b9apod4.myraidbox.de
Open in
urlscan Pro
159.69.248.55
Malicious Activity!
Public Scan
Submission Tags: 6452211
Submission: On March 16 via api from NL
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 28th 2019. Valid for: a year.
This is the only time b9apod4.myraidbox.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: mobile.de (Marketplace)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 159.69.248.55 159.69.248.55 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0b | 201011 (NETZBETRI...) (NETZBETRIEB-GMBH) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::200e | 15169 (GOOGLE) (GOOGLE) | |
24 | 4 |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
myraidbox.de
b9apod4.myraidbox.de |
190 KB |
2 |
akamaihd.net
ds-aksb-a.akamaihd.net |
5 KB |
1 |
google-analytics.com
www.google-analytics.com |
18 KB |
0 |
classistatic.de
Failed
static.classistatic.de Failed |
|
24 | 4 |
Domain | Requested by | |
---|---|---|
17 | b9apod4.myraidbox.de |
b9apod4.myraidbox.de
|
2 | ds-aksb-a.akamaihd.net |
b9apod4.myraidbox.de
|
1 | www.google-analytics.com |
b9apod4.myraidbox.de
|
0 | static.classistatic.de Failed |
b9apod4.myraidbox.de
|
24 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.mobile.de |
login.mobile.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.myraidbox.de Sectigo RSA Domain Validation Secure Server CA |
2019-04-28 - 2020-05-01 |
a year | crt.sh |
a248.e.akamai.net DigiCert Secure Site ECC CA-1 |
2019-08-13 - 2020-08-12 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-02-25 - 2020-05-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/
Frame ID: 6702E80FBD322E93008D83BE45E52950
Requests: 26 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Fingerprintjs (JavaScript Libraries) Expand
Detected patterns
- script /fingerprint(\d)?(?:\.min)?\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Cookies
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Passwort vergessen?
Search URL Search Domain Scan URL
Title: Jetzt registrieren
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.common.data.svg.css
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/hler/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.logo.data.svg.css
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/hler/ |
24 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.form.data.svg.css
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/hler/ |
31 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js.Download
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/hler/ |
34 KB 35 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js.Download
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/hler/ |
82 KB 83 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a2Main.css
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/hler/ |
247 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aksb.min.js.Download
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/hler/ |
13 KB 13 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint.js.Download
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/hler/ |
9 KB 9 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a2.js.Download
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/hler/ |
3 KB 4 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tanStatic
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/hler/ |
552 B 816 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
34 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aksb.min.js
ds-aksb-a.akamaihd.net/ |
13 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.common.data.svg.css
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/css/icons/common/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.logo.data.svg.css
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/css/icons/logo/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.form.data.svg.css
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/css/icons/form/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Gibson-Regular-webfont-v2.woff2
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Gibson-SemiBold-webfont-v2.woff2
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.common.data.svg.css
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/css/icons/common/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.logo.data.svg.css
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/css/icons/logo/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.form.data.svg.css
b9apod4.myraidbox.de/www.mobile.de-AQMkADAwATY0MDABLWVlADMwLWFiMjMtMDACLTAwCgBGAAADZiRnufZ6FEmMaP9u/css/icons/form/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Gibson-Regular-webfont-v2.woff
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Gibson-SemiBold-webfont-v2.woff
static.classistatic.de/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b
ds-aksb-a.akamaihd.net/2/463246/ |
0 269 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/Gibson-Regular-webfont-v2.woff2
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/Gibson-SemiBold-webfont-v2.woff2
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/Gibson-Regular-webfont-v2.woff
- Domain
- static.classistatic.de
- URL
- https://static.classistatic.de/fonts/Gibson-SemiBold-webfont-v2.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: mobile.de (Marketplace)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| grunticon object| mobile number| startTime function| getTimeoutInSeconds function| delayedSubmit function| mga object| w object| d object| AKSB string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| RT0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
b9apod4.myraidbox.de
ds-aksb-a.akamaihd.net
static.classistatic.de
www.google-analytics.com
static.classistatic.de
159.69.248.55
2a00:1450:4001:818::200e
2a01:4a0:1338:28::c38a:ff0b
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
3132209c539616dfc1f3cda2f0a54138d98b781487a756576bacdfc88beffb89
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
41377db8a2075f215b1191a3c40defd3f0e99460e9d9f024a420eea8ae92a356
5cbb1b182882ae8a2d6c7f76a37a80fcbd337f32f6ad3a399443805cca53b99c
76c032a257771abe2f0869abb1b7493de6a7063edb63f7e871750cd7c1e75f49
7b54eaba8bbfd0821c96d29e03b7e0cbad64180c7a6508ddba24262b5ddc9444
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
9438113100ff089d191a01c1b464f86963be589cd06c182b0c8b71fc95bd2200
b24c1d544038ccabbe84872306d25cbbcc1c64417ee815ab0ea19e0aa429efb0
d31bd75eea107e8f0f9799bf1d7b6824e25631e221d1bde7741386d1f752cfd4
deab3f0f1ec6f727b7a318434c096d428db828384038f43efa8c40f6ddbba2e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f1df342d5ef1df5c1cc61d0fc24ba548f7d52b280faf1850b4ae1569d51f725c