volksbankinfo.sytes.net Open in urlscan Pro
89.116.255.137 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://volksbankinfo.sytes.net/
Effective URL:
https://volksbankinfo.sytes.net/vk/pl
Submission: On June 14 via automatic, source certstream-suspicious (June 14th 2023, 3:23:28 pm UTC) — Scanned from DE

Summary HTTP 18 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 89.116.255.137, located in Frankfurt am Main, Germany and belongs to COMBAHTON combahton GmbH, DE. The main domain is volksbankinfo.sytes.net.
TLS certificate: Issued by R3 on June 14th 2023. Valid for: 3 months.

This is the only time volksbankinfo.sytes.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 18	89.116.255.137 89.116.255.137	30823 (COMBAHTON...) (COMBAHTON combahton GmbH)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
18	2

18 89.116.255.137 (Frankfurt am Main, Germany) 1 redirects

ASN30823 (COMBAHTON combahton GmbH, DE)

volksbankinfo.sytes.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	sytes.net 1 redirects volksbankinfo.sytes.net	2 MB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 771	30 KB
18	2

	Domain	Requested by
18	volksbankinfo.sytes.net	1 redirects volksbankinfo.sytes.net code.jquery.com
1	code.jquery.com	volksbankinfo.sytes.net
18	2

This site contains links to these domains. Also see Links.

Domain
www.schwaebisch-hall.de
www.union-investment.de
www.ruv.de
www.easycredit.de
www.dzbank.de
www.dz-privatbank.com
www.vr-smart-finanz.de
www.dzhyp.de
www.muenchenerhyp.de

Subject Issuer	Validity	Valid
volksbankinfo.sytes.net R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://volksbankinfo.sytes.net/vk/pl
Frame ID: B971753DEC2365E3BE2FC1239AA2446C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden - Volksbank eG

Page URL History Show full URLs

https://volksbankinfo.sytes.net/ HTTP 302
https://volksbankinfo.sytes.net/vk/pl Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2039 kB
Transfer

2091 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.schwaebisch-hall.de/

Search URL Search Domain Scan URL

URL: https://www.union-investment.de/

Search URL Search Domain Scan URL

URL: https://www.ruv.de/

Search URL Search Domain Scan URL

URL: https://www.easycredit.de/

Search URL Search Domain Scan URL

URL: https://www.dzbank.de/

Search URL Search Domain Scan URL

URL: https://www.dz-privatbank.com/

Search URL Search Domain Scan URL

URL: https://www.vr-smart-finanz.de/

Search URL Search Domain Scan URL

URL: https://www.dzhyp.de/

Search URL Search Domain Scan URL

URL: https://www.muenchenerhyp.de/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://volksbankinfo.sytes.net/ HTTP 302
https://volksbankinfo.sytes.net/vk/pl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request pl Show response volksbankinfo.sytes.net/vk/ Redirect Chain https://volksbankinfo.sytes.net/ https://volksbankinfo.sytes.net/vk/pl	14 KB 14 KB	185ms 185ms	Document text/html	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Full URL https://volksbankinfo.sytes.net/vk/pl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / PHP/7.4.33 Resource Hash `f914563bbee1ffc25fe3e53e5c576391758da52ce21ec7c9443f9f3825232ba5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Wed, 14 Jun 2023 15:23:23 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=99 Pragma no-cache Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 Transfer-Encoding chunked X-Powered-By PHP/7.4.33 Redirect headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Wed, 14 Jun 2023 15:23:21 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 X-Powered-By PHP/7.4.33 location /vk/pl
GET H/1.1	200 OK	styles.54b7e7f24b05fb820636.css volksbankinfo.sytes.net/assets/vk/main/	182 KB 182 KB	11ms 10ms	Stylesheet text/css	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Full URL https://volksbankinfo.sytes.net/assets/vk/main/styles.54b7e7f24b05fb820636.css Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/vk/pl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / Resource Hash `9a42a1ae357edc8d2e491c085fc6dbbe6cc6207f64624b40ccda9df63f94126d` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbankinfo.sytes.net/vk/pl User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Last-Modified Fri, 04 Feb 2022 02:24:56 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 ETag "2d77f-5d727f4e68e00" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 186239
GET H/1.1	200 OK	index4.css volksbankinfo.sytes.net/assets/vk/main/	2 MB 2 MB	22ms 8ms	Stylesheet text/css	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Full URL https://volksbankinfo.sytes.net/assets/vk/main/index4.css?v1686756203 Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/vk/pl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / Resource Hash `12b6efea78751fa7948bd71adcdfa29ba0383b69b855215dc969025e398b6388` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbankinfo.sytes.net/vk/pl User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Last-Modified Fri, 04 Feb 2022 03:06:14 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 ETag "1a2690-5d7288899d580" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1713808
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	72ms 21ms	Script application/javascript	2001:4de0:ac18::1:a:3b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/vk/pl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash `ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e` Request headers Referer https://volksbankinfo.sytes.net/ Origin https://volksbankinfo.sytes.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 14 Jun 2023 15:23:24 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 10:50:39 GMT server nginx etag W/"620cd6ff-15d9d" vary Accept-Encoding x-hw 1686756204.dop008.am5.t,1686756204.cds212.am5.hn,1686756204.cds004.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30875
GET H/1.1	200 OK	actions.js Show response volksbankinfo.sytes.net/assets/js/	644 B 972 B	23ms 9ms	Script application/javascript	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Full URL https://volksbankinfo.sytes.net/assets/js/actions.js?v=1686756203 Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/vk/pl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / Resource Hash `3160a5af41fcdd11075c6d9e50c91790151aefd58e4a1416ab5fd9ef230e0033` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbankinfo.sytes.net/vk/pl User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Last-Modified Thu, 29 Jul 2021 09:18:16 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 ETag "284-5c83f953f4600" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 644
GET H/1.1	200 OK	logo.jpg volksbankinfo.sytes.net/assets/vk/main/	40 KB 40 KB	8ms 7ms	Image image/jpeg	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Show image Full URL https://volksbankinfo.sytes.net/assets/vk/main/logo.jpg Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/vk/pl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / Resource Hash `625a63c64db7fcd9cc7e7172242733cab467e8274c9082644f7377c2032d8726` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbankinfo.sytes.net/vk/pl User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Last-Modified Fri, 04 Feb 2022 03:09:12 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 ETag "a01e-5d7289335e600" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 40990
GET H/1.1	200 OK	SchwaebischHall.png volksbankinfo.sytes.net/assets/vk/main/	4 KB 5 KB	9ms 9ms	Image image/png	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Show image Full URL https://volksbankinfo.sytes.net/assets/vk/main/SchwaebischHall.png Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/vk/pl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / Resource Hash `7b80565005aab705788b217adbb52b163ae2efdf99fe81ee9d89f91e415e34af` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbankinfo.sytes.net/vk/pl User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Last-Modified Fri, 04 Feb 2022 02:24:14 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 ETag "10cf-5d727f265af80" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 4303
GET H/1.1	200 OK	UnionInvestment.png volksbankinfo.sytes.net/assets/vk/main/	6 KB 6 KB	9ms 8ms	Image image/png	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Show image Full URL https://volksbankinfo.sytes.net/assets/vk/main/UnionInvestment.png Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/vk/pl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / Resource Hash `93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbankinfo.sytes.net/vk/pl User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Last-Modified Fri, 04 Feb 2022 02:24:20 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 ETag "17fe-5d727f2c13d00" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 6142
GET H/1.1	200 OK	RundV.png volksbankinfo.sytes.net/assets/vk/main/	5 KB 5 KB	8ms 8ms	Image image/png	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Show image Full URL https://volksbankinfo.sytes.net/assets/vk/main/RundV.png Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/vk/pl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / Resource Hash `33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbankinfo.sytes.net/vk/pl User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Last-Modified Fri, 04 Feb 2022 02:24:10 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 ETag "1335-5d727f228a680" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 4917
GET H/1.1	200 OK	easyCredit.png volksbankinfo.sytes.net/assets/vk/main/	5 KB 5 KB	7ms 7ms	Image image/png	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Show image Full URL https://volksbankinfo.sytes.net/assets/vk/main/easyCredit.png Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/vk/pl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / Resource Hash `ab26bc72d10a5d80984e1a1bbe9f5d12c38013e35070f3ab382908c1f08594ec` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbankinfo.sytes.net/vk/pl User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Last-Modified Fri, 04 Feb 2022 02:24:30 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 ETag "13dd-5d727f359d380" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 5085
GET H/1.1	200 OK	DZBANK_Initiativbank.png volksbankinfo.sytes.net/assets/vk/main/	16 KB 17 KB	8ms 7ms	Image image/png	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Show image Full URL https://volksbankinfo.sytes.net/assets/vk/main/DZBANK_Initiativbank.png Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/vk/pl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / Resource Hash `60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbankinfo.sytes.net/vk/pl User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Last-Modified Fri, 04 Feb 2022 02:23:40 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 ETag "4194-5d727f05ee300" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 16788
GET H/1.1	200 OK	DZPrivatbank.png volksbankinfo.sytes.net/assets/vk/main/	3 KB 3 KB	9ms 9ms	Image image/png	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Show image Full URL https://volksbankinfo.sytes.net/assets/vk/main/DZPrivatbank.png Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/vk/pl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / Resource Hash `bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbankinfo.sytes.net/vk/pl User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Last-Modified Fri, 04 Feb 2022 02:23:58 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 ETag "c12-5d727f1718b80" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 3090
GET H/1.1	200 OK	VR_Smart_Finanz.png volksbankinfo.sytes.net/assets/vk/main/	4 KB 4 KB	8ms 8ms	Image image/png	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Show image Full URL https://volksbankinfo.sytes.net/assets/vk/main/VR_Smart_Finanz.png Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/vk/pl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / Resource Hash `3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbankinfo.sytes.net/vk/pl User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Last-Modified Fri, 04 Feb 2022 02:24:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 ETag "e8f-5d727f2fe4600" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3727
GET H/1.1	200 OK	DGHYP.png volksbankinfo.sytes.net/assets/vk/main/	2 KB 2 KB	15ms 7ms	Image image/png	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Show image Full URL https://volksbankinfo.sytes.net/assets/vk/main/DGHYP.png Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/vk/pl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / Resource Hash `193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbankinfo.sytes.net/vk/pl User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Last-Modified Fri, 04 Feb 2022 02:23:34 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 ETag "75b-5d727f0035580" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 1883
GET H/1.1	404 Not Found	M%C3%BCnchenerHyp.png volksbankinfo.sytes.net/assets/vk/main/	235 B 235 B	16ms 7ms	Image text/html	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Show image Full URL https://volksbankinfo.sytes.net/assets/vk/main/M%C3%BCnchenerHyp.png Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/vk/pl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / PHP/7.4.33 Resource Hash `fbb0a511cac47e02ba70ecada0b36bfaca6ee8a321fa8d6e12aa09208db7d9e4` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbankinfo.sytes.net/vk/pl User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 Connection Keep-Alive X-Powered-By PHP/7.4.33 Content-Length 235 Keep-Alive timeout=5, max=98 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	FrutigerVR-Bold_hinted.woff2 volksbankinfo.sytes.net/assets/vk/main/	24 KB 24 KB	8ms 8ms	Font application/octet-stream	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Full URL https://volksbankinfo.sytes.net/assets/vk/main/FrutigerVR-Bold_hinted.woff2 Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/assets/vk/main/index4.css?v1686756203 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / Resource Hash `c825e9b517a70daf14196922b7c35578f62e5facea44a808acf4dadda1456b85` Request headers Referer https://volksbankinfo.sytes.net/assets/vk/main/index4.css?v1686756203 Origin https://volksbankinfo.sytes.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Last-Modified Fri, 04 Feb 2022 03:03:54 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 ETag "6004-5d72880419a80" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 24580
GET H/1.1	200 OK	FrutigerVR-Regular_hinted.woff2 volksbankinfo.sytes.net/assets/vk/main/	24 KB 24 KB	7ms 7ms	Font application/octet-stream	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Full URL https://volksbankinfo.sytes.net/assets/vk/main/FrutigerVR-Regular_hinted.woff2 Requested by Host: volksbankinfo.sytes.net URL: https://volksbankinfo.sytes.net/assets/vk/main/index4.css?v1686756203 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / Resource Hash `af04aec736c43b3a1e44614897ae314d3f624fcdc15f6d9749600963b20e4eff` Request headers Referer https://volksbankinfo.sytes.net/assets/vk/main/index4.css?v1686756203 Origin https://volksbankinfo.sytes.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 14 Jun 2023 15:23:24 GMT Last-Modified Fri, 04 Feb 2022 03:03:56 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 ETag "6020-5d72880601f00" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 24608
POST H/1.1	200 OK	action Show response volksbankinfo.sytes.net/apis/lr/	25 B 394 B	612ms 612ms	XHR text/html	89.116.255.137 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Full URL https://volksbankinfo.sytes.net/apis/lr/action Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.116.255.137 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / PHP/7.4.33 Resource Hash `c1cbbd152a050ee0dc982af665d16b3508db3942527b4b1d65aff0127244ac9e` Request headers Accept / Referer https://volksbankinfo.sytes.net/vk/pl X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Pragma no-cache Date Wed, 14 Jun 2023 15:23:25 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 X-Powered-By PHP/7.4.33 Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 25 Expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			volksbankinfo.sytes.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: envtl61emnmkra3cjmkltbusgl

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://volksbankinfo.sytes.net/assets/vk/main/M%C3%BCnchenerHyp.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
volksbankinfo.sytes.net
2001:4de0:ac18::1:a:3b
89.116.255.137
12b6efea78751fa7948bd71adcdfa29ba0383b69b855215dc969025e398b6388
193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6
3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6
3160a5af41fcdd11075c6d9e50c91790151aefd58e4a1416ab5fd9ef230e0033
33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb
60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c
625a63c64db7fcd9cc7e7172242733cab467e8274c9082644f7377c2032d8726
7b80565005aab705788b217adbb52b163ae2efdf99fe81ee9d89f91e415e34af
93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47
9a42a1ae357edc8d2e491c085fc6dbbe6cc6207f64624b40ccda9df63f94126d
ab26bc72d10a5d80984e1a1bbe9f5d12c38013e35070f3ab382908c1f08594ec
af04aec736c43b3a1e44614897ae314d3f624fcdc15f6d9749600963b20e4eff
bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168
c1cbbd152a050ee0dc982af665d16b3508db3942527b4b1d65aff0127244ac9e
c825e9b517a70daf14196922b7c35578f62e5facea44a808acf4dadda1456b85
f914563bbee1ffc25fe3e53e5c576391758da52ce21ec7c9443f9f3825232ba5
fbb0a511cac47e02ba70ecada0b36bfaca6ee8a321fa8d6e12aa09208db7d9e4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

volksbankinfo.sytes.net Open in urlscan Pro 89.116.255.137 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

2039 kBTransfer

2091 kBSize

1 Cookies

9 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

volksbankinfo.sytes.net Open in urlscan Pro
89.116.255.137 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2039 kB
Transfer

2091 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!