URL: https://dhl.8859276.online/banks/dkb.php?id=819413080
Submission: On April 14 via manual from DE — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3030::ac43:bf2d, located in United States and belongs to CLOUDFLARENET, US. The main domain is dhl.8859276.online.
TLS certificate: Issued by GTS CA 1P5 on March 16th 2023. Valid for: 3 months.
This is the only time dhl.8859276.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:303... 13335 (CLOUDFLAR...)
10 2
Apex Domain
Subdomains
Transfer
10 8859276.online
dhl.8859276.online
ebay.8859276.online
62 KB
10 1
Domain Requested by
8 dhl.8859276.online dhl.8859276.online
ebay.8859276.online
2 ebay.8859276.online dhl.8859276.online
10 2

This site contains no links.

Subject Issuer Validity Valid
*.8859276.online
GTS CA 1P5
2023-03-16 -
2023-06-14
3 months crt.sh

This page contains 1 frames:

Primary Page: https://dhl.8859276.online/banks/dkb.php?id=819413080
Frame ID: 64326062B8217BEB388B43FA8FD0C251
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Login to the bank. Sofort GmbH - a Klarna Group Company

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

62 kB
Transfer

292 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request dkb.php
dhl.8859276.online/banks/
14 KB
6 KB
Document
General
Full URL
https://dhl.8859276.online/banks/dkb.php?id=819413080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42c8e82eda6526d00aa0bad775d361a91c92d4f88bf3e84d709b2ad5cbd01440

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b7cad0c4fc839df-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 14 Apr 2023 14:35:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gb74IE2TvNgid3Ek5tQr3IKM9K3Qj1WPy54pzkQxEqSX0pJUowhcxsCHTelr4kG7izRc18JaeXOFSLPYAmSi7UMDHN0W46Ajswn3nL%2FVhp9L%2BF4my8LrhI%2BME8OeG4Opm9xNDmwFLxNPULryNeR2mag%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
hash_fragment.js
dhl.8859276.online/banks/payment/js/
469 B
582 B
Script
General
Full URL
https://dhl.8859276.online/banks/payment/js/hash_fragment.js?1671538656
Requested by
Host: dhl.8859276.online
URL: https://dhl.8859276.online/banks/dkb.php?id=819413080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5269af2ba30aff11afe65f908db88cfc22bf5143c5ba63b426a40adeb3d6e00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dhl.8859276.online/banks/dkb.php?id=819413080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:35:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 16 Feb 2023 01:09:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63ed8256-1d5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tGUMCshWMm4ldFsMkf9vtiaUQK%2B80JTQcBABwCGb%2Bkfqrbz7WfZuro6mdQOn6%2FNDA1MQY%2BTFOUF5eBGPatNhTVTjlY6OCkkIOwwsr4A5HA6FIeKlSTEu36d7iIAaoe2U1cfslJ2fCB4KAJl6UrmYjg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
7b7cad0f3cc339df-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
window_management.js
dhl.8859276.online/banks/payment/js/
1 KB
754 B
Script
General
Full URL
https://dhl.8859276.online/banks/payment/js/window_management.js?1671538656
Requested by
Host: dhl.8859276.online
URL: https://dhl.8859276.online/banks/dkb.php?id=819413080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a40613d774f66ffef50f7f28ba3bde9e931d299f8161e623865a81a78f0aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dhl.8859276.online/banks/dkb.php?id=819413080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:35:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 16 Feb 2023 01:09:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63ed8256-4ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTJjMsmf0beuzaukFRYGgzmTKUUyrFoHU4oYimk7%2Fo0AKu%2F6zjiUh5CJFaOJ8aCtn15qzOnB7RT%2F2SIo9hcS0j6%2BlZIdIpqSi6J6hn8TPqEdKcBkJ8JYDNaxMTQJ41XmYrQ%2BEeok%2FXtoJdamuqs0SjU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
7b7cad0f3cc439df-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
dhl.8859276.online/banks/payment/css/klarna-ux/
236 KB
44 KB
Stylesheet
General
Full URL
https://dhl.8859276.online/banks/payment/css/klarna-ux/style.css?1671538684
Requested by
Host: dhl.8859276.online
URL: https://dhl.8859276.online/banks/dkb.php?id=819413080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a58be0cc6e35d30863b099d06eda7e36f5235556665093fd3d82bef3045d2bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dhl.8859276.online/banks/dkb.php?id=819413080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:35:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 16 Feb 2023 01:09:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63ed8256-3aef5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4Q6tfami2MKfb3FMvnCcvifGKgsS8eNPURQhMg3Ywa%2FngST4vjeqZcQrIrWF200YLygKyDzSL2UbHnCpOo4d1Dy7QOmkrGpsywvP8yBcrJ6CWnqvPY1A2HDurJGwNLIaMadZJ1ayRpqpBsfmjO1L2g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7b7cad0f3cc139df-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
telegram-site-helper.css
ebay.8859276.online/helper/
14 KB
4 KB
Stylesheet
General
Full URL
https://ebay.8859276.online/helper/telegram-site-helper.css?214075620
Requested by
Host: dhl.8859276.online
URL: https://dhl.8859276.online/banks/dkb.php?id=819413080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
591327cc8611863d142bda579ce3a6bf829494fc60cea359f2f201e0a00615b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dhl.8859276.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:35:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 16 Feb 2023 01:10:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63ed826b-39da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1SODOAyez3f481fv7Xxx3GvffWdscfAL0sacWBlPxL%2BV0dH5YgEoAHafgQy69%2BLP81DHwut%2FfusORgpdIt7M1oGLHnUxr5rIcxlJwgjt1gdnhEvWTGLWBvBLpWTsc8GqZ6xS6lyVsHK54VcTZ7SewV1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7b7cad0f5ce939df-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
telegram-site-helper.js
ebay.8859276.online/helper/
24 KB
6 KB
Script
General
Full URL
https://ebay.8859276.online/helper/telegram-site-helper.js?214075620
Requested by
Host: dhl.8859276.online
URL: https://dhl.8859276.online/banks/dkb.php?id=819413080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8d708e7abf186d793341f10cfaafe72871ac5f5650e051372c710ea40a79e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dhl.8859276.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:35:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 16 Feb 2023 01:10:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63ed826b-61a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3mHeAoQAqiVffk6CGv6MQi%2FTm46ndQ6fP7rrReQLQzySDxVZXjxX9VYxZpn6Q6Z6CI%2BvlWggtzINYmz%2BmttbqLFMYtG9Snff9G2uiLZduXjA%2BvXrEAWtue3l0jil72zxidM3XFqdnqU2GtK7PU287Le"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
7b7cad0f5cec39df-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sofort.svg
dhl.8859276.online/payment/img/wizard2/klarna-ux/logo/
280 B
280 B
Image
General
Full URL
https://dhl.8859276.online/payment/img/wizard2/klarna-ux/logo/sofort.svg?1671538656
Requested by
Host: dhl.8859276.online
URL: https://dhl.8859276.online/banks/dkb.php?id=819413080
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7534d4e434d55477b339e6c90b040f28003db518331069af01f122a691f0b407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dhl.8859276.online/banks/dkb.php?id=819413080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:35:33 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bv5ISzOxcc6%2BaqYJpPIjvMTZwU%2BxiwEP7nMNDcCrxb1P9tBkxAxD3eHCrIq0L%2BWFSr0z%2FuBSBPIk8sNJEdGBjwIS2Y3MsU7LcqEroa3HYUT0FZD44Gls4r7W%2BON7N4a88dB%2Bv%2Fbw4izWvT3Vmtc15cs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7b7cad1019af9bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/
990 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1dec1967297d359978126efdcfd66e5a365fff315f699ec1bcfc1f7b7a06d95a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
567 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b08d0100069188ec1231cebbcd6d651cdb24218a5115199311266a054523867

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
telegram-site-helper-api.php
dhl.8859276.online/banks/helper/
50 B
475 B
XHR
General
Full URL
https://dhl.8859276.online/banks/helper/telegram-site-helper-api.php?act=newChat&workerid=463756600&idd=819413080
Requested by
Host: ebay.8859276.online
URL: https://ebay.8859276.online/helper/telegram-site-helper.js?214075620
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18f495c169c4327e6bfdd22c9d215fb93ef2075fa7fb98172f4f0f3da6f951

Request headers

Referer
https://dhl.8859276.online/banks/dkb.php?id=819413080
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryEAk2T69zWBEN1Sp5

Response headers

date
Fri, 14 Apr 2023 14:35:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbZT7lgEwdSW1pp0ZLKvT%2FjNv%2FhQ3MxLGqrLOQsJZwrThj%2BWncLJQtHpOfwq1pAl5EQD2slLuuzBy7Zbdp9myonepn45pgnMRL9R6s%2FOiSz6s0um%2BBBFEj4whTYH8tk4Ex7%2BlgNdyHnBXxGckTExTXo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
7b7cad1059fd9bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
telegram-site-helper-api.php
dhl.8859276.online/banks/helper/
57 B
478 B
XHR
General
Full URL
https://dhl.8859276.online/banks/helper/telegram-site-helper-api.php?act=pollMessages&type=lp&chatId=643964B5D597D_819413080&lastMessageId=0
Requested by
Host: ebay.8859276.online
URL: https://ebay.8859276.online/helper/telegram-site-helper.js?214075620
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f0f1054852e874935d7086789c132f50251eac5fdbfe89c9b73a1fe72975249

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dhl.8859276.online/banks/dkb.php?id=819413080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:35:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BcjkMAYjtnkWLof2uZ0juD0nwgmOpmykpfYqc1DABBak1V9w%2F6%2B7%2FYPeAvJHWiRuMyD%2FH8O1zX01%2BXGhFPHO4Sv55vD0lxH9l0nMA63GmzGtXqb9hevnbDfSPP5Tp%2BsvecF0ZjQVSm9mS%2FurwWO6ns%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
no-cache
cf-ray
7b7cad123ca99bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
telegram-site-helper-api.php
dhl.8859276.online/banks/helper/
57 B
476 B
XHR
General
Full URL
https://dhl.8859276.online/banks/helper/telegram-site-helper-api.php?act=pollMessages&type=lp&chatId=643964B5D597D_819413080&lastMessageId=0
Requested by
Host: ebay.8859276.online
URL: https://ebay.8859276.online/helper/telegram-site-helper.js?214075620
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f0f1054852e874935d7086789c132f50251eac5fdbfe89c9b73a1fe72975249

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dhl.8859276.online/banks/dkb.php?id=819413080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:35:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9WPodexL6rzE2xk3TJ%2F4orxSLMLbb%2BES5EmIP%2Bv3QPUsneSbbciH31ryuWZkOCmTu%2FEkb9SBBrTP8TWWvPaW9Lz34dwazsi%2FOeLZYVdNnpXDefk86hHjKgECZBp294OOZxswkncKuzprGce%2B0Mpc9U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
no-cache
cf-ray
7b7cad1f3fb19bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| url function| getOpenWindowHashes function| putWindowHashesToLocalStorage function| windowLoadEventHandler function| windowUnloadEventHandler function| forceHashRefresh function| startTelegramSiteHelper function| startTranslation function| startLongPoll function| newChat function| addMessages function| addMessage function| addSystemMessage function| sendMessage function| bindAttachFile function| bigImg function| tshScrollDown function| telegramSiteHelperGetCookie function| telegramSiteHelperSetCookie object| serverSideEvent number| lastMessageId object| longPoll number| longPollTimer string| workerid function| validateForm function| isNotEmpty object| telegramSiteHelper

1 Cookies

Domain/Path Name / Value
dhl.8859276.online/ Name: chatId
Value: 643964B5D597D_819413080

1 Console Messages

Source Level URL
Text
network error URL: https://dhl.8859276.online/payment/img/wizard2/klarna-ux/logo/sofort.svg?1671538656
Message:
Failed to load resource: the server responded with a status of 404 ()