produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com
Open in
urlscan Pro
45.55.112.74
Malicious Activity!
Public Scan
Submitted URL: https://hdkehrjdkslf37399927401.blogspot.com/
Effective URL: https://produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/
Submission: On June 15 via api from US — Scanned from US
Effective URL: https://produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/
Submission: On June 15 via api from US — Scanned from US
Summary
This website contacted 9 IPs
in 2 countries
across 7 domains to perform 23 HTTP transactions.
The main IP is 45.55.112.74, located in
San Francisco, United States and
belongs to DIGITALOCEAN-ASN, US.
The main domain is produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com.
TLS certificate: Issued by R3 on April 21st 2023. Valid for: 3 months.
This is the only time produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on April 21st 2023. Valid for: 3 months.
This is the only time produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Postbank (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 2607:f8b0:402... 2607:f8b0:4020:807::2001 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2607:f8b0:402... 2607:f8b0:4020:804::2009 | 15169 (GOOGLE) (GOOGLE) | |
| 3 15 | 45.55.112.74 45.55.112.74 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a04:4e42::485 2a04:4e42::485 | 54113 (FASTLY) (FASTLY) | |
| 1 | 2606:4700::68... 2606:4700::6812:1634 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2607:f8b0:402... 2607:f8b0:4020:806::200a | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 2606:4700:e6:... 2606:4700:e6::ac40:ca1c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 23 | 9 |
1
2607:f8b0:4020:807::2001
(Montreal, Canada)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| hdkehrjdkslf37399927401.blogspot.com |
15
45.55.112.74
(San Francisco, United States)
ASN14061 (DIGITALOCEAN-ASN, US)
ASN14061 (DIGITALOCEAN-ASN, US)
| produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 15 |
codeanyapp.com
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com Failed |
697 KB |
| 5 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1987 ka-f.fontawesome.com — Cisco Umbrella Rank: 4145 |
100 KB |
| 1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422 |
31 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379 |
26 KB |
| 1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263 |
6 KB |
| 1 |
blogger.com
www.blogger.com — Cisco Umbrella Rank: 9078 |
154 KB |
| 1 |
blogspot.com
hdkehrjdkslf37399927401.blogspot.com |
3 KB |
| 23 | 7 |
| Domain | Requested by | |
|---|---|---|
| 15 | produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com |
hdkehrjdkslf37399927401.blogspot.com
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com |
| 4 | ka-f.fontawesome.com |
kit.fontawesome.com
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com |
| 1 | ajax.googleapis.com |
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com
|
| 1 | kit.fontawesome.com |
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com
|
| 1 | cdn.jsdelivr.net |
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com
|
| 1 | cdnjs.cloudflare.com |
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com
|
| 1 | www.blogger.com |
hdkehrjdkslf37399927401.blogspot.com
|
| 1 | hdkehrjdkslf37399927401.blogspot.com | |
| 23 | 8 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| misc-sni.blogspot.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
| *.blogger.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
| codeanyapp.com R3 |
2023-04-21 - 2023-07-20 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
| jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
| *.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-22 - 2023-12-23 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/
Frame ID: 8B8FEBFAD2E76618CD560C81CF7B2570
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Ihr Login zum Online-...Page URL History Show full URLs
- https://hdkehrjdkslf37399927401.blogspot.com/ Page URL
-
https://produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP
HTTP 301
https://produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/ HTTP 302
https://produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369 HTTP 301
https://produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/ Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://hdkehrjdkslf37399927401.blogspot.com/ Page URL
-
https://produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP
HTTP 301
https://produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/ HTTP 302
https://produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369 HTTP 301
https://produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
hdkehrjdkslf37399927401.blogspot.com/ |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
254827068-widgets.js
www.blogger.com/static/v1/widgets/ |
153 KB 154 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
PP
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/ Redirect Chain
|
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ |
157 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style_001.css
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/bundlesApp/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style_00f.css
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/bundlesApp/css/ |
835 B 374 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style_01f.css
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/bundlesApp/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0c8a15384c.js
kit.fontawesome.com/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
PK649346.svg
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/bundlesApp/img/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
DE145645646456.jpg
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/bundlesApp/img/ |
470 KB 471 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
DE27856787585.jpg
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/bundlesApp/img/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
DE39875868993.jpg
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/bundlesApp/img/ |
50 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
scripte_postbnk_log.js
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/bundlesApp/js/ |
2 KB 738 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
59 KB 13 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
26 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
3 KB 1 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Frutiger1.woff2
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/bundlesApp/font/ |
48 KB 48 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Frutiger5.woff2
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/bundlesApp/font/ |
58 KB 58 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Frutiger3.woff2
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP/DnBg88qkbNT9369/bundlesApp/font/ |
41 KB 41 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ |
76 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com
- URL
- https://produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/PP
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Postbank (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| FontAwesomeKitConfig function| $ function| jQuery function| validateForm function| validateFormPass1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com/ | Name: PHPSESSID Value: 202cl9j2fjcjovunodi1eb6hnr |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
hdkehrjdkslf37399927401.blogspot.com
ka-f.fontawesome.com
kit.fontawesome.com
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com
www.blogger.com
produktinformationen-mithilfe-datenschutz-centre1220174505.codeanyapp.com
2606:4700::6811:190e
2606:4700::6812:1634
2606:4700:e6::ac40:ca1c
2607:f8b0:4020:804::2009
2607:f8b0:4020:806::200a
2607:f8b0:4020:807::2001
2a04:4e42::485
45.55.112.74
00a219e07130b63f3d165d015757ec2c6afbc3b4b245ded8b57541009fa9230c
0392b37cafa1d3eaf5f00c2594df53bea1f7c7059180098d4185a2425d580d1c
1ad849d8a916dcde00adb1ee3d0f21c7f636a98b7b2c49f57194f245d37b2e91
1dba4aed649c01e3a9864ed3313c4b506525c74e107760f113b31dc044a0f452
2157813a93c2b24f7f325ff791ead1bceb975bdf335a8798e913edb6aa5381ad
2afc1ff4a798ce317d694abd9ecb5dc5f7e1211f80e3864902c0f6da65746c14
33f227be2f5d1077c023bf5bfaa69f4498c74c3771d820ac23e2e2ca2a2bcd0d
40f0451bf5257035c526e6b80bf323482344da9917e73c7d7057f37a549a7522
45e4d3402638733514595764edd24306907c4ac83ae841e032bdfa23707a34d7
56ac13e27b003a28cd6af8c020c29269a6809225aa3ff32321342b0fc1f78e8a
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
89cb55a0388bd68e0ee11e6c833c36251e11233b06bddb199af380c0c19afebe
aece5e5b6948bcd2126d3350a9c2cf52ffe7d9ab2b9de945f3eab9d26b3e1264
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
d17ce0eff57fb801338e19b599925dabba1d444acd6c7a37d349ffe9428e8c12
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda