jpg
Requested by: Host: propertyandhomes.gq
URL: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.13.129.192 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd3232.kasserver.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://propertyandhomes.gq/xifa/wwwdeutschebankonlinebanking-zu.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 404
Not Found 0dtepzklwcef7z0kojax1a.woff2
propertyandhomes.gq/ 0
0 19ms
12ms Font
text/html 2606:4700:30::681f:5ea0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://propertyandhomes.gq/0dtepzklwcef7z0kojax1a.woff2
Requested by: Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.7.2.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681f:5ea0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://propertyandhomes.gq/wovezir.css
Origin: http://propertyandhomes.gq

Response headers

Date: Thu, 20 Jun 2019 14:18:49 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4e9e5fcb1b3d9ab0-FRA
Expires: Thu, 20 Jun 2019 18:18:49 GMT

GET
H/1.1 404
Not Found xkvono9fc8o2rdydkj12b_k_varhqviz0nv9q090hn8.woff2
propertyandhomes.gq/ 0
0 19ms
12ms Font
text/html 2606:4700:30::681f:5ea0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://propertyandhomes.gq/xkvono9fc8o2rdydkj12b_k_varhqviz0nv9q090hn8.woff2
Requested by: Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.7.2.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681f:5ea0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://propertyandhomes.gq/wovezir.css
Origin: http://propertyandhomes.gq

Response headers

Date: Thu, 20 Jun 2019 14:18:49 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4e9e5fcb1bb8d6b5-FRA
Expires: Thu, 20 Jun 2019 18:18:49 GMT

GET
H/1.1 404
Not Found jbtmzqlaybbbcl9x6evai_k_varhqviz0nv9q090hn8.woff2
propertyandhomes.gq/ 0
0 219ms
204ms Font
text/html 2606:4700:30::681f:5ea0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://propertyandhomes.gq/jbtmzqlaybbbcl9x6evai_k_varhqviz0nv9q090hn8.woff2
Requested by: Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.7.2.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681f:5ea0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://propertyandhomes.gq/wovezir.css
Origin: http://propertyandhomes.gq

Response headers

Date: Thu, 20 Jun 2019 14:18:49 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4e9e5fcb2c5c2358-FRA
Expires: Thu, 20 Jun 2019 18:18:49 GMT

GET
H/1.1 404
Not Found ccki4k9un7tzvwzrvt-t8_k_varhqviz0nv9q090hn8.woff2
propertyandhomes.gq/ 0
0 230ms
215ms Font
text/html 2606:4700:30::681f:5ea0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://propertyandhomes.gq/ccki4k9un7tzvwzrvt-t8_k_varhqviz0nv9q090hn8.woff2
Requested by: Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.7.2.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681f:5ea0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://propertyandhomes.gq/wovezir.css
Origin: http://propertyandhomes.gq

Response headers

Date: Thu, 20 Jun 2019 14:18:49 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4e9e5fcb2dfec2c2-FRA
Expires: Thu, 20 Jun 2019 18:18:49 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.propertyandhomes.gq/	1970-01-19 10:22:56	Name: __cfduid Value: d963b8d2961e13acec91d61a46338a3241561040326

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.idg.zone
ccbank.us
code.jquery.com
i1.ytimg.com
images.tecchannel.de
propertyandhomes.gq
www.all-about-security.de
www.chip.de
www.deutsche-bank.de
www.merkur-bank.de
www.starmoney.de
143.204.101.6
160.83.8.144
205.185.208.52
209.182.205.242
212.79.62.104
2600:9000:2047:c00:3:946c:3440:93a1
2606:4700:30::681f:5ea0
2a00:1158:1000:300::570
2a00:1450:4001:821::200e
2a02:26f0:6c00:2bc::bf0
85.13.129.192
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
0722a937da435bffd67699a78bed1f6bf00f0eb98e8b2153a4658560d956c8ec
1233741387a213f3178464a911aecbdcb38e549c7d5115ab82fb9bc7e37e3602
17c05f70dcaf677b45df12693822ed1c8f4df07054ce5116a670bb7f781cd7c3
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
49f413d03934631c3897ee5765b3c55206019ac9064d082d4d845ee9de471fd0
4d60b45738a380475dcfd8180f7ab7b91e45a0b016c7b6e99cf092d05d955a58
8fc56c413624ef0e15c5d70b16906884f6b1cb6c332274c5d48265d12076b167
a13a23047da2d5dc772761df3cbf1c3c3cda7adeed1d992f949629e59e2e6487
acece8b2303d25dba0d0894acad788cea542fc995e15ba92b8ebcaef01815bda
bea999a10acba9ed9e2cca97e0048c68bb1ddd64f40332fcb266b9961e261e3f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

propertyandhomes.gq Open in urlscan Pro 2606:4700:30::681f:5ea0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

18 Requests

44 %HTTPS

45 %IPv6

11 Domains

11 Subdomains

10 IPs

3 Countries

1129 kBTransfer

1223 kBSize

1 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

Indicators

propertyandhomes.gq Open in urlscan Pro
2606:4700:30::681f:5ea0 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

44 %
HTTPS

45 %
IPv6

11
Domains

11
Subdomains

10
IPs

3
Countries

1129 kB
Transfer

1223 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions