app-foundatrion.click Open in urlscan Pro
186.2.171.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app-foundatrion.click/
Effective URL:
https://app-foundatrion.click/
Submission Tags: phishing spamreports malicious Search All
Submission: On December 16 via api (December 16th 2022, 5:46:57 am UTC) from FR — Scanned from FR

Summary HTTP 10 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 186.2.171.6, located in Belize City, Belize and belongs to DDOS-GUARD CORP., BZ. The main domain is app-foundatrion.click.
TLS certificate: Issued by R3 on December 7th 2022. Valid for: 3 months.

This is the only time app-foundatrion.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	186.2.171.6 186.2.171.6	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
1	194.4.48.126 194.4.48.126	44477 (STARK-IND...) (STARK-INDUSTRIES)
10	3

10 186.2.171.6 (Belize City, Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net

app-foundatrion.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.4.48.126 (Madrid, Spain)

ASN44477 (STARK-INDUSTRIES, GB)
PTR: vm829486.stark-industries.solutions

appurify.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	app-foundatrion.click 1 redirects app-foundatrion.click	2 MB
1	appurify.net appurify.net	2 KB
10	2

	Domain	Requested by
10	app-foundatrion.click	1 redirects app-foundatrion.click
1	appurify.net	app-foundatrion.click
10	2

This site contains links to these domains. Also see Links.

Domain
www.modas-friseurteam.de

Subject Issuer	Validity	Valid
app-foundatrion.click R3	`2022-12-07` - `2023-03-07`	3 months	crt.sh
appurify.net R3	`2022-12-11` - `2023-03-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://app-foundatrion.click/
Frame ID: 2FB8CEBA2FE62C1124EF49CA8DF67325
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Willkommen - MODA'S Friseur Team

Page URL History Show full URLs

http://app-foundatrion.click/ HTTP 301
https://app-foundatrion.click/ Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1826 kB
Transfer

1954 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.modas-friseurteam.de/index.php/friseur/
Title: Friseur

Search URL Search Domain Scan URL

URL: http://www.modas-friseurteam.de/index.php/team/
Title: Team

Search URL Search Domain Scan URL

URL: http://www.modas-friseurteam.de/index.php/kontakt/
Title: Kontakt

Search URL Search Domain Scan URL

URL: http://www.modas-friseurteam.de/files/galerie/Modas_Laden_Web.jpg

Search URL Search Domain Scan URL

URL: http://www.modas-friseurteam.de/index.php/willkommen/
Title: Willkommen

Search URL Search Domain Scan URL

URL: http://www.modas-friseurteam.de/index.php/impressum/
Title: Impressum

Search URL Search Domain Scan URL

URL: http://www.modas-friseurteam.de/index.php/datenschutz/
Title: Datenschutz

Search URL Search Domain Scan URL

URL: http://www.modas-friseurteam.de/index.php/haftungsausschluss/
Title: Haftungsausschluss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app-foundatrion.click/ HTTP 301
https://app-foundatrion.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app-foundatrion.click/
Redirect Chain

http://app-foundatrion.click/
https://app-foundatrion.click/

9 KB
3 KB

225ms
85ms

Document
text/html

186.2.171.6
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://app-foundatrion.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.171.6 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

b3640476ac406dda4e92cfaeeaf985ee7b5914381b529d06289af80b7ae3755a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-security-policy: upgrade-insecure-requests;
content-type: text/html
date: Fri, 16 Dec 2022 05:46:51 GMT
server: ddos-guard
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 568
Content-Type: text/html; charset=utf8
Date: Fri, 16 Dec 2022 05:46:51 GMT
Keep-Alive: timeout=60
Location: https://app-foundatrion.click/
Server: ddos-guard

GET
H2 200 ffadb7184da0.css
app-foundatrion.click/ 12 KB
3 KB 73ms
72ms Stylesheet
text/css 186.2.171.6
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://app-foundatrion.click/ffadb7184da0.css

Requested by

Host: app-foundatrion.click
URL: https://app-foundatrion.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.171.6 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

305e246bebe8e5b27458751dbf831768b1d30384f14e91190ef2f626ac709891

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app-foundatrion.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 02:23:15 GMT
content-encoding: br
last-modified: Mon, 12 Dec 2022 16:08:17 GMT
server: ddos-guard
age: 12216
etag: W/"639751f1-31aa"
vary: Accept-Encoding
content-type: text/css
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 2691

GET
H2 200 Modas_Laden_Web-d51967c8.jpg
app-foundatrion.click/ 23 KB
23 KB 101ms
101ms Image
image/jpeg 186.2.171.6
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app-foundatrion.click/Modas_Laden_Web-d51967c8.jpg

Requested by

Host: app-foundatrion.click
URL: https://app-foundatrion.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.171.6 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

0eec6b17075844825bb0fe728b300536536671ea6455ed441f17f477980e33fa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app-foundatrion.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 02:23:15 GMT
last-modified: Mon, 12 Dec 2022 16:08:18 GMT
server: ddos-guard
age: 12216
etag: "639751f2-5b54"
content-type: image/jpeg
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 23380

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 769a91c03ff956f5cac64bc39263ded90a1c03f73838a3b8cdd2d8b026e51b7c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H/1.1 200
OK Z86b3W Show response
appurify.net/ 4 KB
2 KB 744ms
490ms Script
application/javascript 194.4.48.126
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: https://appurify.net/Z86b3W?return=js.client&&se_referrer=&default_keyword=&landing_url=app-foundatrion.click%2F&name=_5C1bjpGHfvgcjH36&host=https%3A%2F%2Fappurify.net%2FZ86b3W
Requested by: Host: app-foundatrion.click
URL: https://app-foundatrion.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.4.48.126 Madrid, Spain, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: vm829486.stark-industries.solutions
Software: nginx /
Resource Hash: 0ded3aa86097affd6970dd0080a73914f95559dc3547b417874023cb3dcac564

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app-foundatrion.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 05:46:52 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 1522
Expires: 0

GET
H2 200 modas_bg_img.jpg
app-foundatrion.click/ 2 MB
2 MB 99ms
98ms Image
image/jpeg 186.2.171.6
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app-foundatrion.click/modas_bg_img.jpg

Requested by

Host: app-foundatrion.click
URL: https://app-foundatrion.click/ffadb7184da0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.171.6 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

cadd3c9815a3cdac67a530015e304f5c4c12e0286b90e2585ddef924fc22b9de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app-foundatrion.click/ffadb7184da0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 02:23:15 GMT
last-modified: Mon, 12 Dec 2022 16:08:18 GMT
server: ddos-guard
age: 12216
etag: "639751f2-19d242"
content-type: image/jpeg
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 1692226

GET
H2 200 logo.png
app-foundatrion.click/ 12 KB
12 KB 164ms
162ms Image
image/png 186.2.171.6
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app-foundatrion.click/logo.png

Requested by

Host: app-foundatrion.click
URL: https://app-foundatrion.click/ffadb7184da0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.171.6 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

98dae96c786933ef3593ed08a64e8ea39a26e32712b57d248b273893f9468a38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app-foundatrion.click/ffadb7184da0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 02:23:15 GMT
last-modified: Mon, 12 Dec 2022 16:08:18 GMT
server: ddos-guard
age: 12216
etag: "639751f2-3187"
content-type: image/png
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 12679

GET
H2 200 dottedline.png
app-foundatrion.click/ 1 KB
1 KB 98ms
97ms Image
image/png 186.2.171.6
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app-foundatrion.click/dottedline.png

Requested by

Host: app-foundatrion.click
URL: https://app-foundatrion.click/ffadb7184da0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.171.6 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

2e936681108d9134cdda39e8e8f1b3c58dd9a541ea8682a515e760fee78d8733

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app-foundatrion.click/ffadb7184da0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 02:23:15 GMT
last-modified: Mon, 12 Dec 2022 16:08:17 GMT
server: ddos-guard
age: 12216
etag: "639751f1-427"
content-type: image/png
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 1063

GET
H2 200 KelsonSans-Regular.otf
app-foundatrion.click/ 105 KB
50 KB 162ms
161ms Font
font/ttf 186.2.171.6
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://app-foundatrion.click/KelsonSans-Regular.otf

Requested by

Host: app-foundatrion.click
URL: https://app-foundatrion.click/ffadb7184da0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.171.6 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

162a7ef8ecaf67afeba724ac1a91fc3a0f46cef495270b5e6fa2c3505c81ae3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://app-foundatrion.click/ffadb7184da0.css
Origin: https://app-foundatrion.click
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 02:23:15 GMT
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 16:08:17 GMT
server: ddos-guard
age: 12216
etag: W/"1a5c8-5efa3b62131c9"
vary: Accept-Encoding
content-type: font/ttf
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 50915

GET
H2 200 KelsonSans-Bold.otf
app-foundatrion.click/ 66 KB
37 KB 163ms
162ms Font
font/ttf 186.2.171.6
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://app-foundatrion.click/KelsonSans-Bold.otf

Requested by

Host: app-foundatrion.click
URL: https://app-foundatrion.click/ffadb7184da0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.171.6 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

cfe1b2497c69c465bb4c934501530f9c9b7c45a19e25e90bc128aa7d15a2b52d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://app-foundatrion.click/ffadb7184da0.css
Origin: https://app-foundatrion.click
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 02:23:15 GMT
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 16:08:17 GMT
server: ddos-guard
age: 12216
etag: W/"106c8-5efa3b61bc325"
vary: Accept-Encoding
content-type: font/ttf
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 38110

GET
H2 200 KelsonSans-Light.otf
app-foundatrion.click/ 68 KB
39 KB 163ms
162ms Font
font/ttf 186.2.171.6
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://app-foundatrion.click/KelsonSans-Light.otf

Requested by

Host: app-foundatrion.click
URL: https://app-foundatrion.click/ffadb7184da0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.171.6 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

e0d4e5554b3172d989ef4dae4cf34cc13f905520a0fedd63ff85581428d03348

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://app-foundatrion.click/ffadb7184da0.css
Origin: https://app-foundatrion.click
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 02:23:15 GMT
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 16:08:17 GMT
server: ddos-guard
age: 12216
etag: W/"10e90-5efa3b61d49c6"
vary: Accept-Encoding
content-type: font/ttf
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 39897

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| _5C1bjpGHfvgcjH36 object| _z8DQCJcT7yC34kpY

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.app-foundatrion.click/	1970-01-20 16:58:25	Name: __ddg1_ Value: hjynv3Wom1r5JUcZVrrE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-foundatrion.click
appurify.net
186.2.171.6
194.4.48.126
0ded3aa86097affd6970dd0080a73914f95559dc3547b417874023cb3dcac564
0eec6b17075844825bb0fe728b300536536671ea6455ed441f17f477980e33fa
162a7ef8ecaf67afeba724ac1a91fc3a0f46cef495270b5e6fa2c3505c81ae3c
2e936681108d9134cdda39e8e8f1b3c58dd9a541ea8682a515e760fee78d8733
305e246bebe8e5b27458751dbf831768b1d30384f14e91190ef2f626ac709891
769a91c03ff956f5cac64bc39263ded90a1c03f73838a3b8cdd2d8b026e51b7c
98dae96c786933ef3593ed08a64e8ea39a26e32712b57d248b273893f9468a38
b3640476ac406dda4e92cfaeeaf985ee7b5914381b529d06289af80b7ae3755a
cadd3c9815a3cdac67a530015e304f5c4c12e0286b90e2585ddef924fc22b9de
cfe1b2497c69c465bb4c934501530f9c9b7c45a19e25e90bc128aa7d15a2b52d
e0d4e5554b3172d989ef4dae4cf34cc13f905520a0fedd63ff85581428d03348

app-foundatrion.click Open in urlscan Pro 186.2.171.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1826 kBTransfer

1954 kBSize

1 Cookies

8 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

app-foundatrion.click Open in urlscan Pro
186.2.171.6 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1826 kB
Transfer

1954 kB
Size

1
Cookies

10 HTTP transactions
1 data transactions