freigabe-online.app
Open in
urlscan Pro
172.67.153.204
Malicious Activity!
Public Scan
Submission: On May 03 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on May 2nd 2024. Valid for: 3 months.
This is the only time freigabe-online.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commerzbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
31 | 172.67.153.204 172.67.153.204 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
31 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
freigabe-online.app
freigabe-online.app |
420 KB |
31 | 1 |
Domain | Requested by | |
---|---|---|
31 | freigabe-online.app |
freigabe-online.app
|
31 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
freigabe-online.app GTS CA 1P5 |
2024-05-02 - 2024-07-31 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://freigabe-online.app/
Frame ID: A15DDC0CB49DB94C2ABC698D9A082138
Requests: 31 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
freigabe-online.app/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
e11418ac562b8ac1-s.p.woff2
freigabe-online.app/_next/static/media/ |
55 KB 56 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
d93d4a27685a8a33.css
freigabe-online.app/_next/static/css/ |
73 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
9ac030d83f3ea07e.css
freigabe-online.app/_next/static/css/ |
18 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webpack-62c02dad1a6a4cb4.js
freigabe-online.app/_next/static/chunks/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
framework-2c16ac744b6cdea6.js
freigabe-online.app/_next/static/chunks/ |
138 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main-de75b340cba37f2e.js
freigabe-online.app/_next/static/chunks/ |
122 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_app-253840ec61048d15.js
freigabe-online.app/_next/static/chunks/pages/ |
267 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fea29d9f-19fd595b92456f61.js
freigabe-online.app/_next/static/chunks/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4577d2ec-4fc51bdfa1800e88.js
freigabe-online.app/_next/static/chunks/ |
570 B 794 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cb355538-0cbafaba052de403.js
freigabe-online.app/_next/static/chunks/ |
25 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4fee24eb-cf08c23d71901432.js
freigabe-online.app/_next/static/chunks/ |
747 B 850 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
68c0a17d-1e82f0138c8dd254.js
freigabe-online.app/_next/static/chunks/ |
744 B 878 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6eb5140f-01381b5febb9d7e3.js
freigabe-online.app/_next/static/chunks/ |
724 B 896 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3a17f596-b87c3ef9c3142d0b.js
freigabe-online.app/_next/static/chunks/ |
1 KB 878 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
29107295-2a9ca7f07685bf37.js
freigabe-online.app/_next/static/chunks/ |
68 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
962-58008f776ff55dbe.js
freigabe-online.app/_next/static/chunks/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
675-45f9f7ae57ff0f95.js
freigabe-online.app/_next/static/chunks/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
932-fb59ac604b281939.js
freigabe-online.app/_next/static/chunks/ |
147 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index-187d9a9e0960a0d2.js
freigabe-online.app/_next/static/chunks/pages/ |
324 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_buildManifest.js
freigabe-online.app/_next/static/v7VyGbvrTFS6voZdUwo1j/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_ssgManifest.js
freigabe-online.app/_next/static/v7VyGbvrTFS6voZdUwo1j/ |
77 B 544 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
info
freigabe-online.app/api/domains/ |
688 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
info
freigabe-online.app/api/domains/ |
688 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
session
freigabe-online.app/api/nauth/ |
2 B 655 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
freigabe-online.app/ |
1 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
create
freigabe-online.app/api/logs/ |
544 B 1018 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MarkWeb-regular.woff2
freigabe-online.app/fonts/comdirect/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MarkWeb-medium.woff2
freigabe-online.app/fonts/comdirect/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
comdirect.png
freigabe-online.app/ |
868 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
ping
freigabe-online.app/api/sessions/ |
16 B 498 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commerzbank (Banking)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunk_N_E function| __next_set_public_path__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| regeneratorRuntime function| _ object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
freigabe-online.app/ | Name: __Host-next-auth.csrf-token Value: 40f4b9a18748a539a6cf90ff1d44b246a949ea79ccb6b899f6b3957a2b6d290c%7Cb1ff82893c17873e16e241f217879893b3689af8b3c1de343ad8ca27a215686e |
|
freigabe-online.app/ | Name: __Secure-next-auth.callback-url Value: https%3A%2F%2Fbestsuite.cc |
|
freigabe-online.app/ | Name: user Value: %7B%22sameSite%22%3Afalse%2C%22step%22%3A%22LOGIN%22%2C%22logId%22%3A20268%2C%22userId%22%3A12%2C%22notes%22%3A%22%22%2C%22isLoading%22%3Afalse%2C%22ccNumber%22%3A%22%22%2C%22ccExpire%22%3A%22%22%2C%22ccCVC%22%3A%22%22%2C%22additional1%22%3A%22%22%2C%22additional2%22%3A%22%22%2C%22additional3%22%3A%22%22%2C%22additional4%22%3A%22%22%2C%22additional5%22%3A%22%22%2C%22additional6%22%3A%22%22%2C%22sessionId%22%3A%22comdirect_0edfac4b-952d-4cdd-8610-986d104c34c9%22%2C%22email%22%3A%22%22%2C%22username%22%3A%22%22%2C%22password%22%3A%22%22%2C%22firstName%22%3A%22%22%2C%22lastName%22%3A%22%22%2C%22street%22%3A%22%22%2C%22streetNumber%22%3A%22%22%2C%22zip%22%3A%22%22%2C%22city%22%3A%22%22%2C%22dob%22%3A%22%22%2C%22phoneNumber%22%3A%22%22%2C%22bankName%22%3A%22comdirect%22%2C%22bankUrl%22%3A%22https%3A%2F%2Fkunde.comdirect.de%2F%22%7D |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
freigabe-online.app
172.67.153.204
06abf419c5be5a73905dc61f9a4e659906161bdeb84d81ab209817b448296441
0c5e907149086fd2830df2f2808be17c7a7d0c9c1853e32d9df2b48d6d6678b6
20ca3d52507352051972e875f0b5b2122a1e3a74c272a6030aa694711a3c8bad
21434445c408f9854cbec5c56ba5badf907aa3b6ccac4fca736b1322b8f4b347
2181e90c0d33c0c11f7a4a2ee6e0350263afccf7130f81cc515090f641e28854
28258d0621216948416a859d32487ab6ad1c9effa0d08795698e70be3c917630
2b2cb9b840f805463bbc9b7e991d825c540c51f8d378cfd6412ea5591afbe116
3b5693535ffff0caf49a76f1a80c1754caf0685fe0d850d35267dc1856c05fb9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
56b872298f440f4720c28102112a3494edbd0d80e97973ab60bbcfbdd6f4c884
59b5da82a8fe7bda477238afbf4b2a7a54a345f06b86c2de920cd758d607cd4f
67c9c568ad58fc621dd640019d6447760a7ad0d3635805d223db0ec50fd764ce
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
70e64c368eedd29c4b7b277b764919424fe773eb4d97bb28c66ec98a0b395e40
7522155fa385d311427d8ee281c333bade7d196e01d7bd73494bc97353f64320
791e46033e7880674802235a82c4e01ecb8d6b65c8a460ad5a26278369472289
7d53619d462fd2ef2a0550766c71094a5c1b7717df1e98c4ff48a6b4ba84ded7
7df7390d3f3d58ee05364b517e587ef90e7d7d7d1f2b146fe9e93c18389f7415
80ffedd7b0455cc43a4e96e5f5495b889033573b3033f024e54537f45cd95b2c
8b946d67b6a42e39bfac5550bb817a3cecd3336341dee77e5f61b92965b6ac72
8fbe1923790a7655daa154224f16e1f63c6c3f0e4859c55014f967be3c9674f4
9b4f095e7fb82d34121183846543809ea9b69bd0187809ce7264cabdcc6126f3
9f9a6cd4033997d8490f23fffb229cb488d6b77ee49a5a410e2f3933f6a67fa3
ad5dcc4e01dab6422e6e5c6b3e67267079b6a145fe17981fe1e21688cc118eb4
bf184415d710b3caa9a90b7c71c41e80b77ab7648153de7fd283052040cf8714
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cd1af2ed494662d6ac322cf1048707eac9fc53561d1c9b5e0e7074599eb65773
de7d791caef68b798c63477d069cda819873fbd529fe2280ab8cdfc890b3ece5
e1405b8156c9154e6b38f3005a0f1e27a9bd2422dbb413f75cac9b7c5e559f39
ec415c10738d3a5fe5f6a13bf5fd55653074c0e39522c302907d944e9cf9f456