volksbanken-onlinebanking.com Open in urlscan Pro
2606:4700:30::681b:b470 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://volksbanken-onlinebanking.com/
Submission: On June 05 via automatic, source certstream-suspicious (June 5th 2019, 11:01:58 am UTC)

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 20 HTTP transactions. The main IP is 2606:4700:30::681b:b470, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is volksbanken-onlinebanking.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on June 5th 2019. Valid for: a year.

This is the only time volksbanken-onlinebanking.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
20	2606:4700:30:... 2606:4700:30::681b:b470		13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
20	2

20 2606:4700:30::681b:b470 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

volksbanken-onlinebanking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	volksbanken-onlinebanking.com volksbanken-onlinebanking.com	98 KB
20	1

	Domain	Requested by
20	volksbanken-onlinebanking.com	volksbanken-onlinebanking.com
20	1

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-06-05` - `2020-06-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://volksbanken-onlinebanking.com/
Frame ID: CFD59EA3F6F8EE34BEA4E559FBAEA140
Requests: 20 HTTP requests in this frame

Frame: https://volksbanken-onlinebanking.com/assets/saved_resource.html
Frame ID: 86B3B7B255872CD8266722600E84ADB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Page Statistics

20
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

98 kB
Transfer

236 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response volksbanken-onlinebanking.com/	12 KB 3 KB	129ms 95ms	Document text/html	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `c6e152d8a277a7f7a8dc924315a18595cfd2da084197d195c2127fb0a4875ef7` Request headers :method GET :authority volksbanken-onlinebanking.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 05 Jun 2019 11:01:38 GMT content-type text/html set-cookie __cfduid=d9384679ea2fb5d8db136bd768e82e6ed1559732498; expires=Thu, 04-Jun-20 11:01:38 GMT; path=/; domain=.volksbanken-onlinebanking.com; HttpOnly last-modified Thu, 07 Feb 2019 08:47:02 GMT vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 4e21a6528c0c6401-FRA content-encoding br
GET H2	200	unit.css volksbanken-onlinebanking.com/assets/	9 KB 2 KB	92ms 88ms	Stylesheet text/css	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://volksbanken-onlinebanking.com/assets/unit.css Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `4f0b970735abea43131205490914c324bb2a825a566144656572711bebe795c4` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:38 GMT content-encoding br cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag W/"25fc-581497ef2f280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 4e21a6533cba6401-FRA expires Wed, 05 Jun 2019 15:01:38 GMT
GET H2	200	xview.css volksbanken-onlinebanking.com/assets/	5 KB 1 KB	3574ms 3570ms	Stylesheet text/css	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://volksbanken-onlinebanking.com/assets/xview.css Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `69621dfbf783f2c95fd7113d0cb574ae83b686219d16f85d0cd9a1ac7e0cd702` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:41 GMT content-encoding br cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag W/"15eb-581497ef2f280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 4e21a6533cbb6401-FRA expires Wed, 05 Jun 2019 15:01:41 GMT
GET H2	200	pagelayout.css volksbanken-onlinebanking.com/assets/	6 KB 2 KB	3565ms 3561ms	Stylesheet text/css	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://volksbanken-onlinebanking.com/assets/pagelayout.css Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `6574536b3abf851c80631dc5a5b79d2c139701be0e0e1940289f918455d49b87` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:41 GMT content-encoding br cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag W/"1737-581497ef2f280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 4e21a6533cbc6401-FRA expires Wed, 05 Jun 2019 15:01:41 GMT
GET H2	200	primaernavi.css volksbanken-onlinebanking.com/assets/	2 KB 543 B	92ms 88ms	Stylesheet text/css	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://volksbanken-onlinebanking.com/assets/primaernavi.css Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `fa5a9183124ffd5c33593161150fb5b502c934a19dff5d9b8c249760b4edae21` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:38 GMT content-encoding br cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag W/"75f-581497ef2f280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 4e21a6533cbd6401-FRA expires Wed, 05 Jun 2019 15:01:38 GMT
GET H2	200	crossnav.css volksbanken-onlinebanking.com/assets/	2 KB 632 B	1549ms 1546ms	Stylesheet text/css	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://volksbanken-onlinebanking.com/assets/crossnav.css Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `5e5d2b312fa7608a725925298341323fc4c948da38475bfa28902569fac10b75` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:39 GMT content-encoding br cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag W/"62a-581497ef2f280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 4e21a6533cbe6401-FRA expires Wed, 05 Jun 2019 15:01:39 GMT
GET H2	200	sekundaernavi.css volksbanken-onlinebanking.com/assets/	9 KB 2 KB	118ms 114ms	Stylesheet text/css	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://volksbanken-onlinebanking.com/assets/sekundaernavi.css Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b0d0502158b0e0f8c2e5514f523c290bfbcfeb03d1ea23897ee04f520a67e03b` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:38 GMT content-encoding br cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag W/"239e-581497ef2f280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 4e21a6533cc26401-FRA expires Wed, 05 Jun 2019 15:01:38 GMT
GET H2	200	global.css volksbanken-onlinebanking.com/assets/	68 KB 12 KB	134ms 131ms	Stylesheet text/css	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://volksbanken-onlinebanking.com/assets/global.css Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `3823f9d2ba56d57fc430712944c520ea05346cac60924cf1e1f114878a79133e` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:38 GMT content-encoding br cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag W/"110c4-581497ef2f280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 4e21a6533cc46401-FRA expires Wed, 05 Jun 2019 15:01:38 GMT
GET H2	200	werbung.css volksbanken-onlinebanking.com/assets/	8 KB 2 KB	2556ms 2553ms	Stylesheet text/css	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://volksbanken-onlinebanking.com/assets/werbung.css Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `5ebb4527bc5616c591130381d7a824f1e8f2049602ad20485fc122362f57744b` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:40 GMT content-encoding br cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag W/"1f26-581497ef2f280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 4e21a6533cc76401-FRA expires Wed, 05 Jun 2019 15:01:40 GMT
GET H2	200	jqui.css volksbanken-onlinebanking.com/assets/	28 KB 4 KB	98ms 96ms	Stylesheet text/css	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://volksbanken-onlinebanking.com/assets/jqui.css Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `5504cd5768e4a14c98910b457bc95687f9d7c4582eb758ddc59328c9bbeb4205` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:38 GMT content-encoding br cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag W/"6f07-581497ef2f280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 4e21a6533cc96401-FRA expires Wed, 05 Jun 2019 15:01:38 GMT
GET H2	200	styles.css volksbanken-onlinebanking.com/assets/	15 KB 4 KB	116ms 114ms	Stylesheet text/css	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://volksbanken-onlinebanking.com/assets/styles.css Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `cfaf856795b02587df7cf4c50ffa2c28c5944280e9f45b79a1fc863ee06af00c` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:38 GMT content-encoding br cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag W/"3c09-581497ef2f280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 4e21a6533ccc6401-FRA expires Wed, 05 Jun 2019 15:01:38 GMT
GET H2	200	ebpe-logo.gif volksbanken-onlinebanking.com/assets/	15 KB 15 KB	138ms 135ms	Image image/gif	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://volksbanken-onlinebanking.com/assets/ebpe-logo.gif Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `78934a1597319acbb7231cb604e8673aefad9a0e90e3a46004a092fc3bb8057d` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:38 GMT cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag "3ba3-581497ef2f280" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4e21a6533cce6401-FRA content-length 15267 expires Wed, 05 Jun 2019 15:01:38 GMT
GET H2	200	ebpe-hilfe.svg volksbanken-onlinebanking.com/assets/	1 KB 716 B	94ms 91ms	Image image/svg+xml	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://volksbanken-onlinebanking.com/assets/ebpe-hilfe.svg Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `ea60d273322f59c986e428b879c2568c889b32fde6880ac1abb1390b687d588c` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:38 GMT content-encoding br cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag W/"4e2-581497ef2f280" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=14400 cf-ray 4e21a6533ccf6401-FRA expires Wed, 05 Jun 2019 15:01:38 GMT
GET H2	200	xhtml-filler.gif volksbanken-onlinebanking.com/assets/	43 B 119 B	3567ms 3565ms	Image image/gif	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://volksbanken-onlinebanking.com/assets/xhtml-filler.gif Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `33dcafb8470734f44deceefaeb93ca1f4a82f79f8b9a15c7b7176a10b7bde15b` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:41 GMT cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag "2b-581497ef2f280" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4e21a6533cd16401-FRA content-length 43 expires Wed, 05 Jun 2019 15:01:41 GMT
GET H2	200	ebpe-warnung.gif volksbanken-onlinebanking.com/assets/	2 KB 2 KB	97ms 95ms	Image image/gif	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://volksbanken-onlinebanking.com/assets/ebpe-warnung.gif Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b5e024ed968916f0f6d124e5359850ac2e8b37d0232e5221cd01a6f9a0ba8702` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:38 GMT cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag "671-581497ef2f280" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4e21a6533cd86401-FRA content-length 1649 expires Wed, 05 Jun 2019 15:01:38 GMT
GET H2	200	logo.png volksbanken-onlinebanking.com/assets/	6 KB 6 KB	555ms 553ms	Image image/png	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://volksbanken-onlinebanking.com/assets/logo.png Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `5130fd4dfb565cb561c01ff8df18851e668330d37dff4c72d92eb94137eca180` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:38 GMT cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag "1854-581497ef2f280" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4e21a6533cd96401-FRA content-length 6228 expires Wed, 05 Jun 2019 15:01:38 GMT
GET H2	200	khh.jpg volksbanken-onlinebanking.com/assets/	39 KB 39 KB	2594ms 2592ms	Image image/jpeg	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://volksbanken-onlinebanking.com/assets/khh.jpg Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `a0533c826375394283e31c4c13ba7fb81b9b971de2c4738846b1029175899fb4` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:41 GMT cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag "9a8b-581497ef2f280" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4e21a6533cdb6401-FRA content-length 39563 expires Wed, 05 Jun 2019 15:01:40 GMT
GET H2	200	printOutput.css volksbanken-onlinebanking.com/assets/	9 KB 2 KB	4575ms 4574ms	Stylesheet text/css	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://volksbanken-onlinebanking.com/assets/printOutput.css Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `3b4557f708255a917ba2899108e14e2cc3e87bb8915a7269360c064e835401e2` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:43 GMT content-encoding br cf-cache-status MISS last-modified Thu, 07 Feb 2019 08:19:06 GMT server cloudflare etag W/"2249-581497ef2f280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 4e21a6533cdc6401-FRA expires Wed, 05 Jun 2019 15:01:42 GMT
GET H2	200	saved_resource.html Show response volksbanken-onlinebanking.com/assets/ Frame 86B3	149 B 155 B	4569ms 4568ms	Document text/html	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://volksbanken-onlinebanking.com/assets/saved_resource.html Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50` Request headers :method GET :authority volksbanken-onlinebanking.com :scheme https :path /assets/saved_resource.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 referer https://volksbanken-onlinebanking.com/ accept-encoding gzip, deflate, br cookie __cfduid=d9384679ea2fb5d8db136bd768e82e6ed1559732498 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://volksbanken-onlinebanking.com/ Response headers status 200 date Wed, 05 Jun 2019 11:01:43 GMT content-type text/html last-modified Thu, 07 Feb 2019 08:19:06 GMT vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 4e21a6533cde6401-FRA content-encoding br
GET H2	404	crossnav-link.svg volksbanken-onlinebanking.com/src/img/	318 B 318 B	3557ms 3557ms	Image text/html	2606:4700:30::681b:b470 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://volksbanken-onlinebanking.com/src/img/crossnav-link.svg Requested by Host: volksbanken-onlinebanking.com URL: https://volksbanken-onlinebanking.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:b470 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `6fbf05d6bbb1470e335e56e4a439714e08ca85ec7e56b72cd7d41453cffe0349` Request headers Referer https://volksbanken-onlinebanking.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 05 Jun 2019 11:01:41 GMT content-encoding br cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control public, max-age=14400 cf-ray 4e21a6534ce46401-FRA expires Wed, 05 Jun 2019 15:01:41 GMT
GET DATA	200 OK	truncated /	329 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a07e35a0a48199eb5cde940517b95ba921bb4a58e173dfea2468c5e4b5578897` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml;charset=US-ASCII

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

volksbanken-onlinebanking.com
2606:4700:30::681b:b470
33dcafb8470734f44deceefaeb93ca1f4a82f79f8b9a15c7b7176a10b7bde15b
3823f9d2ba56d57fc430712944c520ea05346cac60924cf1e1f114878a79133e
3b4557f708255a917ba2899108e14e2cc3e87bb8915a7269360c064e835401e2
4f0b970735abea43131205490914c324bb2a825a566144656572711bebe795c4
5130fd4dfb565cb561c01ff8df18851e668330d37dff4c72d92eb94137eca180
5504cd5768e4a14c98910b457bc95687f9d7c4582eb758ddc59328c9bbeb4205
5e5d2b312fa7608a725925298341323fc4c948da38475bfa28902569fac10b75
5ebb4527bc5616c591130381d7a824f1e8f2049602ad20485fc122362f57744b
6574536b3abf851c80631dc5a5b79d2c139701be0e0e1940289f918455d49b87
69621dfbf783f2c95fd7113d0cb574ae83b686219d16f85d0cd9a1ac7e0cd702
6fbf05d6bbb1470e335e56e4a439714e08ca85ec7e56b72cd7d41453cffe0349
78934a1597319acbb7231cb604e8673aefad9a0e90e3a46004a092fc3bb8057d
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
a0533c826375394283e31c4c13ba7fb81b9b971de2c4738846b1029175899fb4
a07e35a0a48199eb5cde940517b95ba921bb4a58e173dfea2468c5e4b5578897
b0d0502158b0e0f8c2e5514f523c290bfbcfeb03d1ea23897ee04f520a67e03b
b5e024ed968916f0f6d124e5359850ac2e8b37d0232e5221cd01a6f9a0ba8702
c6e152d8a277a7f7a8dc924315a18595cfd2da084197d195c2127fb0a4875ef7
cfaf856795b02587df7cf4c50ffa2c28c5944280e9f45b79a1fc863ee06af00c
ea60d273322f59c986e428b879c2568c889b32fde6880ac1abb1390b687d588c
fa5a9183124ffd5c33593161150fb5b502c934a19dff5d9b8c249760b4edae21

volksbanken-onlinebanking.com Open in urlscan Pro 2606:4700:30::681b:b470 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

98 kBTransfer

236 kBSize

0 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

volksbanken-onlinebanking.com Open in urlscan Pro
2606:4700:30::681b:b470 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

98 kB
Transfer

236 kB
Size

0
Cookies

20 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!