![](/screenshots/93614ca4-4dfb-4531-9212-6960b257df5c.png)
phototan-legitimationen.de
Open in
urlscan Pro
2606:4700:3035::ac43:b377
Malicious Activity!
Public Scan
Submission: On April 18 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on April 15th 2024. Valid for: 3 months.
This is the only time phototan-legitimationen.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Deutsche Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 2606:4700:303... 2606:4700:3035::ac43:b377 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.67.179.119 172.67.179.119 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 2 |
ASN13335 (CLOUDFLARENET, US)
phototan-legitimationen.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
phototan-legitimationen.de
phototan-legitimationen.de |
184 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
21 | phototan-legitimationen.de |
phototan-legitimationen.de
|
21 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.deutsche-bank.de |
secure.deutsche-bank.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
phototan-legitimationen.de GTS CA 1P5 |
2024-04-15 - 2024-07-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://phototan-legitimationen.de/dblogin?uid=dGVhbQ==
Frame ID: F66AB2599F6180DB71AD2E5F5E01A5D1
Requests: 21 HTTP requests in this frame
9 Outgoing links
These are links going to different origins than the main page.
Title: Rund ums Online-Banking
Search URL Search Domain Scan URL
Title: Demokonto testen
Search URL Search Domain Scan URL
Title: Konto eröffnen
Search URL Search Domain Scan URL
Title: Konto für Online- und Telefon-Banking freischalten
Search URL Search Domain Scan URL
Title: Mobile Banking
Search URL Search Domain Scan URL
Title: Häufig gestellte Fragen
Search URL Search Domain Scan URL
Title: Download-Center
Search URL Search Domain Scan URL
Title: Technischer Support
Search URL Search Domain Scan URL
Title: Sicherheit
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
dblogin
phototan-legitimationen.de/ |
21 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c9a5bc6a7c948fb0-s.p.woff2
phototan-legitimationen.de/_next/static/media/ |
45 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-text.svg
phototan-legitimationen.de/img/db/ |
24 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.gif
phototan-legitimationen.de/img/db/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
verimi.svg
phototan-legitimationen.de/img/db/ |
893 B 805 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8c0452f4c5327e63.css
phototan-legitimationen.de/_next/static/css/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9b7a71f118bae4f7.css
phototan-legitimationen.de/_next/static/css/ |
383 B 562 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-3911b84645c99995.js
phototan-legitimationen.de/_next/static/chunks/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fd9d1056-8f78d26414ffa56c.js
phototan-legitimationen.de/_next/static/chunks/ |
168 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
69-a88129440d875754.js
phototan-legitimationen.de/_next/static/chunks/ |
109 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-app-c438c07cdd4bd0c8.js
phototan-legitimationen.de/_next/static/chunks/ |
462 B 605 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5e22fd23-fc2d63c8f0d1fd16.js
phototan-legitimationen.de/_next/static/chunks/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
795d4814-18fe84cb1cf1b63e.js
phototan-legitimationen.de/_next/static/chunks/ |
2 KB 940 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8e1d74a4-0d7bcc2aa44e6f63.js
phototan-legitimationen.de/_next/static/chunks/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0e762574-78cfcb91f5cc659b.js
phototan-legitimationen.de/_next/static/chunks/ |
1 KB 880 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
448-9f0aec5fed0370a9.js
phototan-legitimationen.de/_next/static/chunks/ |
24 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
703-43d6fd373206b384.js
phototan-legitimationen.de/_next/static/chunks/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-933492e81c6437da.js
phototan-legitimationen.de/_next/static/chunks/app/dblogin/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
phototan-legitimationen.de/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
visit
phototan-legitimationen.de/api/ |
1 KB 940 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.gif
phototan-legitimationen.de/img/db/ |
2 KB 0 |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Deutsche Bank (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunk_N_E object| __next_f object| next undefined| _N_E0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
phototan-legitimationen.de
172.67.179.119
2606:4700:3035::ac43:b377
04dc44d70bab5f51ac523dd363d6dbeb91c227ca4617d2498ed4856468a57903
102d5e9253625aeb5d47ad0350763b534b95a92a240f353e8bd9bb43ef1722c2
1668217fbe984b005b075f0ee86da82014b83e60db40e86ec7da64d427358865
213f963ff481b3513fa40f4e6784c9437412789a34494f04fe5c6825f6f2fd31
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
31879c220fe9a8a633e9b7d6a803c3902294f56df1c8da3a3796d5877de3c5d8
328c666ddb230880e6b96a64ee9c90a831e11cf9501e3f68a82c2d9231326bc5
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3f5c53b72daa51dc8d63cd0c3f20c39dc301b819d3dbcc717554261a3391481b
6d8e151c9a4662eed5ed30c64a2ae9feaa84748d92286849c9093b68724634bd
9be29439a032073f9eff921330db117719d8789c9f96dd16354c2ce667189695
bb2b638e1061a758d27711fad532b1ecae47153e7805085337178c6ed2ddc7eb
d77f47a61b8dd7a15a96912f3e0852424c7fed41148263dbab63106f87387430
e0b448b9290beb02defb9936ca610b13565e03e8348dd26a4de3750a9cb290ef
e41b04d0b1127c235c1791abc1a26992206536e602d3fa06b651385f7df45415
e50a099b3cdb27fc506e5128f276bde6af486bb6d0ac8d13943cedfe8061a7f4
ece13a1146aa1e0b2f76d1962cce6512d8411e79dcf4d1682d3e8f0a5907c8ce
f90d09c0b587cd08e473a58431e8d98d0081cecedbeff341fccd227e54afc259
fa7ad64d12f02d9be57ccf972a9f873ffb9a82754f4ccdb9a6d3444864b2fe6f
fabd0294ccdc602dafa7deb634649424e9c57a54b0fa1eba7223b770c509f6f6