dlmateucpttbrm.vercel.app Open in urlscan Pro
76.76.21.241 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dlmateucpttbrm.vercel.app/
Effective URL:
https://dlmateucpttbrm.vercel.app/
Submission: On November 16 via manual (November 16th 2024, 5:46:55 pm UTC) from EG — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 76.76.21.241, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is dlmateucpttbrm.vercel.app.
TLS certificate: Issued by R11 on October 17th 2024. Valid for: 3 months.

This is the only time dlmateucpttbrm.vercel.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telekom (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
10	76.76.21.241 76.76.21.241	16509 (AMAZON-02) (AMAZON-02)
1	2003:2:2:140:... 2003:2:2:140:62:157:140:200	3320 (DTAG Deut...) (DTAG Deutsche Telekom AG)
1	2600:9000:26e... 2600:9000:26e8:5200:f:f903:2f40:93a1	16509 (AMAZON-02) (AMAZON-02)
12	3

10 76.76.21.241 (Walnut, United States)

ASN16509 (AMAZON-02, US)

dlmateucpttbrm.vercel.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2003:2:2:140:62:157:140:200 (Germany)

ASN3320 (DTAG Deutsche Telekom AG, DE)

accounts.login.idm.telekom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26e8:5200:f:f903:2f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.t-online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	vercel.app dlmateucpttbrm.vercel.app	164 KB
1	t-online.de www.t-online.de — Cisco Umbrella Rank: 46881	7 KB
1	telekom.com accounts.login.idm.telekom.com — Cisco Umbrella Rank: 111697	5 KB
12	3

	Domain	Requested by
10	dlmateucpttbrm.vercel.app	dlmateucpttbrm.vercel.app
1	www.t-online.de	dlmateucpttbrm.vercel.app
1	accounts.login.idm.telekom.com	dlmateucpttbrm.vercel.app
12	3

This site contains no links.

Subject Issuer	Validity	Valid
*.vercel.app R11	`2024-10-17` - `2025-01-15`	3 months	crt.sh
accounts.login.idm.telekom.com Telekom Security ServerID EV Class 3 CA	`2024-07-12` - `2025-07-16`	a year	crt.sh
www.t-online.de Amazon ECDSA 256 M03	`2024-06-09` - `2025-07-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dlmateucpttbrm.vercel.app/
Frame ID: 6B9EFF21DA01FB601E3C5F39AC04FA12
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telekom Login

Page URL History Show full URLs

http://dlmateucpttbrm.vercel.app/ HTTP 307
https://dlmateucpttbrm.vercel.app/ Page URL

Page Statistics

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

175 kB
Transfer

418 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dlmateucpttbrm.vercel.app/ HTTP 307
https://dlmateucpttbrm.vercel.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dlmateucpttbrm.vercel.app/
Redirect Chain

http://dlmateucpttbrm.vercel.app/
https://dlmateucpttbrm.vercel.app/

9 KB
3 KB

451ms
68ms

Document
text/html

76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlmateucpttbrm.vercel.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ad271f028dd6d573797b5c5a4c54ab24d4b8dcd63deb1a12889c4c71c98520c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 213783
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 16 Nov 2024 17:46:51 GMT
etag: W/"43dba777942339e3e6c3a43e8cb81802"
last-modified: Thu, 14 Nov 2024 06:23:48 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: fra1::6q6nq-1731779211242-1f7d8992f935

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://dlmateucpttbrm.vercel.app/
Non-Authoritative-Reason: HSTS

GET
H2 200 a34f9d1faa5f3315-s.p.woff2
dlmateucpttbrm.vercel.app/_next/static/media/ 47 KB
48 KB 48ms
47ms Font
font/woff2 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlmateucpttbrm.vercel.app/_next/static/media/a34f9d1faa5f3315-s.p.woff2

Requested by

Host: dlmateucpttbrm.vercel.app
URL: https://dlmateucpttbrm.vercel.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://dlmateucpttbrm.vercel.app
Referer: https://dlmateucpttbrm.vercel.app/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=0, must-revalidate
x-vercel-cache: HIT
etag: "d4fe31e6a2aebc06b8d6e558c9141119"
age: 213781
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48556
date: Sat, 16 Nov 2024 17:46:51 GMT
content-disposition: inline; filename="a34f9d1faa5f3315-s.p.woff2"
content-type: font/woff2
server: Vercel
last-modified: Thu, 14 Nov 2024 06:23:50 GMT
x-vercel-id: fra1::xl4b5-1731779211332-230b07c4368c

GET
H2 200 dc61285ca3ece4cb.css
dlmateucpttbrm.vercel.app/_next/static/css/ 11 KB
3 KB 79ms
78ms Stylesheet
text/css 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlmateucpttbrm.vercel.app/_next/static/css/dc61285ca3ece4cb.css

Requested by

Host: dlmateucpttbrm.vercel.app
URL: https://dlmateucpttbrm.vercel.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1dd8986cd26bffc780fe9b21eeaebcc7f37a6e0993295d3edb7759822217a94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dlmateucpttbrm.vercel.app/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"dc32051d53ddb3d5dce73448a8c6d2d3"
age: 213780
access-control-allow-origin: *
date: Sat, 16 Nov 2024 17:46:51 GMT
content-disposition: inline; filename="dc61285ca3ece4cb.css"
content-type: text/css; charset=utf-8
server: Vercel
last-modified: Thu, 14 Nov 2024 06:23:50 GMT
x-vercel-id: fra1::qcsmh-1731779211335-f322ef96b65e

GET
H2 200 telekom-logo-claim.svg
accounts.login.idm.telekom.com/static/factorx/images/ 5 KB
5 KB 235ms
47ms Image
image/svg+xml 2003:2:2:140:62:157:140:200
DTAG Deutsche Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.login.idm.telekom.com/static/factorx/images/telekom-logo-claim.svg

Requested by

Host: dlmateucpttbrm.vercel.app
URL: https://dlmateucpttbrm.vercel.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2003:2:2:140:62:157:140:200 , Germany, ASN3320 (DTAG Deutsche Telekom AG, DE),

Reverse DNS

Software

Apache /

Resource Hash

5c39703ca6b9a762a5ed4308ed1722b8361742c4d8a4869ced5c8d6140403f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dlmateucpttbrm.vercel.app/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public
expires: Sat, 16 Nov 2024 18:46:51 GMT
accept-ranges: bytes
sh: 85d8a6aad35b7830db0299131f0101fb
content-length: 5001
p3p: CP="NOI CURa TAIa OUR NOR UNI"
date: Sat, 16 Nov 2024 17:46:51 GMT
last-modified: Wed, 18 Jan 2023 06:40:33 GMT
content-type: image/svg+xml
server: Apache

GET
H2 200 t-online-logo-29112019.png
www.t-online.de/auth/ 6 KB
7 KB 154ms
38ms Image
image/png 2600:9000:26e8:5200:f:f903:2f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.t-online.de/auth/t-online-logo-29112019.png

Requested by

Host: dlmateucpttbrm.vercel.app
URL: https://dlmateucpttbrm.vercel.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:5200:f:f903:2f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

envoy /

Resource Hash

11eed36ec8f3c28fd90958d9881d080cf237ab18d6792dd22785e729f06795ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.t-online.de;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dlmateucpttbrm.vercel.app/

Response headers

x-request-id: 333084b2-bef9-9c34-8aab-c4ae2c08fe0c
etag: "0596f294efc4d2edc959324fdbf2b1539"
age: 213
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: wtVVpWbLzUp68k_bVNmGQTqKLX57Am6aXCGuACwIl44wBO1cV0I4-Q==
date: Sat, 16 Nov 2024 17:43:18 GMT
content-type: image/png
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' https://*.t-online.de;
cache-control: max-age=86400, public
x-envoy-upstream-service-time: 1
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P10",cdn-rid;desc="wtVVpWbLzUp68k_bVNmGQTqKLX57Am6aXCGuACwIl44wBO1cV0I4-Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=0
x-amzn-trace-id: Root=1-6738d9b6-31f1ad9e48cd1b4e1df3667d
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ce9680b048a2aea06e1146ad2810fa14.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 5851
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: envoy

GET
H2 200 webpack-fc1dedd270461839.js Show response
dlmateucpttbrm.vercel.app/_next/static/chunks/ 4 KB
2 KB 48ms
47ms Script
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlmateucpttbrm.vercel.app/_next/static/chunks/webpack-fc1dedd270461839.js

Requested by

Host: dlmateucpttbrm.vercel.app
URL: https://dlmateucpttbrm.vercel.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fcdc88200778c8665644c3f4221994b8243defd7fd2aa2866ed3b334616c5511

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dlmateucpttbrm.vercel.app/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"7efe23d4ae40e6d531dd9ebc5b1e5dbb"
age: 213781
access-control-allow-origin: *
date: Sat, 16 Nov 2024 17:46:51 GMT
content-disposition: inline; filename="webpack-fc1dedd270461839.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 14 Nov 2024 06:23:50 GMT
x-vercel-id: fra1::qcsmh-1731779211392-3a4049dab94d

GET
H2 200 2443530c-cb7d297fea6f8363.js Show response
dlmateucpttbrm.vercel.app/_next/static/chunks/ 157 KB
51 KB 46ms
45ms Script
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlmateucpttbrm.vercel.app/_next/static/chunks/2443530c-cb7d297fea6f8363.js

Requested by

Host: dlmateucpttbrm.vercel.app
URL: https://dlmateucpttbrm.vercel.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bde37bd430d215e28fb644fc25c3545e22ae51646b52a961a4aaf32e79089b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dlmateucpttbrm.vercel.app/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"b2541f0a5ea893aef9c8b6be2e2af1b9"
age: 110236
access-control-allow-origin: *
date: Sat, 16 Nov 2024 17:46:51 GMT
content-disposition: inline; filename="2443530c-cb7d297fea6f8363.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Fri, 15 Nov 2024 11:09:35 GMT
x-vercel-id: fra1::6q6nq-1731779211392-9c47d33fac68

GET
H2 200 139-7e70f1d0c57bd3f9.js Show response
dlmateucpttbrm.vercel.app/_next/static/chunks/ 95 KB
25 KB 47ms
47ms Script
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlmateucpttbrm.vercel.app/_next/static/chunks/139-7e70f1d0c57bd3f9.js

Requested by

Host: dlmateucpttbrm.vercel.app
URL: https://dlmateucpttbrm.vercel.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

91a4b8a35a9fc435e23e037633ef04f9839faf1ebc1acb274fa027c4e0e229fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dlmateucpttbrm.vercel.app/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"cfad656fc5d01783d51c6246ddbda5e4"
age: 110235
access-control-allow-origin: *
date: Sat, 16 Nov 2024 17:46:51 GMT
content-disposition: inline; filename="139-7e70f1d0c57bd3f9.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Fri, 15 Nov 2024 11:09:35 GMT
x-vercel-id: fra1::dg474-1731779211394-9299e9a737f5

GET
H2 200 main-app-4245747c8497dbf9.js Show response
dlmateucpttbrm.vercel.app/_next/static/chunks/ 417 B
612 B 41ms
40ms Script
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlmateucpttbrm.vercel.app/_next/static/chunks/main-app-4245747c8497dbf9.js

Requested by

Host: dlmateucpttbrm.vercel.app
URL: https://dlmateucpttbrm.vercel.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e044e069a1a292d105ce7bc31619b26d930f6a1d111871468eb4be520f190238

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dlmateucpttbrm.vercel.app/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=0, must-revalidate
x-vercel-cache: HIT
etag: "7b09e746115079132dab765691bf4227"
age: 1080974
accept-ranges: bytes
access-control-allow-origin: *
content-length: 417
date: Sat, 16 Nov 2024 17:46:51 GMT
content-disposition: inline; filename="main-app-4245747c8497dbf9.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Mon, 04 Nov 2024 05:30:36 GMT
x-vercel-id: fra1::mjzq9-1731779211392-6d76e220f91c

GET
H2 200 348-70cd963cc9bd95d6.js Show response
dlmateucpttbrm.vercel.app/_next/static/chunks/ 51 KB
19 KB 44ms
43ms Script
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlmateucpttbrm.vercel.app/_next/static/chunks/348-70cd963cc9bd95d6.js

Requested by

Host: dlmateucpttbrm.vercel.app
URL: https://dlmateucpttbrm.vercel.app/_next/static/chunks/webpack-fc1dedd270461839.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

de7e66e60353cae95be10a48f3e844e359cd4a5e7be2188a0daf89d4202336a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dlmateucpttbrm.vercel.app/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"2a717e7da6514e864e361f071f52a718"
age: 1080973
access-control-allow-origin: *
date: Sat, 16 Nov 2024 17:46:51 GMT
content-disposition: inline; filename="348-70cd963cc9bd95d6.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Mon, 04 Nov 2024 05:30:37 GMT
x-vercel-id: fra1::dg474-1731779211486-50e47a60e5e7

GET
H2 200 page-c756ab60b3ffe654.js Show response
dlmateucpttbrm.vercel.app/_next/static/chunks/app/ 7 KB
3 KB 41ms
40ms Script
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlmateucpttbrm.vercel.app/_next/static/chunks/app/page-c756ab60b3ffe654.js

Requested by

Host: dlmateucpttbrm.vercel.app
URL: https://dlmateucpttbrm.vercel.app/_next/static/chunks/webpack-fc1dedd270461839.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5c6019c794dce8ebb5ceae86f4dae22fb1d5b69f4ea05375016505d05129d73b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dlmateucpttbrm.vercel.app/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"c7a8d1e43654a53efe017b8886034587"
age: 213780
access-control-allow-origin: *
date: Sat, 16 Nov 2024 17:46:51 GMT
content-disposition: inline; filename="page-c756ab60b3ffe654.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 14 Nov 2024 06:23:51 GMT
x-vercel-id: fra1::6q6nq-1731779211486-a5fdde068e06

GET
H2 200 favicon.ico
dlmateucpttbrm.vercel.app/ 25 KB
9 KB 41ms
40ms Other
image/vnd.microsoft.icon 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlmateucpttbrm.vercel.app/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2b8ad2d33455a8f736fc3a8ebf8f0bdea8848ad4c0db48a2833bd0f9cd775932

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dlmateucpttbrm.vercel.app/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"c30c7d42707a47a3f4591831641e50dc"
age: 1080973
access-control-allow-origin: *
date: Sat, 16 Nov 2024 17:46:51 GMT
content-disposition: inline; filename="favicon.ico"
content-type: image/vnd.microsoft.icon
server: Vercel
last-modified: Mon, 04 Nov 2024 05:30:38 GMT
x-vercel-id: fra1::6q6nq-1731779211578-f2a52e339103

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telekom (Telecommunication)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.login.idm.telekom.com
dlmateucpttbrm.vercel.app
www.t-online.de
2003:2:2:140:62:157:140:200
2600:9000:26e8:5200:f:f903:2f40:93a1
76.76.21.241
11eed36ec8f3c28fd90958d9881d080cf237ab18d6792dd22785e729f06795ba
1dd8986cd26bffc780fe9b21eeaebcc7f37a6e0993295d3edb7759822217a94c
2b8ad2d33455a8f736fc3a8ebf8f0bdea8848ad4c0db48a2833bd0f9cd775932
5c39703ca6b9a762a5ed4308ed1722b8361742c4d8a4869ced5c8d6140403f95
5c6019c794dce8ebb5ceae86f4dae22fb1d5b69f4ea05375016505d05129d73b
91a4b8a35a9fc435e23e037633ef04f9839faf1ebc1acb274fa027c4e0e229fb
ad271f028dd6d573797b5c5a4c54ab24d4b8dcd63deb1a12889c4c71c98520c2
bde37bd430d215e28fb644fc25c3545e22ae51646b52a961a4aaf32e79089b42
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
de7e66e60353cae95be10a48f3e844e359cd4a5e7be2188a0daf89d4202336a6
e044e069a1a292d105ce7bc31619b26d930f6a1d111871468eb4be520f190238
fcdc88200778c8665644c3f4221994b8243defd7fd2aa2866ed3b334616c5511

dlmateucpttbrm.vercel.app Open in urlscan Pro 76.76.21.241 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

175 kBTransfer

418 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

dlmateucpttbrm.vercel.app Open in urlscan Pro
76.76.21.241 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

175 kB
Transfer

418 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!