gazipursadar.gov.bd
Open in
urlscan Pro
176.9.32.72
Malicious Activity!
Public Scan
Submission: On July 23 via automatic, source phishtank
Summary
This is the only time gazipursadar.gov.bd was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telekom (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 176.9.32.72 176.9.32.72 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 195.93.153.4 195.93.153.4 | 48716 (PS) (PS) | |
11 | 2 |
ASN24940 (HETZNER-AS, DE)
PTR: server001.webhosting24x7.net
gazipursadar.gov.bd |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
gazipursadar.gov.bd
gazipursadar.gov.bd |
73 KB |
1 |
ugur1.kz
ugur1.kz |
|
11 | 2 |
Domain | Requested by | |
---|---|---|
10 | gazipursadar.gov.bd |
gazipursadar.gov.bd
|
1 | ugur1.kz |
gazipursadar.gov.bd
|
11 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
meinkonto.telekom-dienste.de |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://gazipursadar.gov.bd/images/Kontoaktualisierung/t-online.de/
Frame ID: 5360.1
Requests: 11 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Passwort vergessen?
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
gazipursadar.gov.bd/images/Kontoaktualisierung/t-online.de/ |
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dtag.css
gazipursadar.gov.bd/images/Kontoaktualisierung/t-online.de/ |
308 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
web.min.css
gazipursadar.gov.bd/images/Kontoaktualisierung/t-online.de/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
require-jquery.min.js
gazipursadar.gov.bd/images/Kontoaktualisierung/t-online.de/ |
105 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-information-bubble.min.js
gazipursadar.gov.bd/images/Kontoaktualisierung/t-online.de/ |
1 KB 502 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons_16x16.png
gazipursadar.gov.bd/images/Kontoaktualisierung/t-online.de/ |
431 B 431 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.min.js
ugur1.kz/-/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_short_50x25.png
gazipursadar.gov.bd/images/Kontoaktualisierung/t-online.de/ |
310 B 310 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TeleGroteskNormal.woff
gazipursadar.gov.bd/images/Kontoaktualisierung/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons_16x16.png
gazipursadar.gov.bd/images/Kontoaktualisierung/images/sprites/ |
374 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_short_50x25.png
gazipursadar.gov.bd/images/Kontoaktualisierung/images/ |
371 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telekom (Telecommunication)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
gazipursadar.gov.bd
ugur1.kz
176.9.32.72
195.93.153.4
06c4b6f45cd9a7ad46218c2091ccf99e219564640400d4b657d98a5f0e6a7b15
1e9b8dff87cfa82666141f733968f3f04130f8308b423fda13a160c76eee0d95
2b286ca3e981a79eca3b858822d9386420bc390d9a8c45a153023dd30a4632d9
2f7e6b7468366efc884e59791d8f155894a2345f6cb7b4428805a27b1ed072ea
521da418be559c41c1351c7b4e67c19114f71465c6829b9b4be128cfdff1d7fc
5a1e69517c76c1fda68cff8b3b6fb6b7773a4b75932684b72b0a23325b14c5fd
9b519a2e41f381f915a9dbf181e15f928639e9747e0273b9aee1c1ce60b18669
b960c78ab89422ac3bc38c2cecd9e9cf7ea4d7adecf24563f681cacdb009e0f1
c51918b2e8a90ec12f396f1fbda614322033a6897a6812c58233f8ad4d4e1c2a