www.domeinbank.info Open in urlscan Pro
92.222.207.1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.domeinbank.info/
Submission: On September 05 via automatic, source certstream-suspicious (September 5th 2019, 7:49:10 am UTC)

Summary HTTP 11 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 11 HTTP transactions. The main IP is 92.222.207.1, located in Paris, France and belongs to OVH, FR. The main domain is www.domeinbank.info.
TLS certificate: Issued by domeinbank.serverv5-73.com on September 5th 2019. Valid for: a year.

This is the only time www.domeinbank.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3	92.222.207.1 92.222.207.1		16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:815::200e		15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c		15133 (EDGECAST) (EDGECAST - MCI Communications Services)
11	4

3 92.222.207.1 (Paris, France)

ASN16276 (OVH, FR)
PTR: ip1.ip-92-222-207.eu

www.domeinbank.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	domeinbank.info www.domeinbank.info	33 KB
2	twitter.com platform.twitter.com	28 KB
2	google.com apis.google.com	66 KB
0	jquery.com Failed code.jquery.com Failed
0	googleapis.com Failed ajax.googleapis.com Failed
11	5

	Domain	Requested by
3	www.domeinbank.info	www.domeinbank.info
2	platform.twitter.com	www.domeinbank.info platform.twitter.com
2	apis.google.com	www.domeinbank.info apis.google.com
0	code.jquery.com Failed	www.domeinbank.info
0	ajax.googleapis.com Failed	www.domeinbank.info
11	5

This site contains no links.

Subject Issuer	Validity	Valid
domeinbank.serverv5-73.com domeinbank.serverv5-73.com	`2019-09-05` - `2020-09-04`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.domeinbank.info/
Frame ID: E9ACC0E5907A43A25078DCB73FF8EED4
Requests: 10 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2349b7ea03933b93cf1e9e9f69dac37a.html?origin=https%3A%2F%2Fwww.domeinbank.info
Frame ID: F108A44A7F27D8F15A40B1DEFD9FC0B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

FancyBox (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i

Page Statistics

11
Requests

36 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

127 kB
Transfer

308 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.domeinbank.info/ 5 KB
5 KB 304ms
175ms Document
text/html 92.222.207.1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.domeinbank.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.222.207.1 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ip1.ip-92-222-207.eu
Software: Apache /
Resource Hash: b0d08eb8280d08c05c0bd234b33c502a2f658d51cd0e8aa7b9952410cdd02adb

Request headers

:method: GET
:authority: www.domeinbank.info
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Thu, 05 Sep 2019 07:48:55 GMT
server: Apache
content-type: text/html; charset=UTF-8

GET
H2 200 plusone.js Show response
apis.google.com/js/ 43 KB
17 KB 44ms
32ms Script
application/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.domeinbank.info
URL: https://www.domeinbank.info/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d996e8927ae45383450bd8314f8bc89259a528aaa698231fe91d2295872d0496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.domeinbank.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Sep 2019 07:48:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-NIxGZo/B+ZxuzQUJT5g6jA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "deb3e7b226abe725b3606240ebb6abf7"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Thu, 05 Sep 2019 07:48:55 GMT

GET
H2 200 jquery.fancybox.css
www.domeinbank.info/fancybox/ 5 KB
5 KB 15ms
14ms Stylesheet
text/css 92.222.207.1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.domeinbank.info/fancybox/jquery.fancybox.css?v=2.1.5
Requested by: Host: www.domeinbank.info
URL: https://www.domeinbank.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.222.207.1 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ip1.ip-92-222-207.eu
Software: Apache /
Resource Hash: 968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.domeinbank.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 05 Sep 2019 07:48:55 GMT
last-modified: Thu, 05 Sep 2019 07:41:13 GMT
server: Apache
accept-ranges: bytes
content-length: 4895
content-type: text/css

GET
H2 200 jquery.fancybox.pack.js Show response
www.domeinbank.info/fancybox/ 23 KB
23 KB 15ms
15ms Script
application/javascript 92.222.207.1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.domeinbank.info/fancybox/jquery.fancybox.pack.js?v=2.1.5
Requested by: Host: www.domeinbank.info
URL: https://www.domeinbank.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.222.207.1 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ip1.ip-92-222-207.eu
Software: Apache /
Resource Hash: bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.domeinbank.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 05 Sep 2019 07:48:55 GMT
last-modified: Thu, 05 Sep 2019 07:41:13 GMT
server: Apache
accept-ranges: bytes
content-length: 23135
content-type: application/javascript

GET style.css
www.domeinbank.info/ 0
0

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.3/ 0
0

GET 8TnrzZ4tenLXJ.js
www.domeinbank.info/ 0
0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 94 KB
28 KB 26ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.domeinbank.info
URL: https://www.domeinbank.info/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: 9a1fc6e3ca9bec4b382270611b2aa8a68d766631abf3965c8d8aebbed794c0a6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.domeinbank.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Sep 2019 07:48:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Sep 2019 20:43:50 GMT
Server: ECS (fcn/40E3)
Etag: "6ccb9515b4f8cd36a731eee1770c0a9f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28408

GET
H/1.1 200
OK widget_iframe.2349b7ea03933b93cf1e9e9f69dac37a.html
platform.twitter.com/widgets/ Frame F108 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2349b7ea03933b93cf1e9e9f69dac37a.html?origin=https%3A%2F%2Fwww.domeinbank.info
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4199) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.domeinbank.info/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.domeinbank.info/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Sep 2019 07:48:55 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Wed, 04 Sep 2019 20:42:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4199)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/ 139 KB
49 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

aef6eeb769cc25d6f1776c5f7e97aef03258c9b5362d72f0d7955633eadf8f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.domeinbank.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 12:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2019 22:51:13 GMT
server: sffe
age: 846750
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 49966
x-xss-protection: 0
expires: Tue, 25 Aug 2020 12:36:25 GMT

GET jquery-latest.min.js
code.jquery.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.domeinbank.info
URL: http://www.domeinbank.info/style.css

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.3/jquery.min.js

Domain: www.domeinbank.info
URL: http://www.domeinbank.info/8TnrzZ4tenLXJ.js

Domain: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| preventBack function| close_pop function| galit function| valider_cookies object| __twttrll object| twttr object| __twttr object| gapi object| ___jsl object| gadgets object| osapi object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apis.google.com
code.jquery.com
platform.twitter.com
www.domeinbank.info
ajax.googleapis.com
code.jquery.com
www.domeinbank.info
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:815::200e
92.222.207.1
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
9a1fc6e3ca9bec4b382270611b2aa8a68d766631abf3965c8d8aebbed794c0a6
aef6eeb769cc25d6f1776c5f7e97aef03258c9b5362d72f0d7955633eadf8f09
b0d08eb8280d08c05c0bd234b33c502a2f658d51cd0e8aa7b9952410cdd02adb
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
d996e8927ae45383450bd8314f8bc89259a528aaa698231fe91d2295872d0496