pos.t.kundenservice.20-220-163-154.cprapid.com
Open in
urlscan Pro
20.220.163.154
Malicious Activity!
Public Scan
URL:
https://pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/login.php?&return_url=a37fe543fee45045b2cbd14b2e06d6b5&enrolmentID=5b6d60e2b41dbc2b54054e...
Submission Tags: https://phish.report @phish_report Search All
Submission: On February 01 via api from FI — Scanned from CA
Submission Tags: https://phish.report @phish_report Search All
Submission: On February 01 via api from FI — Scanned from CA
Summary
This website contacted 9 IPs
in 2 countries
across 4 domains to perform 42 HTTP transactions.
The main IP is 20.220.163.154, located in
Toronto, Canada and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is pos.t.kundenservice.20-220-163-154.cprapid.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 31st 2023. Valid for: 3 months.
This is the only time pos.t.kundenservice.20-220-163-154.cprapid.com was scanned on urlscan.io!
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 31st 2023. Valid for: 3 months.
This is the only time pos.t.kundenservice.20-220-163-154.cprapid.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Postbank (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 25 | 20.220.163.154 20.220.163.154 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 3 | 2600:9000:251... 2600:9000:2512:4600:13:46b5:7d80:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 6 | 2600:1901:0:c... 2600:1901:0:c07c:: | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2600:1901:0:5... 2600:1901:0:5987:: | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2600:1901:0:2... 2600:1901:0:256b:: | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2600:1901:0:7... 2600:1901:0:7903:: | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 34.95.108.180 34.95.108.180 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 1 | 2600:9000:251... 2600:9000:2514:e600:15:e39e:8900:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 42 | 9 |
25
20.220.163.154
(Toronto, Canada)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| pos.t.kundenservice.20-220-163-154.cprapid.com |
3
2600:9000:2512:4600:13:46b5:7d80:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| www.deutsche-bank.de |
2
2600:1901:0:256b::
(Kansas City, United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| aggregator.service.usercentrics.eu |
1
34.95.108.180
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.108.95.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.108.95.34.bc.googleusercontent.com
| uct.service.usercentrics.eu |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 25 |
cprapid.com
pos.t.kundenservice.20-220-163-154.cprapid.com |
4 MB |
| 12 |
usercentrics.eu
api.usercentrics.eu — Cisco Umbrella Rank: 12249 app.usercentrics.eu — Cisco Umbrella Rank: 12170 aggregator.service.usercentrics.eu — Cisco Umbrella Rank: 14558 graphql.usercentrics.eu — Cisco Umbrella Rank: 14632 uct.service.usercentrics.eu — Cisco Umbrella Rank: 19190 |
22 KB |
| 3 |
deutsche-bank.de
www.deutsche-bank.de — Cisco Umbrella Rank: 183232 |
53 KB |
| 1 |
postbank.de
www.postbank.de — Cisco Umbrella Rank: 263341 |
34 KB |
| 42 | 4 |
| Domain | Requested by | |
|---|---|---|
| 25 | pos.t.kundenservice.20-220-163-154.cprapid.com |
pos.t.kundenservice.20-220-163-154.cprapid.com
|
| 6 | api.usercentrics.eu |
pos.t.kundenservice.20-220-163-154.cprapid.com
|
| 3 | www.deutsche-bank.de |
client
www.deutsche-bank.de |
| 2 | graphql.usercentrics.eu |
pos.t.kundenservice.20-220-163-154.cprapid.com
|
| 2 | aggregator.service.usercentrics.eu |
pos.t.kundenservice.20-220-163-154.cprapid.com
|
| 1 | www.postbank.de | |
| 1 | uct.service.usercentrics.eu | |
| 1 | app.usercentrics.eu | |
| 42 | 8 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| banking.postbank.de |
| www.postbank.de |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| pos.t.kundenservice.20-220-163-154.cprapid.com cPanel, Inc. Certification Authority |
2023-01-31 - 2023-05-01 |
3 months | crt.sh |
| www.deutsche-bank.de DigiCert EV RSA CA G2 |
2022-11-15 - 2023-11-14 |
a year | crt.sh |
| api.usercentrics.eu GTS CA 1D4 |
2022-12-12 - 2023-03-12 |
3 months | crt.sh |
| app.usercentrics.eu GTS CA 1D4 |
2022-12-14 - 2023-03-14 |
3 months | crt.sh |
| aggregator.service.usercentrics.eu GTS CA 1D4 |
2022-12-05 - 2023-03-05 |
3 months | crt.sh |
| graphql.usercentrics.eu GTS CA 1D4 |
2022-12-16 - 2023-03-16 |
3 months | crt.sh |
| uct.service.usercentrics.eu GTS CA 1D4 |
2023-01-30 - 2023-04-30 |
3 months | crt.sh |
| postbank.de DigiCert EV RSA CA G2 |
2022-09-15 - 2023-09-15 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/login.php?&return_url=a37fe543fee45045b2cbd14b2e06d6b5&enrolmentID=5b6d60e2b41dbc2b54054eef345ef73a?securessl=true
Frame ID: 7EF64B8A1C63E3979B198A718A471E70
Requests: 33 HTTP requests in this frame
Frame:
https://pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/Postbank_files//cross-domain-bridge.html
Frame ID: E6884E2FC7AFDA45046955AC06EB715E
Requests: 1 HTTP requests in this frame
Frame:
https://pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/login.phpassets/scripts/cross-domain-bridge.html
Frame ID: 1494D361A213AECA839BB97C52768EB2
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Postbank Banking & BrokerageDetected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
URL: https://banking.postbank.de/#/login/reset
Title: Zugangsdaten vergessen?
Title: Zugangsdaten vergessen?
Search URL Search Domain Scan URL
URL: https://www.postbank.de/redirects/gutzuwissen-banking-login.html
Title: Informationen für Privatkunden
Title: Informationen für Privatkunden
Search URL Search Domain Scan URL
URL: https://www.postbank.de/umzug-gk
Title: Informationen für Geschäftskunden
Title: Informationen für Geschäftskunden
Search URL Search Domain Scan URL
URL: https://www.postbank.de/privatkunden/services/banking-und-brokerage/postbank-id.html
Title: Postbank ID einrichten
Title: Postbank ID einrichten
Search URL Search Domain Scan URL
URL: https://www.postbank.de/privatkunden/services/sicherheit/aktuelle-hinweise.html
Title: Zu den Sicherheitshinweisen
Title: Zu den Sicherheitshinweisen
Search URL Search Domain Scan URL
URL: https://www.postbank.de/redirects/redirect_banking_erste-schritte.html
Title: Erste Schritte
Title: Erste Schritte
Search URL Search Domain Scan URL
URL: https://www.postbank.de/redirects/redirect_banking_terminvereinbarung.html
Title: Terminvereinbarung
Title: Terminvereinbarung
Search URL Search Domain Scan URL
URL: https://www.postbank.de/redirects/redirect_banking_kontakt.html
Title: Kontakt
Title: Kontakt
Search URL Search Domain Scan URL
URL: https://www.postbank.de/redirects/redirect_banking_impressum.html
Title: Impressum
Title: Impressum
Search URL Search Domain Scan URL
URL: https://www.postbank.de/redirects/redirect_banking_rechtshinweise.html
Title: Rechtshinweise
Title: Rechtshinweise
Search URL Search Domain Scan URL
URL: https://www.postbank.de/redirects/redirect_banking_datenschutz.html
Title: Datenschutz
Title: Datenschutz
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
42 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
login.php
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/ |
713 KB 714 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NRJS-7200c241d4b12b5d9b7
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/Postbank_files// |
49 B 347 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
newrelic-loader-1216.js
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/Postbank_files// |
31 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
usercentrics-loader-3.6.0-20221121.js
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/Postbank_files// |
602 B 938 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.f422269988a809f0.css
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/Postbank_files// |
268 KB 269 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
usercentrics-3.6.0.js
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/Postbank_files// |
600 KB 600 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/partials/js/ |
266 KB 266 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fonts.css
www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/ |
1 KB 858 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
teaser-image-pb.jpg
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/Postbank_files// |
44 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
runtime.4ef09bd524eaf91d.js
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/Postbank_files// |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
polyfills.355997a7c40d2123.js
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/Postbank_files// |
33 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
scripts.d056530755f64853.js
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/Postbank_files// |
100 B 436 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.1393d32d814b8f7d.js
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/Postbank_files// |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
usercentrics-3.6.0.js
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/assets/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
languages.json
api.usercentrics.eu/settings/xSrVHkQp_/latest/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
languages.json
api.usercentrics.eu/settings/xSrVHkQp_/latest/ |
66 B 643 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
de.json
api.usercentrics.eu/settings/xSrVHkQp_/latest/ |
28 KB 8 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H3 |
de.json
api.usercentrics.eu/settings/xSrVHkQp_/latest/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.f422269988a809f0.css
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/Postbank_files// |
268 KB 269 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cross-domain-bridge.html
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/Postbank_files// Frame E688 |
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pbbg.94a99b13acbdc92b.jpg
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/ |
243 KB 243 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pb-logo-with-title-no-subline.39cedf917cbb1afd.svg
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pb-logo-splash.cbbf15e67c60fec9.svg
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FrutigerLTW05-65Bold.woff2
www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/ |
25 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FrutigerLTW05-55Roman.woff2
www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/ |
25 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config.json
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/assets/ |
10 KB 10 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
version.json
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
feature-flags.json
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/assets/ |
10 KB 10 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pb-logo-splash.cbbf15e67c60fec9.svg
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/all/Postbank_files// |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cross-domain-bridge.html
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/login.phpassets/scripts/ Frame 1494 |
10 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
server_misconfigured.png
pos.t.kundenservice.20-220-163-154.cprapid.com/img-sys/ Frame 1494 |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
powered_by_cpanel.svg
pos.t.kundenservice.20-220-163-154.cprapid.com/img-sys/ Frame 1494 |
5 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
newrelic-agent-1216.js
pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/login.phpassets/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1px.png
app.usercentrics.eu/session/ |
489 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
translations-de.json
api.usercentrics.eu/translations/ |
8 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H3 |
translations-de.json
api.usercentrics.eu/translations/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
de
aggregator.service.usercentrics.eu/aggregate/ |
44 KB 8 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
de
aggregator.service.usercentrics.eu/aggregate/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
graphql
graphql.usercentrics.eu/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
graphql
graphql.usercentrics.eu/ |
928 B 629 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
uct
uct.service.usercentrics.eu/ |
35 B 276 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
PB_Zentrale_sRGB.png
www.postbank.de/dam/postbank/bilder/unternehmen/medien/ |
33 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- pos.t.kundenservice.20-220-163-154.cprapid.com
- URL
- https://pos.t.kundenservice.20-220-163-154.cprapid.com/kunden/assets/version.json
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Postbank (Banking)166 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| NREUM object| newrelic function| __nr_require string| ui_version object| script string| pref object| UC_UI_DOMAINS function| __import__ boolean| UC_UI_IS_RENDERED function| $ function| jQuery object| webpackChunkonline_banking function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched function| flatpickr object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__beforeunloadfalse object| datalayer object| __zone_symbol__keydownfalse object| UC_UI object| __zone_symbol__resizetrue object| __zone_symbol____react_tooltip_hide_eventfalse object| __zone_symbol____react_tooltip_rebuild_eventfalse object| __zone_symbol____react_tooltip_show_eventfalse object| __zone_symbol__resizefalse object| __zone_symbol__keyupfalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aggregator.service.usercentrics.eu
api.usercentrics.eu
app.usercentrics.eu
graphql.usercentrics.eu
pos.t.kundenservice.20-220-163-154.cprapid.com
uct.service.usercentrics.eu
www.deutsche-bank.de
www.postbank.de
pos.t.kundenservice.20-220-163-154.cprapid.com
20.220.163.154
2600:1901:0:256b::
2600:1901:0:5987::
2600:1901:0:7903::
2600:1901:0:c07c::
2600:9000:2512:4600:13:46b5:7d80:93a1
2600:9000:2514:e600:15:e39e:8900:93a1
34.95.108.180
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
016f3ea5eddadf5011b6f01c7f99d043221d47d6818b898968e0fb527702e809
0196b068fcc0a53e0bdf299fb2138128680153a812d5bea8a61da802819ccfb1
020636c38f18f017f10dfdd61a3eeca65d097a56552c413a3c4702ea9629e2de
179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9
2ad09e58540e6948ba7966dc213ad1152344604e0dd88f6136ad870ec032eb80
32c9c7efa990caab6fed29466f97cd4c1026bb356290f3f73956c963846c6f5c
4ef5f864f89db7feaaaa5332c0a99d76076af49fef488806541ca2561e4cb379
55cb206a77ff71092c309352fcb5927a389382ae678bab55f85ab13ed6239d31
5726f479faf0b0e93fe5e114e4059e25908c7d4cebeef1805bb3531d1e2175ea
62e6b3b58bf6d67c9d124a39eebe37943444d7beef8a02372f1b422db29b4056
69cffe46f97fe44c0cf3812e6c9d6597a19531edd4c2854c7011da19c0ba73c4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b7af11807c08828e7a0415ae87f10891f04a19ec8c4d39a7013e97ac9751616
7140f31352daaa6f5ff736c28cd2420d213d03f975aac693075f480f7167badb
87fae5ce58268cf30de117e5fd2d6eca85caeb1f9c01afa44d19ca1e97ebc894
8c477933a91763dd80d66840a72f9b25bee4250bc4adb2ec15932d5f6a473ecf
8e774cc0790fa0338b5a30dc3629c5a28df695a2b653cd6c6bf847cc6b810f5c
944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f
958aa4c7e086615d2679843f407ae46791619147a7ecff95735748e1c75d6a46
97fe447ddc107dc8b5f84af5b559f36c71eb2da143a98ef3080014d1f17c994a
9dc5d3a050cd34154973c274bca9339e3eeec4992af909332fc93b6ce124a7b2
adc96b6efe5919552898681732312c97108a36e5d17d1bd20044c09f31b7e43b
b958adbf03969cdce156b0505777931d85b392495f586962d3549f6cd15f9995
be4beee7d867a4c4702b8ab281d1d11884a6b7ae9a5e74aac6b141000cb248de
c22147db38447a725493cd68c3ff202ef9e842a170022a6bfdd6dc35665afa11
c6bab22a5379e271347c5bbd82a355d31397ebf35f340b17bc89c36fd095ce87
d4664dd3d67bd3bbe6653fe5273756db06a66ed9f6b2e3d317a28c5bd04ecb90
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e898df741f23b49ece7da03ec7c5d6f9a38da1b2e5a82ea7a2bb7554483af404
eb3f4cf387fca0337770c0919834536dca1fc6c95ec5d142c46537a0f20ec14b
f4887682931c3805d1b837914ac30db2a54cee7a49074844339107f916930a03
fed785e761adc7bc0615e1b4043c643280a4f2ad8c80dbf378e0f768a82ad675