netzwerk-kunden.ns01.info Open in urlscan Pro
5.180.253.182 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qikbio.net/secherheit
Effective URL:
https://netzwerk-kunden.ns01.info/kundenportal/
Submission: On December 20 via manual (December 20th 2024, 11:51:46 pm UTC) from HU — Scanned from DE

Summary HTTP 26 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 26 HTTP transactions. The main IP is 5.180.253.182, located in Offenbach, Germany and belongs to SYNLINQ Oliver Horscht is trading as "SYNLINQ", DE. The main domain is netzwerk-kunden.ns01.info.
TLS certificate: Issued by E6 on December 20th 2024. Valid for: 3 months.

This is the only time netzwerk-kunden.ns01.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 1	198.187.31.167 198.187.31.167	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 8	5.180.253.182 5.180.253.182	44486 (SYNLINQ O...) (SYNLINQ Oliver Horscht is trading as "SYNLINQ")
1	172.67.69.232 172.67.69.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a02:ec80:300... 2a02:ec80:300:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	172.67.190.76 172.67.190.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	92.205.168.51 92.205.168.51	21499 (GODADDY-S...) (GODADDY-SXB Host Europe GmbH)
1	2606:4700:20:... 2606:4700:20::ac43:472d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.198.67.16 91.198.67.16	12316 (FITSNET F...) (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	172.217.16.202 172.217.16.202	15169 (GOOGLE) (GOOGLE)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
26	11

1 198.187.31.167 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server312-5.web-hosting.com

qikbio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 5.180.253.182 (Offenbach, Germany) 1 redirects

ASN44486 (SYNLINQ Oliver Horscht is trading as "SYNLINQ", DE)
PTR: ptr.default

kundenportal.ns01.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
netzwerk-kunden.ns01.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.69.232 (United States)

ASN13335 (CLOUDFLARENET, US)

logos-world.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.190.76 (United States)

ASN13335 (CLOUDFLARENET, US)

seeklogo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.205.168.51 (France)

ASN21499 (GODADDY-SXB Host Europe GmbH, DE)
PTR: 51.168.205.92.host.secureserver.net

garethdavidstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:472d (United States)

ASN13335 (CLOUDFLARENET, US)

1000logos.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.67.16 (Wendlingen am Neckar, Germany)

ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE)
PTR: www.lbbw.de

www.lbbw.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	ns01.info 1 redirects kundenportal.ns01.info netzwerk-kunden.ns01.info	1 MB
6	gstatic.com encrypted-tbn0.gstatic.com	19 KB
4	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3382	289 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2811	6 KB
2	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 466	84 KB
1	lbbw.de www.lbbw.de — Cisco Umbrella Rank: 560661	16 KB
1	1000logos.net 1000logos.net — Cisco Umbrella Rank: 109519	191 KB
1	garethdavidstudio.com garethdavidstudio.com	31 KB
1	seeklogo.com seeklogo.com — Cisco Umbrella Rank: 86665	6 KB
1	logos-world.net logos-world.net — Cisco Umbrella Rank: 119720	15 KB
1	qikbio.net 1 redirects qikbio.net	512 B
26	11

	Domain	Requested by
7	netzwerk-kunden.ns01.info	netzwerk-kunden.ns01.info
6	encrypted-tbn0.gstatic.com	netzwerk-kunden.ns01.info
4	upload.wikimedia.org	netzwerk-kunden.ns01.info
2	www.paypalobjects.com
2	maps.googleapis.com	netzwerk-kunden.ns01.info maps.googleapis.com
1	www.lbbw.de	netzwerk-kunden.ns01.info
1	1000logos.net	netzwerk-kunden.ns01.info
1	garethdavidstudio.com	netzwerk-kunden.ns01.info
1	seeklogo.com	netzwerk-kunden.ns01.info
1	logos-world.net	netzwerk-kunden.ns01.info
1	kundenportal.ns01.info	1 redirects
1	qikbio.net	1 redirects
26	12

This site contains links to these domains. Also see Links.

Domain
www.ihre-website.de

Subject Issuer	Validity	Valid
netzwerk-kunden.ns01.info E6	`2024-12-20` - `2025-03-20`	3 months	crt.sh
logos-world.net WE1	`2024-10-26` - `2025-01-24`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-09-26` - `2025-10-17`	a year	crt.sh
seeklogo.com WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
www.garethdavidstudio.com Starfield Secure Certificate Authority - G2	`2023-11-21` - `2024-12-22`	a year	crt.sh
1000logos.net WE1	`2024-12-15` - `2025-03-15`	3 months	crt.sh
www.lbbw.de DigiCert EV RSA CA G2	`2024-01-02` - `2025-01-28`	a year	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-06-13` - `2025-06-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://netzwerk-kunden.ns01.info/kundenportal/
Frame ID: FDBE96C739D23A24D2001E5B085CDDF7
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PayPal Konto | Digitale Mobile Wallet | PayPal DE

Page URL History Show full URLs

https://qikbio.net/secherheit HTTP 301
https://kundenportal.ns01.info/ HTTP 302
https://netzwerk-kunden.ns01.info/kundenportal/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Page Statistics

26
Requests

100 %
HTTPS

33 %
IPv6

11
Domains

12
Subdomains

11
IPs

3
Countries

2087 kB
Transfer

2472 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ihre-website.de/
Title: Besuchen Sie unsere Website

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qikbio.net/secherheit HTTP 301
https://kundenportal.ns01.info/ HTTP 302
https://netzwerk-kunden.ns01.info/kundenportal/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
netzwerk-kunden.ns01.info/kundenportal/
Redirect Chain

https://qikbio.net/secherheit
https://kundenportal.ns01.info/
https://netzwerk-kunden.ns01.info/kundenportal/

239 KB
36 KB

60ms
30ms

Document
text/html

5.180.253.182
SYNLINQ Oliver Ho...

General

Check archive.org

Show headers Download Go to

Full URL: https://netzwerk-kunden.ns01.info/kundenportal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.180.253.182 Offenbach, Germany, ASN44486 (SYNLINQ Oliver Horscht is trading as "SYNLINQ", DE),
Reverse DNS: ptr.default
Software: LiteSpeed /
Resource Hash: 83ceced8bba0f93e38a065a2260965960b2815b774328d63a978345f67d0ba80

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 20 Dec 2024 23:51:42 GMT
expires: Thu, 18 Aug 1994 05:00:00 GMT
pragma: no-cache
server: LiteSpeed
service-worker-allowed: /
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 20 Dec 2024 23:51:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://netzwerk-kunden.ns01.info/kundenportal/
pragma: no-cache
server: LiteSpeed

GET
H2 404 common.js
netzwerk-kunden.ns01.info/maps.googleapis.com/maps-api-v3/api/js/38/11/intl/nl_ALL/ 0
0 13ms
7ms Script
text/html 5.180.253.182
SYNLINQ Oliver Ho...

General

Check archive.org

Show headers Download Go to

Full URL: https://netzwerk-kunden.ns01.info/maps.googleapis.com/maps-api-v3/api/js/38/11/intl/nl_ALL/common.js
Requested by: Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.180.253.182 Offenbach, Germany, ASN44486 (SYNLINQ Oliver Horscht is trading as "SYNLINQ", DE),
Reverse DNS: ptr.default
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/kundenportal/

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Fri, 20 Dec 2024 23:51:42 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H2 404 util.js
netzwerk-kunden.ns01.info/maps.googleapis.com/maps-api-v3/api/js/38/11/intl/nl_ALL/ 0
0 10ms
8ms Script
text/html 5.180.253.182
SYNLINQ Oliver Ho...

General

Check archive.org

Show headers Download Go to

Full URL: https://netzwerk-kunden.ns01.info/maps.googleapis.com/maps-api-v3/api/js/38/11/intl/nl_ALL/util.js
Requested by: Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.180.253.182 Offenbach, Germany, ASN44486 (SYNLINQ Oliver Horscht is trading as "SYNLINQ", DE),
Reverse DNS: ptr.default
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/kundenportal/

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Fri, 20 Dec 2024 23:51:42 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H3 200 PayPal-Symbol.png
logos-world.net/wp-content/uploads/2020/08/ 14 KB
15 KB 44ms
17ms Image
image/png 172.67.69.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logos-world.net/wp-content/uploads/2020/08/PayPal-Symbol.png
Requested by: Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.69.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b71d76f01842140406d2793a87fed6a475b26ad3b76027d553af41f401ed1b73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

cf-cache-status: HIT
etag: "639868a8-3934"
age: 296754
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BAoyvKDmWtXuH33Ipk6XE3EaJmdJQgnOHBmcTbGDkomBkRdgV50ubAyb8GHXX1upKwobLc3f77XrxnqZr%2B4i9odakWKrIjDmhoL1OMOtERurozeG1k%2BUiY83WlV3jcbaSg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 18 Nov 2025 07:21:07 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8037&min_rtt=7099&rtt_var=2268&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4309&recv_bytes=4483&delivery_rate=81278&cwnd=12000&unsent_bytes=0&cid=b60baeaa81a5ea1b&ts=25&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 23:51:42 GMT
content-type: image/png
last-modified: Tue, 13 Dec 2022 11:57:28 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=31968000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f538ab8badcd376-FRA
accept-ranges: bytes
content-length: 14644
server: cloudflare

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 2 KB
3 KB 89ms
28ms Image
image/png 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQUNf5IKq5RgqcNTfcVr5dpS2_IiEXxsWxNPg&s

Requested by

Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22bf3193fa44f65146b052384fa83c3f4037dfb8528492dde8510a7e6076c74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

age: 41432
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options: nosniff
expires: Sat, 20 Dec 2025 12:21:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 12:21:10 GMT
last-modified: Mon, 10 May 2021 06:01:00 GMT
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
content-length: 2423
x-xss-protection: 0
server: sffe

GET
H2 200 ING_logo.png
upload.wikimedia.org/wikipedia/commons/4/4b/ 215 KB
216 KB 118ms
46ms Image
image/png 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/4/4b/ING_logo.png

Requested by

Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.2.6 /

Resource Hash

965747a366609203bf33e3299f17ce4e83115bcf9141d0a0d535aefb8a35e088

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
etag: f87a567e77731ba851636d0cf1a625d4
age: 53183
x-object-meta-sha1base36: k5stq6q47wm6zwengid6wryaq9nwy7d
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
x-content-type-options: nosniff
server-timing: cache;desc="hit-front", host;desc="cp3079"
x-cache: cp3079 hit, cp3079 hit/24
date: Fri, 20 Dec 2024 09:05:18 GMT
content-type: image/png
last-modified: Sun, 16 Feb 2014 14:56:43 GMT
x-client-ip: 2a00:c98:2f00:20:a::4
x-cache-status: hit-front
strict-transport-security: max-age=106384710; includeSubDomains; preload
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 219993
server: ATS/9.2.6

GET
H3 200 targobank-logo-7F899075F5-seeklogo.com.png
seeklogo.com/images/T/ 6 KB
6 KB 44ms
22ms Image
image/png 172.67.190.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seeklogo.com/images/T/targobank-logo-7F899075F5-seeklogo.com.png

Requested by

Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.190.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0962bafd50da71ccbd2246983eb1c9ac518ff11306842d1d2273715071049713

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

cf-cache-status: HIT
etag: "1d901380a7e9596"
age: 5803238
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9UMzvtnnUG4X1FDCLIrcbWl7ytRnndnTtH8NNe3zGe9xgFnfEjxlFJRTjuPqtbtWShuj%2FleT6DbfqFF7CvJLS%2BR8LDUT%2FRqh%2Fj6EEUlnccO4k4UaWfhWpr9HIvWAC8o%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7055&min_rtt=6739&rtt_var=1899&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4161&recv_bytes=4437&delivery_rate=74131&cwnd=12000&unsent_bytes=0&cid=092b742ded4b4984&ts=23&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 23:51:42 GMT
content-type: image/png
last-modified: Sat, 26 Nov 2022 01:40:19 GMT
vary: Accept-Encoding
priority: u=2,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8f538ab8cffedb06-FRA
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
content-length: 5654
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 2560px-Banco_Santander_Logotipo.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/b/b8/Banco_Santander_Logotipo.svg/ 61 KB
62 KB 141ms
70ms Image
image/png 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/b/b8/Banco_Santander_Logotipo.svg/2560px-Banco_Santander_Logotipo.svg.png

Requested by

Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

envoy /

Resource Hash

a98792520ab62bd5fdd81ca4e3f769375d90f9991dc54d43e8a2bc4096afe7c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
etag: f9000c231db844a12dc41df39ed723f2
age: 84739
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
x-content-type-options: nosniff
server-timing: cache;desc="hit-front", host;desc="cp3079"
x-cache: cp3079 hit, cp3079 hit/21
date: Fri, 20 Dec 2024 00:19:22 GMT
content-type: image/png
content-disposition: inline;filename*=UTF-8''Banco_Santander_Logotipo.svg.png
last-modified: Wed, 17 Jul 2024 04:14:41 GMT
x-client-ip: 2a00:c98:2f00:20:a::4
x-cache-status: hit-front
strict-transport-security: max-age=106384710; includeSubDomains; preload
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 62475
server: envoy

GET
H2 200 DEUTSCHE-BANK_11-1024x576.jpg
garethdavidstudio.com/blog/wp-content/uploads/2020/12/ 31 KB
31 KB 144ms
77ms Image
image/jpeg 92.205.168.51
GODADDY-SXB Host ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garethdavidstudio.com/blog/wp-content/uploads/2020/12/DEUTSCHE-BANK_11-1024x576.jpg
Requested by: Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.205.168.51 , France, ASN21499 (GODADDY-SXB Host Europe GmbH, DE),
Reverse DNS: 51.168.205.92.host.secureserver.net
Software: Apache /
Resource Hash: bdf19a916466c7ae7fb1a9fef7e98b752b39b2e652ac177eb43f16c561049507

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

accept-ranges: bytes
content-length: 31280
etag: "882aca-7a30-5b6afab7a3c00"
date: Fri, 20 Dec 2024 23:51:42 GMT
last-modified: Thu, 17 Dec 2020 21:28:16 GMT
content-type: image/jpeg
server: Apache

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 4 KB
4 KB 67ms
27ms Image
image/png 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTAh1s-gDxwlUfjbLye_PZE_B6SKBGTX0g5AQ&s

Requested by

Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c7a77e0b4e8957a1a5d3c9a0a283f12932874ce13d92ccc11c2f89928d70e7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

age: 60943
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options: nosniff
expires: Sat, 20 Dec 2025 06:55:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 06:55:59 GMT
last-modified: Tue, 11 May 2021 01:34:41 GMT
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
content-length: 4030
x-xss-protection: 0
server: sffe

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 3 KB
3 KB 68ms
28ms Image
image/png 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRra3Q6hki7aJqAAaIoSjkWjTLsWqcmsyjwYA&s

Requested by

Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a61027cfacba5c7f89c0895b41e38cbab627cc77a464ee55187d52f7420208bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

age: 34532
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options: nosniff
expires: Sat, 20 Dec 2025 14:16:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 14:16:10 GMT
last-modified: Fri, 16 Apr 2021 09:53:02 GMT
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
content-length: 2923
x-xss-protection: 0
server: sffe

GET
H2 200 Deutsche_Kreditbank_AG_Logo_2016.svg
upload.wikimedia.org/wikipedia/commons/d/d4/ 7 KB
3 KB 116ms
46ms Image
image/svg+xml 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/d/d4/Deutsche_Kreditbank_AG_Logo_2016.svg

Requested by

Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

envoy /

Resource Hash

064f1aa03330990a2b379452219f691cc777198e4a4a05b140962297c0c3465b

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
content-encoding: gzip
etag: W/a113f2f2efd5b8868854d92ceedd0a69
age: 54160
x-object-meta-sha1base36: 7uznkd7d5rd96c8b2wnqzjj5mokeopt
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
x-content-type-options: nosniff
server-timing: cache;desc="hit-front", host;desc="cp3079"
x-cache: cp3079 hit, cp3079 hit/11
date: Fri, 20 Dec 2024 08:49:01 GMT
content-type: image/svg+xml
last-modified: Fri, 30 Oct 2020 06:21:27 GMT
vary: Accept-Encoding
x-client-ip: 2a00:c98:2f00:20:a::4
x-cache-status: hit-front
strict-transport-security: max-age=106384710; includeSubDomains; preload
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2068
server: envoy

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 3 KB
3 KB 67ms
28ms Image
image/png 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSnu7lsTIaQdvYqVIJvBUrozfGRw-uncmjUQg&s

Requested by

Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f11759a8a460353168bc74c6eda01689e3a656469061b22b29e078f57d66c3a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

age: 60943
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options: nosniff
expires: Sat, 20 Dec 2025 06:55:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 06:55:59 GMT
last-modified: Sat, 18 Jun 2022 04:46:00 GMT
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
content-length: 3067
x-xss-protection: 0
server: sffe

GET
H2 200 Commerzbank-logo.png
1000logos.net/wp-content/uploads/2021/05/ 190 KB
191 KB 86ms
31ms Image
image/png 2606:4700:20::ac43:472d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1000logos.net/wp-content/uploads/2021/05/Commerzbank-logo.png
Requested by: Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:472d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1df5325a834e38df5b03a63e9fee89c64ff3e32deca8bf2737078c37477fb911

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

cf-cache-status: HIT
etag: "620f64ed-2f765"
age: 57175
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hibjTUh1SQjCBfkMaOUOtUWQz3YI6d9%2FLqsb36xcw5VLVh512IOpYdREFBFZ7mJbuS36UR9WqNF6Jzoftva1DvERYKoYYSzptzajaxMTlm6qW9w0grE%2B0087GMrZ7y1HJaLfN523P%2BRVxDA%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 22 Dec 2024 07:58:47 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=16294&min_rtt=11087&rtt_var=7705&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3991&recv_bytes=2221&delivery_rate=344702&cwnd=252&unsent_bytes=0&cid=cd81b8708102360d&ts=32&x=0"
date: Fri, 20 Dec 2024 23:51:42 GMT
content-type: image/png
last-modified: Fri, 18 Feb 2022 09:20:45 GMT
vary: Accept-Encoding
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f538ab93a2e6945-FRA
accept-ranges: bytes
content-length: 194405
server: cloudflare

GET
H2 200 HypoVereinsbank_Logo_2008.svg
upload.wikimedia.org/wikipedia/de/9/92/ 28 KB
8 KB 96ms
71ms Image
image/svg+xml 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/de/9/92/HypoVereinsbank_Logo_2008.svg

Requested by

Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

envoy /

Resource Hash

497a145f69469f8cf1f6487522a1fa65e0b9f2dfcd654571308e3f74c9015485

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
content-encoding: gzip
etag: W/df0cf649550cfd442902c0ce4be81b4c
age: 57176
x-object-meta-sha1base36: hvkuukmrer2sm8ak2knlynabn6lo7o5
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
x-content-type-options: nosniff
server-timing: cache;desc="hit-front", host;desc="cp3079"
x-cache: cp3079 hit, cp3079 hit/10
date: Fri, 20 Dec 2024 07:58:46 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2013 23:10:55 GMT
vary: Accept-Encoding
x-client-ip: 2a00:c98:2f00:20:a::4
x-cache-status: hit-front
strict-transport-security: max-age=106384710; includeSubDomains; preload
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
timing-allow-origin: *
x-content-security-policy-report-only: default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
content-security-policy-report-only: default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6734
server: envoy

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 4 KB
4 KB 25ms
25ms Image
image/png 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTyyJtIXC0K0q6zsh4R09saGFbJWuV5-jvbSA&s

Requested by

Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f59b9cf8e047baf9ecd5e2abb30bde231f766ba195f22c95d3b03449a0a2ea08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

age: 60943
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options: nosniff
expires: Sat, 20 Dec 2025 06:55:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 06:55:59 GMT
last-modified: Mon, 25 Oct 2021 23:33:28 GMT
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
content-length: 3736
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK lbbw_bwbank_1600x900_image_w640_m.jpg
www.lbbw.de/bilder/konzern/logos/ 15 KB
16 KB 174ms
53ms Image
image/jpeg 91.198.67.16
FITSNET Finanz In...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lbbw.de/bilder/konzern/logos/lbbw_bwbank_1600x900_image_w640_m.jpg

Requested by

Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

91.198.67.16 Wendlingen am Neckar, Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),

Reverse DNS

www.lbbw.de

Software

Resource Hash

948ff664facd87fa1a2308b1e20838c798219101d0f9dc7428fde8c6236afa0c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.podigee-cdn.net; font-src 'self' data: https://.gstatic.com/ https://.podigee-cdn.net; script-src 'self' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://www.youtube.com/ https://.googleapis.com/ https://.google.com/ https://www.lbbw.de/ https://utt.pm/ https://snap.licdn.com/ https://.adition.com/ https://.podigee.com https://.podigee-cdn.net; connect-src 'self' https://.googleapis.com/ https://.google.com/ https://noembed.com/ https://.linkedin.com; frame-src 'self' https://www.youtube-nocookie.com/ https://.googleapis.com/ https://.adition.com https://.podigee.com https://.podigee-cdn.net; img-src 'self' data: https://.ytimg.com/ https://.gstatic.com/ https://.googleapis.com/ https://.adition.com https://.linkedin.com https://.podigee-cdn.net
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'none'; default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.podigee-cdn.net; font-src 'self' data: https://*.gstatic.com/ https://*.podigee-cdn.net; script-src 'self' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://www.youtube.com/ https://*.googleapis.com/ https://*.google.com/ https://www.lbbw.de/ https://utt.pm/ https://snap.licdn.com/ https://*.adition.com/ https://*.podigee.com https://*.podigee-cdn.net; connect-src 'self' https://*.googleapis.com/ https://*.google.com/ https://noembed.com/ https://*.linkedin.com; frame-src 'self' https://www.youtube-nocookie.com/ https://*.googleapis.com/ https://*.adition.com https://*.podigee.com https://*.podigee-cdn.net; img-src 'self' data: https://*.ytimg.com/ https://*.gstatic.com/ https://*.googleapis.com/ https://*.adition.com https://*.linkedin.com https://*.podigee-cdn.net
Cache-Control: max-age=31536000
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Sat, 20 Dec 2025 23:51:42 GMT
Accept-Ranges: bytes
Content-Length: 15032
Keep-Alive: timeout=15, max=100
Date: Fri, 20 Dec 2024 23:51:42 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 19 Dec 2024 19:41:10 GMT
Content-Type: image/jpeg
X-Frame-Options: DENY

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 3 KB
3 KB 20ms
17ms Image
image/png 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTb5-jo1y8cGu9kQkfA8Ri9VoK1q7Sa90jNag&s

Requested by

Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcdd2ac05faf89e3280e934d9bf6e36a998196de9da1af8d3b3a7e88b707945f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

age: 60943
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options: nosniff
expires: Sat, 20 Dec 2025 06:55:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 06:55:59 GMT
last-modified: Tue, 31 Jan 2023 07:41:14 GMT
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
content-length: 2611
x-xss-protection: 0
server: sffe

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 248 KB
84 KB 152ms
76ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=gme-marktplaats&channel=mp-messaging

Requested by

Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

e95dab6dce17ed024bc1da98042f7d7acfe9e798758350c7117bf1cc56d7c6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: 7bd55b39
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85452
date: Fri, 20 Dec 2024 23:51:42 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H3 200 pp.png
netzwerk-kunden.ns01.info/images/ 1 MB
1 MB 9ms
8ms Image
image/png 5.180.253.182
SYNLINQ Oliver Ho...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netzwerk-kunden.ns01.info/images/pp.png
Requested by: Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.180.253.182 Offenbach, Germany, ASN44486 (SYNLINQ Oliver Horscht is trading as "SYNLINQ", DE),
Reverse DNS: ptr.default
Software: LiteSpeed /
Resource Hash: e846c9bd83e5152ab4d52a8b1375d584e8256da1c1cd1e1af6731cf65363fdfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/kundenportal/

Response headers

cache-control: public, max-age=604800
etag: "15c2ec-6764eaec-e06b5;;;"
expires: Fri, 27 Dec 2024 23:51:42 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1426156
date: Fri, 20 Dec 2024 23:51:42 GMT
last-modified: Fri, 20 Dec 2024 03:56:28 GMT
content-type: image/png
server: LiteSpeed

GET
H3 404 Roboto-Light-webfont.html
netzwerk-kunden.ns01.info/kundenportal/ 0
0 13ms
11ms Font
text/html 5.180.253.182
SYNLINQ Oliver Ho...

General

Check archive.org

Show headers Download Go to

Full URL: https://netzwerk-kunden.ns01.info/kundenportal/Roboto-Light-webfont.html
Requested by: Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.180.253.182 Offenbach, Germany, ASN44486 (SYNLINQ Oliver Horscht is trading as "SYNLINQ", DE),
Reverse DNS: ptr.default
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://netzwerk-kunden.ns01.info
Referer: https://netzwerk-kunden.ns01.info/kundenportal/

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Fri, 20 Dec 2024 23:51:42 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H3 404 Roboto-Light-webfont-2.html
netzwerk-kunden.ns01.info/kundenportal/ 0
0 17ms
16ms Font
text/html 5.180.253.182
SYNLINQ Oliver Ho...

General

Check archive.org

Show headers Download Go to

Full URL: https://netzwerk-kunden.ns01.info/kundenportal/Roboto-Light-webfont-2.html
Requested by: Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.180.253.182 Offenbach, Germany, ASN44486 (SYNLINQ Oliver Horscht is trading as "SYNLINQ", DE),
Reverse DNS: ptr.default
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://netzwerk-kunden.ns01.info
Referer: https://netzwerk-kunden.ns01.info/kundenportal/

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Fri, 20 Dec 2024 23:51:42 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H3 404 Roboto-Light-webfont6654.html
netzwerk-kunden.ns01.info/kundenportal/ 0
0 19ms
18ms Font
text/html 5.180.253.182
SYNLINQ Oliver Ho...

General

Check archive.org

Show headers Download Go to

Full URL: https://netzwerk-kunden.ns01.info/kundenportal/Roboto-Light-webfont6654.html?v1
Requested by: Host: netzwerk-kunden.ns01.info
URL: https://netzwerk-kunden.ns01.info/kundenportal/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.180.253.182 Offenbach, Germany, ASN44486 (SYNLINQ Oliver Horscht is trading as "SYNLINQ", DE),
Reverse DNS: ptr.default
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://netzwerk-kunden.ns01.info
Referer: https://netzwerk-kunden.ns01.info/kundenportal/

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Fri, 20 Dec 2024 23:51:42 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
44 B 55ms
25ms XHR
application/json 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=gme-marktplaats&channel=mp-messaging

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://netzwerk-kunden.ns01.info
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Fri, 20 Dec 2024 23:51:42 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 pp32.png
www.paypalobjects.com/webstatic/icon/ 4 KB
4 KB 61ms
10ms Other
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webstatic/icon/pp32.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB6) /

Resource Hash

9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

paypal-debug-id: 5ae2365ab9abc
etag: "53611ccb-f84"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sat, 21 Dec 2024 00:51:42 GMT
traceparent: 00-00000000000000000005ae2365ab9abc-1077fffe2bf09aa0-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Fri, 20 Dec 2024 23:51:42 GMT
content-type: image/png
last-modified: Wed, 30 Apr 2014 15:54:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3972
server: ECAcc (frc/4CB6)

GET
H2 200 favicon.ico
www.paypalobjects.com/webstatic/icon/ 5 KB
2 KB 11ms
11ms Other
image/x-icon 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webstatic/icon/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://netzwerk-kunden.ns01.info/

Response headers

paypal-debug-id: 88ce45b05d0f8
content-encoding: br
etag: W/"5362bc15-1536"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sat, 21 Dec 2024 00:51:42 GMT
traceparent: 00-000000000000000000088ce45b05d0f8-ba50612f33db353e-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Fri, 20 Dec 2024 23:51:42 GMT
content-type: image/x-icon
last-modified: Thu, 01 May 2014 21:26:45 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 1471
server: ECAcc (frc/4CA9)

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qikbio.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: f06047dabc23703680a2fc9908312f24
qikbio.net/	1970-01-21 01:53:45	Name: s_statistics_21092 Value: 0
kundenportal.ns01.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5vda6qomo3nsg3c75qnl6419j1
netzwerk-kunden.ns01.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: d6slvjfgte73drfuh028lralbn
netzwerk-kunden.ns01.info/	1970-01-21 10:37:54	Name: jZodMI Value: EhRfSYnQUOkaeWdXucDijGZIKJLNBz
netzwerk-kunden.ns01.info/	1970-01-21 02:06:42	Name: EhRfSYnQUOkaeWdXucDijGZIKJLNBz Value: f8eb06b440744d174b2bcfde7d4280c3-1734738702

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://netzwerk-kunden.ns01.info/maps.googleapis.com/maps-api-v3/api/js/38/11/intl/nl_ALL/common.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://netzwerk-kunden.ns01.info/maps.googleapis.com/maps-api-v3/api/js/38/11/intl/nl_ALL/util.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://netzwerk-kunden.ns01.info/kundenportal/Roboto-Light-webfont.html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://netzwerk-kunden.ns01.info/kundenportal/Roboto-Light-webfont-2.html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://netzwerk-kunden.ns01.info/kundenportal/Roboto-Light-webfont6654.html?v1 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1000logos.net
encrypted-tbn0.gstatic.com
garethdavidstudio.com
kundenportal.ns01.info
logos-world.net
maps.googleapis.com
netzwerk-kunden.ns01.info
qikbio.net
seeklogo.com
upload.wikimedia.org
www.lbbw.de
www.paypalobjects.com
172.217.16.202
172.67.190.76
172.67.69.232
192.229.221.25
198.187.31.167
2606:4700:20::ac43:472d
2a00:1450:4001:802::200a
2a00:1450:4001:827::200e
2a02:ec80:300:ed1a::2:b
5.180.253.182
91.198.67.16
92.205.168.51
064f1aa03330990a2b379452219f691cc777198e4a4a05b140962297c0c3465b
0962bafd50da71ccbd2246983eb1c9ac518ff11306842d1d2273715071049713
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667
1c7a77e0b4e8957a1a5d3c9a0a283f12932874ce13d92ccc11c2f89928d70e7e
1df5325a834e38df5b03a63e9fee89c64ff3e32deca8bf2737078c37477fb911
22bf3193fa44f65146b052384fa83c3f4037dfb8528492dde8510a7e6076c74f
497a145f69469f8cf1f6487522a1fa65e0b9f2dfcd654571308e3f74c9015485
83ceced8bba0f93e38a065a2260965960b2815b774328d63a978345f67d0ba80
948ff664facd87fa1a2308b1e20838c798219101d0f9dc7428fde8c6236afa0c
965747a366609203bf33e3299f17ce4e83115bcf9141d0a0d535aefb8a35e088
9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4
a61027cfacba5c7f89c0895b41e38cbab627cc77a464ee55187d52f7420208bd
a98792520ab62bd5fdd81ca4e3f769375d90f9991dc54d43e8a2bc4096afe7c2
b71d76f01842140406d2793a87fed6a475b26ad3b76027d553af41f401ed1b73
bdf19a916466c7ae7fb1a9fef7e98b752b39b2e652ac177eb43f16c561049507
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e846c9bd83e5152ab4d52a8b1375d584e8256da1c1cd1e1af6731cf65363fdfa
e95dab6dce17ed024bc1da98042f7d7acfe9e798758350c7117bf1cc56d7c6e8
f11759a8a460353168bc74c6eda01689e3a656469061b22b29e078f57d66c3a2
f59b9cf8e047baf9ecd5e2abb30bde231f766ba195f22c95d3b03449a0a2ea08
fcdd2ac05faf89e3280e934d9bf6e36a998196de9da1af8d3b3a7e88b707945f

netzwerk-kunden.ns01.info Open in urlscan Pro 5.180.253.182 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

33 %IPv6

11 Domains

12 Subdomains

11 IPs

3 Countries

2087 kBTransfer

2472 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

netzwerk-kunden.ns01.info Open in urlscan Pro
5.180.253.182 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

33 %
IPv6

11
Domains

12
Subdomains

11
IPs

3
Countries

2087 kB
Transfer

2472 kB
Size

6
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!