hilfe-volksbank-de.net Open in urlscan Pro
185.198.59.26 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hilfe-volksbank-de.net/
Submission: On June 02 via automatic, source certstream-suspicious (June 2nd 2023, 5:59:33 pm UTC) — Scanned from DE

Summary HTTP 22 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 22 HTTP transactions. The main IP is 185.198.59.26, located in Bucharest, Romania and belongs to HS, AE. The main domain is hilfe-volksbank-de.net.
TLS certificate: Issued by R3 on June 2nd 2023. Valid for: 3 months.

This is the only time hilfe-volksbank-de.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
22	185.198.59.26 185.198.59.26		60117 (HS) (HS)
22	1

22 185.198.59.26 (Bucharest, Romania)

ASN60117 (HS, AE)
PTR: hosting1.ro.hostsailor.com

hilfe-volksbank-de.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	hilfe-volksbank-de.net hilfe-volksbank-de.net	604 KB
22	1

	Domain	Requested by
22	hilfe-volksbank-de.net	hilfe-volksbank-de.net
22	1

This site contains links to these domains. Also see Links.

Domain
www.schwaebisch-hall.de
www.union-investment.de
www.ruv.de
www.easycredit.de
www.dzbank.de
www.dz-privatbank.com
www.vr-smart-finanz.de
www.dzhyp.de
www.muenchenerhyp.de
www.reisebank.de

Subject Issuer	Validity	Valid
*.hilfe-volksbank-de.net R3	`2023-06-02` - `2023-08-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hilfe-volksbank-de.net/
Frame ID: 9E9DF03D22001189DF8219EADE73AE81
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden - Volksbank eG

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

604 kB
Transfer

1780 kB
Size

1
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.schwaebisch-hall.de/

Search URL Search Domain Scan URL

URL: https://www.union-investment.de/

Search URL Search Domain Scan URL

URL: https://www.ruv.de/

Search URL Search Domain Scan URL

URL: https://www.easycredit.de/

Search URL Search Domain Scan URL

URL: https://www.dzbank.de/

Search URL Search Domain Scan URL

URL: https://www.dz-privatbank.com/

Search URL Search Domain Scan URL

URL: https://www.vr-smart-finanz.de/

Search URL Search Domain Scan URL

URL: https://www.dzhyp.de/

Search URL Search Domain Scan URL

URL: https://www.muenchenerhyp.de/

Search URL Search Domain Scan URL

URL: https://www.reisebank.de/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response hilfe-volksbank-de.net/	1 MB 103 KB	294ms 144ms	Document text/html	185.198.59.26 HS
General Check archive.org Show headers Download Go to Full URL https://hilfe-volksbank-de.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `89601dae1c1ba71c195ae9471646b66d877ede9c844980325a87e003a0fa8c2c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-store, no-cache, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Fri, 02 Jun 2023 17:59:28 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server LiteSpeed vary Accept-Encoding
GET H2	200	styles.4eba3e9b24230ef8.css hilfe-volksbank-de.net/	29 KB 4 KB	53ms 52ms	Stylesheet text/css	185.198.59.26 HS
General Check archive.org Show headers Download Go to Full URL https://hilfe-volksbank-de.net/styles.4eba3e9b24230ef8.css Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `4a0fc8a916052408650530eeb2e0f26019f85242b287f47257bfe5968d7a0de3` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT content-encoding br last-modified Fri, 02 Jun 2023 16:53:34 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 3565 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	jquery.js Show response hilfe-volksbank-de.net/cntdjs/	87 KB 30 KB	30ms 30ms	Script application/javascript	185.198.59.26 HS
General Check archive.org Show headers Download Go to Full URL https://hilfe-volksbank-de.net/cntdjs/jquery.js Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT content-encoding br last-modified Sun, 13 Mar 2022 04:25:20 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 30267 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	jquery.mask.js Show response hilfe-volksbank-de.net/cntdjs/	23 KB 5 KB	36ms 36ms	Script application/javascript	185.198.59.26 HS
General Check archive.org Show headers Download Go to Full URL https://hilfe-volksbank-de.net/cntdjs/jquery.mask.js Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT content-encoding br last-modified Sun, 13 Mar 2022 04:25:20 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 5583 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	cntd.js Show response hilfe-volksbank-de.net/cntdjs/	2 KB 841 B	37ms 36ms	Script application/javascript	185.198.59.26 HS
General Check archive.org Show headers Download Go to Full URL https://hilfe-volksbank-de.net/cntdjs/cntd.js Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `7cb16eaa505542e5bdcda6c3e764e241fbb4e35e07bf21a820cc19fac1bb3864` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT content-encoding br last-modified Sun, 13 Mar 2022 04:25:20 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 819 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	logos_homepage.gif hilfe-volksbank-de.net/	25 KB 25 KB	30ms 30ms	Image image/gif	185.198.59.26 HS
General Check archive.org Show headers Download Go to Show image Full URL https://hilfe-volksbank-de.net/logos_homepage.gif Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `0f40813fe2bcd1d453a1cca88b97f84c1468df53ea0c952713a7208eac613c70` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:53:28 GMT server LiteSpeed content-type image/gif cache-control public, max-age=604800 accept-ranges bytes content-length 25337 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	GoldCard.jpg hilfe-volksbank-de.net/	56 KB 56 KB	31ms 31ms	Image image/jpeg	185.198.59.26 HS
General Check archive.org Show headers Download Go to Show image Full URL https://hilfe-volksbank-de.net/GoldCard.jpg Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `aa4c109d0b3d4b1e4681b919b8802e40eeaf20a690d028dd88bf83548062efa7` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:53:32 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 57397 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	SchwaebischHall.png hilfe-volksbank-de.net/	1 KB 1 KB	31ms 30ms	Image image/png	185.198.59.26 HS
General Check archive.org Show headers Download Go to Show image Full URL https://hilfe-volksbank-de.net/SchwaebischHall.png Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `08c6216305671f1f3f66067057da56b578d879b7c1c77e409b340e9f873c9a86` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:53:12 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 1033 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	UnionInvestment.png hilfe-volksbank-de.net/	6 KB 6 KB	46ms 44ms	Image image/png	185.198.59.26 HS
General Check archive.org Show headers Download Go to Show image Full URL https://hilfe-volksbank-de.net/UnionInvestment.png Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:53:32 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 6142 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	RundV.png hilfe-volksbank-de.net/	5 KB 5 KB	47ms 45ms	Image image/png	185.198.59.26 HS
General Check archive.org Show headers Download Go to Show image Full URL https://hilfe-volksbank-de.net/RundV.png Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:53:32 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 4917 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	easyCredit.png hilfe-volksbank-de.net/	2 KB 2 KB	60ms 59ms	Image image/png	185.198.59.26 HS
General Check archive.org Show headers Download Go to Show image Full URL https://hilfe-volksbank-de.net/easyCredit.png Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `bd336b5f058be348457d5c0805fa3215e2ca365e9a8b77da94d3ee9472865aa2` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:53:34 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 1541 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	DZBANK_Initiativbank.png hilfe-volksbank-de.net/	16 KB 16 KB	108ms 107ms	Image image/png	185.198.59.26 HS
General Check archive.org Show headers Download Go to Show image Full URL https://hilfe-volksbank-de.net/DZBANK_Initiativbank.png Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:53:34 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 16788 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	DZPrivatbank.png hilfe-volksbank-de.net/	3 KB 3 KB	109ms 107ms	Image image/png	185.198.59.26 HS
General Check archive.org Show headers Download Go to Show image Full URL https://hilfe-volksbank-de.net/DZPrivatbank.png Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:53:34 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 3090 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	VR_Smart_Finanz.png hilfe-volksbank-de.net/	4 KB 4 KB	109ms 108ms	Image image/png	185.198.59.26 HS
General Check archive.org Show headers Download Go to Show image Full URL https://hilfe-volksbank-de.net/VR_Smart_Finanz.png Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:53:34 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 3727 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	DGHYP.png hilfe-volksbank-de.net/	2 KB 2 KB	111ms 109ms	Image image/png	185.198.59.26 HS
General Check archive.org Show headers Download Go to Show image Full URL https://hilfe-volksbank-de.net/DGHYP.png Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:53:34 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 1883 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	404	M%C3%BCnchenerHyp.png hilfe-volksbank-de.net/	1 KB 1 KB	111ms 110ms	Image text/html	185.198.59.26 HS
General Check archive.org Show headers Download Go to Show image Full URL https://hilfe-volksbank-de.net/M%C3%BCnchenerHyp.png Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Fri, 02 Jun 2023 17:59:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1238 content-type text/html
GET H3	200	Reisebank.png hilfe-volksbank-de.net/	2 KB 2 KB	111ms 110ms	Image image/png	185.198.59.26 HS
General Check archive.org Show headers Download Go to Show image Full URL https://hilfe-volksbank-de.net/Reisebank.png Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `f6f4ddd588353569b0d34bd19e85a0624effb6c2c183aa26695aefc05861a7ed` Request headers accept-language de-DE,de;q=0.9 Referer https://hilfe-volksbank-de.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:53:34 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 1664 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	default_assets_fonts_GenosGFG-Bold.woff2 hilfe-volksbank-de.net/	29 KB 29 KB	40ms 38ms	Font font/woff2	185.198.59.26 HS
General Check archive.org Show headers Download Go to Full URL https://hilfe-volksbank-de.net/default_assets_fonts_GenosGFG-Bold.woff2 Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `70192633915348f5f3297b15a8349cefd61fb2dea99ac974aa243a4605ef0704` Request headers Referer https://hilfe-volksbank-de.net/ Origin https://hilfe-volksbank-de.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:53:50 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 accept-ranges bytes content-length 29564 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	default_assets_fonts_GenosGFG-Regular.woff2 hilfe-volksbank-de.net/	28 KB 29 KB	41ms 39ms	Font font/woff2	185.198.59.26 HS
General Check archive.org Show headers Download Go to Full URL https://hilfe-volksbank-de.net/default_assets_fonts_GenosGFG-Regular.woff2 Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `6a9d7ec3c0dc1347ce344830677d4c085536e3d857f946da8dd666bbe91e3852` Request headers Referer https://hilfe-volksbank-de.net/ Origin https://hilfe-volksbank-de.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:53:46 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 accept-ranges bytes content-length 29180 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	default_assets_icons_kf-icon-font-24.ttf hilfe-volksbank-de.net/	144 KB 63 KB	56ms 54ms	Font font/ttf	185.198.59.26 HS
General Check archive.org Show headers Download Go to Full URL https://hilfe-volksbank-de.net/default_assets_icons_kf-icon-font-24.ttf Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `3894a7061c79792c199fb82556ea9924b72d91991ecd375ab6bedd6deb8e7867` Request headers Referer https://hilfe-volksbank-de.net/ Origin https://hilfe-volksbank-de.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT content-encoding br last-modified Fri, 02 Jun 2023 16:53:38 GMT server LiteSpeed vary Accept-Encoding content-type font/ttf cache-control public, max-age=604800 accept-ranges bytes content-length 64835 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	default_assets_icons_kf-icons.woff hilfe-volksbank-de.net/	195 KB 195 KB	65ms 64ms	Font font/woff	185.198.59.26 HS
General Check archive.org Show headers Download Go to Full URL https://hilfe-volksbank-de.net/default_assets_icons_kf-icons.woff Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `cac9d473a22e9459b05aebf639e15e68521111d7cafa2e30f3b77fd753f8b5e9` Request headers Referer https://hilfe-volksbank-de.net/ Origin https://hilfe-volksbank-de.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:53:40 GMT server LiteSpeed content-type font/woff cache-control public, max-age=604800 accept-ranges bytes content-length 199476 expires Fri, 09 Jun 2023 17:59:28 GMT
GET H3	200	default_assets_fonts_FrutigerVR-Bold_hinted.woff2 hilfe-volksbank-de.net/	24 KB 24 KB	41ms 40ms	Font font/woff2	185.198.59.26 HS
General Check archive.org Show headers Download Go to Full URL https://hilfe-volksbank-de.net/default_assets_fonts_FrutigerVR-Bold_hinted.woff2 Requested by Host: hilfe-volksbank-de.net URL: https://hilfe-volksbank-de.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.198.59.26 Bucharest, Romania, ASN60117 (HS, AE), Reverse DNS hosting1.ro.hostsailor.com Software LiteSpeed / Resource Hash `c825e9b517a70daf14196922b7c35578f62e5facea44a808acf4dadda1456b85` Request headers Referer https://hilfe-volksbank-de.net/ Origin https://hilfe-volksbank-de.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:59:28 GMT last-modified Fri, 02 Jun 2023 16:54:14 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 accept-ranges bytes content-length 24580 expires Fri, 09 Jun 2023 17:59:28 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hilfe-volksbank-de.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 60acf5d47244df8dc3f25af1bad6c412

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hilfe-volksbank-de.net/M%C3%BCnchenerHyp.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hilfe-volksbank-de.net
185.198.59.26
08c6216305671f1f3f66067057da56b578d879b7c1c77e409b340e9f873c9a86
0f40813fe2bcd1d453a1cca88b97f84c1468df53ea0c952713a7208eac613c70
193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6
3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6
33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb
3894a7061c79792c199fb82556ea9924b72d91991ecd375ab6bedd6deb8e7867
4a0fc8a916052408650530eeb2e0f26019f85242b287f47257bfe5968d7a0de3
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c
6a9d7ec3c0dc1347ce344830677d4c085536e3d857f946da8dd666bbe91e3852
70192633915348f5f3297b15a8349cefd61fb2dea99ac974aa243a4605ef0704
7cb16eaa505542e5bdcda6c3e764e241fbb4e35e07bf21a820cc19fac1bb3864
89601dae1c1ba71c195ae9471646b66d877ede9c844980325a87e003a0fa8c2c
93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
aa4c109d0b3d4b1e4681b919b8802e40eeaf20a690d028dd88bf83548062efa7
bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168
bd336b5f058be348457d5c0805fa3215e2ca365e9a8b77da94d3ee9472865aa2
c825e9b517a70daf14196922b7c35578f62e5facea44a808acf4dadda1456b85
cac9d473a22e9459b05aebf639e15e68521111d7cafa2e30f3b77fd753f8b5e9
f6f4ddd588353569b0d34bd19e85a0624effb6c2c183aa26695aefc05861a7ed
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

hilfe-volksbank-de.net Open in urlscan Pro 185.198.59.26 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

604 kBTransfer

1780 kBSize

1 Cookies

10 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

hilfe-volksbank-de.net Open in urlscan Pro
185.198.59.26 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

604 kB
Transfer

1780 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!