kunde-dkb-hrt9834992.com Open in urlscan Pro
87.251.79.178  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response kunde-dkb-hrt9834992.com/	69 KB 12 KB	952ms 343ms	Document text/html	87.251.79.178 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://kunde-dkb-hrt9834992.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 87.251.79.178 , Russian Federation, ASN57416 (SANNIKOV, RU), Reverse DNS Software nginx / Resource Hash 4beebd3b4a9ae471f08331e949054ef236bda84494da1eaddf7a0eec2dcdb7c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 26 May 2022 00:10:16 GMT Server nginx Strict-Transport-Security max-age=31536000; Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	dkb-global.css kunde-dkb-hrt9834992.com/index_files/	268 KB 44 KB	508ms 508ms	Stylesheet text/css	87.251.79.178 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://kunde-dkb-hrt9834992.com/index_files/dkb-global.css Requested by Host: kunde-dkb-hrt9834992.com URL: https://kunde-dkb-hrt9834992.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 87.251.79.178 , Russian Federation, ASN57416 (SANNIKOV, RU), Reverse DNS Software nginx / Resource Hash e73c635102184ba79364779dea265a2a216760d94de633422d0ae976af085f56 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://kunde-dkb-hrt9834992.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 00:10:17 GMT Content-Encoding gzip Last-Modified Wed, 25 May 2022 09:57:20 GMT Server nginx ETag "42e63-5dfd31965b6ac-gzip" Vary Accept-Encoding Content-Type text/css Connection keep-alive Strict-Transport-Security max-age=31536000; Accept-Ranges bytes Content-Length 44420
GET H/1.1	200 OK	438500649507193 Show response kunde-dkb-hrt9834992.com/index_files/	105 KB 105 KB	692ms 504ms	Script text/plain	87.251.79.178 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://kunde-dkb-hrt9834992.com/index_files/438500649507193 Requested by Host: kunde-dkb-hrt9834992.com URL: https://kunde-dkb-hrt9834992.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 87.251.79.178 , Russian Federation, ASN57416 (SANNIKOV, RU), Reverse DNS Software nginx / Resource Hash 6fcda7b473113334416bae4c97bf241b1e523a6f2719d29e0662d87bf43528b5 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://kunde-dkb-hrt9834992.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 00:10:17 GMT Last-Modified Wed, 25 May 2022 09:57:20 GMT Server nginx ETag "1a34b-5dfd31964fb2c" Strict-Transport-Security max-age=31536000; Connection keep-alive Accept-Ranges bytes Content-Length 107339
GET H/1.1	200 OK	dkb_responsive.min.css kunde-dkb-hrt9834992.com/index_files/	596 KB 115 KB	687ms 508ms	Stylesheet text/css	87.251.79.178 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://kunde-dkb-hrt9834992.com/index_files/dkb_responsive.min.css Requested by Host: kunde-dkb-hrt9834992.com URL: https://kunde-dkb-hrt9834992.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 87.251.79.178 , Russian Federation, ASN57416 (SANNIKOV, RU), Reverse DNS Software nginx / Resource Hash bff707fae325e9cb11d9572af65f34a88d2b131d87d47f93159e411af7afaa0f Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://kunde-dkb-hrt9834992.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 00:10:17 GMT Content-Encoding gzip Last-Modified Wed, 25 May 2022 09:57:20 GMT Server nginx ETag "94f28-5dfd31966df8d-gzip" Vary Accept-Encoding Content-Type text/css Connection keep-alive Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; Accept-Ranges bytes
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	41ms 9ms	Script application/javascript	2001:4de0:ac18::1:a:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: kunde-dkb-hrt9834992.com URL: https://kunde-dkb-hrt9834992.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers Referer https://kunde-dkb-hrt9834992.com/ Origin https://kunde-dkb-hrt9834992.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 00:10:17 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-15d9d" vary Accept-Encoding x-hw 1653523817.dop223.fr8.t,1653523817.cds288.fr8.hn,1653523817.cds144.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30875
GET H/1.1	200 OK	a497a1faffe5b9116a00a37f1705a977.jpg kunde-dkb-hrt9834992.com/index_files/	31 KB 32 KB	416ms 415ms	Image image/jpeg	87.251.79.178 SANNIKOV
General Check archive.org Show headers Download Go to Show image Full URL https://kunde-dkb-hrt9834992.com/index_files/a497a1faffe5b9116a00a37f1705a977.jpg Requested by Host: kunde-dkb-hrt9834992.com URL: https://kunde-dkb-hrt9834992.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 87.251.79.178 , Russian Federation, ASN57416 (SANNIKOV, RU), Reverse DNS Software nginx / Resource Hash fb4a970804e769dc8009d78de6dc2922f7880c4813eafc7f9f370d7fc3c5de88 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://kunde-dkb-hrt9834992.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 00:10:18 GMT Last-Modified Wed, 25 May 2022 09:57:20 GMT Server nginx ETag "7ce5-5dfd31964cc4c" Strict-Transport-Security max-age=31536000; Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 31973
GET H/1.1	200 OK	large.jpg kunde-dkb-hrt9834992.com/index_files/	16 KB 16 KB	603ms 427ms	Image image/jpeg	87.251.79.178 SANNIKOV
General Check archive.org Show headers Download Go to Show image Full URL https://kunde-dkb-hrt9834992.com/index_files/large.jpg Requested by Host: kunde-dkb-hrt9834992.com URL: https://kunde-dkb-hrt9834992.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 87.251.79.178 , Russian Federation, ASN57416 (SANNIKOV, RU), Reverse DNS Software nginx / Resource Hash 409235ce94e3f03c672c1d025d39b474a6fbd52be6bd1b80d5fd3e458ed2720b Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://kunde-dkb-hrt9834992.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 00:10:18 GMT Last-Modified Wed, 25 May 2022 09:57:20 GMT Server nginx ETag "3ec4-5dfd31966df8d" Strict-Transport-Security max-age=31536000; Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 16068
GET H2	200	binary-content.xhtml www.dkb.de/	5 KB 5 KB	59ms 3ms	Image image/png	2a02:cb40:200::b5 SOPRADO-ANY
General Check archive.org Show headers Download Go to Show image Full URL https://www.dkb.de/binary-content.xhtml?id=11335836204 Requested by Host: kunde-dkb-hrt9834992.com URL: https://kunde-dkb-hrt9834992.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:cb40:200::b5 , Germany, ASN20546 (SOPRADO-ANY, DE), Reverse DNS Software myracloud / Resource Hash 2ba27a0385583de954d18f8347c6706b2502eae0502e801b70856f28061620aa Security Headers Name Value Strict-Transport-Security max-age=15811200 Request headers accept-language de-DE,de;q=0.9 Referer https://kunde-dkb-hrt9834992.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma date Thu, 26 May 2022 00:10:18 GMT last-modified Tue, 03 Sep 2019 10:44:25 GMT server myracloud etag 11335836204-1567507465056 strict-transport-security max-age=15811200 content-type image/png x-oneagent-js-injection true cache-control max-age=3600 content-disposition filename="=?UTF-8?B?TG9naW5XaXRoVGFuX1NlY3VyaXR5LnBuZw==?=" server-timing dtSInfo;desc="0", dtRpid;desc="-1234276008" x-cdn 1 expires Thu, 26 May 2022 00:22:04 GMT
GET H/1.1	200 OK	newloader.gif kunde-dkb-hrt9834992.com/index_files/	544 KB 544 KB	681ms 506ms	Image image/gif	87.251.79.178 SANNIKOV
General Check archive.org Show headers Download Go to Show image Full URL https://kunde-dkb-hrt9834992.com/index_files/newloader.gif Requested by Host: kunde-dkb-hrt9834992.com URL: https://kunde-dkb-hrt9834992.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 87.251.79.178 , Russian Federation, ASN57416 (SANNIKOV, RU), Reverse DNS Software nginx / Resource Hash 32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://kunde-dkb-hrt9834992.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 00:10:18 GMT Last-Modified Wed, 25 May 2022 09:57:20 GMT Server nginx ETag "88042-5dfd31967d98e" Strict-Transport-Security max-age=31536000; Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 557122
GET H/1.1	200 OK	jquery.cookie.js Show response kunde-dkb-hrt9834992.com/index_files/	4 KB 2 KB	333ms 333ms	Script application/javascript	87.251.79.178 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://kunde-dkb-hrt9834992.com/index_files/jquery.cookie.js Requested by Host: kunde-dkb-hrt9834992.com URL: https://kunde-dkb-hrt9834992.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 87.251.79.178 , Russian Federation, ASN57416 (SANNIKOV, RU), Reverse DNS Software nginx / Resource Hash 2599542d1d5a4d49c5612c1e6333651543af4925b09d35bee17104c856519b4a Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://kunde-dkb-hrt9834992.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 00:10:18 GMT Content-Encoding gzip Last-Modified Wed, 25 May 2022 09:57:20 GMT Server nginx ETag "10f6-5dfd3196652ed-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Strict-Transport-Security max-age=31536000; Accept-Ranges bytes Content-Length 1500
GET H/1.1	200 OK	dkb.js Show response kunde-dkb-hrt9834992.com/index_files/	9 KB 2 KB	347ms 346ms	Script application/javascript	87.251.79.178 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://kunde-dkb-hrt9834992.com/index_files/dkb.js Requested by Host: kunde-dkb-hrt9834992.com URL: https://kunde-dkb-hrt9834992.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 87.251.79.178 , Russian Federation, ASN57416 (SANNIKOV, RU), Reverse DNS Software nginx / Resource Hash 1433b0dd0e3af375e56731b187c2fa921fc55c58345a157454fbbd22aaeca812 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://kunde-dkb-hrt9834992.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 00:10:18 GMT Content-Encoding gzip Last-Modified Wed, 25 May 2022 10:04:59 GMT Server nginx ETag "247b-5dfd334be7517-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Strict-Transport-Security max-age=31536000; Accept-Ranges bytes Content-Length 1785
GET H/1.1	200 OK	dkb-global-print.css kunde-dkb-hrt9834992.com/index_files/	221 KB 34 KB	612ms 434ms	Stylesheet text/css	87.251.79.178 SANNIKOV
General Check archive.org Show headers Download Go to Full URL https://kunde-dkb-hrt9834992.com/index_files/dkb-global-print.css Requested by Host: kunde-dkb-hrt9834992.com URL: https://kunde-dkb-hrt9834992.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 87.251.79.178 , Russian Federation, ASN57416 (SANNIKOV, RU), Reverse DNS Software nginx / Resource Hash 06f7edf3277d44924c26cdb4f3a9a5bdff10471b49b886a34a1544fa37a2a40d Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://kunde-dkb-hrt9834992.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 00:10:18 GMT Content-Encoding gzip Last-Modified Wed, 25 May 2022 09:57:20 GMT Server nginx ETag "37454-5dfd31965782c-gzip" Vary Accept-Encoding Content-Type text/css Connection keep-alive Strict-Transport-Security max-age=31536000; Accept-Ranges bytes Content-Length 34965
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6095c4b2fc25c6534e68ddcbcd1fb58f2634036f75262042c215c74a9285bc79 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	475 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 24483b4771b2128af4110c159a9dcb59d15557460f8ecbf0bd0805f0fad5816e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200	wt dkb01.webtrekk.net/438500649507193/	43 B 902 B	30ms 5ms	Image image/gif	185.54.150.17 WEBTREKK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dkb01.webtrekk.net/438500649507193/wt?p=526,kunde-dkb-hrt9834992_com.,1,1600x1200,24,1,1653523818230,0,1600x1200,0&la=en&np=&pu=https%3A%2F%2Fkunde-dkb-hrt9834992.com%2F Requested by Host: kunde-dkb-hrt9834992.com URL: https://kunde-dkb-hrt9834992.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.54.150.17 , Germany, ASN60164 (WEBTREKK-AS, DE), Reverse DNS Software 1679091c / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://kunde-dkb-hrt9834992.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 26 May 2022 00:10:17 GMT Last-Modified Thu, 26 May 2022 00:10:18 GMT Server 1679091c X-Robots-Tag noindex, nofollow, noarchive P3P policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT" Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0 Connection keep-alive Content-Type image/gif;charset=UTF-8 Keep-Alive timeout=30 Content-Length 43 Expires Mon, 26 Jul 1997 05:00:00 GMT
GET DATA	200 OK	truncated /	208 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 72e1af139f74424d56589a3d06474355afb141c3bd72a38d141c19f851bbc2ca Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	846 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3192ba93cb31f7fecf507ab899b4279ced7d91716f9fd5e3b200410375a6cbf0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	/ Show response api.ipify.org/	66 B 250 B	313ms 102ms	Script application/javascript	3.232.242.170 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=jsonp&callback=jQuery360005547479216108786_1653523818203&_=1653523818204 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-232-242-170.compute-1.amazonaws.com Software Cowboy / Resource Hash 539c8aa29f3de6cb25a85f13942e6cb525fb0a916585024f3b85ff2532251523 Request headers accept-language de-DE,de;q=0.9 Referer https://kunde-dkb-hrt9834992.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 00:10:18 GMT Via 1.1 vegur Server Cowboy Connection keep-alive Content-Length 66 Vary Origin Content-Type application/javascript
POST H2	200	/ Show response adminpanelfake.org/api/users/	18 B 303 B	826ms 681ms	XHR application/json	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/users/ Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash 8f8bd37a4736fb10fe87cf9cf4c8ee6679ff9bc803aa5ffca64e82106d6d4cdc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY, SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://kunde-dkb-hrt9834992.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Thu, 26 May 2022 00:10:19 GMT referrer-policy same-origin server nginx/1.14.0 (Ubuntu) x-frame-options DENY, SAMEORIGIN vary Accept, Origin, Cookie content-type application/json access-control-allow-origin * strict-transport-security max-age=31536000 allow GET, POST, PUT, DELETE, HEAD, OPTIONS content-length 18 x-content-type-options nosniff
PUT H2	404	null Show response adminpanelfake.org/api/time/	4 KB 1 KB	21ms 21ms	XHR text/html	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/null Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash e72b967f809e8c4373bf7db64316594382e5f07d221d7417ab8c33af73f7d208 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://kunde-dkb-hrt9834992.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 00:10:19 GMT content-encoding gzip referrer-policy same-origin server nginx/1.14.0 (Ubuntu) x-frame-options DENY content-type text/html access-control-allow-origin * vary Origin x-content-type-options nosniff
OPTIONS H2	200	null adminpanelfake.org/api/time/	0 0	36ms 35ms	Preflight text/html	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/null Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Method PUT Origin https://kunde-dkb-hrt9834992.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers access-control-allow-headers accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with access-control-allow-methods DELETE, GET, OPTIONS, PATCH, POST, PUT access-control-allow-origin * access-control-max-age 86400 content-length 0 content-type text/html; charset=utf-8 date Thu, 26 May 2022 00:10:19 GMT referrer-policy same-origin server nginx/1.14.0 (Ubuntu) strict-transport-security max-age=31536000 vary Origin x-content-type-options nosniff x-frame-options SAMEORIGIN
PUT H2	200	7500 Show response adminpanelfake.org/api/time/	49 B 321 B	50ms 49ms	XHR application/json	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/7500 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash 0718cb06164b53022bb734b5d021ebab3b93324a8f7daaa75922bcb990203cd0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY, SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://kunde-dkb-hrt9834992.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 00:10:20 GMT referrer-policy same-origin server nginx/1.14.0 (Ubuntu) x-frame-options DENY, SAMEORIGIN vary Accept, Origin, Cookie content-type application/json access-control-allow-origin * strict-transport-security max-age=31536000 allow GET, PUT, HEAD, OPTIONS content-length 49 x-content-type-options nosniff
OPTIONS H2	200	7500 adminpanelfake.org/api/time/	0 0	16ms 16ms	Preflight text/html	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/7500 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Method PUT Origin https://kunde-dkb-hrt9834992.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers access-control-allow-headers accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with access-control-allow-methods DELETE, GET, OPTIONS, PATCH, POST, PUT access-control-allow-origin * access-control-max-age 86400 content-length 0 content-type text/html; charset=utf-8 date Thu, 26 May 2022 00:10:20 GMT referrer-policy same-origin server nginx/1.14.0 (Ubuntu) strict-transport-security max-age=31536000 vary Origin x-content-type-options nosniff x-frame-options SAMEORIGIN
PUT H2	200	7500 Show response adminpanelfake.org/api/time/	49 B 321 B	27ms 27ms	XHR application/json	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/7500 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash 0718cb06164b53022bb734b5d021ebab3b93324a8f7daaa75922bcb990203cd0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY, SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://kunde-dkb-hrt9834992.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 00:10:21 GMT referrer-policy same-origin server nginx/1.14.0 (Ubuntu) x-frame-options DENY, SAMEORIGIN vary Accept, Origin, Cookie content-type application/json access-control-allow-origin * strict-transport-security max-age=31536000 allow GET, PUT, HEAD, OPTIONS content-length 49 x-content-type-options nosniff
OPTIONS H2	200	7500 adminpanelfake.org/api/time/	0 0	17ms 17ms	Preflight text/html	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/7500 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Method PUT Origin https://kunde-dkb-hrt9834992.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers access-control-allow-headers accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with access-control-allow-methods DELETE, GET, OPTIONS, PATCH, POST, PUT access-control-allow-origin * access-control-max-age 86400 content-length 0 content-type text/html; charset=utf-8 date Thu, 26 May 2022 00:10:21 GMT referrer-policy same-origin server nginx/1.14.0 (Ubuntu) strict-transport-security max-age=31536000 vary Origin x-content-type-options nosniff x-frame-options SAMEORIGIN
PUT H2	200	7500 Show response adminpanelfake.org/api/time/	49 B 321 B	28ms 28ms	XHR application/json	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/7500 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash 0718cb06164b53022bb734b5d021ebab3b93324a8f7daaa75922bcb990203cd0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY, SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://kunde-dkb-hrt9834992.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 00:10:22 GMT referrer-policy same-origin server nginx/1.14.0 (Ubuntu) x-frame-options DENY, SAMEORIGIN vary Accept, Origin, Cookie content-type application/json access-control-allow-origin * strict-transport-security max-age=31536000 allow GET, PUT, HEAD, OPTIONS content-length 49 x-content-type-options nosniff
OPTIONS H2	200	7500 adminpanelfake.org/api/time/	0 0	16ms 16ms	Preflight text/html	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/7500 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Method PUT Origin https://kunde-dkb-hrt9834992.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers access-control-allow-headers accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with access-control-allow-methods DELETE, GET, OPTIONS, PATCH, POST, PUT access-control-allow-origin * access-control-max-age 86400 content-length 0 content-type text/html; charset=utf-8 date Thu, 26 May 2022 00:10:22 GMT referrer-policy same-origin server nginx/1.14.0 (Ubuntu) strict-transport-security max-age=31536000 vary Origin x-content-type-options nosniff x-frame-options SAMEORIGIN

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DKB (Banking)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery function| pintHeaderEnabled object| wt_safetag object| wts function| wt_contentEngagement function| wt_scrollposition object| webtrekkConfig object| webtrekkUnloadObjects object| webtrekkLinktrackObjects function| WebtrekkV3 function| webtrekkV3 function| wt_pixelConfig object| wt function| openPrintWindow2 function| openPrintWindow object| tc_vars string| idusers string| scrollbar object| data_command object| input_data object| name_input object| last_command object| len_custom boolean| flag_user_wait object| last_custom number| command_interval function| get_custom

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dkb01.webtrekk.net/438500649507193	1970-01-21 22:30:43	Name: wteid_438500649507193 Value: 4165352381800536701
			dkb01.webtrekk.net/438500649507193	1969-12-31 23:59:59	Name: wtsid_438500649507193 Value: 1
			.kunde-dkb-hrt9834992.com/	1969-12-31 23:59:59	Name: wt_rla Value: 438500649507193%2C1%2C1653523818232
			dkb01.webtrekk.net/	1969-12-31 23:59:59	Name: wt_nbg_Q3 Value: !RfPKPPKfZma2Ka7pjGYh4zwSUbWZoJyAITg4THGomCQnTWGOznhAXauJHy301AE1Gs6LrGJAdNB9dQ==
			kunde-dkb-hrt9834992.com/	1970-01-20 03:28:48	Name: id Value: 7500

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://adminpanelfake.org/api/time/null Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adminpanelfake.org
api.ipify.org
code.jquery.com
dkb01.webtrekk.net
kunde-dkb-hrt9834992.com
www.dkb.de
185.161.211.48
185.54.150.17
2001:4de0:ac18::1:a:2a
2a02:cb40:200::b5
3.232.242.170
87.251.79.178
06f7edf3277d44924c26cdb4f3a9a5bdff10471b49b886a34a1544fa37a2a40d
0718cb06164b53022bb734b5d021ebab3b93324a8f7daaa75922bcb990203cd0
1433b0dd0e3af375e56731b187c2fa921fc55c58345a157454fbbd22aaeca812
24483b4771b2128af4110c159a9dcb59d15557460f8ecbf0bd0805f0fad5816e
2599542d1d5a4d49c5612c1e6333651543af4925b09d35bee17104c856519b4a
2ba27a0385583de954d18f8347c6706b2502eae0502e801b70856f28061620aa
3192ba93cb31f7fecf507ab899b4279ced7d91716f9fd5e3b200410375a6cbf0
32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630
409235ce94e3f03c672c1d025d39b474a6fbd52be6bd1b80d5fd3e458ed2720b
4beebd3b4a9ae471f08331e949054ef236bda84494da1eaddf7a0eec2dcdb7c0
539c8aa29f3de6cb25a85f13942e6cb525fb0a916585024f3b85ff2532251523
6095c4b2fc25c6534e68ddcbcd1fb58f2634036f75262042c215c74a9285bc79
6fcda7b473113334416bae4c97bf241b1e523a6f2719d29e0662d87bf43528b5
72e1af139f74424d56589a3d06474355afb141c3bd72a38d141c19f851bbc2ca
8f8bd37a4736fb10fe87cf9cf4c8ee6679ff9bc803aa5ffca64e82106d6d4cdc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bff707fae325e9cb11d9572af65f34a88d2b131d87d47f93159e411af7afaa0f
e72b967f809e8c4373bf7db64316594382e5f07d221d7417ab8c33af73f7d208
e73c635102184ba79364779dea265a2a216760d94de633422d0ae976af085f56
fb4a970804e769dc8009d78de6dc2922f7880c4813eafc7f9f370d7fc3c5de88
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e