dkb-entry-wp983948.com Open in urlscan Pro
5.178.2.213  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response dkb-entry-wp983948.com/	69 KB 12 KB	738ms 307ms	Document text/html	5.178.2.213 HUIZE_TELECOM mem...
General Check archive.org Show headers Download Go to Full URL https://dkb-entry-wp983948.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.2.213 , Vatican City State, ASN61302 (HUIZE_TELECOM member-of: AS-HUIZE, GB), Reverse DNS 5-178-2-213.telecomgroupdesign.com Software nginx / Resource Hash 897c596170e5ece409a47d0f0100d7f4cdd5faee6efce637331beb0d605f3c5e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 26 Jan 2023 16:32:55 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	dkb-global.css dkb-entry-wp983948.com/index_files/	268 KB 44 KB	404ms 404ms	Stylesheet text/css	5.178.2.213 HUIZE_TELECOM mem...
General Check archive.org Show headers Download Go to Full URL https://dkb-entry-wp983948.com/index_files/dkb-global.css Requested by Host: dkb-entry-wp983948.com URL: https://dkb-entry-wp983948.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.2.213 , Vatican City State, ASN61302 (HUIZE_TELECOM member-of: AS-HUIZE, GB), Reverse DNS 5-178-2-213.telecomgroupdesign.com Software nginx / Resource Hash e73c635102184ba79364779dea265a2a216760d94de633422d0ae976af085f56 Request headers accept-language de-DE,de;q=0.9 Referer https://dkb-entry-wp983948.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 26 Jan 2023 16:32:56 GMT Content-Encoding gzip Last-Modified Thu, 26 Jan 2023 13:04:01 GMT Server nginx ETag "42e63-5f32a61f864ac-gzip" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 44420
GET H/1.1	200 OK	438500649507193 Show response dkb-entry-wp983948.com/index_files/	105 KB 105 KB	617ms 480ms	Script text/plain	5.178.2.213 HUIZE_TELECOM mem...
General Check archive.org Show headers Download Go to Full URL https://dkb-entry-wp983948.com/index_files/438500649507193 Requested by Host: dkb-entry-wp983948.com URL: https://dkb-entry-wp983948.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.2.213 , Vatican City State, ASN61302 (HUIZE_TELECOM member-of: AS-HUIZE, GB), Reverse DNS 5-178-2-213.telecomgroupdesign.com Software nginx / Resource Hash 6fcda7b473113334416bae4c97bf241b1e523a6f2719d29e0662d87bf43528b5 Request headers accept-language de-DE,de;q=0.9 Referer https://dkb-entry-wp983948.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 26 Jan 2023 16:32:56 GMT Last-Modified Thu, 26 Jan 2023 13:04:01 GMT Server nginx Connection keep-alive Accept-Ranges bytes ETag "1a34b-5f32a61f7c86c" Content-Length 107339
GET H/1.1	200 OK	dkb_responsive.min.css dkb-entry-wp983948.com/index_files/	596 KB 115 KB	573ms 442ms	Stylesheet text/css	5.178.2.213 HUIZE_TELECOM mem...
General Check archive.org Show headers Download Go to Full URL https://dkb-entry-wp983948.com/index_files/dkb_responsive.min.css Requested by Host: dkb-entry-wp983948.com URL: https://dkb-entry-wp983948.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.2.213 , Vatican City State, ASN61302 (HUIZE_TELECOM member-of: AS-HUIZE, GB), Reverse DNS 5-178-2-213.telecomgroupdesign.com Software nginx / Resource Hash bff707fae325e9cb11d9572af65f34a88d2b131d87d47f93159e411af7afaa0f Request headers accept-language de-DE,de;q=0.9 Referer https://dkb-entry-wp983948.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 26 Jan 2023 16:32:56 GMT Content-Encoding gzip Last-Modified Thu, 26 Jan 2023 13:04:01 GMT Server nginx ETag "94f28-5f32a61f900ed-gzip" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 31 KB	95ms 19ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: dkb-entry-wp983948.com URL: https://dkb-entry-wp983948.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers Referer https://dkb-entry-wp983948.com/ Origin https://dkb-entry-wp983948.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 26 Jan 2023 16:32:56 GMT content-encoding gzip x-sp-metadata HS256.CMjyyp4GEo8BCiRkZTAyMjQ1Zi0yMTAwLTQxMzMtOWRlNy02M2M3NjU5OTdhMWMQ+OiCoKvU+wIaBgi41sqeBiIUMmEwMzoxYjIwOjY6ZjAxMTo6OGUo5p0DMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ3MTViM2M2ZC00MjM5LTQ4YWItODYzMy1jMGU1MWQ1M2JmOTEYm/EBIhgIAhIUY2RzMjEwLmFtNS5od2Nkbi5uZXQ=.NVrkRTdm7/edaPjj/WKP8qvp/JEQmmGTgKM1zTyto1Y= last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-15d9d" vary Accept-Encoding x-hw 1674750776.dop110.am5.t,1674750776.cds116.am5.hn,1674750776.cds210.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30875
GET H/1.1	200 OK	a497a1faffe5b9116a00a37f1705a977.jpg dkb-entry-wp983948.com/index_files/	31 KB 31 KB	377ms 354ms	Image image/jpeg	5.178.2.213 HUIZE_TELECOM mem...
General Check archive.org Show headers Download Go to Show image Full URL https://dkb-entry-wp983948.com/index_files/a497a1faffe5b9116a00a37f1705a977.jpg Requested by Host: dkb-entry-wp983948.com URL: https://dkb-entry-wp983948.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.2.213 , Vatican City State, ASN61302 (HUIZE_TELECOM member-of: AS-HUIZE, GB), Reverse DNS 5-178-2-213.telecomgroupdesign.com Software nginx / Resource Hash fb4a970804e769dc8009d78de6dc2922f7880c4813eafc7f9f370d7fc3c5de88 Request headers accept-language de-DE,de;q=0.9 Referer https://dkb-entry-wp983948.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 26 Jan 2023 16:32:57 GMT Last-Modified Thu, 26 Jan 2023 13:04:01 GMT Server nginx ETag "7ce5-5f32a61f7c86c" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 31973
GET H/1.1	200 OK	large.jpg dkb-entry-wp983948.com/index_files/	16 KB 16 KB	466ms 328ms	Image image/jpeg	5.178.2.213 HUIZE_TELECOM mem...
General Check archive.org Show headers Download Go to Show image Full URL https://dkb-entry-wp983948.com/index_files/large.jpg Requested by Host: dkb-entry-wp983948.com URL: https://dkb-entry-wp983948.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.2.213 , Vatican City State, ASN61302 (HUIZE_TELECOM member-of: AS-HUIZE, GB), Reverse DNS 5-178-2-213.telecomgroupdesign.com Software nginx / Resource Hash 409235ce94e3f03c672c1d025d39b474a6fbd52be6bd1b80d5fd3e458ed2720b Request headers accept-language de-DE,de;q=0.9 Referer https://dkb-entry-wp983948.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 26 Jan 2023 16:32:57 GMT Last-Modified Thu, 26 Jan 2023 13:04:01 GMT Server nginx ETag "3ec4-5f32a61f93f6d" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 16068
GET H2	200	binary-content.xhtml www.dkb.de/	5 KB 5 KB	293ms 19ms	Image image/png	2a02:cb40:200::b5 SOPRADO-ANY
General Check archive.org Show headers Download Go to Show image Full URL https://www.dkb.de/binary-content.xhtml?id=11335836204 Requested by Host: dkb-entry-wp983948.com URL: https://dkb-entry-wp983948.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:cb40:200::b5 , Germany, ASN20546 (SOPRADO-ANY, DE), Reverse DNS Software myracloud / Resource Hash 2ba27a0385583de954d18f8347c6706b2502eae0502e801b70856f28061620aa Security Headers Name Value Strict-Transport-Security max-age=15811200 Request headers accept-language de-DE,de;q=0.9 Referer https://dkb-entry-wp983948.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma date Thu, 26 Jan 2023 16:32:57 GMT strict-transport-security max-age=15811200 last-modified Tue, 03 Sep 2019 10:44:25 GMT server myracloud x-cdn 1 etag 11335836204-1567507465056 content-type image/png x-oneagent-js-injection true cache-control max-age=3600 content-disposition filename=LoginWithTan_Security.png server-timing dtSInfo;desc="0", dtRpid;desc="750109014" expires Thu, 26 Jan 2023 17:15:22 GMT
GET H/1.1	200 OK	newloader.gif dkb-entry-wp983948.com/index_files/	544 KB 544 KB	663ms 512ms	Image image/gif	5.178.2.213 HUIZE_TELECOM mem...
General Check archive.org Show headers Download Go to Show image Full URL https://dkb-entry-wp983948.com/index_files/newloader.gif Requested by Host: dkb-entry-wp983948.com URL: https://dkb-entry-wp983948.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.2.213 , Vatican City State, ASN61302 (HUIZE_TELECOM member-of: AS-HUIZE, GB), Reverse DNS 5-178-2-213.telecomgroupdesign.com Software nginx / Resource Hash 32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630 Request headers accept-language de-DE,de;q=0.9 Referer https://dkb-entry-wp983948.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 26 Jan 2023 16:32:57 GMT Last-Modified Thu, 26 Jan 2023 13:04:01 GMT Server nginx ETag "88042-5f32a61f9bc6d" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 557122
GET H/1.1	200 OK	jquery.cookie.js Show response dkb-entry-wp983948.com/index_files/	4 KB 2 KB	261ms 261ms	Script application/javascript	5.178.2.213 HUIZE_TELECOM mem...
General Check archive.org Show headers Download Go to Full URL https://dkb-entry-wp983948.com/index_files/jquery.cookie.js Requested by Host: dkb-entry-wp983948.com URL: https://dkb-entry-wp983948.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.2.213 , Vatican City State, ASN61302 (HUIZE_TELECOM member-of: AS-HUIZE, GB), Reverse DNS 5-178-2-213.telecomgroupdesign.com Software nginx / Resource Hash 2599542d1d5a4d49c5612c1e6333651543af4925b09d35bee17104c856519b4a Request headers accept-language de-DE,de;q=0.9 Referer https://dkb-entry-wp983948.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 26 Jan 2023 16:32:57 GMT Content-Encoding gzip Last-Modified Thu, 26 Jan 2023 13:04:01 GMT Server nginx ETag "10f6-5f32a61f9202d-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1500
GET H/1.1	200 OK	dkb.js Show response dkb-entry-wp983948.com/index_files/	9 KB 2 KB	278ms 276ms	Script application/javascript	5.178.2.213 HUIZE_TELECOM mem...
General Check archive.org Show headers Download Go to Full URL https://dkb-entry-wp983948.com/index_files/dkb.js Requested by Host: dkb-entry-wp983948.com URL: https://dkb-entry-wp983948.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.2.213 , Vatican City State, ASN61302 (HUIZE_TELECOM member-of: AS-HUIZE, GB), Reverse DNS 5-178-2-213.telecomgroupdesign.com Software nginx / Resource Hash 1433b0dd0e3af375e56731b187c2fa921fc55c58345a157454fbbd22aaeca812 Request headers accept-language de-DE,de;q=0.9 Referer https://dkb-entry-wp983948.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 26 Jan 2023 16:32:57 GMT Content-Encoding gzip Last-Modified Thu, 26 Jan 2023 13:04:01 GMT Server nginx ETag "247b-5f32a61f883ed-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1785
GET H/1.1	200 OK	dkb-global-print.css dkb-entry-wp983948.com/index_files/	221 KB 34 KB	563ms 352ms	Stylesheet text/css	5.178.2.213 HUIZE_TELECOM mem...
General Check archive.org Show headers Download Go to Full URL https://dkb-entry-wp983948.com/index_files/dkb-global-print.css Requested by Host: dkb-entry-wp983948.com URL: https://dkb-entry-wp983948.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.2.213 , Vatican City State, ASN61302 (HUIZE_TELECOM member-of: AS-HUIZE, GB), Reverse DNS 5-178-2-213.telecomgroupdesign.com Software nginx / Resource Hash 06f7edf3277d44924c26cdb4f3a9a5bdff10471b49b886a34a1544fa37a2a40d Request headers accept-language de-DE,de;q=0.9 Referer https://dkb-entry-wp983948.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 26 Jan 2023 16:32:57 GMT Content-Encoding gzip Last-Modified Thu, 26 Jan 2023 13:04:01 GMT Server nginx ETag "37454-5f32a61f8550c-gzip" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 34965
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6095c4b2fc25c6534e68ddcbcd1fb58f2634036f75262042c215c74a9285bc79 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	475 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 24483b4771b2128af4110c159a9dcb59d15557460f8ecbf0bd0805f0fad5816e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	208 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 72e1af139f74424d56589a3d06474355afb141c3bd72a38d141c19f851bbc2ca Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	846 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3192ba93cb31f7fecf507ab899b4279ced7d91716f9fd5e3b200410375a6cbf0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200	wt dkb01.webtrekk.net/438500649507193/	43 B 902 B	120ms 16ms	Image image/gif	185.54.150.17 WEBTREKK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dkb01.webtrekk.net/438500649507193/wt?p=526,dkb-entry-wp983948_com.,1,1600x1200,24,1,1674750776972,0,1600x1200,0&la=en&np=&pu=https%3A%2F%2Fdkb-entry-wp983948.com%2F Requested by Host: dkb-entry-wp983948.com URL: https://dkb-entry-wp983948.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.54.150.17 , Germany, ASN60164 (WEBTREKK-AS, DE), Reverse DNS Software d3d94468 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://dkb-entry-wp983948.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Pragma no-cache Date Thu, 26 Jan 2023 16:32:56 GMT Last-Modified Thu, 26 Jan 2023 16:32:57 GMT Server d3d94468 P3P policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT" Content-Type image/gif;charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0 Connection keep-alive X-Robots-Tag noindex, nofollow, noarchive Keep-Alive timeout=30 Content-Length 43 Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	/ Show response api.ipify.org/	67 B 173 B	1649ms 1075ms	Script application/javascript	173.231.16.76 WEBNX
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=jsonp&callback=jQuery36001650571452004328_1674750776834&_=1674750776835 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.231.16.76 , United States, ASN18450 (WEBNX, US), Reverse DNS 173-231-16-76.static.webnx.com Software / Resource Hash 672e45a7f6f63ca8039cbc7e57b7dcfba36382463950c8ad736b56a58ff6dff5 Request headers accept-language de-DE,de;q=0.9 Referer https://dkb-entry-wp983948.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers access-control-allow-origin * date Thu, 26 Jan 2023 16:32:58 GMT access-control-allow-credentials true content-length 67 vary Origin content-type application/javascript
PUT H2	404	null Show response adminpanelfake.org/api/time/	4 KB 1 KB	25ms 24ms	XHR text/html	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/null Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash e72b967f809e8c4373bf7db64316594382e5f07d221d7417ab8c33af73f7d208 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://dkb-entry-wp983948.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 26 Jan 2023 16:32:58 GMT content-encoding gzip x-content-type-options nosniff referrer-policy same-origin server nginx/1.14.0 (Ubuntu) x-frame-options DENY vary Origin content-type text/html access-control-allow-origin *
OPTIONS H2	200	null adminpanelfake.org/api/time/	0 0	479ms 19ms	Preflight text/html	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/null Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Method PUT Origin https://dkb-entry-wp983948.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers access-control-allow-headers accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with access-control-allow-methods DELETE, GET, OPTIONS, PATCH, POST, PUT access-control-allow-origin * access-control-max-age 86400 content-length 0 content-type text/html; charset=utf-8 date Thu, 26 Jan 2023 16:32:58 GMT referrer-policy same-origin server nginx/1.14.0 (Ubuntu) strict-transport-security max-age=31536000 vary Origin x-content-type-options nosniff x-frame-options SAMEORIGIN
POST H2	200	/ Show response adminpanelfake.org/api/users/	19 B 304 B	682ms 681ms	XHR application/json	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/users/ Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash 6eda7b3c3cb096659f0a90120e0ef548dc37d136f2ca9cea9923490876acfc82 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY, SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://dkb-entry-wp983948.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Thu, 26 Jan 2023 16:32:59 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy same-origin server nginx/1.14.0 (Ubuntu) x-frame-options DENY, SAMEORIGIN vary Accept, Origin, Cookie content-type application/json access-control-allow-origin * allow GET, POST, PUT, DELETE, HEAD, OPTIONS content-length 19
PUT H2	404	null Show response adminpanelfake.org/api/time/	4 KB 1 KB	22ms 22ms	XHR text/html	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/null Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash e72b967f809e8c4373bf7db64316594382e5f07d221d7417ab8c33af73f7d208 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://dkb-entry-wp983948.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 26 Jan 2023 16:32:59 GMT content-encoding gzip x-content-type-options nosniff referrer-policy same-origin server nginx/1.14.0 (Ubuntu) x-frame-options DENY vary Origin content-type text/html access-control-allow-origin *
OPTIONS H2	200	null adminpanelfake.org/api/time/	0 0	18ms 18ms	Preflight text/html	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/null Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Method PUT Origin https://dkb-entry-wp983948.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers access-control-allow-headers accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with access-control-allow-methods DELETE, GET, OPTIONS, PATCH, POST, PUT access-control-allow-origin * access-control-max-age 86400 content-length 0 content-type text/html; charset=utf-8 date Thu, 26 Jan 2023 16:32:59 GMT referrer-policy same-origin server nginx/1.14.0 (Ubuntu) strict-transport-security max-age=31536000 vary Origin x-content-type-options nosniff x-frame-options SAMEORIGIN
PUT H2	200	18691 Show response adminpanelfake.org/api/time/	49 B 321 B	33ms 32ms	XHR application/json	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/18691 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash 0718cb06164b53022bb734b5d021ebab3b93324a8f7daaa75922bcb990203cd0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY, SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://dkb-entry-wp983948.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 26 Jan 2023 16:33:00 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy same-origin server nginx/1.14.0 (Ubuntu) x-frame-options DENY, SAMEORIGIN vary Accept, Origin, Cookie content-type application/json access-control-allow-origin * allow GET, PUT, HEAD, OPTIONS content-length 49
OPTIONS H2	200	18691 adminpanelfake.org/api/time/	0 0	18ms 17ms	Preflight text/html	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/18691 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Method PUT Origin https://dkb-entry-wp983948.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers access-control-allow-headers accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with access-control-allow-methods DELETE, GET, OPTIONS, PATCH, POST, PUT access-control-allow-origin * access-control-max-age 86400 content-length 0 content-type text/html; charset=utf-8 date Thu, 26 Jan 2023 16:33:00 GMT referrer-policy same-origin server nginx/1.14.0 (Ubuntu) strict-transport-security max-age=31536000 vary Origin x-content-type-options nosniff x-frame-options SAMEORIGIN
PUT H2	200	18691 Show response adminpanelfake.org/api/time/	49 B 321 B	33ms 30ms	XHR application/json	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/18691 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash 0718cb06164b53022bb734b5d021ebab3b93324a8f7daaa75922bcb990203cd0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY, SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://dkb-entry-wp983948.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 26 Jan 2023 16:33:01 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy same-origin server nginx/1.14.0 (Ubuntu) x-frame-options DENY, SAMEORIGIN vary Accept, Origin, Cookie content-type application/json access-control-allow-origin * allow GET, PUT, HEAD, OPTIONS content-length 49
OPTIONS H2	200	18691 adminpanelfake.org/api/time/	0 0	19ms 18ms	Preflight text/html	185.161.211.48 DELTAHOST-AS
General Check archive.org Show headers Download Go to Full URL https://adminpanelfake.org/api/time/18691 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA), Reverse DNS 185.161.211.48.deltahost-ptr Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Method PUT Origin https://dkb-entry-wp983948.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers access-control-allow-headers accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with access-control-allow-methods DELETE, GET, OPTIONS, PATCH, POST, PUT access-control-allow-origin * access-control-max-age 86400 content-length 0 content-type text/html; charset=utf-8 date Thu, 26 Jan 2023 16:33:01 GMT referrer-policy same-origin server nginx/1.14.0 (Ubuntu) strict-transport-security max-age=31536000 vary Origin x-content-type-options nosniff x-frame-options SAMEORIGIN
PUT		18691 adminpanelfake.org/api/time/	0 0
OPTIONS		18691 adminpanelfake.org/api/time/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

adminpanelfake.org

URL

https://adminpanelfake.org/api/time/18691

Domain

adminpanelfake.org

URL

https://adminpanelfake.org/api/time/18691

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DKB (Banking)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery function| pintHeaderEnabled function| openPrintWindow2 function| openPrintWindow object| tc_vars object| wt_safetag object| wts function| wt_contentEngagement function| wt_scrollposition object| webtrekkConfig object| webtrekkUnloadObjects object| webtrekkLinktrackObjects function| WebtrekkV3 function| webtrekkV3 function| wt_pixelConfig object| wt string| idusers string| scrollbar object| data_command object| input_data object| name_input object| last_command object| len_custom boolean| flag_user_wait object| last_custom number| command_interval function| get_custom

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dkb01.webtrekk.net/438500649507193	1970-01-20 18:48:30	Name: wteid_438500649507193 Value: 4167475077700636920
			dkb01.webtrekk.net/438500649507193	1969-12-31 23:59:59	Name: wtsid_438500649507193 Value: 1
			.dkb-entry-wp983948.com/	1969-12-31 23:59:59	Name: wt_rla Value: 438500649507193%2C1%2C1674750776974
			dkb01.webtrekk.net/	1969-12-31 23:59:59	Name: wt_nbg_Q3 Value: !it4CqS3FXTHRM3fpjGYh4zwSUbWZoIgL5RfhUIWpd+DnbmDK5slCp91RCu1DBzaY9xk35ueQ1JWH4A==
			dkb-entry-wp983948.com/	1970-01-20 09:22:35	Name: id Value: 18691

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://adminpanelfake.org/api/time/null Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://adminpanelfake.org/api/time/null Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adminpanelfake.org
api.ipify.org
code.jquery.com
dkb-entry-wp983948.com
dkb01.webtrekk.net
www.dkb.de
adminpanelfake.org
173.231.16.76
185.161.211.48
185.54.150.17
2001:4de0:ac18::1:a:3a
2a02:cb40:200::b5
5.178.2.213
06f7edf3277d44924c26cdb4f3a9a5bdff10471b49b886a34a1544fa37a2a40d
0718cb06164b53022bb734b5d021ebab3b93324a8f7daaa75922bcb990203cd0
1433b0dd0e3af375e56731b187c2fa921fc55c58345a157454fbbd22aaeca812
24483b4771b2128af4110c159a9dcb59d15557460f8ecbf0bd0805f0fad5816e
2599542d1d5a4d49c5612c1e6333651543af4925b09d35bee17104c856519b4a
2ba27a0385583de954d18f8347c6706b2502eae0502e801b70856f28061620aa
3192ba93cb31f7fecf507ab899b4279ced7d91716f9fd5e3b200410375a6cbf0
32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630
409235ce94e3f03c672c1d025d39b474a6fbd52be6bd1b80d5fd3e458ed2720b
6095c4b2fc25c6534e68ddcbcd1fb58f2634036f75262042c215c74a9285bc79
672e45a7f6f63ca8039cbc7e57b7dcfba36382463950c8ad736b56a58ff6dff5
6eda7b3c3cb096659f0a90120e0ef548dc37d136f2ca9cea9923490876acfc82
6fcda7b473113334416bae4c97bf241b1e523a6f2719d29e0662d87bf43528b5
72e1af139f74424d56589a3d06474355afb141c3bd72a38d141c19f851bbc2ca
897c596170e5ece409a47d0f0100d7f4cdd5faee6efce637331beb0d605f3c5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bff707fae325e9cb11d9572af65f34a88d2b131d87d47f93159e411af7afaa0f
e72b967f809e8c4373bf7db64316594382e5f07d221d7417ab8c33af73f7d208
e73c635102184ba79364779dea265a2a216760d94de633422d0ae976af085f56
fb4a970804e769dc8009d78de6dc2922f7880c4813eafc7f9f370d7fc3c5de88
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e