it.wicker.de Open in urlscan Pro
185.166.23.122 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://it.wickerklinik.de/
Effective URL:
https://it.wicker.de/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On August 28 via api (August 28th 2023, 10:56:08 pm UTC) from DE — Scanned from DE

Summary HTTP 8 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 185.166.23.122, located in Germany and belongs to MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE. The main domain is it.wicker.de.
TLS certificate: Issued by R3 on August 21st 2023. Valid for: 3 months.

This is the only time it.wicker.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 9	185.166.23.122 185.166.23.122		15817 (MITTWALD-...) (MITTWALD-AS Mittwald CM Service GmbH und Co. KG)
8	1

9 185.166.23.122 (Germany) 1 redirects

ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE)

it.wickerklinik.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
it.wicker.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	wicker.de it.wicker.de	34 KB
1	wickerklinik.de 1 redirects it.wickerklinik.de	242 B
8	2

	Domain	Requested by
8	it.wicker.de	it.wicker.de
1	it.wickerklinik.de	1 redirects
8	2

This site contains links to these domains. Also see Links.

Domain
vpn.wicker.de
datenraum.wicker.de
teams.microsoft.com
central.sophos.com
wicker-gruppe.atlassian.net
www.linkedin.com
www.wicker.de
www.allianz-fuer-cybersicherheit.de

Subject Issuer	Validity	Valid
it.wicker.de R3	`2023-08-21` - `2023-11-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://it.wicker.de/
Frame ID: EAA80D5C909F5F06789448668D7CC0FD
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

it.wicker.de

Page URL History Show full URLs

http://it.wickerklinik.de/ HTTP 301
https://it.wicker.de/ Page URL

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

34 kB
Transfer

36 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://vpn.wicker.de/
Title: VPN-Benutzerportal

Search URL Search Domain Scan URL

URL: https://datenraum.wicker.de/
Title: Datenraum

Search URL Search Domain Scan URL

URL: https://teams.microsoft.com/
Title: Mirosoft Teams

Search URL Search Domain Scan URL

URL: https://central.sophos.com/
Title: Sophos Central

Search URL Search Domain Scan URL

URL: https://wicker-gruppe.atlassian.net/jira
Title: Atlassian Jira

Search URL Search Domain Scan URL

URL: https://wicker-gruppe.atlassian.net/wiki/spacedirectory/view.action
Title: Atlassian Confluence

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/learning/
Title: LinkedIn Learning

Search URL Search Domain Scan URL

URL: https://www.wicker.de/impressum/
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.wicker.de/datenschutz/
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.allianz-fuer-cybersicherheit.de/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://it.wickerklinik.de/ HTTP 301
https://it.wicker.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response it.wicker.de/ Redirect Chain http://it.wickerklinik.de/ https://it.wicker.de/	3 KB 1 KB	176ms 49ms	Document text/html	185.166.23.122 MITTWALD-AS Mittw...
General Check archive.org Show headers Download Go to Full URL https://it.wicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.166.23.122 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE), Reverse DNS Software Apache / Resource Hash `bca8c2c294a2a128586e83b5aa0d7fc53e57b2565158a7eae2d3c006c5693860` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 1343 content-type text/html date Mon, 28 Aug 2023 22:56:03 GMT etag "d9b-603f73693e8ce-gzip" last-modified Mon, 28 Aug 2023 08:09:27 GMT server Apache vary Accept-Encoding Redirect headers Connection Keep-Alive Content-Length 229 Content-Type text/html; charset=iso-8859-1 Date Mon, 28 Aug 2023 22:56:03 GMT Keep-Alive timeout=5, max=100 Location https://it.wicker.de/ Server Apache
GET H2	200	wicker.css it.wicker.de/images/	12 KB 12 KB	52ms 51ms	Stylesheet text/css	185.166.23.122 MITTWALD-AS Mittw...
General Check archive.org Show headers Download Go to Full URL https://it.wicker.de/images/wicker.css Requested by Host: it.wicker.de URL: https://it.wicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.166.23.122 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE), Reverse DNS Software Apache / Resource Hash `479438206dd64f908193c019b1d3bf1bd9eff8664510e750fa6f333538352146` Request headers accept-language de-DE,de;q=0.9 Referer https://it.wicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Mon, 28 Aug 2023 22:56:03 GMT last-modified Fri, 02 Dec 2016 10:24:18 GMT server Apache accept-ranges bytes etag "300a-542aa572d1880" content-length 12298 content-type text/css
GET H2	200	back_top.gif it.wicker.de/images/	4 KB 4 KB	52ms 51ms	Image image/gif	185.166.23.122 MITTWALD-AS Mittw...
General Check archive.org Show headers Download Go to Show image Full URL https://it.wicker.de/images/back_top.gif Requested by Host: it.wicker.de URL: https://it.wicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.166.23.122 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE), Reverse DNS Software Apache / Resource Hash `f79a223522bc6848ccfb91935cf73cb31d12c7109d760050bd215331c14d45c7` Request headers accept-language de-DE,de;q=0.9 Referer https://it.wicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Mon, 28 Aug 2023 22:56:03 GMT last-modified Fri, 02 Dec 2016 10:24:18 GMT server Apache accept-ranges bytes etag "112d-542aa572d1880" content-length 4397 content-type image/gif
GET H2	200	Logo_Allianz_fuer_Cyber-Sicherheit_Teilnehmer.jpg it.wicker.de/images/	13 KB 13 KB	53ms 51ms	Image image/jpeg	185.166.23.122 MITTWALD-AS Mittw...
General Check archive.org Show headers Download Go to Show image Full URL https://it.wicker.de/images/Logo_Allianz_fuer_Cyber-Sicherheit_Teilnehmer.jpg Requested by Host: it.wicker.de URL: https://it.wicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.166.23.122 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE), Reverse DNS Software Apache / Resource Hash `5f787c55cee2e828f2c04702e79c0532d5f0278b230b489be6c6c86623c7ad2b` Request headers accept-language de-DE,de;q=0.9 Referer https://it.wicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Mon, 28 Aug 2023 22:56:03 GMT last-modified Sun, 25 Oct 2020 10:04:10 GMT server Apache accept-ranges bytes etag "33cc-5b27bef5b1a80" content-length 13260 content-type image/jpeg
GET H2	200	back_bottom.gif it.wicker.de/images/	1 KB 1 KB	53ms 52ms	Image image/gif	185.166.23.122 MITTWALD-AS Mittw...
General Check archive.org Show headers Download Go to Show image Full URL https://it.wicker.de/images/back_bottom.gif Requested by Host: it.wicker.de URL: https://it.wicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.166.23.122 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE), Reverse DNS Software Apache / Resource Hash `57b9e69c839f5962fcbb18eba828a67b77ae76b8c88a6c1f0d8f931ff7ec1daf` Request headers accept-language de-DE,de;q=0.9 Referer https://it.wicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Mon, 28 Aug 2023 22:56:03 GMT last-modified Fri, 02 Dec 2016 10:24:17 GMT server Apache accept-ranges bytes etag "4bb-542aa571dd640" content-length 1211 content-type image/gif
GET H2	200	back.gif it.wicker.de/images/	115 B 161 B	54ms 54ms	Image image/gif	185.166.23.122 MITTWALD-AS Mittw...
General Check archive.org Show headers Download Go to Show image Full URL https://it.wicker.de/images/back.gif Requested by Host: it.wicker.de URL: https://it.wicker.de/images/wicker.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.166.23.122 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE), Reverse DNS Software Apache / Resource Hash `e509f60996b324ab15683576645eb6a9cf9031970330ce5ac2daef7377de53e7` Request headers accept-language de-DE,de;q=0.9 Referer https://it.wicker.de/images/wicker.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Mon, 28 Aug 2023 22:56:03 GMT last-modified Fri, 02 Dec 2016 10:24:17 GMT server Apache accept-ranges bytes etag "73-542aa571dd640" content-length 115 content-type image/gif
GET H2	404	back_verlauf_klein.gif it.wicker.de/images/	955 B 955 B	55ms 54ms	Image text/html	185.166.23.122 MITTWALD-AS Mittw...
General Check archive.org Show headers Download Go to Show image Full URL https://it.wicker.de/images/back_verlauf_klein.gif Requested by Host: it.wicker.de URL: https://it.wicker.de/images/wicker.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.166.23.122 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE), Reverse DNS Software Apache / Resource Hash `7a7bd6790f9afe64521eb1bff1585b63529f53ce26e613fbb200a5beef3f3909` Request headers accept-language de-DE,de;q=0.9 Referer https://it.wicker.de/images/wicker.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Mon, 28 Aug 2023 22:56:03 GMT server Apache accept-ranges bytes content-length 955
GET H2	404	back_verlauf.gif it.wicker.de/images/	955 B 955 B	55ms 54ms	Image text/html	185.166.23.122 MITTWALD-AS Mittw...
General Check archive.org Show headers Download Go to Show image Full URL https://it.wicker.de/images/back_verlauf.gif Requested by Host: it.wicker.de URL: https://it.wicker.de/images/wicker.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.166.23.122 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE), Reverse DNS Software Apache / Resource Hash `7a7bd6790f9afe64521eb1bff1585b63529f53ce26e613fbb200a5beef3f3909` Request headers accept-language de-DE,de;q=0.9 Referer https://it.wicker.de/images/wicker.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Mon, 28 Aug 2023 22:56:03 GMT server Apache accept-ranges bytes content-length 955

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://it.wicker.de/images/back_verlauf.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://it.wicker.de/images/back_verlauf_klein.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

it.wicker.de
it.wickerklinik.de
185.166.23.122
479438206dd64f908193c019b1d3bf1bd9eff8664510e750fa6f333538352146
57b9e69c839f5962fcbb18eba828a67b77ae76b8c88a6c1f0d8f931ff7ec1daf
5f787c55cee2e828f2c04702e79c0532d5f0278b230b489be6c6c86623c7ad2b
7a7bd6790f9afe64521eb1bff1585b63529f53ce26e613fbb200a5beef3f3909
bca8c2c294a2a128586e83b5aa0d7fc53e57b2565158a7eae2d3c006c5693860
e509f60996b324ab15683576645eb6a9cf9031970330ce5ac2daef7377de53e7
f79a223522bc6848ccfb91935cf73cb31d12c7109d760050bd215331c14d45c7

it.wicker.de Open in urlscan Pro 185.166.23.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

34 kBTransfer

36 kBSize

0 Cookies

10 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

it.wicker.de Open in urlscan Pro
185.166.23.122 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

34 kB
Transfer

36 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions