![](/screenshots/68c52e8e-fdab-42ae-90ff-8fdd28a48d5b.png)
www.dkbaktuelle.com
Open in
urlscan Pro
137.184.111.84
Malicious Activity!
Public Scan
Effective URL: https://www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/clients/Cjz5Py.php?verification
Submission Tags: 7313033
Submission: On October 06 via api from NL — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 2nd 2021. Valid for: 3 months.
This is the only time www.dkbaktuelle.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DKB (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 173.212.224.210 173.212.224.210 | 51167 (CONTABO) (CONTABO) | |
2 25 | 137.184.111.84 137.184.111.84 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
2 | 104.16.86.20 104.16.86.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 69.16.175.10 69.16.175.10 | 33438 (HIGHWINDS2) (HIGHWINDS2) | |
2 | 104.16.18.94 104.16.18.94 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
29 | 5 |
ASN51167 (CONTABO, DE)
PTR: mail.zero4.mk
www.cms.pizzadavinci.sk |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
dkbaktuelle.com
2 redirects
www.dkbaktuelle.com |
69 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
358 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net |
47 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
pizzadavinci.sk
www.cms.pizzadavinci.sk |
402 B |
29 | 5 |
Domain | Requested by | |
---|---|---|
25 | www.dkbaktuelle.com |
2 redirects
www.cms.pizzadavinci.sk
www.dkbaktuelle.com |
2 | cdnjs.cloudflare.com |
www.dkbaktuelle.com
|
2 | cdn.jsdelivr.net |
www.dkbaktuelle.com
|
1 | code.jquery.com |
www.dkbaktuelle.com
|
1 | www.cms.pizzadavinci.sk | |
29 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cms.pizzadavinci.sk cPanel, Inc. Certification Authority |
2021-08-13 - 2021-11-11 |
3 months | crt.sh |
dkbaktuelle.com R3 |
2021-10-02 - 2021-12-31 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-03 - 2022-07-02 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/clients/Cjz5Py.php?verification
Frame ID: 569F36AF10C8FAF02E3CAF98DEB8828D
Requests: 29 HTTP requests in this frame
Screenshot
![](/screenshots/68c52e8e-fdab-42ae-90ff-8fdd28a48d5b.png)
Page Title
Das kann Bank | DKB AGPage URL History Show full URLs
- https://www.cms.pizzadavinci.sk/public/js/index.php Page URL
-
https://www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ?pwd=dkbagde92
HTTP 301
https://www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/?pwd=dkbagde92 HTTP 302
https://www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/clients/Cjz5Py.php?verification Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.cms.pizzadavinci.sk/public/js/index.php Page URL
-
https://www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ?pwd=dkbagde92
HTTP 301
https://www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/?pwd=dkbagde92 HTTP 302
https://www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/clients/Cjz5Py.php?verification Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
index.php
www.cms.pizzadavinci.sk/public/js/ |
195 B 402 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
Cjz5Py.php
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/clients/ Redirect Chain
|
15 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ |
157 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helpers.css
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/css/ |
41 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lo2.png
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ss.png
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ss2.png
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
539 B 754 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img.jpg
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clavier.png
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
594 B 809 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
username.png
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
877 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
password.png
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
702 B 917 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t%C3%A9l%C3%A9chargement.svg
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
208 B 426 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t%C3%A9l%C3%A9chargement%20(1).svg
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
846 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
large.jpg
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f-bo.png
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
228 B 442 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.svg
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
686 B 905 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insta.svg
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
944 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twi.svg
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
856 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
you.svg
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
669 B 888 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in.svg
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
864 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xing.svg
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
871 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dkb.svg
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/imgs/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ |
82 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/ |
1 MB 355 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.payment.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
www.dkbaktuelle.com/Beratung/focus/verifiz/s4W636X2cqdZZ9E9h4sjGZ/assets/js/ |
154 B 308 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DKB (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.dkbaktuelle.com/ | Name: PHPSESSID Value: cb5r5dj8i903k2tj544ej8kpfq |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
www.cms.pizzadavinci.sk
www.dkbaktuelle.com
104.16.18.94
104.16.86.20
137.184.111.84
173.212.224.210
69.16.175.10
01066344ed84a8cfc6518af2398dead9ce515b86e710c4ad301049541722ddd9
041a3b1bb72355bb1ea072ab495af7ff2a4f8e0d7fe1bf8962fd60b1831641c7
0b969bfdbb0496aa56664660247d76c9696b29a6e79a126c38acb9983e058ee9
1c9524bad0ee009f3f9e6af79cf3363acbcd6a4f03eec2ca8c16ff794358d81d
20a3ef6979bbe5e4de1afaecc703e1d34cbc5e3ceab36d378539506327692d72
3192ba93cb31f7fecf507ab899b4279ced7d91716f9fd5e3b200410375a6cbf0
44916913841d34baa376b3b72911ed27f16629909ed5c4f1a59be98af036e8af
5408d9f3668d380c3148ecc04f9401c082f980a88d86962bc906baf0d7abdb28
54d31025c9536bf38b4f89d7fdc5261bb87dfe924d7445a7d56b43533c86e8cb
5dccaf064f696cf33c7e12f65f34c21cdbdbf8b988c24aadff68faab44a2f037
6095c4b2fc25c6534e68ddcbcd1fb58f2634036f75262042c215c74a9285bc79
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
72e1af139f74424d56589a3d06474355afb141c3bd72a38d141c19f851bbc2ca
8bb16d5637aecc1ae70b7859f7c6c99e9158f55330fb09fafbdf525eebd20330
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
a30c546ea7a8f0861fbe49a030bc0fcc707c7de128c265881d4010906d1e5fcb
a5c8662e5ed63a18a303129c70c0e65c3bf22cb6a93bc839f52a070e54f9881a
c6d71f0cabdc2af1691c40822100e37a64f4d6f40738c2fe768f72e0a5ecfb54
d75a13cddae198bbb040efae849b4daa89b3059e03d928714b074c37a4a8ecf7
d81bd3809c4beb500c3068d0c35dd68123f46a15422eac006f9162403a2669e0
dc661a6838129d5d4b808fc9181defe3f72dbf050ade22e3d4f80eb3bf7e5a1d
de763dedf5fbf5a7f0a42ca06cccba4f37f85a35a4bcb378ad5ae886c884bfcd
ed3610839500f4d04a21a1a6a998856463ef4cc20c442235fe33e1daf2c4f311
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765
f9aca263f4666ffe4c4abf0780e22470abc88389284774dcae17c2a470120223
fa620c4eda4c4857cc0b9cb5eb4417b18f31bae5418859925fbdcad9b622c032
fe73e87e02eadba5240358a4eeebeb334e6d8e7eaa9d024f41644241f3adaadd