185.150.25.159
Open in
urlscan Pro
185.150.25.159
Malicious Activity!
Public Scan
Submission: On March 04 via manual from DE — Scanned from DE
Summary
This is the only time 185.150.25.159 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: KfW Development Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 185.150.25.159 185.150.25.159 | 30823 (COMBAHTON...) (COMBAHTON combahton GmbH) | |
1 | 104.151.29.97 104.151.29.97 | 8881 (VERSATEL) (VERSATEL) | |
7 | 2 |
ASN30823 (COMBAHTON combahton GmbH, DE)
PTR: vps-zap1006654-1.zap-srv.com
185.150.25.159 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
kfw.de
www.kfw.de — Cisco Umbrella Rank: 288898 |
6 KB |
7 | 1 |
Domain | Requested by | |
---|---|---|
1 | www.kfw.de |
185.150.25.159
|
7 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.kfw.de |
www.facebook.com |
twitter.com |
www.linkedin.com |
www.xing.com |
www.kfw-formularsammlung.de |
onlinekreditportal.kfw.de |
www.twitter.com |
www.youtube.com |
de.linkedin.com |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.kfw.de TeleSec ServerPass Class 2 CA |
2022-11-23 - 2023-11-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://185.150.25.159/
Frame ID: 53DECFB04ED567294B665AB639E85A0F
Requests: 7 HTTP requests in this frame
45 Outgoing links
These are links going to different origins than the main page.
Title: Startseite
Search URL Search Domain Scan URL
Title: Startseite
Search URL Search Domain Scan URL
Title: Unternehmen Wir fördern den Mittelstand, Freiberufler und Gründer
Search URL Search Domain Scan URL
Title: Öffentliche Einrichtungen Wir fördern Kommunen und kommunale Unternehmen
Search URL Search Domain Scan URL
Title: Partnerportal Wir unterstützen Vertriebspartner mit zusätzlichen Informationen und Arbeitshilfen
Search URL Search Domain Scan URL
Title: Internationale Finanzierung Wir sind überall da aktiv, wo die Welt miteinander agiert
Search URL Search Domain Scan URL
Title: Stories Das digitale Magazin der KfW Bankengruppe erzählt Geschichten aus aller Welt
Search URL Search Domain Scan URL
Title: Über die KfW Alle wichtigen Informationen rund um die KfW Bankengruppe
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Online-Kreditportal Studieren & Qualifizieren: Zugang zu Ihren Vertragsdaten und wichtige Informationen
Search URL Search Domain Scan URL
Title: KfW-Förderportal Bankdurchleitung Online für Finanzierungspartner der KfW
Search URL Search Domain Scan URL
Title: kfw.de/s/deiu9Wv
Search URL Search Domain Scan URL
Title: Datenschutzhinweise
Search URL Search Domain Scan URL
Title: teilen
Search URL Search Domain Scan URL
Title: tweet
Search URL Search Domain Scan URL
Title: mitteilen
Search URL Search Domain Scan URL
Title: teilen
Search URL Search Domain Scan URL
Title: Newsroom
Search URL Search Domain Scan URL
Title: Investor Relations
Search URL Search Domain Scan URL
Title: KfW Research
Search URL Search Domain Scan URL
Title: Karriere
Search URL Search Domain Scan URL
Title: Beschaffung
Search URL Search Domain Scan URL
Title: Nachhaltigkeit
Search URL Search Domain Scan URL
Title: Aktuelle Zinskonditionen
Search URL Search Domain Scan URL
Title: Beratung bei Finanzierungspartnern
Search URL Search Domain Scan URL
Title: Merkblätter und Formulare
Search URL Search Domain Scan URL
Title: Online-Kreditportal
Search URL Search Domain Scan URL
Title: Download Center
Search URL Search Domain Scan URL
Title: KfW-Newsdienste
Search URL Search Domain Scan URL
Title: Tilgungsrechner
Search URL Search Domain Scan URL
Title: Service
Search URL Search Domain Scan URL
Title: Kontakt
Search URL Search Domain Scan URL
Title: Beschwerden
Search URL Search Domain Scan URL
Title: Pressestelle
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Youtube
Search URL Search Domain Scan URL
Title: XING
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Barrierefreiheit
Search URL Search Domain Scan URL
Title: Barriere melden
Search URL Search Domain Scan URL
Title: Rechtliche Hinweise
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
185.150.25.159/ |
217 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kfw.main.css
185.150.25.159/ |
2 MB 162 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kfw_logo_1280-2x.svg
www.kfw.de/Technische-Medien/Logos/ |
14 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home.jpg
185.150.25.159/kfw/ |
50 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logoalt.png
185.150.25.159/ |
277 KB 277 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kfw-icons.woff2
185.150.25.159/fonts/kfw-icons/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KFWCentroSans-Reg.woff2
185.150.25.159/fonts/KfW_Centro_Sans/KfW_Centro_Sans_Regular/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: KfW Development Bank (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
185.150.25.159/ | Name: XSRF-TOKEN Value: eyJpdiI6IlEybkNHdzgraWdlT1NKamx4R3NNWXc9PSIsInZhbHVlIjoieFAzdExUcmNwU3dDaE1aOHl4NW5FNGhUdzdIb0R5UDMzWVNqZ0VBUmdhQy8yK1pGL0dMY2NwVmtTS1h5QzAranZ1ZDBFcUNnajF4V3gyWkxJcGRLdFJGNTlmRm5ldko5aXdMWEIrWDlPYlF3a1BkMlRpUVNYa3B2RWszSXZzbXAiLCJtYWMiOiJmZWE2ZGYwZGE2YzVhNzQxYTA4ZGUxMmMzOGY5MTk2ZGE1NWY1YjJhOWI5MDUzNTY5YzRiM2JhZTkwZTRiNDFkIiwidGFnIjoiIn0%3D |
|
185.150.25.159/ | Name: laravel_session Value: eyJpdiI6Iml0Z3IxdVFNQWlHL2VWRHRRQ1J0Qnc9PSIsInZhbHVlIjoickd5NnRLVkZ2MUdxUHFQaGI4QlFzOEpNQmZ5UXdqTit4UURLelV4anFDQWh4NXFSZkZQcGtFVkR4N2I3akJoWmJBZmU1L1llTlE0ZG1jVnZoK1U0VkNibnlNaFFnbkxBMVZXQmJGQmdFVklibHRwUThZcFd4QjhYcTlOakJ0dWUiLCJtYWMiOiI4YzMzZWExOTM5MGJhZTUyNjcyNjJlYWIxOTQ1YTc0YWFmMmU3YTRmMDA3YzcyZDI5NDUyM2IzM2I1MDExNTk1IiwidGFnIjoiIn0%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.kfw.de
104.151.29.97
185.150.25.159
07dc762e320c2d1bc8214768f7890ed7841b34ef72f7c8a383ebd5b8d8bc1947
29149f0cc279f9d652e11c2e46b818df29c0564410c25a0ae74ba4bc4672fc20
3279c297a6b83d31f82fc8c88b065ef2c9947a4d37a1b949ea5c1c32f6c94c6a
3a8af5e267fb5fdf74b53335f7a7f014f66d95ccd6c28a4babbd95b211942b18
5e17977fac64a36ce21810b605bb5da2e5606371c0b7c019fe9a3274b68e75ad
9a1ed2beaf216db94473a3a85455c3892891d8dffc78907ca84500bf9cbab381
aaa564c2c01f4e51856ebf075e1abcf6ff44f54f415960cb35e4c91f8edd8b62