dealer-services.de
Open in
urlscan Pro
2001:8d8:100f:f000::200
Malicious Activity!
Public Scan
Submission: On June 26 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on April 20th 2024. Valid for: a year.
This is the only time dealer-services.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: mobile.de (Marketplace)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 2001:8d8:100f... 2001:8d8:100f:f000::200 | 8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS) | |
2 | 51.222.108.20 51.222.108.20 | 16276 (OVH) (OVH) | |
12 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
dealer-services.de
dealer-services.de |
232 KB |
2 |
cloudfilt.com
srv18649.cloudfilt.com |
2 KB |
0 |
classistatic.de
Failed
static.classistatic.de Failed |
|
12 | 3 |
Domain | Requested by | |
---|---|---|
4 | dealer-services.de |
dealer-services.de
|
2 | srv18649.cloudfilt.com |
dealer-services.de
srv18649.cloudfilt.com |
0 | static.classistatic.de Failed |
dealer-services.de
|
12 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.dealer-services.de Encryption Everywhere DV TLS CA - G2 |
2024-04-20 - 2025-04-19 |
a year | crt.sh |
*.cloudfilt.com TrustSign RSA DV CA |
2023-08-31 - 2024-08-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://dealer-services.de/
Frame ID: 2ABEAFFA1B4EFC6875A6406BC57E9659
Requests: 12 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
dealer-services.de/ |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analyz.js
srv18649.cloudfilt.com/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.0e6071be.css
dealer-services.de/index_files/ |
153 KB 153 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4aa13a690ca448eaa2c823f854705402.jpg
dealer-services.de/index_files/ |
73 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
gibson-semibold-v4.woff2
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
gibson-medium-v4.woff2
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
gibson-regular-v4.woff2
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analyzC.js
srv18649.cloudfilt.com/ |
0 353 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
gibson-regular-v4.woff
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
gibson-medium-v4.woff
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
gibson-semibold-v4.woff
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
dealer-services.de/index_files/ |
1 KB 1 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/gibson-semibold-v4.woff2
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/gibson-medium-v4.woff2
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/gibson-regular-v4.woff2
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/gibson-regular-v4.woff
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/gibson-medium-v4.woff
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/gibson-semibold-v4.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: mobile.de (Marketplace)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| cloudFiltAnalyzeFunction function| cloudFiltBandV0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dealer-services.de
srv18649.cloudfilt.com
static.classistatic.de
static.classistatic.de
2001:8d8:100f:f000::200
51.222.108.20
02d26bd551d9329d02f390935b071a458868a9a6457ae29df741aaeac16370d4
3e70d11c1c5068352f88e42f4434a510abd8a86726435678b14ac607949462d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e572aae1298f3288f49d9c7e876c357c50d21398a2964ebe55f829e62f938bb3
e58c5ecd2b514360ebc3c840a04b1f6dfbc4e6527695b93f0f2c15a52077e123
f9bb65088e57b39f1bd5a58c3e6582f1cbc6b299645a68b1de7cc718715fa27c