volksbankinfo.sytes.net
Open in
urlscan Pro
89.116.255.137
Malicious Activity!
Public Scan
Effective URL: https://volksbankinfo.sytes.net/vk/pl
Submission: On June 14 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on June 14th 2023. Valid for: 3 months.
This is the only time volksbankinfo.sytes.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Volksbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 18 | 89.116.255.137 89.116.255.137 | 30823 (COMBAHTON...) (COMBAHTON combahton GmbH) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
18 | 2 |
ASN30823 (COMBAHTON combahton GmbH, DE)
volksbankinfo.sytes.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
sytes.net
1 redirects
volksbankinfo.sytes.net |
2 MB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 771 |
30 KB |
18 | 2 |
Domain | Requested by | |
---|---|---|
18 | volksbankinfo.sytes.net |
1 redirects
volksbankinfo.sytes.net
code.jquery.com |
1 | code.jquery.com |
volksbankinfo.sytes.net
|
18 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.schwaebisch-hall.de |
www.union-investment.de |
www.ruv.de |
www.easycredit.de |
www.dzbank.de |
www.dz-privatbank.com |
www.vr-smart-finanz.de |
www.dzhyp.de |
www.muenchenerhyp.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
volksbankinfo.sytes.net R3 |
2023-06-14 - 2023-09-12 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://volksbankinfo.sytes.net/vk/pl
Frame ID: B971753DEC2365E3BE2FC1239AA2446C
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Anmelden - Volksbank eGPage URL History Show full URLs
-
https://volksbankinfo.sytes.net/
HTTP 302
https://volksbankinfo.sytes.net/vk/pl Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://volksbankinfo.sytes.net/
HTTP 302
https://volksbankinfo.sytes.net/vk/pl Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
pl
volksbankinfo.sytes.net/vk/ Redirect Chain
|
14 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.54b7e7f24b05fb820636.css
volksbankinfo.sytes.net/assets/vk/main/ |
182 KB 182 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index4.css
volksbankinfo.sytes.net/assets/vk/main/ |
2 MB 2 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
actions.js
volksbankinfo.sytes.net/assets/js/ |
644 B 972 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.jpg
volksbankinfo.sytes.net/assets/vk/main/ |
40 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SchwaebischHall.png
volksbankinfo.sytes.net/assets/vk/main/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UnionInvestment.png
volksbankinfo.sytes.net/assets/vk/main/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RundV.png
volksbankinfo.sytes.net/assets/vk/main/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
easyCredit.png
volksbankinfo.sytes.net/assets/vk/main/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DZBANK_Initiativbank.png
volksbankinfo.sytes.net/assets/vk/main/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DZPrivatbank.png
volksbankinfo.sytes.net/assets/vk/main/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VR_Smart_Finanz.png
volksbankinfo.sytes.net/assets/vk/main/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DGHYP.png
volksbankinfo.sytes.net/assets/vk/main/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
M%C3%BCnchenerHyp.png
volksbankinfo.sytes.net/assets/vk/main/ |
235 B 235 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FrutigerVR-Bold_hinted.woff2
volksbankinfo.sytes.net/assets/vk/main/ |
24 KB 24 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FrutigerVR-Regular_hinted.woff2
volksbankinfo.sytes.net/assets/vk/main/ |
24 KB 24 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
action
volksbankinfo.sytes.net/apis/lr/ |
25 B 394 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Volksbank (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery string| lrbank string| lrinfo boolean| submit1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
volksbankinfo.sytes.net/ | Name: PHPSESSID Value: envtl61emnmkra3cjmkltbusgl |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
volksbankinfo.sytes.net
2001:4de0:ac18::1:a:3b
89.116.255.137
12b6efea78751fa7948bd71adcdfa29ba0383b69b855215dc969025e398b6388
193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6
3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6
3160a5af41fcdd11075c6d9e50c91790151aefd58e4a1416ab5fd9ef230e0033
33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb
60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c
625a63c64db7fcd9cc7e7172242733cab467e8274c9082644f7377c2032d8726
7b80565005aab705788b217adbb52b163ae2efdf99fe81ee9d89f91e415e34af
93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47
9a42a1ae357edc8d2e491c085fc6dbbe6cc6207f64624b40ccda9df63f94126d
ab26bc72d10a5d80984e1a1bbe9f5d12c38013e35070f3ab382908c1f08594ec
af04aec736c43b3a1e44614897ae314d3f624fcdc15f6d9749600963b20e4eff
bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168
c1cbbd152a050ee0dc982af665d16b3508db3942527b4b1d65aff0127244ac9e
c825e9b517a70daf14196922b7c35578f62e5facea44a808acf4dadda1456b85
f914563bbee1ffc25fe3e53e5c576391758da52ce21ec7c9443f9f3825232ba5
fbb0a511cac47e02ba70ecada0b36bfaca6ee8a321fa8d6e12aa09208db7d9e4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e