werbung.design - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 2a00:1158:5:805::, located in Strasbourg, France and belongs to GD-EMEA-DC-CGN1, DE. The main domain is werbung.design.
TLS certificate: Issued by webslave.ispgateway.de on March 22nd 2022. Valid for: 27 years.

This is the only time werbung.design was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Adobe (Consumer)

Domain & IP information

	IP Address		AS Autonomous System
5	2a00:1158:5:8... 2a00:1158:5:805::		34011 (GD-EMEA-D...) (GD-EMEA-DC-CGN1)
5	1

5 2a00:1158:5:805:: (Strasbourg, France)

ASN34011 (GD-EMEA-DC-CGN1, DE)

werbung.design	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	werbung.design werbung.design	384 KB
5	1

	Domain	Requested by
5	werbung.design	werbung.design
5	1

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
webslave.ispgateway.de webslave.ispgateway.de	`2022-03-22` - `2049-08-07`	27 years	crt.sh

This page contains 1 frames:

Primary Page: https://werbung.design/
Frame ID: 256478624ADF4421EFEABBA62801C1F6
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FRENZEL Werbetechnik e.K. · GESTALTUNG | DRUCK | WERBUNG | FOLIERUNG | DIGITALE MEDIEN

Page Statistics

5
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

384 kB
Transfer

386 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/frenzel.werbetechnik

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response werbung.design/	5 KB 2 KB	461ms 149ms	Document text/html	2a00:1158:5:805:: GD-EMEA-DC-CGN1
General Check archive.org Show headers Download Go to Full URL https://werbung.design/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1158:5:805:: Strasbourg, France, ASN34011 (GD-EMEA-DC-CGN1, DE), Reverse DNS Software nginx / Resource Hash `2002434a0863b3c76a1027bfbe807dfe9e3748155581dc83f0a0c7ebf06500b3` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html date Sat, 06 Jan 2024 22:18:58 GMT etag W/"1451-5a56e6a7a15ac" last-modified Tue, 12 May 2020 07:28:54 GMT server nginx vary Accept-Encoding x-cache-status BYPASS
GET H2	200	Fiebel.JPG werbung.design/pics/	6 KB 6 KB	149ms 148ms	Image image/jpeg	2a00:1158:5:805:: GD-EMEA-DC-CGN1
General Check archive.org Show headers Download Go to Show image Full URL https://werbung.design/pics/Fiebel.JPG Requested by Host: werbung.design URL: https://werbung.design/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1158:5:805:: Strasbourg, France, ASN34011 (GD-EMEA-DC-CGN1, DE), Reverse DNS Software nginx / Resource Hash `865dc360c50dbfedd8064e4ee26a767dff54aaa2dec3e16bccd6608e6af1552b` Request headers accept-language en-US,en;q=0.9 Referer https://werbung.design/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 22:18:58 GMT last-modified Sat, 10 Mar 2018 13:21:10 GMT server nginx etag "16c4-5670ec83c740a" x-cache-status BYPASS content-type image/jpeg accept-ranges bytes content-length 5828
GET H2	200	fb.png werbung.design/images/	3 KB 3 KB	430ms 430ms	Image image/png	2a00:1158:5:805:: GD-EMEA-DC-CGN1
General Check archive.org Show headers Download Go to Show image Full URL https://werbung.design/images/fb.png Requested by Host: werbung.design URL: https://werbung.design/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1158:5:805:: Strasbourg, France, ASN34011 (GD-EMEA-DC-CGN1, DE), Reverse DNS Software nginx / Resource Hash `9b2f1de76f84da2a54e353ee44cfd47b91e9b6b554ef0ee840d5adbffe1bab8e` Request headers accept-language en-US,en;q=0.9 Referer https://werbung.design/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 22:18:58 GMT last-modified Sat, 10 Mar 2018 13:22:02 GMT server nginx etag "c4a-5670ecb5fccac" x-cache-status BYPASS content-type image/png accept-ranges bytes content-length 3146
GET H2	200	icon.png werbung.design/	329 KB 329 KB	289ms 289ms	Image image/png	2a00:1158:5:805:: GD-EMEA-DC-CGN1
General Check archive.org Show headers Download Go to Show image Full URL https://werbung.design/icon.png Requested by Host: werbung.design URL: https://werbung.design/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1158:5:805:: Strasbourg, France, ASN34011 (GD-EMEA-DC-CGN1, DE), Reverse DNS Software nginx / Resource Hash `35d6b5ff288bb35acdf34369164428e02a6898c7f662da4fc86d9208f6edd0e8` Request headers accept-language en-US,en;q=0.9 Referer https://werbung.design/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 22:18:58 GMT last-modified Fri, 06 Sep 2019 11:08:46 GMT server nginx etag "522d3-591e0763db3a3" x-cache-status BYPASS content-type image/png accept-ranges bytes content-length 336595
GET H2	200	bg2.jpg werbung.design/pics/	43 KB 43 KB	429ms 429ms	Image image/jpeg	2a00:1158:5:805:: GD-EMEA-DC-CGN1
General Check archive.org Show headers Download Go to Show image Full URL https://werbung.design/pics/bg2.jpg Requested by Host: werbung.design URL: https://werbung.design/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1158:5:805:: Strasbourg, France, ASN34011 (GD-EMEA-DC-CGN1, DE), Reverse DNS Software nginx / Resource Hash `5b0ab3a44d46fb67c2a48cf47c7cfb49893c1b59fe03bae87e585dc61787c1e9` Request headers accept-language en-US,en;q=0.9 Referer https://werbung.design/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 22:18:58 GMT last-modified Sat, 10 Mar 2018 13:21:10 GMT server nginx etag "ac63-5670ec840e0cf" x-cache-status BYPASS content-type image/jpeg accept-ranges bytes content-length 44131

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Adobe (Consumer)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

werbung.design
2a00:1158:5:805::
2002434a0863b3c76a1027bfbe807dfe9e3748155581dc83f0a0c7ebf06500b3
35d6b5ff288bb35acdf34369164428e02a6898c7f662da4fc86d9208f6edd0e8
5b0ab3a44d46fb67c2a48cf47c7cfb49893c1b59fe03bae87e585dc61787c1e9
865dc360c50dbfedd8064e4ee26a767dff54aaa2dec3e16bccd6608e6af1552b
9b2f1de76f84da2a54e353ee44cfd47b91e9b6b554ef0ee840d5adbffe1bab8e

werbung.design Open in urlscan Pro 2a00:1158:5:805:: Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

0 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

384 kBTransfer

386 kBSize

0 Cookies

1 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

werbung.design Open in urlscan Pro
2a00:1158:5:805:: Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

384 kB
Transfer

386 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!