infomeinpaket.net Open in urlscan Pro
4.232.65.190 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://infomeinpaket.net/
Submission: On February 04 via api (February 4th 2024, 8:21:57 am UTC) from US — Scanned from PL

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 14 HTTP transactions. The main IP is 4.232.65.190, located in Milan, Italy and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is infomeinpaket.net.
TLS certificate: Issued by R3 on February 3rd 2024. Valid for: 3 months.

This is the only time infomeinpaket.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
11	4.232.65.190 4.232.65.190	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.16.85.20 104.16.85.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.57.23.239 23.57.23.239	16625 (AKAMAI-AS) (AKAMAI-AS)
14	4

11 4.232.65.190 (Milan, Italy)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

infomeinpaket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.57.23.239 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-23-239.deploy.static.akamaitechnologies.com

www.dhl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	infomeinpaket.net infomeinpaket.net	1 MB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	56 KB
1	dhl.com www.dhl.com — Cisco Umbrella Rank: 43135	3 KB
14	3

	Domain	Requested by
11	infomeinpaket.net	infomeinpaket.net
2	cdn.jsdelivr.net	infomeinpaket.net
1	www.dhl.com
14	3

This site contains no links.

Subject Issuer	Validity	Valid
infomeinpaket.net R3	`2024-02-03` - `2024-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
www.dhl.com DPDHL Global TLS CA - I5	`2023-07-31` - `2024-07-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://infomeinpaket.net/
Frame ID: 84DBE4A8726FDA08E6BEA6CA1B86DC5D
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DHL Express

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1165 kB
Transfer

2234 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
infomeinpaket.net/ 1 KB
958 B 328ms
220ms Document
text/html 4.232.65.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://infomeinpaket.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.232.65.190 Milan, Italy, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PHP/8.2.15 PleskLin
Resource Hash: b0de3d9d4f05b681da1f4d5941d73e582a2b25fbbba93633c232097a93be2651

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 684
content-type: text/html; charset=UTF-8
date: Sun, 04 Feb 2024 08:21:51 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.15 PleskLin

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/ 216 KB
32 KB 421ms
47ms Stylesheet
text/css 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css

Requested by

Host: infomeinpaket.net
URL: https://infomeinpaket.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://infomeinpaket.net/
Origin: https://infomeinpaket.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 08:21:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5811676
x-jsd-version: 5.3.0-alpha1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230058-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"35e6c-cZlWqlLbTIr9xcDPs8verWJYuKY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CI5GcsOuG1bhLxrTYizEQly7Hot6KTbSQ%2BIz0h7PMq9prCVB49XiqsTR7X%2FQ5a%2FNITQVjU1DosQlGSDkbS0tqsIoXpPl1Aq8HXxVIfqycwLRDXxX51Z1Jqk7v0dbu93eoq0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 850180a96e152c65-FRA

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/ 79 KB
24 KB 423ms
50ms Script
application/javascript 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js

Requested by

Host: infomeinpaket.net
URL: https://infomeinpaket.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://infomeinpaket.net/
Origin: https://infomeinpaket.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 08:21:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5805072
x-jsd-version: 5.3.0-alpha1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230058-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13ad7-v/eN2cAqUAirQ2QpSHOc5Yx2GyE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZd3iSBMHZssRehA%2Fwa%2BrbIyN1Solbythr%2FiJQQjAqpe08XOWbwsPMWUxM71ETBBXpR%2F%2F1WkkYD7S7m%2FOEjDtHP0wyDrHMQbSmZeLeZa0xBkYimsE7H39HCv34U%2FBE6qwPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 850180a96e172c65-FRA

GET
H2 200 config.js Show response
infomeinpaket.net/ 2 KB
960 B 57ms
56ms Script
application/javascript 4.232.65.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://infomeinpaket.net/config.js
Requested by: Host: infomeinpaket.net
URL: https://infomeinpaket.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.232.65.190 Milan, Italy, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 13088866a6c6c22b325d34a106e2583ddcec7632278412fb24be7b39c8dc5835

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://infomeinpaket.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 08:21:51 GMT
content-encoding: br
last-modified: Sun, 18 Jun 2023 07:57:40 GMT
server: nginx
etag: W/"648eb8f4-718"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 main.26ebbd26.js Show response
infomeinpaket.net/static/js/ 1 MB
308 KB 154ms
153ms Script
application/javascript 4.232.65.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://infomeinpaket.net/static/js/main.26ebbd26.js
Requested by: Host: infomeinpaket.net
URL: https://infomeinpaket.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.232.65.190 Milan, Italy, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a394daee1d82b0853d92922f6c324e09088ae8606856ee0281895d7ad1a67aba

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://infomeinpaket.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 08:21:52 GMT
content-encoding: br
last-modified: Tue, 07 Mar 2023 11:42:16 GMT
server: nginx
etag: W/"64072318-119e59"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 main.990eced2.css
infomeinpaket.net/static/css/ 11 KB
3 KB 55ms
55ms Stylesheet
text/css 4.232.65.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://infomeinpaket.net/static/css/main.990eced2.css
Requested by: Host: infomeinpaket.net
URL: https://infomeinpaket.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.232.65.190 Milan, Italy, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5cb1af31ad838396027b3c4150bd659d5d43fe964b4401392c3de853fb832d86

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://infomeinpaket.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 08:21:51 GMT
content-encoding: br
last-modified: Tue, 07 Mar 2023 11:42:15 GMT
server: nginx
etag: W/"64072317-2df9"
x-powered-by: PleskLin
content-type: text/css

POST
H2 200 send.php Show response
infomeinpaket.net/PHP/ 0
222 B 259ms
259ms XHR
text/html 4.232.65.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://infomeinpaket.net/PHP/send.php
Requested by: Host: infomeinpaket.net
URL: https://infomeinpaket.net/static/js/main.26ebbd26.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.232.65.190 Milan, Italy, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PHP/8.2.15, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://infomeinpaket.net/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 08:21:52 GMT
server: nginx
x-powered-by: PHP/8.2.15, PleskLin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://infomeinpaket.net
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 904b70e4997d2154d462c8514522e03846ba539466c01c3b310a824ea4418caa

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo.df3eb5d0978a7a83f632.png
infomeinpaket.net/static/media/ 26 KB
27 KB 55ms
54ms Image
image/png 4.232.65.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infomeinpaket.net/static/media/logo.df3eb5d0978a7a83f632.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.232.65.190 Milan, Italy, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 7029f306a6ee534682e5f50f289e61ab5b8514e3f1536db903bf23596b99c735

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://infomeinpaket.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 08:21:52 GMT
last-modified: Tue, 07 Mar 2023 11:42:20 GMT
server: nginx
etag: "6407231c-69e3"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 27107

GET
H2 200 card1.7f3aad9b90177796d3ab.jpg
infomeinpaket.net/static/media/ 17 KB
17 KB 252ms
251ms Image
image/jpeg 4.232.65.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infomeinpaket.net/static/media/card1.7f3aad9b90177796d3ab.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.232.65.190 Milan, Italy, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4c706c16b7f18e67f7a2b9fd15d8613c8005cd4b74a1f63cc847e07db4e3354c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://infomeinpaket.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 08:21:52 GMT
last-modified: Tue, 07 Mar 2023 11:42:17 GMT
server: nginx
etag: "64072319-42fc"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 17148

GET
H2 200 card2.23e0940ac34476c5cecd.jpg
infomeinpaket.net/static/media/ 23 KB
23 KB 57ms
56ms Image
image/jpeg 4.232.65.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infomeinpaket.net/static/media/card2.23e0940ac34476c5cecd.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.232.65.190 Milan, Italy, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e74050e6368f236a391c0a953ab4252bd0a06086955bcb5558b325907d293dfb

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://infomeinpaket.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 08:21:52 GMT
last-modified: Tue, 07 Mar 2023 11:42:17 GMT
server: nginx
etag: "64072319-5d2e"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 23854

GET
H2 200 card3.d6f68627a371b84a4480.png
infomeinpaket.net/static/media/ 48 KB
48 KB 252ms
251ms Image
image/png 4.232.65.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infomeinpaket.net/static/media/card3.d6f68627a371b84a4480.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.232.65.190 Milan, Italy, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 3a6c9c9011e90dcb3750c15002d35d044d695d947592ad5a7a675f1e1a548385

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://infomeinpaket.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 08:21:52 GMT
last-modified: Tue, 07 Mar 2023 11:42:17 GMT
server: nginx
etag: "64072319-be4b"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 48715

GET
H2 200 glo-footer-logo.svg
www.dhl.com/content/dam/dhl/global/core/images/logos/ 4 KB
3 KB 600ms
54ms Image
image/svg+xml 23.57.23.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhl.com/content/dam/dhl/global/core/images/logos/glo-footer-logo.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.57.23.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-57-23-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

90fb9be0fae070f08d943401c91c851f70f58ceaf874f4e75aeed2ac3c5a38da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://infomeinpaket.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Feb 2024 08:21:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-akamai-cache: Hit from child
content-length: 1997
referrer-policy: same-origin
last-modified: Fri, 26 Jan 2024 13:08:29 GMT
etag: "1197-60fd8fe0babc6-gzip"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800, stale-while-revalidate=86400
permissions-policy: microphone=(),camera=()
accept-ranges: bytes
expires: Sun, 11 Feb 2024 08:21:53 GMT

GET
H2 200 background.cd051765990837aea485.jpg
infomeinpaket.net/static/media/ 644 KB
644 KB 55ms
55ms Image
image/jpeg 4.232.65.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infomeinpaket.net/static/media/background.cd051765990837aea485.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.232.65.190 Milan, Italy, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8ebd15900197bea282b13825f7b74fc3c3265fac7999b010479e2a0798c579aa

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://infomeinpaket.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 08:21:52 GMT
last-modified: Tue, 07 Mar 2023 11:42:17 GMT
server: nginx
etag: "64072319-a0e25"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 658981

GET
H2 200 iconfont-da52a17c1b8deb953bfe.da52a17c1b8deb953bfe.woff
infomeinpaket.net/static/media/ 34 KB
34 KB 247ms
247ms Font
font/woff 4.232.65.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://infomeinpaket.net/static/media/iconfont-da52a17c1b8deb953bfe.da52a17c1b8deb953bfe.woff
Requested by: Host: infomeinpaket.net
URL: https://infomeinpaket.net/static/css/main.990eced2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.232.65.190 Milan, Italy, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8b8888bc016e1313438b7a9a1ca18aa288f6098122265fc03e985ca40e82a27c

Request headers

Referer: https://infomeinpaket.net/static/css/main.990eced2.css
Origin: https://infomeinpaket.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 08:21:52 GMT
last-modified: Tue, 07 Mar 2023 11:42:19 GMT
server: nginx
etag: "6407231b-8804"
x-powered-by: PleskLin
content-type: font/woff
accept-ranges: bytes
content-length: 34820

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap object| globalConfig function| Buffer

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			infomeinpaket.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6j48dditov8mdlj6thnovmqr87

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
infomeinpaket.net
www.dhl.com
104.16.85.20
23.57.23.239
4.232.65.190
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2
13088866a6c6c22b325d34a106e2583ddcec7632278412fb24be7b39c8dc5835
3a6c9c9011e90dcb3750c15002d35d044d695d947592ad5a7a675f1e1a548385
4c706c16b7f18e67f7a2b9fd15d8613c8005cd4b74a1f63cc847e07db4e3354c
5cb1af31ad838396027b3c4150bd659d5d43fe964b4401392c3de853fb832d86
7029f306a6ee534682e5f50f289e61ab5b8514e3f1536db903bf23596b99c735
8b8888bc016e1313438b7a9a1ca18aa288f6098122265fc03e985ca40e82a27c
8ebd15900197bea282b13825f7b74fc3c3265fac7999b010479e2a0798c579aa
904b70e4997d2154d462c8514522e03846ba539466c01c3b310a824ea4418caa
90fb9be0fae070f08d943401c91c851f70f58ceaf874f4e75aeed2ac3c5a38da
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
a394daee1d82b0853d92922f6c324e09088ae8606856ee0281895d7ad1a67aba
b0de3d9d4f05b681da1f4d5941d73e582a2b25fbbba93633c232097a93be2651
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74050e6368f236a391c0a953ab4252bd0a06086955bcb5558b325907d293dfb

infomeinpaket.net Open in urlscan Pro 4.232.65.190 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

1165 kBTransfer

2234 kBSize

1 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

Indicators

infomeinpaket.net Open in urlscan Pro
4.232.65.190 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1165 kB
Transfer

2234 kB
Size

1
Cookies

14 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!