bag.forells.com Open in urlscan Pro
50.126.67.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://minecraft.forells.com/
Effective URL:
https://bag.forells.com/login
Submission Tags: phish.gg anti.fish automated Search All
Submission: On September 12 via api (September 12th 2023, 8:42:02 pm UTC) from DE — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 50.126.67.86, located in Beaverton, United States and belongs to ZIPLY-FIBER-LEGACY-ASN, US. The main domain is bag.forells.com.
TLS certificate: Issued by R3 on September 12th 2023. Valid for: 3 months.

This is the only time bag.forells.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 10	50.126.67.86 50.126.67.86		27017 (ZIPLY-FIB...) (ZIPLY-FIBER-LEGACY-ASN)
8	1

10 50.126.67.86 (Beaverton, United States) 2 redirects

ASN27017 (ZIPLY-FIBER-LEGACY-ASN, US)

minecraft.forells.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bag.forells.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	forells.com 2 redirects minecraft.forells.com bag.forells.com	4 MB
8	1

	Domain	Requested by
9	bag.forells.com	1 redirects bag.forells.com
1	minecraft.forells.com	1 redirects
8	2

This site contains no links.

Subject Issuer	Validity	Valid
bag.forells.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bag.forells.com/login
Frame ID: F14D8A5FDD4F5C726E5FAC2785698EF1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to wallabag! – wallabag

Page URL History Show full URLs

http://minecraft.forells.com/ HTTP 301
https://bag.forells.com/ HTTP 302
https://bag.forells.com/login Page URL

Detected technologies

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href="[^"]*material(?:\.[\w]+-[\w]+)?(?:\.min)?\.css
(?:/([\d.]+))?/material(?:\.min)?\.js

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

3796 kB
Transfer

3797 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://minecraft.forells.com/ HTTP 301
https://bag.forells.com/ HTTP 302
https://bag.forells.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response bag.forells.com/ Redirect Chain http://minecraft.forells.com/ https://bag.forells.com/ https://bag.forells.com/login	5 KB 1 KB	383ms 382ms	Document text/html	50.126.67.86 ZIPLY-FIBER-LEGAC...
General Check archive.org Show headers Download Go to Full URL https://bag.forells.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.126.67.86 Beaverton, United States, ASN27017 (ZIPLY-FIBER-LEGACY-ASN, US), Reverse DNS Software nginx / Resource Hash `3c297b6a308179900f30482e43f845b4a05b9ab35df2d0aede0e4b258f8c42bc` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=0, must-revalidate, private content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 12 Sep 2023 20:41:54 GMT expires Tue, 12 Sep 2023 20:41:54 GMT server nginx vary Accept-Encoding Redirect headers cache-control max-age=0, must-revalidate, private content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 12 Sep 2023 20:41:54 GMT expires Tue, 12 Sep 2023 20:41:54 GMT location https://bag.forells.com/login server nginx vary Accept-Encoding
GET H2	200	material.css bag.forells.com/wallassets/	270 KB 270 KB	158ms 157ms	Stylesheet text/css	50.126.67.86 ZIPLY-FIBER-LEGAC...
General Check archive.org Show headers Download Go to Full URL https://bag.forells.com/wallassets/material.css Requested by Host: bag.forells.com URL: https://bag.forells.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.126.67.86 Beaverton, United States, ASN27017 (ZIPLY-FIBER-LEGACY-ASN, US), Reverse DNS Software nginx / Resource Hash `241f54db49e97c9aa0d11a67d4e12d6d116c2d46c2d59174d403ae620e89bb7e` Request headers accept-language de-DE,de;q=0.9 Referer https://bag.forells.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Tue, 12 Sep 2023 20:41:54 GMT last-modified Thu, 07 Sep 2023 07:26:33 GMT server nginx accept-ranges bytes etag "64f97b29-43707" content-length 276231 content-type text/css
GET H2	200	router.js Show response bag.forells.com/bundles/fosjsrouting/js/	15 KB 15 KB	465ms 464ms	Script application/javascript	50.126.67.86 ZIPLY-FIBER-LEGAC...
General Check archive.org Show headers Download Go to Full URL https://bag.forells.com/bundles/fosjsrouting/js/router.js Requested by Host: bag.forells.com URL: https://bag.forells.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.126.67.86 Beaverton, United States, ASN27017 (ZIPLY-FIBER-LEGACY-ASN, US), Reverse DNS Software nginx / Resource Hash `cee7b3016ac52c0d37b08300c6e9b9b63535f9b77567b036bc7975236a8cd4f3` Request headers accept-language de-DE,de;q=0.9 Referer https://bag.forells.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Tue, 12 Sep 2023 20:41:54 GMT last-modified Thu, 07 Sep 2023 07:31:54 GMT server nginx accept-ranges bytes etag "64f97c6a-3c74" content-length 15476 content-type application/javascript
GET H2	200	routing Show response bag.forells.com/js/	2 KB 547 B	617ms 617ms	Script application/javascript	50.126.67.86 ZIPLY-FIBER-LEGAC...
General Check archive.org Show headers Download Go to Full URL https://bag.forells.com/js/routing?callback=fos.Router.setData Requested by Host: bag.forells.com URL: https://bag.forells.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.126.67.86 Beaverton, United States, ASN27017 (ZIPLY-FIBER-LEGACY-ASN, US), Reverse DNS Software nginx / Resource Hash `d55f52a9dfd2cfcc1e74737b85e96a71d395c41ddf6d46129c0af855d094e009` Request headers accept-language de-DE,de;q=0.9 Referer https://bag.forells.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers content-type application/javascript date Tue, 12 Sep 2023 20:41:54 GMT cache-control max-age=0, must-revalidate, private content-encoding gzip server nginx vary Accept-Encoding expires Tue, 12 Sep 2023 20:41:54 GMT
GET H2	200	material.js Show response bag.forells.com/wallassets/	3 MB 3 MB	465ms 465ms	Script application/javascript	50.126.67.86 ZIPLY-FIBER-LEGAC...
General Check archive.org Show headers Download Go to Full URL https://bag.forells.com/wallassets/material.js Requested by Host: bag.forells.com URL: https://bag.forells.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.126.67.86 Beaverton, United States, ASN27017 (ZIPLY-FIBER-LEGACY-ASN, US), Reverse DNS Software nginx / Resource Hash `1e33e414520abb03ad1f1028e18f28211c28d614b2a298d63e2e1b0353141985` Request headers accept-language de-DE,de;q=0.9 Referer https://bag.forells.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Tue, 12 Sep 2023 20:41:54 GMT last-modified Thu, 07 Sep 2023 07:26:33 GMT server nginx accept-ranges bytes etag "64f97b29-33b7ff" content-length 3389439 content-type application/javascript
GET H2	200	logo-wallabag.svg bag.forells.com/img/	9 KB 9 KB	446ms 446ms	Image image/svg+xml	50.126.67.86 ZIPLY-FIBER-LEGAC...
General Check archive.org Show headers Download Go to Show image Full URL https://bag.forells.com/img/logo-wallabag.svg Requested by Host: bag.forells.com URL: https://bag.forells.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.126.67.86 Beaverton, United States, ASN27017 (ZIPLY-FIBER-LEGACY-ASN, US), Reverse DNS Software nginx / Resource Hash `b84e79606d8a835dfdd692d2f7c713b50162532cab46872c30ae5029e1dbf326` Request headers accept-language de-DE,de;q=0.9 Referer https://bag.forells.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Tue, 12 Sep 2023 20:41:55 GMT last-modified Thu, 07 Sep 2023 07:26:33 GMT server nginx accept-ranges bytes etag "64f97b29-24bc" content-length 9404 content-type image/svg+xml
GET H2	200	Roboto-Regular.woff2 bag.forells.com/wallassets/fonts/	63 KB 64 KB	155ms 155ms	Font font/woff2	50.126.67.86 ZIPLY-FIBER-LEGAC...
General Check archive.org Show headers Download Go to Full URL https://bag.forells.com/wallassets/fonts/Roboto-Regular.woff2 Requested by Host: bag.forells.com URL: https://bag.forells.com/wallassets/material.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.126.67.86 Beaverton, United States, ASN27017 (ZIPLY-FIBER-LEGACY-ASN, US), Reverse DNS Software nginx / Resource Hash `02a7cd67c545041654af047f04ce327f2df086386eab421adc16269010c50365` Request headers Referer https://bag.forells.com/wallassets/material.css Origin https://bag.forells.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Tue, 12 Sep 2023 20:41:57 GMT last-modified Thu, 07 Sep 2023 07:26:33 GMT server nginx accept-ranges bytes etag "64f97b29-fd40" content-length 64832 content-type font/woff2
GET H2	200	MaterialIcons-Regular.woff2 bag.forells.com/wallassets/fonts/	122 KB 122 KB	155ms 155ms	Font font/woff2	50.126.67.86 ZIPLY-FIBER-LEGAC...
General Check archive.org Show headers Download Go to Full URL https://bag.forells.com/wallassets/fonts/MaterialIcons-Regular.woff2 Requested by Host: bag.forells.com URL: https://bag.forells.com/wallassets/material.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.126.67.86 Beaverton, United States, ASN27017 (ZIPLY-FIBER-LEGACY-ASN, US), Reverse DNS Software nginx / Resource Hash `5743ed3d91616a10fca2bc2ba0f6f0707300c05bdc65bc6d9d4fb2cd75253ffe` Request headers Referer https://bag.forells.com/wallassets/material.css Origin https://bag.forells.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Tue, 12 Sep 2023 20:41:57 GMT last-modified Thu, 07 Sep 2023 07:26:33 GMT server nginx accept-ranges bytes etag "64f97b29-1e8bc" content-length 125116 content-type font/woff2

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bag.forells.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: c85df27ae42a4a03eb59aae4c575c632

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bag.forells.com
minecraft.forells.com
50.126.67.86
02a7cd67c545041654af047f04ce327f2df086386eab421adc16269010c50365
1e33e414520abb03ad1f1028e18f28211c28d614b2a298d63e2e1b0353141985
241f54db49e97c9aa0d11a67d4e12d6d116c2d46c2d59174d403ae620e89bb7e
3c297b6a308179900f30482e43f845b4a05b9ab35df2d0aede0e4b258f8c42bc
5743ed3d91616a10fca2bc2ba0f6f0707300c05bdc65bc6d9d4fb2cd75253ffe
b84e79606d8a835dfdd692d2f7c713b50162532cab46872c30ae5029e1dbf326
cee7b3016ac52c0d37b08300c6e9b9b63535f9b77567b036bc7975236a8cd4f3
d55f52a9dfd2cfcc1e74737b85e96a71d395c41ddf6d46129c0af855d094e009

bag.forells.com Open in urlscan Pro 50.126.67.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

3796 kBTransfer

3797 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

1 Cookies

Indicators

bag.forells.com Open in urlscan Pro
50.126.67.86 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

3796 kB
Transfer

3797 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions