mehrsicherheitt.com
Open in
urlscan Pro
27.121.68.20
Malicious Activity!
Public Scan
Submission: On November 18 via automatic, source phishtank
Summary
This is the only time mehrsicherheitt.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 27.121.68.20 27.121.68.20 | 24446 (NETREGIST...) (NETREGISTRY-AS-AP NetRegistry Pty Ltd.) | |
8 | 1 |
ASN24446 (NETREGISTRY-AS-AP NetRegistry Pty Ltd., AU)
PTR: cp620.ezyreg.com
mehrsicherheitt.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
mehrsicherheitt.com
mehrsicherheitt.com |
18 KB |
8 | 1 |
Domain | Requested by | |
---|---|---|
8 | mehrsicherheitt.com |
mehrsicherheitt.com
|
8 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
appleid.apple.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://mehrsicherheitt.com/team/
Frame ID: 3921.1
Requests: 8 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Noch keine Apple ID? Jetzt eine erstellen.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
mehrsicherheitt.com/team/ |
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oson.css
mehrsicherheitt.com/team/imgs/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_apple.png
mehrsicherheitt.com/team/imgs/ |
253 B 253 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search_icon_white.png
mehrsicherheitt.com/team/imgs/ |
254 B 254 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-lock-header-gray.png
mehrsicherheitt.com/team/imgs/ |
352 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
field_bg.png
mehrsicherheitt.com/team/imgs/ |
339 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dividers.png
mehrsicherheitt.com/team/imgs/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ansel.png
mehrsicherheitt.com/team/imgs/ |
336 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| checkform object| arr object| l number| i0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mehrsicherheitt.com
27.121.68.20
2f1b107ec4041195e058e968d1f151f9c19814661ce0c049bec2aaee235d45e0
6b9c330b2c95670c6c5eb5b0570a540226cfb52cd42d6307fb9cf09d1e26c4cd
843c4773034c2b2543b810f393d097183bf6ab1a5c609390f915de014e75606f
89ea43268c80ba43edec70a71f092f7541163f007ebd2ee13a8d4a68fb8924ca
8f8cb4e5c76e42385045b5c471c43ad4768af6e05fdf8025780605bae8ffc008
ad5f04a093ea5b39ab04334153b74d81b5a77170328a5f7a5af803573a1f86cd
d298de59d18d201c74a595bc1a5e86d25db2cb7cd90d819b121a3ff3983f0f33
f920459515ffe06247556cdfb683f2d339c54ee2a5c74fd34f174312d76e02ad