monitoring.flowchief.de
Open in
urlscan Pro
116.203.34.84
Public Scan
Submitted URL: https://monitoring.flowchief.de/
Effective URL: https://monitoring.flowchief.de/scripts/login.asp
Submission Tags: phishingrod
Submission: On January 18 via api from DE — Scanned from DE
Effective URL: https://monitoring.flowchief.de/scripts/login.asp
Submission Tags: phishingrod
Submission: On January 18 via api from DE — Scanned from DE
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 11 HTTP transactions.
The main IP is 116.203.34.84, located in
Tettnang, Germany and
belongs to HETZNER-AS, DE.
The main domain is monitoring.flowchief.de.
TLS certificate: Issued by R3 on January 18th 2024. Valid for: 3 months.
This is the only time monitoring.flowchief.de was scanned on urlscan.io!
TLS certificate: Issued by R3 on January 18th 2024. Valid for: 3 months.
This is the only time monitoring.flowchief.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 11 | 116.203.34.84 116.203.34.84 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 11 | 1 |
11
116.203.34.84
(Tettnang, Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.84.34.203.116.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.84.34.203.116.clients.your-server.de
| monitoring.flowchief.de |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 11 |
flowchief.de
monitoring.flowchief.de |
124 KB |
| 11 | 1 |
| Domain | Requested by | |
|---|---|---|
| 11 | monitoring.flowchief.de |
monitoring.flowchief.de
|
| 11 | 1 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| monitoring.flowchief.de R3 |
2024-01-18 - 2024-04-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://monitoring.flowchief.de/scripts/login.asp
Frame ID: 68C6879BE891B7B28DB054B55B65E04B
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
AnmeldungPage URL History Show full URLs
- https://monitoring.flowchief.de/ Page URL
- https://monitoring.flowchief.de/scripts/login.asp Page URL
Detected technologies
Microsoft ASP.NET
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.aspx?(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://monitoring.flowchief.de/ Page URL
- https://monitoring.flowchief.de/scripts/login.asp Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
monitoring.flowchief.de/ |
149 B 403 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
login.asp
monitoring.flowchief.de/scripts/ |
12 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flowchief.css
monitoring.flowchief.de/scripts/ |
37 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
qrcode.min.js
monitoring.flowchief.de/scripts/usermanagement/lib/qrcode.js/ |
19 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flowchief_button_flat_128.png
monitoring.flowchief.de/scripts/common/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
expand_more_white_48.png
monitoring.flowchief.de/scripts/common/images/ |
182 B 271 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
username_32.png
monitoring.flowchief.de/scripts/common/images/ |
705 B 750 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
password_32.png
monitoring.flowchief.de/scripts/common/images/ |
810 B 854 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
navigation_next_48.png
monitoring.flowchief.de/scripts/common/images/ |
163 B 208 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
LoginBackground.jpg
monitoring.flowchief.de/FlowChief/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
producticon_flowchief_white.png
monitoring.flowchief.de/scripts/common/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| QRCode function| onLoad function| openCloseDropdown function| selectHomepage function| showChangePasswordDialog function| onSubmitLogin function| cancel function| validateNewPassword function| onActivate2FA function| toggleInlineDiv3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| monitoring.flowchief.de/ | Name: UserAuthenticationDeviceID Value: {C650471A-51CD-41C6-8793-B675DF2BF9A1} |
|
| monitoring.flowchief.de/ | Name: sessionid Value: {F523A6F2-5D40-4424-BB82-4EEB53167EB9} |
|
| monitoring.flowchief.de/ | Name: ASPSESSIONIDAWSTRBCA Value: BCGJEEGANAJOCKACCNNLPMJP |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Frame-Options | sameorigin |
| X-Xss-Protection | 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
monitoring.flowchief.de
116.203.34.84
002e1e8b49812ea314d24a96ad981abb77232906633e07e7afdf8f32b6fa4445
3b51a7dcc9ef0595d407452e66aecfc1281b0490ba5fa29953f1a66c7f7d6e49
4c19f100f3ec6a90424c18c11f5d585c444f1c6c8029ebe0b8680757e62d754b
638e4ae3f89c88487ed0180ef62c4c005748d055915ac14ecc53fee6c058ff39
721368fba0d01337be279f98b15329c62ab3c0f7d9d361c2c5a32ba1c15c5605
7c2f8fa7a36ce0ae53fa151e167d75e2b1b6682a4e0ab79c261a695ca4a055ec
82687e06c13320dcff5aaedd8004460627c14cdb3e0399dcc7328cd4562f8391
a5f59a15f6ff8069aaf362eff191092c93f36797dd99e26c6dbc8103d1b54321
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
dd75bc7d4ee11402ae78593bb27ad032bf6975dafc308d18dc574e756cae08e4
e36693d8451aae07627e09eff052dd6e902392e84583aafa054cc7b40f4c6756