Submitted URL: https://monitoring.flowchief.de/
Effective URL: https://monitoring.flowchief.de/scripts/login.asp
Submission Tags: phishingrod
Submission: On September 20 via api from DE — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 116.203.34.84, located in Germany and belongs to HETZNER-AS, DE. The main domain is monitoring.flowchief.de.
TLS certificate: Issued by R3 on September 20th 2023. Valid for: 3 months.
This is the only time monitoring.flowchief.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 116.203.34.84 24940 (HETZNER-AS)
11 1
Apex Domain
Subdomains
Transfer
11 flowchief.de
monitoring.flowchief.de
124 KB
11 1
Domain Requested by
11 monitoring.flowchief.de monitoring.flowchief.de
11 1

This site contains no links.

Subject Issuer Validity Valid
monitoring.flowchief.de
R3
2023-09-20 -
2023-12-19
3 months crt.sh

This page contains 1 frames:

Primary Page: https://monitoring.flowchief.de/scripts/login.asp
Frame ID: 3A91A569F9044CFE17977ACEC1EAAF20
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Anmeldung

Page URL History Show full URLs

  1. https://monitoring.flowchief.de/ Page URL
  2. https://monitoring.flowchief.de/scripts/login.asp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

124 kB
Transfer

122 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://monitoring.flowchief.de/ Page URL
  2. https://monitoring.flowchief.de/scripts/login.asp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
monitoring.flowchief.de/
149 B
403 B
Document
General
Full URL
https://monitoring.flowchief.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.34.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.34.203.116.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
e36693d8451aae07627e09eff052dd6e902392e84583aafa054cc7b40f4c6756
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
149
content-type
text/html
date
Wed, 20 Sep 2023 10:47:36 GMT
etag
"095be56a536d21:0"
last-modified
Fri, 04 Nov 2016 14:11:30 GMT
referrer-policy
no-referrer
server
Microsoft-IIS/10.0
x-content-type-options
nosniff
x-frame-options
sameorigin
x-robots-tag
noindex, nofollow, noarchive
x-xss-protection
1
Primary Request login.asp
monitoring.flowchief.de/scripts/
12 KB
13 KB
Document
General
Full URL
https://monitoring.flowchief.de/scripts/login.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.34.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.34.203.116.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
370ce24b076721cb913ec6d35c57617afc7d371aac07f442c320b123c120486b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
12574
content-type
text/html; Charset=UTF-8
date
Wed, 20 Sep 2023 10:47:36 GMT
expires
Wed, 20 Sep 2023 10:47:37 GMT
pragma
no-cache
referrer-policy
no-referrer
server
Microsoft-IIS/10.0
x-content-type-options
nosniff
x-frame-options
sameorigin
x-robots-tag
noindex, nofollow, noarchive
x-xss-protection
1
flowchief.css
monitoring.flowchief.de/scripts/
37 KB
37 KB
Stylesheet
General
Full URL
https://monitoring.flowchief.de/scripts/flowchief.css
Requested by
Host: monitoring.flowchief.de
URL: https://monitoring.flowchief.de/scripts/login.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.34.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.34.203.116.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
b20458742496f0a685bda74c14310d4fda7bdaea6c7fa2d3505c2990159ca07c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 10:47:36 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 25 Nov 2021 11:03:12 GMT
server
Microsoft-IIS/10.0
etag
"0d8949ece1d71:0"
x-frame-options
sameorigin
content-type
text/css
cache-control
no-cache
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
37487
x-xss-protection
1
qrcode.min.js
monitoring.flowchief.de/scripts/usermanagement/lib/qrcode.js/
19 KB
20 KB
Script
General
Full URL
https://monitoring.flowchief.de/scripts/usermanagement/lib/qrcode.js/qrcode.min.js
Requested by
Host: monitoring.flowchief.de
URL: https://monitoring.flowchief.de/scripts/login.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.34.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.34.203.116.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 10:47:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Tue, 01 Dec 2020 02:03:46 GMT
server
Microsoft-IIS/10.0
etag
"0eda43386c7d61:0"
x-frame-options
sameorigin
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
19927
x-xss-protection
1
flowchief_button_flat_128.png
monitoring.flowchief.de/scripts/common/images/
6 KB
7 KB
Image
General
Full URL
https://monitoring.flowchief.de/scripts/common/images/flowchief_button_flat_128.png
Requested by
Host: monitoring.flowchief.de
URL: https://monitoring.flowchief.de/scripts/login.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.34.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.34.203.116.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
4c19f100f3ec6a90424c18c11f5d585c444f1c6c8029ebe0b8680757e62d754b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 10:47:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 25 Nov 2021 11:03:12 GMT
server
Microsoft-IIS/10.0
etag
"0d8949ece1d71:0"
x-frame-options
sameorigin
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
6613
x-xss-protection
1
expand_more_white_48.png
monitoring.flowchief.de/scripts/common/images/
182 B
226 B
Image
General
Full URL
https://monitoring.flowchief.de/scripts/common/images/expand_more_white_48.png
Requested by
Host: monitoring.flowchief.de
URL: https://monitoring.flowchief.de/scripts/login.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.34.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.34.203.116.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
7c2f8fa7a36ce0ae53fa151e167d75e2b1b6682a4e0ab79c261a695ca4a055ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 10:47:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 25 Nov 2021 11:03:12 GMT
server
Microsoft-IIS/10.0
etag
"0d8949ece1d71:0"
x-frame-options
sameorigin
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
182
x-xss-protection
1
username_32.png
monitoring.flowchief.de/scripts/common/images/
705 B
750 B
Image
General
Full URL
https://monitoring.flowchief.de/scripts/common/images/username_32.png
Requested by
Host: monitoring.flowchief.de
URL: https://monitoring.flowchief.de/scripts/login.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.34.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.34.203.116.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
721368fba0d01337be279f98b15329c62ab3c0f7d9d361c2c5a32ba1c15c5605
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 10:47:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 25 Nov 2021 11:03:12 GMT
server
Microsoft-IIS/10.0
etag
"0d8949ece1d71:0"
x-frame-options
sameorigin
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
705
x-xss-protection
1
password_32.png
monitoring.flowchief.de/scripts/common/images/
810 B
854 B
Image
General
Full URL
https://monitoring.flowchief.de/scripts/common/images/password_32.png
Requested by
Host: monitoring.flowchief.de
URL: https://monitoring.flowchief.de/scripts/login.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.34.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.34.203.116.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
a5f59a15f6ff8069aaf362eff191092c93f36797dd99e26c6dbc8103d1b54321
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 10:47:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 25 Nov 2021 11:03:12 GMT
server
Microsoft-IIS/10.0
etag
"0d8949ece1d71:0"
x-frame-options
sameorigin
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
810
x-xss-protection
1
navigation_next_48.png
monitoring.flowchief.de/scripts/common/images/
163 B
208 B
Image
General
Full URL
https://monitoring.flowchief.de/scripts/common/images/navigation_next_48.png
Requested by
Host: monitoring.flowchief.de
URL: https://monitoring.flowchief.de/scripts/login.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.34.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.34.203.116.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
638e4ae3f89c88487ed0180ef62c4c005748d055915ac14ecc53fee6c058ff39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 10:47:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 25 Nov 2021 11:03:12 GMT
server
Microsoft-IIS/10.0
etag
"0d8949ece1d71:0"
x-frame-options
sameorigin
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
163
x-xss-protection
1
LoginBackground.jpg
monitoring.flowchief.de/FlowChief/
44 KB
44 KB
Image
General
Full URL
https://monitoring.flowchief.de/FlowChief/LoginBackground.jpg
Requested by
Host: monitoring.flowchief.de
URL: https://monitoring.flowchief.de/scripts/login.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.34.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.34.203.116.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
3b51a7dcc9ef0595d407452e66aecfc1281b0490ba5fa29953f1a66c7f7d6e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://monitoring.flowchief.de/scripts/login.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 10:47:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 28 Jul 2016 09:44:04 GMT
server
Microsoft-IIS/10.0
etag
"0ab093b4e8d11:0"
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
no-cache
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
45208
x-xss-protection
1
producticon_flowchief_white.png
monitoring.flowchief.de/scripts/common/images/
1 KB
2 KB
Image
General
Full URL
https://monitoring.flowchief.de/scripts/common/images/producticon_flowchief_white.png
Requested by
Host: monitoring.flowchief.de
URL: https://monitoring.flowchief.de/scripts/login.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.34.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.34.203.116.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
002e1e8b49812ea314d24a96ad981abb77232906633e07e7afdf8f32b6fa4445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://monitoring.flowchief.de/scripts/login.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 10:47:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 25 Nov 2021 11:03:12 GMT
server
Microsoft-IIS/10.0
etag
"0d8949ece1d71:0"
x-frame-options
sameorigin
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
1500
x-xss-protection
1

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| QRCode function| setCookie function| onLoad function| openCloseDropdown function| selectHomepage function| showChangePasswordDialog function| onSubmitLogin function| cancel function| validateNewPassword function| onActivate2FA function| toggleInlineDiv

2 Cookies

Domain/Path Name / Value
monitoring.flowchief.de/ Name: UserAuthenticationDeviceID
Value: %7B0F40FE28%2D8621%2D4ACE%2DBCD4%2D92805020FDF2%7D
monitoring.flowchief.de/ Name: ASPSESSIONIDSUABTQRS
Value: OIMFOGGBIPKLHHNJIPJKLLPD

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1