www-v87-brand-design-telekom-com.mehrwert.review
Open in
urlscan Pro
78.35.14.118
Malicious Activity!
Public Scan
Effective URL: https://www-v87-brand-design-telekom-com.mehrwert.review/account/login/?return_url=%2F
Submission: On May 24 via api from DE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on March 25th 2020. Valid for: 3 months.
This is the only time www-v87-brand-design-telekom-com.mehrwert.review was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telekom (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 29 | 78.35.14.118 78.35.14.118 | 8422 (NETCOLOGNE) (NETCOLOGNE) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200e | 15169 (GOOGLE) (GOOGLE) | |
31 | 4 |
ASN8422 (NETCOLOGNE, DE)
www-v87-brand-design-telekom-com.mehrwert.review |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
mehrwert.review
1 redirects
www-v87-brand-design-telekom-com.mehrwert.review |
17 MB |
1 |
ytimg.com
s.ytimg.com |
25 KB |
1 |
youtube.com
www.youtube.com |
1 KB |
31 | 3 |
Domain | Requested by | |
---|---|---|
29 | www-v87-brand-design-telekom-com.mehrwert.review |
1 redirects
www-v87-brand-design-telekom-com.mehrwert.review
|
1 | s.ytimg.com |
www.youtube.com
|
1 | www.youtube.com |
www-v87-brand-design-telekom-com.mehrwert.review
|
31 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www-v87-brand-design-telekom-com.mehrwert.review Let's Encrypt Authority X3 |
2020-03-25 - 2020-06-23 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www-v87-brand-design-telekom-com.mehrwert.review/account/login/?return_url=%2F
Frame ID: 3FCCDDB6BCD783CF7C4A0A0790C09E51
Requests: 34 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www-v87-brand-design-telekom-com.mehrwert.review/
HTTP 302
https://www-v87-brand-design-telekom-com.mehrwert.review/account/login/?return_url=%2F Page URL
Detected technologies
TYPO3 CMS (CMS) ExpandDetected patterns
- meta generator /TYPO3\s+(?:CMS\s+)?([\d.]+)?(?:\s+CMS)?/i
PHP (Programming Languages) Expand
Detected patterns
- meta generator /TYPO3\s+(?:CMS\s+)?([\d.]+)?(?:\s+CMS)?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www-v87-brand-design-telekom-com.mehrwert.review/
HTTP 302
https://www-v87-brand-design-telekom-com.mehrwert.review/account/login/?return_url=%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www-v87-brand-design-telekom-com.mehrwert.review/account/login/ Redirect Chain
|
15 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Vendor.css
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/bd_sitepackage/Resources/Public/Stylesheets/ |
141 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Styles.css
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/bd_sitepackage/Resources/Public/Stylesheets/ |
132 KB 42 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Styles.css
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/xtb_assetpool/Resources/Public/Stylesheets/ |
22 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
deutsche-telekom-logo.svg
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/bd_sitepackage/Resources/Public/Vendor/telekom-toolbox-templates/assets/brand/ |
737 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brand-claim.png
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/bd_sitepackage/Resources/Public/Vendor/telekom-toolbox-templates/assets/brand/en/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PreLoginLoopPoster_v1_01.png
www-v87-brand-design-telekom-com.mehrwert.review/fileadmin/Redaktion/login/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3af358c71d.js
www-v87-brand-design-telekom-com.mehrwert.review/typo3temp/assets/js/ |
980 B 745 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Vendor.js
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/bd_sitepackage/Resources/Public/Scripts/ |
911 KB 252 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Scripts.js
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/bd_sitepackage/Resources/Public/Scripts/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tx_bdlogin.js
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/bd_login/Resources/Public/Scripts/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Detail.js
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/xtb_assetpool/Packages/Icon/Resources/Public/JavaScript/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Detail.js
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/xtb_assetpool/Packages/Language/Resources/Public/JavaScript/ |
1 KB 772 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Detail.js
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/xtb_assetpool/Packages/TerminalAnimation/Resources/Public/JavaScript/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Vendor.js
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/xtb_assetpool/Resources/Public/Scripts/ |
149 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Scripts.js
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/xtb_assetpool/Resources/Public/Scripts/ |
58 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tx_xtb_metrics_tracking.js
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/xtb_metrics/Resources/Public/JavaScript/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tx_xtbregistration.js
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/xtb_registration/Resources/Public/Scripts/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tx_xtbusermanagement.js
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/xtb_usermanagement/Resources/Public/Scripts/ |
30 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PreLoginLoop_v1_01.mp4
www-v87-brand-design-telekom-com.mehrwert.review/fileadmin/Redaktion/login/ |
64 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www-v87-brand-design-telekom-com.mehrwert.review/account/login/ |
15 KB 15 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TeleGroteskNext-Regular.woff2
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/bd_sitepackage/Resources/Public/Fonts/ |
51 KB 52 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TeleGroteskNext-Ultra.woff2
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/bd_sitepackage/Resources/Public/Fonts/ |
51 KB 51 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TeleGroteskNext-Thin.woff2
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/bd_sitepackage/Resources/Public/Fonts/ |
50 KB 51 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
5018ba4b-6bc6-4a2b-81d8-2c2235fb4b12
https://www-v87-brand-design-telekom-com.mehrwert.review/ |
31 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
859 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
piwik.js
www-v87-brand-design-telekom-com.mehrwert.review/matomo/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading-indicator-36.gif
www-v87-brand-design-telekom-com.mehrwert.review/typo3conf/ext/xtb_base/Vendor/telekom-toolbox-templates/assets/ |
13 KB 14 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PreLoginLoop_v1_01.mp4
www-v87-brand-design-telekom-com.mehrwert.review/fileadmin/Redaktion/login/ |
15 MB 15 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflcS5aan/ |
66 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
piwik.php
www-v87-brand-design-telekom-com.mehrwert.review/matomo/ |
43 B 210 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telekom (Telecommunication)49 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| TYPO3 function| decryptCharcode function| decryptString function| linkTo_UnCryptMailto string| siteLanguage string| siteLanguageId function| objectFitImages function| $ function| jQuery object| jQuery1124031719674241877205 function| SearchIndex function| Bloodhound function| Waypoint function| parse function| tokenize object| vttjs function| WebVTT function| videojs undefined| Youtube function| $f function| Froogaloop undefined| Vimeo object| dtag object| moxie object| plupload object| txXtbUsermanagement object| _paq object| piwikUserUnit object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubSubscribedKeys object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytLoggingTransportLogPayloadsQueue_ object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| JSON_PIWIK object| Piwik object| AnalyticsTracker function| piwik_log2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www-v87-brand-design-telekom-com.mehrwert.review/ | Name: _pk_ses.1.c3ff Value: * |
|
www-v87-brand-design-telekom-com.mehrwert.review/ | Name: _pk_id.1.c3ff Value: cae94139199cc94f.1590297371.1.1590297371.1590297371. |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000 |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
s.ytimg.com
www-v87-brand-design-telekom-com.mehrwert.review
www.youtube.com
2a00:1450:4001:802::200e
2a00:1450:4001:809::200e
78.35.14.118
111953de596acbf475fe62a675411d744e56b0d246864461ff8c9a93a7f7c58e
160a775c3328b887dede2367191dd8ed4baf93dd881f87c0cc2b7f5355091fb7
1c9d2ffdfca71199110491f62e29ef9c9f2605cd991fbc525a2287858ccf583d
231597ab16b09f85222be242217dcb0bdd6b657e0ef8493bd63ac33f3e8a6b7f
25cbb7d2483c4dd53d664ca1af695e7edfd1e5cc6c2d2ba6d63480d2f2edc5d3
26dcc766be9c0ef8a05ecb74c0de94d3a4acbb9ebf7bb1e5bdc6d3bcae08c824
28eae62e899280defebaf0efe03a580acca6f086ee5da374010320437ca79eb0
2d666ca05617c1e14769450b943d4213042f394c5dc1fa6f2998cfa36829d2d9
32a141d7c30a9cd0b8c57bd55e205ba8c0ed719545f13bfc459ad088cd8c40dd
37ac8b88ef847da95b317e43eee9ab3afd35caa4dcb618b92b49fcc7eabe9208
5107dabbaf3a48488085eb7d6919fcffce6d4f8bc8225e2ca39f203656d5c6c7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
6019660cc889e46e40cc923109ee343f130529a73f7986c3e3d2d3faa3091684
6e4ecfdcc38736ffef0dead694f5adec8d48dc1897dfd9cf3df430d099720d31
73106a4eb7addd8a6e266d7a0b04ff74663b764253b02ccaa145c879db723048
75858a046aae3202332768623d03db54f4ef31031a65592f1d2bdee6afb18b19
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7c6d461da8bb4bfebfec032b14fe5592a67fd0549107ac9ad91c01b18e7db195
8b73bdb35d8412d8be46a0046e3da0081ed1169c11d50fcb6bde65b7fb6c5dda
937c95ba76506bd11e5d0efd4e52f453c0e4947426a7fdff52d187af5b1e63dd
9a743a92db0b6aaaefae53df128beb23bf5168ac2c61953e8c1c29b32fd416b4
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a45ab3fb6c92758698ad3959e66e463b40889e017f6791191824ee0112e6245b
cba545e2a31cf8b33d37db4499d747d74350f36166adf6013ddc97d47e527fd5
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d2d61f5afda492bfb1b2cf8139b3c6eb55b909fb8cbe518b5b31013da3e722ee
d5b47063e5d264c421c1e54e6b68ee281e4ec9aac22e4b8f3068599a3622f5de
d9a9a8aeb7f2a95fe4409f9121f0f08fde1c1eb681871a6829d4d5bd71b5deab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f06e05084162f06b3e3f0f25ad08bf8da3d2574551ca8b530d6b0e07e4b6b6f2
f5ac797c2314aae20433ad0ab636d503bcb657cdd752b89c5465b913c0c94971