dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
185.246.221.160301 Moved Permanently 162 B URL HTTP/1.1 dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
IP 185.246.221.160:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /a1b2c3/d63fb8474320101485cf926961876ed4/login/? HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 21 Jan 2023 12:34:07 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13886
Expires: Sat, 21 Jan 2023 16:25:33 GMT
Date: Sat, 21 Jan 2023 12:34:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4744
Expires: Sat, 21 Jan 2023 13:53:11 GMT
Date: Sat, 21 Jan 2023 12:34:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 11:49:38 GMT
content-type: application/json
age: 2669
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14136
Expires: Sat, 21 Jan 2023 16:29:43 GMT
Date: Sat, 21 Jan 2023 12:34:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: h+p03OpEHvfiwZKIprEIr6wkM7sOzNfkYNdrxzTuNA+aOozJZk0QFvzk4YARhhhLiLyg5G3q+Mw=
x-amz-request-id: K0FC56MKBVVSA6X7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 11:46:47 GMT
age: 2840
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:07 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash edb7d973c34b506480b1c258ae74cfe0
9b011ddcebe52cb95b9ed63324eafd51fb56b424
81b343a57ef652612a1a03cbb6c9500c33838b7c26b6ca6204f851fcd6ac384d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81B343A57EF652612A1A03CBB6C9500C33838B7C26B6CA6204F851FCD6AC384D"
Last-Modified: Sat, 21 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 21 Jan 2023 18:34:07 GMT
Date: Sat, 21 Jan 2023 12:34:07 GMT
Connection: keep-alive
dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
185.246.221.160200 OK 4.6 kB URL HTTP/2 dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
IP 185.246.221.160:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (636)
Hash 4e98197028112df430538525041a346f
cf5e5111a9baf6d85acb1e9bddae0fb468b08865
f57fd7529249b096fdb6429348ed485c47196e6fc72ebfe9c0aec1519aaa47eb
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /a1b2c3/d63fb8474320101485cf926961876ed4/login/? HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: text/html; charset=UTF-8
content-length: 4625
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 11:48:58 GMT
age: 2710
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/form/css.css
185.246.221.160200 OK 0 B URL HTTP/2 dkb-konto.verupsu1.com/login/form/css.css
IP 185.246.221.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
quad9 Sinkholed
GET /login/form/css.css HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: text/css
content-length: 0
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 18:38:16 GMT
etag: "0-5df4d8f777600"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1157
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:34:08 GMT
Last-Modified: Sat, 21 Jan 2023 12:14:51 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
dkb-konto.verupsu1.com/login/c0d75975d30300cc39ba6c22834ef480.jpg
185.246.221.160200 OK 23 kB URL HTTP/2 dkb-konto.verupsu1.com/login/c0d75975d30300cc39ba6c22834ef480.jpg
IP 185.246.221.160:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2016:10:25 17:57:59], baseline, precision 8, 120x90, components 3\012- data
Hash c0d75975d30300cc39ba6c22834ef480
bf459b9a013326a662bdce634e0add247629f5fa
04de149751276069b2c581032afc9c43bf176fe06868a1f2147f3935b8ad116b
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
quad9 Sinkholed
GET /login/c0d75975d30300cc39ba6c22834ef480.jpg HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: image/jpeg
content-length: 22633
last-modified: Wed, 18 May 2022 18:34:42 GMT
etag: "62853c42-5869"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/4d6cfa3b23c923a6ff461ca35648f21238265651.svg
185.246.221.160200 OK 475 B URL HTTP/2 dkb-konto.verupsu1.com/login/4d6cfa3b23c923a6ff461ca35648f21238265651.svg
IP 185.246.221.160:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (475), with no line terminators
Hash 146b8dc1d5cc39c68ebb902daf292da0
4d6cfa3b23c923a6ff461ca35648f21238265651
24483b4771b2128af4110c159a9dcb59d15557460f8ecbf0bd0805f0fad5816e
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /login/4d6cfa3b23c923a6ff461ca35648f21238265651.svg HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: image/svg+xml
content-length: 475
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 18:37:40 GMT
etag: "1db-5df4d8d522500"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/1ee670489f75dd6ea807765ada75310558e5d196.svg
185.246.221.160200 OK 3.0 kB URL HTTP/2 dkb-konto.verupsu1.com/login/1ee670489f75dd6ea807765ada75310558e5d196.svg
IP 185.246.221.160:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3042), with no line terminators
Hash 086acf580e68a59243d8a4b51e1baaea
1ee670489f75dd6ea807765ada75310558e5d196
6095c4b2fc25c6534e68ddcbcd1fb58f2634036f75262042c215c74a9285bc79
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /login/1ee670489f75dd6ea807765ada75310558e5d196.svg HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: image/svg+xml
content-length: 3042
last-modified: Wed, 18 May 2022 18:37:58 GMT
etag: "62853d06-be2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/a0a628fa1d136767dfc96799bfff4f969e9b8638.svg
185.246.221.160200 OK 208 B URL HTTP/2 dkb-konto.verupsu1.com/login/a0a628fa1d136767dfc96799bfff4f969e9b8638.svg
IP 185.246.221.160:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 33e108d1976737ccdbf266cd184b7de6
a0a628fa1d136767dfc96799bfff4f969e9b8638
72e1af139f74424d56589a3d06474355afb141c3bd72a38d141c19f851bbc2ca
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /login/a0a628fa1d136767dfc96799bfff4f969e9b8638.svg HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: image/svg+xml
content-length: 208
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 18:37:58 GMT
etag: "d0-5df4d8e64cd80"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/9c8bf4e8205bf61d35b8fb9d34449556f682914e.svg
185.246.221.160200 OK 686 B URL HTTP/2 dkb-konto.verupsu1.com/login/9c8bf4e8205bf61d35b8fb9d34449556f682914e.svg
IP 185.246.221.160:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (686), with no line terminators
Hash d9f5adac038b921f8785efd3f0e7ab50
9c8bf4e8205bf61d35b8fb9d34449556f682914e
0b969bfdbb0496aa56664660247d76c9696b29a6e79a126c38acb9983e058ee9
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /login/9c8bf4e8205bf61d35b8fb9d34449556f682914e.svg HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: image/svg+xml
content-length: 686
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 18:34:40 GMT
etag: "2ae-5df4d82979000"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/ab5d9e89d08baa6fab3aa74c2066ded0fe6ab4c9.svg
185.246.221.160200 OK 944 B URL HTTP/2 dkb-konto.verupsu1.com/login/ab5d9e89d08baa6fab3aa74c2066ded0fe6ab4c9.svg
IP 185.246.221.160:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (944), with no line terminators
Hash 16edfa57d5fff8f99d66f4da22cdbb9d
ab5d9e89d08baa6fab3aa74c2066ded0fe6ab4c9
fe73e87e02eadba5240358a4eeebeb334e6d8e7eaa9d024f41644241f3adaadd
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /login/ab5d9e89d08baa6fab3aa74c2066ded0fe6ab4c9.svg HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: image/svg+xml
content-length: 944
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 18:37:40 GMT
etag: "3b0-5df4d8d522500"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/a7a9ae59ec5545b759d8ce83efdec96fd262f0fd.svg
185.246.221.160200 OK 669 B URL HTTP/2 dkb-konto.verupsu1.com/login/a7a9ae59ec5545b759d8ce83efdec96fd262f0fd.svg
IP 185.246.221.160:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (669), with no line terminators
Hash ebc2b05ac8d2e52721cc11633f1e9c6f
a7a9ae59ec5545b759d8ce83efdec96fd262f0fd
a30c546ea7a8f0861fbe49a030bc0fcc707c7de128c265881d4010906d1e5fcb
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /login/a7a9ae59ec5545b759d8ce83efdec96fd262f0fd.svg HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: image/svg+xml
content-length: 669
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 18:34:42 GMT
etag: "29d-5df4d82b61480"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/69587e341aa8004c80fa8a6212b6f1ef4ea59ddf.svg
185.246.221.160200 OK 864 B URL HTTP/2 dkb-konto.verupsu1.com/login/69587e341aa8004c80fa8a6212b6f1ef4ea59ddf.svg
IP 185.246.221.160:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (864), with no line terminators
Hash 3169af9e862afe93eab74b279330c67b
69587e341aa8004c80fa8a6212b6f1ef4ea59ddf
44916913841d34baa376b3b72911ed27f16629909ed5c4f1a59be98af036e8af
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /login/69587e341aa8004c80fa8a6212b6f1ef4ea59ddf.svg HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: image/svg+xml
content-length: 864
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 18:37:32 GMT
etag: "360-5df4d8cd81300"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/9ffff3dcba74a06f908dcc216aff9945f2c794a7.svg
185.246.221.160200 OK 871 B URL HTTP/2 dkb-konto.verupsu1.com/login/9ffff3dcba74a06f908dcc216aff9945f2c794a7.svg
IP 185.246.221.160:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (871), with no line terminators
Hash ec96cc9160636fbc539ffdd79d29d492
9ffff3dcba74a06f908dcc216aff9945f2c794a7
54d31025c9536bf38b4f89d7fdc5261bb87dfe924d7445a7d56b43533c86e8cb
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /login/9ffff3dcba74a06f908dcc216aff9945f2c794a7.svg HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: image/svg+xml
content-length: 871
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 18:34:38 GMT
etag: "367-5df4d82790b80"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/b9b216637340489b71e138ef8af8a77d8ff4d638.svg
185.246.221.160200 OK 856 B URL HTTP/2 dkb-konto.verupsu1.com/login/b9b216637340489b71e138ef8af8a77d8ff4d638.svg
IP 185.246.221.160:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (856), with no line terminators
Hash cfdf877d917c4cb26c27eb12d12675f6
b9b216637340489b71e138ef8af8a77d8ff4d638
d75a13cddae198bbb040efae849b4daa89b3059e03d928714b074c37a4a8ecf7
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /login/b9b216637340489b71e138ef8af8a77d8ff4d638.svg HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: image/svg+xml
content-length: 856
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 18:37:12 GMT
etag: "358-5df4d8ba6e600"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/928dbe0ec53aba8bdad3070a3c2fbd716c5a3f47.svg
185.246.221.160200 OK 2.8 kB URL HTTP/2 dkb-konto.verupsu1.com/login/928dbe0ec53aba8bdad3070a3c2fbd716c5a3f47.svg
IP 185.246.221.160:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2808), with no line terminators
Hash c9c9757a969c3cc1a7acb1a91fec081c
928dbe0ec53aba8bdad3070a3c2fbd716c5a3f47
1c9524bad0ee009f3f9e6af79cf3363acbcd6a4f03eec2ca8c16ff794358d81d
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /login/928dbe0ec53aba8bdad3070a3c2fbd716c5a3f47.svg HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: image/svg+xml
content-length: 2808
last-modified: Wed, 18 May 2022 18:37:40 GMT
etag: "62853cf4-af8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/dkb-global.css
185.246.221.160200 OK 40 kB URL HTTP/2 dkb-konto.verupsu1.com/login/dkb-global.css
IP 185.246.221.160:0
File type ASCII text, with very long lines (26620)
Hash b6061aeb492b278dff2852ff8141ba4c
c238cd1d37a127f41bd385daecf2aca9870aef51
7ca8b6a26600fb8d1e96e75ea90341b6dfa3df3ef0aa07b0a04f1309e11b6711
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
quad9 Sinkholed
GET /login/dkb-global.css HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 18:38:20 GMT
etag: W/"62853d1c-38891"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.42.157.160101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.157.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: a614QGL33h3Rr2xiHsL5jQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CFaZ6dZfxNHR35RCiZIH6DQfgAA=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10205
Expires: Sat, 21 Jan 2023 15:24:14 GMT
Date: Sat, 21 Jan 2023 12:34:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10205
Expires: Sat, 21 Jan 2023 15:24:14 GMT
Date: Sat, 21 Jan 2023 12:34:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10205
Expires: Sat, 21 Jan 2023 15:24:14 GMT
Date: Sat, 21 Jan 2023 12:34:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10205
Expires: Sat, 21 Jan 2023 15:24:14 GMT
Date: Sat, 21 Jan 2023 12:34:09 GMT
Connection: keep-alive
dkb-konto.verupsu1.com/login/token/token.js?v=63cbdbc005e40
185.246.221.160200 OK 9.2 kB URL HTTP/2 dkb-konto.verupsu1.com/login/token/token.js?v=63cbdbc005e40
IP 185.246.221.160:0
Hash f6c9437ec389e384a2e395cc49e9b32f
d74b521c37d2eb2e5a925f4fdc3aed515294fe45
c2dc7837af42cf4c1364b0b3d52bc5cfa5546017fbd76410c75274987a156e15
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /login/token/token.js?v=63cbdbc005e40 HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 18:38:16 GMT
etag: W/"62853d18-509"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/form/form.js?v=63cbdbc005e20
185.246.221.160200 OK 12 kB URL HTTP/2 dkb-konto.verupsu1.com/login/form/form.js?v=63cbdbc005e20
IP 185.246.221.160:0
Hash 8c574496eff7d990c31b2ab693aa9a67
362134a968df728211179d2a263d8055e9d2bb94
f452096b3f18e0fcaf886b0e444fc127a19b4049d67088a27e469970d5282341
Analyzer Verdict Alert quad9 Sinkholed
GET /login/form/form.js?v=63cbdbc005e20 HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 18:38:18 GMT
etag: W/"62853d1a-bf7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F128df721-be42-4d48-ad3c-42bf5352ec7b.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F128df721-be42-4d48-ad3c-42bf5352ec7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 332e9c85e1817bc0290eb274b63041a1
fa714e6e92bc9af7b1af52322d1f83ed6aa13694
071a92737a107f3d1bd447239236a8f61a2db0fecf9a02458acfa92b01669546
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F128df721-be42-4d48-ad3c-42bf5352ec7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7158
x-amzn-requestid: b131ef7b-e6e8-4f17-bd97-154b6903bd2c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ez1XVEEbIAMF23A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c49c2e-397f2f824fafe1557a1f6151;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 00:37:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8RevKWwXRJorxSfh-DDu9v1_4RypYIgNe5Io19boU11ZBzJLXCXe0w==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 18:27:26 GMT
age: 65203
etag: "fa714e6e92bc9af7b1af52322d1f83ed6aa13694"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RlbJymJhU6Ti5RZCSIvPzloackAiBEBGapKI440u4ZIfB5FYBNugLw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:24:48 GMT
age: 32961
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7874784-b02c-447d-8e16-f063fdd288aa.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7874784-b02c-447d-8e16-f063fdd288aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e3fd5bf2e8d88fed518583666d68bfe
69343cd051d27b517a7ea167cd6f755fbbc3bd98
923b733f5f44b8cd69b604d37dd1f1f12035e37a2c9835d77a5b6970ab2f3d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7874784-b02c-447d-8e16-f063fdd288aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7435
x-amzn-requestid: f717c884-7d70-4635-88a9-2a2413ff1448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6xJkGe2oAMFdYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c7623d-04021c3978618c584fc8c830;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:06:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DROCvM5rGBDGfU1HpbWgPEl3m58ln3in318RS7JOZ-jW0tr9nEOZ4g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:52:01 GMT
age: 31328
etag: "69343cd051d27b517a7ea167cd6f755fbbc3bd98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7616632f-cfb4-4f45-819d-1970213c1ca5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7616632f-cfb4-4f45-819d-1970213c1ca5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62d64384cabb3ee773d9baa88c9fa9f5
3457882213a7c2d2ec863d75cf629ae4fe320092
7adc5cd3cc8a30b5c45c2995b27daf66fcf95280a4f5feaa46e559da464c75be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7616632f-cfb4-4f45-819d-1970213c1ca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9669
x-amzn-requestid: d57517dd-07b7-4477-996d-5cb159f1e608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: euIvoHVNIAMFVWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c254ca-2737608463cd6cd160497e42;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_aXsjLBlAVhp2gaN0IYMYUAFz52XLPOt1B1lDYvm1JFPPrZn7YcjQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 20:30:03 GMT
age: 57846
etag: "3457882213a7c2d2ec863d75cf629ae4fe320092"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/327c9ccaea95787ff2bed3adee6c2bda61d66098.svg
185.246.221.160200 OK 948 B URL HTTP/2 dkb-konto.verupsu1.com/login/327c9ccaea95787ff2bed3adee6c2bda61d66098.svg
IP 185.246.221.160:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (948), with no line terminators
Hash af9913a91a0d7b7d2d15f631536581f6
327c9ccaea95787ff2bed3adee6c2bda61d66098
0fe9650923b3c4d5d1b829c47a2a4eb9b6931a06132036a02c570e355f53ec87
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /login/327c9ccaea95787ff2bed3adee6c2bda61d66098.svg HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:10 GMT
content-type: image/svg+xml
content-length: 948
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 18:34:36 GMT
etag: "3b4-5df4d825a8700"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/73321b88c86cde1be9540eebac3e131c15a2c5f6.svg
185.246.221.160200 OK 846 B URL HTTP/2 dkb-konto.verupsu1.com/login/73321b88c86cde1be9540eebac3e131c15a2c5f6.svg
IP 185.246.221.160:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (846), with no line terminators
Hash e231d273b507c2d5981f765493d017cb
73321b88c86cde1be9540eebac3e131c15a2c5f6
3192ba93cb31f7fecf507ab899b4279ced7d91716f9fd5e3b200410375a6cbf0
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /login/73321b88c86cde1be9540eebac3e131c15a2c5f6.svg HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:10 GMT
content-type: image/svg+xml
content-length: 846
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 18:37:18 GMT
etag: "34e-5df4d8c027380"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/core/form/core_form.js
185.246.221.160200 OK 0 B URL HTTP/2 dkb-konto.verupsu1.com/core/form/core_form.js
IP 185.246.221.160:0
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /core/form/core_form.js HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 18:27:20 GMT
etag: W/"62853a88-4894"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/index.css
185.246.221.160200 OK 0 B URL HTTP/2 dkb-konto.verupsu1.com/login/index.css
IP 185.246.221.160:0
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
quad9 Sinkholed
GET /login/index.css HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 18:34:42 GMT
etag: W/"62853c42-3940"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/login/dkb_responsive.min.css
185.246.221.160200 OK 0 B URL HTTP/2 dkb-konto.verupsu1.com/login/dkb_responsive.min.css
IP 185.246.221.160:0
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
quad9 Sinkholed
GET /login/dkb_responsive.min.css HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 18:35:00 GMT
etag: W/"62853c54-4bb56"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/favicon.ico
185.246.221.160404 Not Found 0 B URL HTTP/2 dkb-konto.verupsu1.com/favicon.ico
IP 185.246.221.160:0
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: text/html
last-modified: Mon, 16 Jan 2023 23:53:57 GMT
etag: W/"328-5f26a4be649dd"
content-encoding: br
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/home.php?pl=token&link=dkb&bid=d63fb8474320101485cf926961876ed4&callback=jQuery321022516675002203235_1674304447478&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1674304447479
185.246.221.160200 OK 0 B URL HTTP/2 dkb-konto.verupsu1.com/home.php?pl=token&link=dkb&bid=d63fb8474320101485cf926961876ed4&callback=jQuery321022516675002203235_1674304447478&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1674304447479
IP 185.246.221.160:0
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
quad9 Sinkholed
GET /home.php?pl=token&link=dkb&bid=d63fb8474320101485cf926961876ed4&callback=jQuery321022516675002203235_1674304447478&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1674304447479 HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:09 GMT
content-type: application/json
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/bower_components/jquery/dist/jquery.min.js
185.246.221.160200 OK 0 B URL HTTP/2 dkb-konto.verupsu1.com/bower_components/jquery/dist/jquery.min.js
IP 185.246.221.160:0
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 18:24:52 GMT
etag: W/"628539f4-15283"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/bower_components/ua-parser-js/dist/ua-parser.min.js
185.246.221.160200 OK 0 B URL HTTP/2 dkb-konto.verupsu1.com/bower_components/ua-parser-js/dist/ua-parser.min.js
IP 185.246.221.160:0
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /bower_components/ua-parser-js/dist/ua-parser.min.js HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 18:24:52 GMT
etag: W/"628539f4-4298"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/bower_components/font-awesome/css/font-awesome.min.css
185.246.221.160200 OK 0 B URL HTTP/2 dkb-konto.verupsu1.com/bower_components/font-awesome/css/font-awesome.min.css
IP 185.246.221.160:0
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
quad9 Sinkholed
GET /bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 18:24:46 GMT
etag: W/"628539ee-7918"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/core/token/core_token.js
185.246.221.160200 OK 0 B URL HTTP/2 dkb-konto.verupsu1.com/core/token/core_token.js
IP 185.246.221.160:0
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET /core/token/core_token.js HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 18:27:20 GMT
etag: W/"62853a88-201f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/core/form/core_form.css
185.246.221.160200 OK 0 B URL HTTP/2 dkb-konto.verupsu1.com/core/form/core_form.css
IP 185.246.221.160:0
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
quad9 Sinkholed
GET /core/form/core_form.css HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:08 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 18:27:22 GMT
etag: W/"62853a8a-11f9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/home.php?pl=token&link=dkb&bid=d63fb8474320101485cf926961876ed4&callback=jQuery321022516675002203235_1674304447476&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1674304447477
185.246.221.160200 OK 0 B URL HTTP/2 dkb-konto.verupsu1.com/home.php?pl=token&link=dkb&bid=d63fb8474320101485cf926961876ed4&callback=jQuery321022516675002203235_1674304447476&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1674304447477
IP 185.246.221.160:0
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
quad9 Sinkholed
GET /home.php?pl=token&link=dkb&bid=d63fb8474320101485cf926961876ed4&callback=jQuery321022516675002203235_1674304447476&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1674304447477 HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:10 GMT
content-type: application/json
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
dkb-konto.verupsu1.com/home.php?pl=token&link=dkb&bid=d63fb8474320101485cf926961876ed4&callback=jQuery321022516675002203235_1674304447476&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1674304447480
185.246.221.160200 OK 0 B URL HTTP/2 dkb-konto.verupsu1.com/home.php?pl=token&link=dkb&bid=d63fb8474320101485cf926961876ed4&callback=jQuery321022516675002203235_1674304447476&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1674304447480
IP 185.246.221.160:0
Analyzer Verdict Alert openphish Deutsche Kreditbank
phishtank Other
quad9 Sinkholed
GET /home.php?pl=token&link=dkb&bid=d63fb8474320101485cf926961876ed4&callback=jQuery321022516675002203235_1674304447476&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1674304447480 HTTP/1.1
Host: dkb-konto.verupsu1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://dkb-konto.verupsu1.com/a1b2c3/d63fb8474320101485cf926961876ed4/login/?
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:34:14 GMT
content-type: application/json
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2