secrurego-jetzt.com
Open in
urlscan Pro
45.146.255.179
Malicious Activity!
Public Scan
Submission Tags: @ecarlesi threat phishing Search All
Submission: On December 30 via api from IT — Scanned from IT
Summary
TLS certificate: Issued by R3 on December 26th 2023. Valid for: 3 months.
This is the only time secrurego-jetzt.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Volksbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 45.146.255.179 45.146.255.179 | 30823 (AUROLOGIC...) (AUROLOGIC aurologic GmbH) | |
2 | 195.200.51.198 195.200.51.198 | 15590 (ATRUVIA) (ATRUVIA) | |
6 | 3 |
ASN30823 (AUROLOGIC aurologic GmbH, DE)
PTR: silver-hawk-98002.zap.cloud
secrurego-jetzt.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
berliner-volksbank.de
www.berliner-volksbank.de — Cisco Umbrella Rank: 828657 Failed |
10 KB |
2 |
secrurego-jetzt.com
secrurego-jetzt.com |
553 KB |
6 | 2 |
Domain | Requested by | |
---|---|---|
2 | www.berliner-volksbank.de |
secrurego-jetzt.com
|
2 | secrurego-jetzt.com |
secrurego-jetzt.com
|
6 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
secrurego-jetzt.com R3 |
2023-12-26 - 2024-03-25 |
3 months | crt.sh |
berliner-volksbank.de QuoVadis Europe EV SSL CA G1 |
2023-06-27 - 2024-06-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://secrurego-jetzt.com/ui898YUh/76Op/658b6bc696169
Frame ID: 1C1CD5C8EB6FD609F578679CA647846E
Requests: 19 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
658b6bc696169
secrurego-jetzt.com/ui898YUh/76Op/ |
2 MB 550 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vkb.png
secrurego-jetzt.com/public/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
22 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
16 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
polyfills.0e11c782a58adcea.js
www.berliner-volksbank.de/services_auth/auth-frontend/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
28 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
63 KB 63 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
24 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.8afe9b88e77e9029.js
www.berliner-volksbank.de/services_auth/auth-frontend/ |
30 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
main.20b30852e39f9c8e.js
www.berliner-volksbank.de/services_auth/auth-frontend/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.berliner-volksbank.de/services_auth/auth-frontend/services_cloud/portal/webcomponents/cms-components/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.berliner-volksbank.de
- URL
- https://www.berliner-volksbank.de/services_auth/auth-frontend/polyfills.0e11c782a58adcea.js
- Domain
- www.berliner-volksbank.de
- URL
- https://www.berliner-volksbank.de/services_auth/auth-frontend/main.20b30852e39f9c8e.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Volksbank (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| opttanConfig object| rsct object| RsctOpttan1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
secrurego-jetzt.com/ | Name: PHPSESSID Value: prp5fajogutnos7dasqkb0ihoi |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
secrurego-jetzt.com
www.berliner-volksbank.de
www.berliner-volksbank.de
195.200.51.198
45.146.255.179
08c6216305671f1f3f66067057da56b578d879b7c1c77e409b340e9f873c9a86
17a6c1570a04dd163c252c6ac22efbc0f95106ba77438d18f16e61913c396073
193c842a2509cf7f02ae53bcfe06eef90e653f86af7b973bce4059eae10e92f6
22bf3193fa44f65146b052384fa83c3f4037dfb8528492dde8510a7e6076c74f
3097e43e3a9b2002798fa0cee854002a72f17f43103a9ea7b4dedef610a0f5d6
33891c62b6270b0139750f3be423eb7c4807121d5ce7d54699a97ff5ada20bfb
3dd0fbe22463c31aadcaf5c9ea86ec916cc38136f8b71e65a6d7ab4717d09e8a
60154e6e2f54fa24a52d92b99146a39d81151578f6a3a4bd533bf8c43d676b6c
6a9d7ec3c0dc1347ce344830677d4c085536e3d857f946da8dd666bbe91e3852
6eb55389baff7676489188945e3c508c1d5f2ad0969bd5fdcdfb3cd3b26b1ace
70192633915348f5f3297b15a8349cefd61fb2dea99ac974aa243a4605ef0704
93a42951ec0bae1d49c6c94e2bcac1a728591b5aee96a698aeb95c569aa4ce47
bc5bcd93361b2057348129acae6936f5ef20d5b31cebb08a03abdf23a4cb5168
c825e9b517a70daf14196922b7c35578f62e5facea44a808acf4dadda1456b85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f00e05e6fcb48cbf33e15e7393b71041234246e48727fc225310c153cfa6cc31
f5e6ddeeafef73b85dbbf7d7b2ed0cef898013f3530ec375caf87fc88eeca5bd