urlscan.io logo urlscan.io
SecurityTrails logo

fo-net.de Open in urlscan Pro
81.88.32.138  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ftp.cnc.fr/ssl3/
Effective URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Submission: On December 04 via api from IE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 81.88.32.138, located in Germany and belongs to KOMPLEX-AS Winkelhauser Str. 63, DE. The main domain is fo-net.de.
TLS certificate: Issued by R3 on November 28th 2022. Valid for: 3 months.
This is the only time fo-net.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Swiss Post (Transportation) Generic (Online)

Domain & IP information

IP Address AS Autonomous System
1 185.113.40.118 12601 (CEGEDIM)
12 81.88.32.138 24973 (KOMPLEX-A...)
6 2a02:26f0:350... 20940 (AKAMAI-ASN1)
19 3
Apex Domain
Subdomains		 Transfer
12 fo-net.de
fo-net.de
279 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 532
1 cnc.fr
ftp.cnc.fr
371 B
19 3
Domain Requested by
12 fo-net.de fo-net.de
6 use.typekit.net fo-net.de
1 ftp.cnc.fr
19 3

This site contains no links.

Subject Issuer Validity Valid
*.cnc.fr
Sectigo RSA Organization Validation Secure Server CA		 2022-08-31 -
2023-09-18		 a year crt.sh
*.fo-net.de
R3		 2022-11-28 -
2023-02-26		 3 months crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Frame ID: 271A9916A814FC71BD15A5D13352DCA2
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DHL - Wählen Sie die Zahlungsmethode

Page URL History Show full URLs

  1. https://ftp.cnc.fr/ssl3/ Page URL
  2. https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

19
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

280 kB
Transfer

1208 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ftp.cnc.fr/ssl3/ Page URL
  2. https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode?? Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ftp.cnc.fr/ssl3/ 		171 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ftp.cnc.fr/ssl3/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.113.40.118 , France, ASN12601 (CEGEDIM, FR),
Reverse DNS
ip-185-113-40-118.infra.cegedim.org
Software
/
Resource Hash
dc91e61e82378e497b4f625c8a89b5213093eadf7cf3f265d30e8e3e45c64a5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Content-Length
171
Content-Type
text/html; charset=UTF-8
Date
Sun, 04 Dec 2022 21:02:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Cnection
close
Primary Request Zahlungsmethode.php
fo-net.de/1/POST/DE/Package/ 		28 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.88.32.138 , Germany, ASN24973 (KOMPLEX-AS Winkelhauser Str. 63, DE),
Reverse DNS
hkhttp1a1-138.kontent.com
Software
nginx/1.14.2 / PHP/7.4.10-kon
Resource Hash
4522f13bb7d6e361955aa003fd9d236bc2dd90e0e993e3237b5837d4d25910a8

Request headers

Referer
https://ftp.cnc.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 04 Dec 2022 21:02:28 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.10-kon
typeKit.js
fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/typeKit.js
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.88.32.138 , Germany, ASN24973 (KOMPLEX-AS Winkelhauser Str. 63, DE),
Reverse DNS
hkhttp1a1-138.kontent.com
Software
nginx/1.14.2 /
Resource Hash
930ad5dea1b3b02af5ef625060b7408d96b951febc9d0d26472b0ae7ea032f43

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 21:02:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 10:25:59 GMT
Server
nginx/1.14.2
ETag
"41564238-45f0-5eefdff33e367"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7190
bootstrap.css
fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/ 		143 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/bootstrap.css
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.88.32.138 , Germany, ASN24973 (KOMPLEX-AS Winkelhauser Str. 63, DE),
Reverse DNS
hkhttp1a1-138.kontent.com
Software
nginx/1.14.2 /
Resource Hash
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 21:02:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 10:25:47 GMT
Server
nginx/1.14.2
ETag
"4156422a-23a5d-5eefdfe85ffc6"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21340
main.css
fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/main.css
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.88.32.138 , Germany, ASN24973 (KOMPLEX-AS Winkelhauser Str. 63, DE),
Reverse DNS
hkhttp1a1-138.kontent.com
Software
nginx/1.14.2 /
Resource Hash
4eb6726dad2deb2caa31a7636ca2aaa8226f88eefd4a1243fe1eca40c6619b03

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 21:02:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 10:25:52 GMT
Server
nginx/1.14.2
ETag
"41564230-5366-5eefdfed04767"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3699
jquery-1.js
fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/ 		242 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/jquery-1.js
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.88.32.138 , Germany, ASN24973 (KOMPLEX-AS Winkelhauser Str. 63, DE),
Reverse DNS
hkhttp1a1-138.kontent.com
Software
nginx/1.14.2 /
Resource Hash
9fcc241093405946885039df428cfa7f0051a1f2bdbcc5a313a177a9e35f8806

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 21:02:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 10:25:50 GMT
Server
nginx/1.14.2
ETag
"4156422b-3c9ab-5eefdfeb4a146"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
jquery-1_002.js
fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/jquery-1_002.js
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.88.32.138 , Germany, ASN24973 (KOMPLEX-AS Winkelhauser Str. 63, DE),
Reverse DNS
hkhttp1a1-138.kontent.com
Software
nginx/1.14.2 /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 21:02:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 10:25:51 GMT
Server
nginx/1.14.2
ETag
"4156422c-16eac-5eefdfeb83b26"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33140
jquery-ui-1.js
fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/ 		206 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/jquery-ui-1.js
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.88.32.138 , Germany, ASN24973 (KOMPLEX-AS Winkelhauser Str. 63, DE),
Reverse DNS
hkhttp1a1-138.kontent.com
Software
nginx/1.14.2 /
Resource Hash
794bf1ff4b8bbc981cb280b4efeb6e5b040afb34b85f6e3cd2546ace15910301

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 21:02:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 10:25:53 GMT
Server
nginx/1.14.2
ETag
"4156422f-337d6-5eefdfee296e7"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52239
WebResource.js
fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/WebResource.js
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.88.32.138 , Germany, ASN24973 (KOMPLEX-AS Winkelhauser Str. 63, DE),
Reverse DNS
hkhttp1a1-138.kontent.com
Software
nginx/1.14.2 /
Resource Hash
30dda8f0c7ba8b8851e08bd6e41548305f507b9328a114b1f3da0800e708854f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 21:02:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 10:26:01 GMT
Server
nginx/1.14.2
ETag
"41564239-5515-5eefdff50f0e7"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4401
ScriptResource_002.js
fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/ 		342 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/ScriptResource_002.js
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.88.32.138 , Germany, ASN24973 (KOMPLEX-AS Winkelhauser Str. 63, DE),
Reverse DNS
hkhttp1a1-138.kontent.com
Software
nginx/1.14.2 /
Resource Hash
c7d19ae5c2759a30bd5a55e617c8c59797c0280464b3701232b3214beadcc013

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 21:02:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 10:26:00 GMT
Server
nginx/1.14.2
ETag
"41564237-55697-5eefdff4b14e7"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60743
ScriptResource.js
fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/ 		91 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/ScriptResource.js
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.88.32.138 , Germany, ASN24973 (KOMPLEX-AS Winkelhauser Str. 63, DE),
Reverse DNS
hkhttp1a1-138.kontent.com
Software
nginx/1.14.2 /
Resource Hash
ff94c56174be8fe0bc2d2809fe7f7fd2e566ae3fc81e90690f1ee64816f697bb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 21:02:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 10:25:57 GMT
Server
nginx/1.14.2
ETag
"41564236-16d33-5eefdff120387"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15160
dhl-logo.png
fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/dhl-logo.png
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.88.32.138 , Germany, ASN24973 (KOMPLEX-AS Winkelhauser Str. 63, DE),
Reverse DNS
hkhttp1a1-138.kontent.com
Software
nginx/1.14.2 /
Resource Hash
ab60f539dd6a842d37a1b79c0b2b4a5bc7e4574835ee7251d3aa5a7d456ac36f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 21:02:29 GMT
Last-Modified
Sun, 04 Dec 2022 10:25:46 GMT
Server
nginx/1.14.2
ETag
"4156422d-c6e-5eefdfe71cbe6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3182
ogilvy-iconoTarjeta.png
fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fo-net.de/1/POST/DE/Package/Seleccione%20medio%20de%20pago_fichiers/ogilvy-iconoTarjeta.png
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.88.32.138 , Germany, ASN24973 (KOMPLEX-AS Winkelhauser Str. 63, DE),
Reverse DNS
hkhttp1a1-138.kontent.com
Software
nginx/1.14.2 /
Resource Hash
ecc047250aed883bd0038ba4cdf2b4b7f7105e28fae93712ad1a9090b014a9c9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 21:02:29 GMT
Last-Modified
Sun, 04 Dec 2022 10:25:54 GMT
Server
nginx/1.14.2
ETag
"41564231-4a8-5eefdfeee00c7"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1192
l
use.typekit.net/af/7505b0/0000000000000000000124fa/27/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7505b0/0000000000000000000124fa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://fo-net.de/
Origin
https://fo-net.de
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
date
Sun, 04 Dec 2022 21:02:29 GMT
server
nginx
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-cascade
pass
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9
l
use.typekit.net/af/802da8/0000000000000000000124f9/27/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/802da8/0000000000000000000124f9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://fo-net.de/
Origin
https://fo-net.de
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
date
Sun, 04 Dec 2022 21:02:29 GMT
server
nginx
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-cascade
pass
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9
d
use.typekit.net/af/802da8/0000000000000000000124f9/27/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/802da8/0000000000000000000124f9/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://fo-net.de/
Origin
https://fo-net.de
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
date
Sun, 04 Dec 2022 21:02:29 GMT
server
nginx
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-cascade
pass
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9
d
use.typekit.net/af/7505b0/0000000000000000000124fa/27/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7505b0/0000000000000000000124fa/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://fo-net.de/
Origin
https://fo-net.de
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
date
Sun, 04 Dec 2022 21:02:29 GMT
server
nginx
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-cascade
pass
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9
a
use.typekit.net/af/802da8/0000000000000000000124f9/27/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/802da8/0000000000000000000124f9/27/a?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://fo-net.de/
Origin
https://fo-net.de
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
date
Sun, 04 Dec 2022 21:02:29 GMT
server
nginx
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-cascade
pass
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9
a
use.typekit.net/af/7505b0/0000000000000000000124fa/27/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7505b0/0000000000000000000124fa/27/a?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D
Requested by
Host: fo-net.de
URL: https://fo-net.de/1/POST/DE/Package/Zahlungsmethode.php?NAME_PATH=track_yy_de349499l24&SCREEN=Zahlungsmethode??
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://fo-net.de/
Origin
https://fo-net.de
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
date
Sun, 04 Dec 2022 21:02:29 GMT
server
nginx
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-cascade
pass
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swiss Post (Transportation) Generic (Online)

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| Typekit function| $ function| jQuery function| DP_jQuery_1670187749040 function| initializeComponents function| validarNro function| confirmarCancelar function| hideLoading function| changeMMPP function| setValues object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| __cultureInfo function| $get function| $create function| $addHandler function| $addHandlers function| $clearHandlers object| Sys function| Type function| $removeHandler object| _events function| $find

0 Cookies

6 Console Messages

Source Level URL
Text
network error URL: https://use.typekit.net/af/802da8/0000000000000000000124f9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://use.typekit.net/af/7505b0/0000000000000000000124fa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://use.typekit.net/af/802da8/0000000000000000000124f9/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://use.typekit.net/af/7505b0/0000000000000000000124fa/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://use.typekit.net/af/802da8/0000000000000000000124f9/27/a?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://use.typekit.net/af/7505b0/0000000000000000000124fa/27/a?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains