urlscan.io logo urlscan.io
SecurityTrails logo

account-post.gotdns.ch Open in urlscan Pro
109.248.144.5  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Submission: On March 11 via manual from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 14 HTTP transactions. The main IP is 109.248.144.5, located in Kostanay, Kazakhstan and belongs to DATACLUB-, SE. The main domain is account-post.gotdns.ch.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 23rd 2019. Valid for: 3 months.
This is the only time account-post.gotdns.ch was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Swiss Post (Transportation)

Domain & IP information

IP Address AS Autonomous System
12 109.248.144.5 60567 (DATACLUB-)
1 104.111.215.136 16625 (AKAMAI-AS)
1 2a00:17c8:0:1... 12511 (CH-POSTNE...)
14 3
Apex Domain
Subdomains		 Transfer
12 gotdns.ch
account-post.gotdns.ch
235 KB
1 post.ch
www.post.ch
3 KB
1 tiqcdn.com
tags.tiqcdn.com
310 B
14 3
Domain Requested by
12 account-post.gotdns.ch account-post.gotdns.ch
1 www.post.ch account-post.gotdns.ch
1 tags.tiqcdn.com account-post.gotdns.ch
14 3

This site contains no links.

Subject Issuer Validity Valid
account-post.gotdns.ch
Let's Encrypt Authority X3		 2019-02-23 -
2019-05-24		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2018-12-30 -
2020-03-30		 a year crt.sh
www.post.ch
SwissSign Server Gold CA 2014 - G22		 2018-03-28 -
2020-03-28		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Frame ID: 76225238BFEE699ED3864D553157699D
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^Modernizr$/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/tags\.tiqcdn\.com\//i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

14
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

238 kB
Transfer

931 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
account-post.gotdns.ch/ 		35 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.248.144.5 Kostanay, Kazakhstan, ASN60567 (DATACLUB-, SE),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
f9593ca1de9f523d5f0943aed6f367a7fe62efdfe2e64a8d7e90148f2ae2378d

Request headers

Host
account-post.gotdns.ch
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Mon, 11 Mar 2019 16:01:40 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/5.6.40
Content-Encoding
gzip
post.css
account-post.gotdns.ch/assets/ 		308 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account-post.gotdns.ch/assets/post.css
Requested by
Host: account-post.gotdns.ch
URL: https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.248.144.5 Kostanay, Kazakhstan, ASN60567 (DATACLUB-, SE),
Reverse DNS
Software
nginx /
Resource Hash
0f9cffffa2454a9fdd89a2bb0011044f5255160b0d2501fd17e06d017ac2b04c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
account-post.gotdns.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Connection
keep-alive
Cache-Control
no-cache
Referer
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Mar 2019 16:01:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Mar 2019 16:58:07 GMT
Server
nginx
ETag
W/"5c83f09f-4cf39"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
modules.css
account-post.gotdns.ch/assets/ 		355 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account-post.gotdns.ch/assets/modules.css
Requested by
Host: account-post.gotdns.ch
URL: https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.248.144.5 Kostanay, Kazakhstan, ASN60567 (DATACLUB-, SE),
Reverse DNS
Software
nginx /
Resource Hash
e75bddbbe19539b3c7f745fb74948378df59ae6f12c85c72928f73e110ab4bde

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
account-post.gotdns.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Connection
keep-alive
Cache-Control
no-cache
Referer
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Mar 2019 16:01:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Mar 2019 16:57:56 GMT
Server
nginx
ETag
W/"5c83f094-58aea"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
logrend.css
account-post.gotdns.ch/assets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account-post.gotdns.ch/assets/logrend.css
Requested by
Host: account-post.gotdns.ch
URL: https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.248.144.5 Kostanay, Kazakhstan, ASN60567 (DATACLUB-, SE),
Reverse DNS
Software
nginx /
Resource Hash
2cd485283126be4fd4a7b50e80623a2b79da7c0c9599ba08e7cdd9a17191690f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
account-post.gotdns.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Connection
keep-alive
Cache-Control
no-cache
Referer
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Mar 2019 16:01:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Mar 2019 16:57:42 GMT
Server
nginx
ETag
W/"5c83f086-1de2"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
swisspost-buttons.css
account-post.gotdns.ch/assets/ 		1 KB
951 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account-post.gotdns.ch/assets/swisspost-buttons.css
Requested by
Host: account-post.gotdns.ch
URL: https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.248.144.5 Kostanay, Kazakhstan, ASN60567 (DATACLUB-, SE),
Reverse DNS
Software
nginx /
Resource Hash
bf2bfb145a32563c2083c844fa7b6837ac658a6e2665de49c9d85b5b41273398

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
account-post.gotdns.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Connection
keep-alive
Cache-Control
no-cache
Referer
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Mar 2019 16:01:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Mar 2019 16:58:00 GMT
Server
nginx
ETag
W/"5c83f098-59a"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
head.js
account-post.gotdns.ch/assets/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account-post.gotdns.ch/assets/head.js
Requested by
Host: account-post.gotdns.ch
URL: https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.248.144.5 Kostanay, Kazakhstan, ASN60567 (DATACLUB-, SE),
Reverse DNS
Software
nginx /
Resource Hash
dae14146fb1ab05ebbc07e538c403f0dcfbf5a7448962c09897e1c7db537ac26

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
account-post.gotdns.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Connection
keep-alive
Cache-Control
no-cache
Referer
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Mar 2019 16:01:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Mar 2019 16:57:33 GMT
Server
nginx
ETag
W/"5c83f07d-3214"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
utag.sync.js
tags.tiqcdn.com/utag/schweizerischepost/secure/prod/ 		109 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/schweizerischepost/secure/prod/utag.sync.js
Requested by
Host: account-post.gotdns.ch
URL: https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.136 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-215-136.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
57267f1450363a6c98084ce1400d9889c1bf69527d865b3e8f6533ed18b432d1

Request headers

Referer
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 11 Mar 2019 16:01:40 GMT
last-modified
Thu, 07 Mar 2019 16:51:08 GMT
server
AkamaiNetStorage
etag
"7648ef21c1d976bf3240a0035bb8cfda:1551977468"
content-type
application/x-javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
109
expires
Mon, 11 Mar 2019 16:06:40 GMT
jquery-3.2.1.min.js
account-post.gotdns.ch/assets/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account-post.gotdns.ch/assets/jquery-3.2.1.min.js
Requested by
Host: account-post.gotdns.ch
URL: https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.248.144.5 Kostanay, Kazakhstan, ASN60567 (DATACLUB-, SE),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
account-post.gotdns.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Connection
keep-alive
Cache-Control
no-cache
Referer
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Mar 2019 16:01:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Mar 2019 16:57:40 GMT
Server
nginx
ETag
W/"5c83f084-15283"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
post-logo-svg.svg
www.post.ch/-/media/framework/logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.post.ch/-/media/framework/logos/post-logo-svg.svg?la=de&vs=2
Requested by
Host: account-post.gotdns.ch
URL: https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:17c8:0:103::20a , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Delivery2 /
Resource Hash
99caecb8475a08fc86c812cf804ddc904f6e6d3fd1591848a09f2413952f2a97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account-post.gotdns.ch/login?lang=de&email=mail@example.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Mar 2019 12:15:33 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
445566
Content-Disposition
inline; filename="post-logo-svg.svg"
Connection
Keep-Alive
Content-Length
2100
X-Xss-Protection
1; mode=block
Keep-Alive
timeout=5
X-UA-Compatible
IE=Edge
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 30 Jun 2017 14:48:36 GMT
Server
Delivery2
ETag
f95c06fed5a449529a04f5561773bd56
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Link
<https://www.post.ch/-/media/framework/logos/post-logo-svg.svg?la=de>; rel="canonical"
Expires
Fri, 05 Apr 2019 12:15:34 GMT
app.js
account-post.gotdns.ch/assets/ 		1 KB
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://account-post.gotdns.ch/assets/app.js
Requested by
Host: account-post.gotdns.ch
URL: https://account-post.gotdns.ch/login?lang=de&amp;email=mail@example.ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.248.144.5 Kostanay, Kazakhstan, ASN60567 (DATACLUB-, SE),
Reverse DNS
Software
nginx /
Resource Hash
c60c6a431ac4c7888d11815fa2e156a13a76344b7eca12a23d7d80fe21aee488

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
account-post.gotdns.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://account-post.gotdns.ch/login?lang=de&amp;email=mail@example.ch
Connection
keep-alive
Cache-Control
no-cache
Referer
https://account-post.gotdns.ch/login?lang=de&amp;email=mail@example.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Mar 2019 16:01:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Mar 2019 17:03:41 GMT
Server
nginx
ETag
W/"5c83f1ed-4f8"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Posticon-Regular.woff
account-post.gotdns.ch/assets/fonts/ 		118 KB
118 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://account-post.gotdns.ch/assets/fonts/Posticon-Regular.woff?v=69t8fb4ut8rk4k8w6y7ofm8qw8aroiw4
Requested by
Host: account-post.gotdns.ch
URL: https://account-post.gotdns.ch/login?lang=de&amp;email=mail@example.ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.248.144.5 Kostanay, Kazakhstan, ASN60567 (DATACLUB-, SE),
Reverse DNS
Software
nginx /
Resource Hash
c2ce987ece376ce9d2c22ee88624f3eedaec723ca0bbfd8fb218827aebb863b4

Request headers

Pragma
no-cache
Origin
https://account-post.gotdns.ch
Accept-Encoding
gzip, deflate, br
Host
account-post.gotdns.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://account-post.gotdns.ch/assets/post.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://account-post.gotdns.ch/assets/post.css
Origin
https://account-post.gotdns.ch

Response headers

Date
Mon, 11 Mar 2019 16:01:40 GMT
Last-Modified
Sat, 09 Mar 2019 16:58:20 GMT
Server
nginx
ETag
"5c83f0ac-1d750"
Content-Type
application/font-woff
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
120656
Expires
Thu, 31 Dec 2037 23:55:55 GMT
swisspost-logo.svg
account-post.gotdns.ch/assets/images/ 		1 KB
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account-post.gotdns.ch/assets/images/swisspost-logo.svg
Requested by
Host: account-post.gotdns.ch
URL: https://account-post.gotdns.ch/login?lang=de&amp;email=mail@example.ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.248.144.5 Kostanay, Kazakhstan, ASN60567 (DATACLUB-, SE),
Reverse DNS
Software
nginx /
Resource Hash
082b131c6f3902be7abd2122030abe50d289b7d2efddd35c3bf4c687db6cce33

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
account-post.gotdns.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://account-post.gotdns.ch/assets/logrend.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://account-post.gotdns.ch/assets/logrend.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Mar 2019 16:01:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Mar 2019 16:58:21 GMT
Server
nginx
ETag
W/"5c83f0ad-519"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
snapchat.svg
account-post.gotdns.ch/assets/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account-post.gotdns.ch/assets/images/snapchat.svg
Requested by
Host: account-post.gotdns.ch
URL: https://account-post.gotdns.ch/login?lang=de&amp;email=mail@example.ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.248.144.5 Kostanay, Kazakhstan, ASN60567 (DATACLUB-, SE),
Reverse DNS
Software
nginx /
Resource Hash
4b87ea2f9ad1e9fc5dc7a54b24131cc5ebf1de0c67874ba1d0dc50b7a6b0ced4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
account-post.gotdns.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://account-post.gotdns.ch/assets/post.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://account-post.gotdns.ch/assets/post.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Mar 2019 16:01:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Mar 2019 16:58:21 GMT
Server
nginx
ETag
W/"5c83f0ad-e24"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
kununu.svg
account-post.gotdns.ch/assets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account-post.gotdns.ch/assets/images/kununu.svg
Requested by
Host: account-post.gotdns.ch
URL: https://account-post.gotdns.ch/login?lang=de&amp;email=mail@example.ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.248.144.5 Kostanay, Kazakhstan, ASN60567 (DATACLUB-, SE),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
16ce845440c38f491f80553aee7a8144dcc0a82c46258deaffdd10a0fa3d2db2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
account-post.gotdns.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://account-post.gotdns.ch/assets/post.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://account-post.gotdns.ch/assets/post.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Mar 2019 16:01:40 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
Keep-Alive
timeout=60

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swiss Post (Transportation)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| Unic object| html5 object| Modernizr function| yepnope string| lang string| email string| base_url string| error_msg string| success function| $ function| jQuery

0 Cookies