eg.schulen.konstanz.de
Open in
urlscan Pro
141.37.164.183
Malicious Activity!
Public Scan
Submission: On June 01 via manual from BG
Summary
This is the only time eg.schulen.konstanz.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DSK Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 141.37.164.183 141.37.164.183 | 553 (BELWUE Be...) (BELWUE BelWue-Koordination) | |
2 | 2a00:1450:400... 2a00:1450:4001:806::2002 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:81e::2004 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:816::2003 | 15169 (GOOGLE) (GOOGLE) | |
13 | 4 |
ASN553 (BELWUE BelWue-Koordination, EU)
PTR: www.theo.schulen.konstanz.de
eg.schulen.konstanz.de |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
konstanz.de
eg.schulen.konstanz.de |
28 KB |
2 |
google.de
www.google.de |
214 B |
2 |
google.com
www.google.com |
238 B |
2 |
doubleclick.net
googleads.g.doubleclick.net |
2 KB |
13 | 4 |
Domain | Requested by | |
---|---|---|
7 | eg.schulen.konstanz.de |
eg.schulen.konstanz.de
|
2 | www.google.de |
eg.schulen.konstanz.de
|
2 | www.google.com |
eg.schulen.konstanz.de
|
2 | googleads.g.doubleclick.net |
eg.schulen.konstanz.de
|
13 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
dskbank.bg |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.g.doubleclick.net GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://eg.schulen.konstanz.de/EG/intranet/php/files/css/Dskbanknewstyle/dsbanknew/bg-BG/thnks.html
Frame ID: CF8A3AF418A108F5A1126B5D36753368
Requests: 13 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
thnks.html
eg.schulen.konstanz.de/EG/intranet/php/files/css/Dskbanknewstyle/dsbanknew/bg-BG/ |
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/850154699/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/850154699/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.direct.2018.css
eg.schulen.konstanz.de/EG/intranet/php/files/css/Dskbanknewstyle/dsbanknew/bg-BG/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Direct.bg.svg
eg.schulen.konstanz.de/EG/intranet/php/files/css/Dskbanknewstyle/dsbanknew/bg-BG/image// |
8 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook.svg
eg.schulen.konstanz.de/EG/intranet/php/files/css/Dskbanknewstyle/dsbanknew/bg-BG/image// |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
youtube.svg
eg.schulen.konstanz.de/EG/intranet/php/files/css/Dskbanknewstyle/dsbanknew/bg-BG/image/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BankaDSK_ciril_CM_White.svg
eg.schulen.konstanz.de/EG/intranet/php/files/css/Dskbanknewstyle/dsbanknew/bg-BG/image/ |
8 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/850154699/ |
42 B 119 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/850154699/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/850154699/ |
42 B 119 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/850154699/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.svg
eg.schulen.konstanz.de/images/svg/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DSK Bank (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
eg.schulen.konstanz.de
googleads.g.doubleclick.net
www.google.com
www.google.de
141.37.164.183
2a00:1450:4001:806::2002
2a00:1450:4001:816::2003
2a00:1450:4001:81e::2004
1daa4277916dd050fb98fe61a6d1f584871d477094885219c4ea900ee7fc07a8
570ff393f1d7c1510720128541199ed20f866cc6684c5288192fd02b482e19e2
6fe5ce76df55247f5f5682ae7a03ab6750ec088484a70bbc30e62b2222074cb8
7a9d2e26c43294bfc2f43d7c8de599e8ebdb1e930dec633e62c58293986a50b6
a818c6c16a20bc3fcd126bbe182de567af258ddb5a94f69fe5303097666c6d17
b6fb3abc677a66e3a6575b2dbaec9950f8d8630e26922f33094afdeaba7f004e
de7547ce58b9ffbf6197aa16f69198d1c8aa5348dc58c8ee1557da05bbaaf3f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629