volksbank.trfed.de Open in urlscan Pro
2a06:98c1:3121::9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://volksbank.trfed.de/volksbank/651fad78e6363
Effective URL:
https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363
Submission: On October 08 via manual (October 8th 2023, 10:01:53 pm UTC) from DE — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 2a06:98c1:3121::9, located in United States and belongs to CLOUDFLARENET, US. The main domain is volksbank.trfed.de.
TLS certificate: Issued by E1 on September 23rd 2023. Valid for: 3 months.

This is the only time volksbank.trfed.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 20	2a06:98c1:312... 2a06:98c1:3121::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	47.251.10.111 47.251.10.111	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1 2	195.200.53.159 195.200.53.159	15590 (ATRUVIA) (ATRUVIA)
21	4

20 2a06:98c1:3121::9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

volksbank.trfed.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.251.10.111 (Santa Clara, United States) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

ip9uk39kv26rml8wjjruzg-on.drv.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ip9uk39kv26rml8wjjruzg.on.drv.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.200.53.159 (Waldstetten, Germany) 1 redirects

ASN15590 (ATRUVIA, DE)

www.vr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	trfed.de 1 redirects volksbank.trfed.de	314 KB
2	vr.de 1 redirects www.vr.de	626 B
2	drv.tw 1 redirects ip9uk39kv26rml8wjjruzg-on.drv.tw ip9uk39kv26rml8wjjruzg.on.drv.tw	2 KB
21	3

	Domain	Requested by
20	volksbank.trfed.de	1 redirects volksbank.trfed.de
2	www.vr.de	1 redirects volksbank.trfed.de
1	ip9uk39kv26rml8wjjruzg.on.drv.tw	volksbank.trfed.de
1	ip9uk39kv26rml8wjjruzg-on.drv.tw	1 redirects
21	4

This site contains no links.

Subject Issuer	Validity	Valid
trfed.de E1	`2023-09-23` - `2023-12-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363
Frame ID: D2251272DACD2D8F0119EFE8873B486B
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank - Volksbank eG

Page URL History Show full URLs

https://volksbank.trfed.de/volksbank/651fad78e6363 Page URL
https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Page URL

Page Statistics

21
Requests

90 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

373 kB
Transfer

672 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://volksbank.trfed.de/volksbank/651fad78e6363 Page URL
https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://ip9uk39kv26rml8wjjruzg-on.drv.tw/jsbot.js HTTP 301
https://ip9uk39kv26rml8wjjruzg.on.drv.tw/jsbot.js

Request Chain 14

https://volksbank.trfed.de/volksbank/bankleitzahl/js/ing/bandoo.js HTTP 302
https://www.vr.de/ HTTP 301
https://www.vr.de/privatkunden.html

21 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	651fad78e6363 volksbank.trfed.de/volksbank/	741 B 849 B	157ms 106ms	Document text/html	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://volksbank.trfed.de/volksbank/651fad78e6363 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8131a9e9dba89274-FRA content-encoding br content-type text/html; charset=UTF-8 date Sun, 08 Oct 2023 22:01:40 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSwNAqaskaAl66Fk6wZv7ghjQMRaKGZRGZr5P7Fw2bH36OwV1nUjFL9GSPO3uNXZgzoUyGKWN9PcdL53co5Gp3D%2BkP2J8vOEnC21UBlChXmG5w0%2F9Wka1jhclBkU7d%2F0hiGZPHHD1u9gmJiecGiMlLA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	Primary Request 651fad78e6363 Show response volksbank.trfed.de/volksbank/bankleitzahl/	17 KB 3 KB	73ms 73ms	Document text/html	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ac8aa43bb2e93266092d30322872b705918cdeecec6fa8857e4bebc3641943fb` Request headers Referer https://volksbank.trfed.de/volksbank/651fad78e6363 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8131a9eb7c7e9274-FRA content-encoding br content-type text/html; charset=UTF-8 date Sun, 08 Oct 2023 22:01:40 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDJyQ4Km5JGZVSwjwJefdh9hjeZ4Hzu1vrnd2YYVjVKmYSTS%2BHNLZP95btRLkbMA3aTRaHeyKzwRP2jSNF%2F%2FyGCb5kmr%2B8gQWbRpUaOHbXBgcBRJ5roKWcNxlqHNvYvevtVISLIH75GWFpbDRQZbQW0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	volksbank.css volksbank.trfed.de/css/	528 KB 254 KB	19ms 19ms	Stylesheet text/css	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://volksbank.trfed.de/css/volksbank.css Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `360af9c3974faec9d8d78b383116b453b2b652abe3178f6f61839f047036f9c8` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 22:01:40 GMT content-encoding br cf-cache-status HIT last-modified Thu, 29 Jun 2023 22:38:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4178 etag W/"8400c-5ff4c5c23ca00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndxh9V2LTCwDHHi3CMdVQLXcRcFW0y7d1xuNqXA5g7klBvB7UuXtWnTRdTMgyIg7fIFX%2BUYDhXk8m%2BKr7hfzbRHJkA%2FdzrnW59c9EuktBnP%2BynrzKPIwB5TgLCo%2B1KFcm98dQ22v4cW7toDxWaLDKhg%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8131a9ebfa5a1c2a-FRA alt-svc h3=":443"; ma=86400
GET H3	200	logo-vr.svg volksbank.trfed.de/img/	11 KB 4 KB	17ms 16ms	Image image/svg+xml	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://volksbank.trfed.de/img/logo-vr.svg Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a98221c9155dc607127fe88bbcbc7d88296b084a56661ff27f627e7913dc5c8f` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 22:01:40 GMT content-encoding br cf-cache-status HIT last-modified Thu, 29 Jun 2023 22:34:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4178 etag W/"2cc5-5ff4c4f626880" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auRgt4iqwd4IWp7cGLcISfjxs%2BrZKWQnnoCvKwJJA7KOWSp8pz3PK8FwqwTFcTkOt9VVvGnSH5pcvbBc%2FrgWdu6RuWAf8Do6y8jTz9ZTtXwQYDpJwn6RLzQEpAm1DdGXuemQBdKl3evUC2NiTJ3Lojo%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 8131a9ebfa5c1c2a-FRA alt-svc h3=":443"; ma=86400
GET H3	200	1.png volksbank.trfed.de/img/	1 KB 1 KB	34ms 31ms	Image image/png	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://volksbank.trfed.de/img/1.png Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `08c6216305671f1f3f66067057da56b578d879b7c1c77e409b340e9f873c9a86` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 22:01:40 GMT cf-cache-status HIT last-modified Thu, 29 Jun 2023 22:35:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4177 etag "409-5ff4c4fbdf600" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kWMPnrpVjZCqAjqSbyDTfCWPqTZqGay0s%2FOGLA%2BJsuUVfzM%2FD3eg%2BK1QdMMbP5iFB1UtPhtAUIxAzG0Z%2ByGRffpnq3bnLFGoj4DSkTQW0cquwZSBBaVhM3s0ulwwg9Mrpmno3eFr41SGO42bBbbvQ0%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8131a9ec1a6a1c2a-FRA alt-svc h3=":443"; ma=86400 content-length 1033
GET H3	200	2.png volksbank.trfed.de/img/	6 KB 6 KB	34ms 32ms	Image image/png	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://volksbank.trfed.de/img/2.png Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 22:01:40 GMT cf-cache-status HIT last-modified Thu, 29 Jun 2023 22:35:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4177 etag "17fe-5ff4c4ffaff00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RD%2B03DyHr%2Fu2qEWwtrXeR8RHn%2BUu89xexXaUrgGB8vYs068VS8KFgkRXOblUezXBoHNkLgzBlfLjsu27X8LsDmZG4aTEVYWX%2FR43NxQCg2h7cjIQzKPs30L0mnhghKmkw5rIDZMYUiW0eIsIS32cofg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8131a9ec1a6b1c2a-FRA alt-svc h3=":443"; ma=86400 content-length 6142
GET H3	200	3.png volksbank.trfed.de/img/	5 KB 5 KB	35ms 32ms	Image image/png	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://volksbank.trfed.de/img/3.png Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 22:01:40 GMT cf-cache-status HIT last-modified Thu, 29 Jun 2023 22:35:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4177 etag "1335-5ff4c50568c80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oly8PMsY10lpe52ZbO%2FVtfs4ezA9GcsfVCbkoKb%2Bdsub6SclhKonP0iC5QMc1NEOiMAIuVWXZUvY5TTT6JttKEcytzFlSIY0U23FuYI2df4S6SY34%2BaCeIi4769ErP3D0RXrxxoueypV4h%2B4Nvi%2FZyY%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8131a9ec1a6c1c2a-FRA alt-svc h3=":443"; ma=86400 content-length 4917
GET H3	200	4.png volksbank.trfed.de/img/	2 KB 2 KB	35ms 32ms	Image image/png	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://volksbank.trfed.de/img/4.png Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bd336b5f058be348457d5c0805fa3215e2ca365e9a8b77da94d3ee9472865aa2` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 22:01:40 GMT cf-cache-status HIT last-modified Thu, 29 Jun 2023 22:35:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4177 etag "605-5ff4c50b21a00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CqL4a5QTetLCOw%2FYlS%2FnTH3VtOX5F1jqvhxhJAOZWjrhjN7WtsA5A0zOqrYnct4rYNlXauAqM9P%2BmP4ToBqKUjBb4dxUalcj1AT8kuI68dWcws%2FRDyXi1Yu89bMu7Ws7sZpNc3sv5onPT1i9gdpxBw%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8131a9ec1a6d1c2a-FRA alt-svc h3=":443"; ma=86400 content-length 1541
GET H3	200	5.png volksbank.trfed.de/img/	16 KB 17 KB	35ms 32ms	Image image/png	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://volksbank.trfed.de/img/5.png Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 22:01:40 GMT cf-cache-status HIT last-modified Thu, 29 Jun 2023 22:35:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4177 etag "4194-5ff4c50ef2300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkSEDSTAxGTl97p8bL9ANrTmGy0YhVopLr9%2FI%2Fy%2Frj%2FxgGlmTcDf7H8xdbU5EMNmXTN%2FZ4yoLZ0O60%2FQaf8XNCEzoI1FCdczLOLaHSYMTaIMK3P5%2BmHQOIicCXujwnG4UgVezXVvnBjjZ09OFdnLJdo%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8131a9ec1a6e1c2a-FRA alt-svc h3=":443"; ma=86400 content-length 16788
GET H3	200	6.png volksbank.trfed.de/img/	3 KB 3 KB	36ms 33ms	Image image/png	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://volksbank.trfed.de/img/6.png Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 22:01:40 GMT cf-cache-status HIT last-modified Thu, 29 Jun 2023 22:35:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4177 etag "c12-5ff4c51693500" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALtjyud415feWhPBtDNL8sjp6%2BFGHnEBD7gcjBG9iGwrP8yGho2mJdpNxmhaA%2Fid%2FwxJA4Rq1qNuJj2%2F4rrcdScbAtPPsj5xKBWgpIJH2I4%2B3V04gcR96X3hiL63Z9xnwfcZ3xhf%2FjkqhV%2FAW4osMzo%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8131a9ec1a6f1c2a-FRA alt-svc h3=":443"; ma=86400 content-length 3090
GET H3	200	7.png volksbank.trfed.de/img/	4 KB 4 KB	38ms 35ms	Image image/png	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://volksbank.trfed.de/img/7.png Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 22:01:40 GMT cf-cache-status HIT last-modified Thu, 29 Jun 2023 22:35:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4177 etag "e8f-5ff4c51e34700" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZB78B2mpObrOX%2F4ngHRABuHex8xJHOHiYNwRF%2BF%2Bc0ox6aCeANVSeeUcwx7UUh4fAbfYlyNJ%2FPhRDTblrRkvBAkCFRNh9TZpkDL%2BYAj1Uvvaj87VbmVsKJQOhclMzMBIPd4IXTYzkRHrOyxFnCl18A%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8131a9ec1a701c2a-FRA alt-svc h3=":443"; ma=86400 content-length 3727
GET H3	200	8.png volksbank.trfed.de/img/	2 KB 2 KB	38ms 35ms	Image image/png	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://volksbank.trfed.de/img/8.png Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 22:01:40 GMT cf-cache-status HIT last-modified Thu, 29 Jun 2023 22:35:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4177 etag "75b-5ff4c525d5900" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxlmrEfV7rarpShtBZdQ4z0JjpAP5Io2mdHW2I461mXJcJhXgFI8hdnqPi7UCw4lulgR6%2BTYJPBUTTpXkHgA%2Bd%2FY9Ew0D5Y1%2BzKD4x7RViMtvJozzFzcrI4uFJBtZzAh8RiNONhU5GWNsbHYaPV7wR4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8131a9ec1a721c2a-FRA alt-svc h3=":443"; ma=86400 content-length 1883
GET H3	200	9.png volksbank.trfed.de/img/	6 KB 6 KB	39ms 36ms	Image image/png	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://volksbank.trfed.de/img/9.png Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f00e05e6fcb48cbf33e15e7393b71041234246e48727fc225310c153cfa6cc31` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 22:01:40 GMT cf-cache-status HIT last-modified Thu, 29 Jun 2023 22:35:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4176 etag "16ae-5ff4c52f5ef80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMM%2FgTm1dulWRJpO834AOdnhrpdvPKCZ6w4rRidUjqPeE8fRPNkPe%2Bsj2LDpk%2FXc%2BH%2FM4rVWwUFXNHIcP1S0yS8NYO6tCnhkyPi8n2YRTNXEKM3H9Rxwd8N4fNtWgJcKuRUzpzGAe2MmYKYlYMqHvSg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8131a9ec1a731c2a-FRA alt-svc h3=":443"; ma=86400 content-length 5806
GET H3	200	10.png volksbank.trfed.de/img/	2 KB 2 KB	39ms 36ms	Image image/png	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://volksbank.trfed.de/img/10.png Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f6f4ddd588353569b0d34bd19e85a0624effb6c2c183aa26695aefc05861a7ed` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 22:01:40 GMT cf-cache-status HIT last-modified Thu, 29 Jun 2023 22:36:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4176 etag "680-5ff4c53517d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNp8HenvVK0JfX5eWaMndfSlrYljGhT1QVC8HZ%2BQd7ifRhvWLVKQ4HFe4wHt70aihPcKl6hdB3DN6dFpfck2X7kezy7bnUTeBmVegoRlrgMLUDhDZkxApS2nAb0hwY%2BwdUwGdblGHgILdVndlALZ%2FwU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8131a9ec1a741c2a-FRA alt-svc h3=":443"; ma=86400 content-length 1664
GET H2	200	jsbot.js Show response ip9uk39kv26rml8wjjruzg.on.drv.tw/ Redirect Chain https://ip9uk39kv26rml8wjjruzg-on.drv.tw/jsbot.js https://ip9uk39kv26rml8wjjruzg.on.drv.tw/jsbot.js	8 KB 2 KB	3230ms 1649ms	Script text/javascript	47.251.10.111 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://ip9uk39kv26rml8wjjruzg.on.drv.tw/jsbot.js Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H2 Server 47.251.10.111 Santa Clara, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash `3274993c2ccd9b85c3597b1e5d08288dadb9611210575b093c33274c9d3bc846` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 22:01:47 GMT content-encoding gzip last-modified Sat, 01 Jan 2022 15:56:07 GMT server nginx/1.14.0 (Ubuntu) vary Origin, Sec-Fetch-Mode, X-Requested-Wtih, Accept-Encoding x-cache BYPASS content-type text/javascript cache-control public, s-maxage=43200, max-age=43200 Redirect headers location https://ip9uk39kv26rml8wjjruzg.on.drv.tw/jsbot.js date Sun, 08 Oct 2023 22:01:44 GMT cache-control public, s-maxage=604800, max-age=604800 server nginx/1.14.0 (Ubuntu) x-cache BYPASS content-type text/html
GET H2	200	privatkunden.html Show response www.vr.de/ Redirect Chain https://volksbank.trfed.de/volksbank/bankleitzahl/js/ing/bandoo.js https://www.vr.de/ https://www.vr.de/privatkunden.html	0 0	10ms 10ms	Script text/html	195.200.53.159 ATRUVIA
General Check archive.org Show headers Download Go to Full URL https://www.vr.de/privatkunden.html Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H2 Server 195.200.53.159 Waldstetten, Germany, ASN15590 (ATRUVIA, DE), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Redirect headers content-security-policy frame-ancestors 'self' date Sun, 08 Oct 2023 21:58:38 GMT x-content-type-options nosniff referrer-policy no-referrer-when-downgrade strict-transport-security max-age=31536000 age 182 x-frame-options SAMEORIGIN location https://www.vr.de/privatkunden.html x-oneagent-js-injection true cache-control s-maxage=3600, max-age=600, stale-if-error=3600, stale-while-revalidate=3600, public, must-revalidate server-timing dtRpid;desc="1836567044", dtSInfo;desc="0" content-length 0 x-xss-protection 1; mode=block
GET H3	200	details.js Show response volksbank.trfed.de/js/volksbank/	5 KB 1 KB	33ms 30ms	Script application/javascript	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://volksbank.trfed.de/js/volksbank/details.js Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d68bbc4154509bf29efa267d11838fa5c9da2bcfe75458e242dacfc7d0fa23e1` Request headers accept-language de-DE,de;q=0.9 Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 22:01:40 GMT content-encoding br cf-cache-status HIT last-modified Sat, 01 Jul 2023 00:50:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4178 etag W/"12a1-5ff6251b13880-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1x8eI0cUe%2BFYW37dBZMe%2Fr7bpgGad%2FX%2FLNsNHIOvmjOIyJjGQdc9vAXxoQCJgGBKMwEgtJfaizag9WWgzJnyLHnQ3s0xZBfgxyyh6sGd1zCz26kZ9jpRo7uht2gjkaDk9XvE87saimUMs0urlZ%2FfUY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8131a9ec1a691c2a-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	29 KB 29 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `70192633915348f5f3297b15a8349cefd61fb2dea99ac974aa243a4605ef0704` Request headers Referer Origin https://volksbank.trfed.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	28 KB 28 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6a9d7ec3c0dc1347ce344830677d4c085536e3d857f946da8dd666bbe91e3852` Request headers Referer Origin https://volksbank.trfed.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type font/woff2
POST H3	200	online volksbank.trfed.de/user/	1 B 0	60ms 60ms	Fetch text/html	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://volksbank.trfed.de/user/online Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundary1PBLFIf68vN8Nb8f Response headers pragma no-cache date Sun, 08 Oct 2023 22:01:43 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNU6%2BcsYeoQWRzERBdY%2FseN7hDv4O3u5ObrKx8ejySqVjzV3Qn%2BDM2823QJu8xBpL9wQU0tzmfx8zheQfw5h1BNe3%2BTeI1K8gxuXs8XgY2Xw8S%2BOMHZUUFQXDf5seXuEGWpNT0Al4tCNKgpHRxJrL%2FQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 8131a9ff3a201c2a-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H3	200	online volksbank.trfed.de/user/	1 B 0	45ms 45ms	Fetch text/html	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://volksbank.trfed.de/user/online Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundary7UOfDIAM1mtPavGZ Response headers pragma no-cache date Sun, 08 Oct 2023 22:01:46 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cn5AKX319nMUkJGpZp7iKvkO8VuwPqsFG%2F8xq0qHJX4%2Be03fE5mqyTf%2Bn%2B4X9USjMDFcWnk3bMMoe58qBSUXPmcRydlFiWhWCiHo7MVPQKAaPewoGhBuRFndlBqhRkXUux4thjqwbmJu2TRQt6kJjo%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 8131aa11fa491c2a-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H3	200	online volksbank.trfed.de/user/	1 B 0	47ms 47ms	Fetch text/html	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://volksbank.trfed.de/user/online Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundary6knmqxEuv6ljs1TB Response headers pragma no-cache date Sun, 08 Oct 2023 22:01:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bB8hxy5k9tmcClpYbj7AAD%2F1qmTyLh%2BYjy8OnwO6r9D6vCdbTtqQF1B4j%2BklgsxScRUkkJEFU%2F8%2FHDc97BJDUY71GMjun%2F%2FydQRpJi38v4DUilm9nih7X7jJd9%2FraQDLUTBmoV4rWBhdCOHJ9iinvNc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 8131aa24b8be1c2a-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H3	200	online volksbank.trfed.de/user/	1 B 0	52ms 52ms	Fetch text/html	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://volksbank.trfed.de/user/online Requested by Host: volksbank.trfed.de URL: https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://volksbank.trfed.de/volksbank/bankleitzahl/651fad78e6363 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryoZUkBbMH2pgKJQxW Response headers pragma no-cache date Sun, 08 Oct 2023 22:01:52 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Z4VFspl72En8nJEvgC8A1fxBu3z88UAhh75BJ9ZgJjKMxr3%2FaUltMnSusx9kTnaEAaEmyAhe%2FdbP6J39S%2BarTdBZOBuJm%2Bn%2FtFzLkI5HInDanl9ciSCxPEQgAGu%2B0LL3Fc1QiZmTX%2FO01NNFdDtUvw%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 8131aa377fa91c2a-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			volksbank.trfed.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: vauo48n7pp8h04fq4i7ja6hun1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ip9uk39kv26rml8wjjruzg-on.drv.tw
ip9uk39kv26rml8wjjruzg.on.drv.tw
volksbank.trfed.de
www.vr.de
195.200.53.159
2a06:98c1:3121::9
47.251.10.111
08c6216305671f1f3f66067057da56b578d879b7c1c77e409b340e9f873c9a86
193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6
3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6
3274993c2ccd9b85c3597b1e5d08288dadb9611210575b093c33274c9d3bc846
33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb
360af9c3974faec9d8d78b383116b453b2b652abe3178f6f61839f047036f9c8
60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c
6a9d7ec3c0dc1347ce344830677d4c085536e3d857f946da8dd666bbe91e3852
70192633915348f5f3297b15a8349cefd61fb2dea99ac974aa243a4605ef0704
93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47
a98221c9155dc607127fe88bbcbc7d88296b084a56661ff27f627e7913dc5c8f
ac8aa43bb2e93266092d30322872b705918cdeecec6fa8857e4bebc3641943fb
bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168
bd336b5f058be348457d5c0805fa3215e2ca365e9a8b77da94d3ee9472865aa2
d68bbc4154509bf29efa267d11838fa5c9da2bcfe75458e242dacfc7d0fa23e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f00e05e6fcb48cbf33e15e7393b71041234246e48727fc225310c153cfa6cc31
f6f4ddd588353569b0d34bd19e85a0624effb6c2c183aa26695aefc05861a7ed

volksbank.trfed.de Open in urlscan Pro 2a06:98c1:3121::9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

21 Requests

90 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

373 kBTransfer

672 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

volksbank.trfed.de Open in urlscan Pro
2a06:98c1:3121::9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

90 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

373 kB
Transfer

672 kB
Size

1
Cookies

21 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!