urlscan.io logo urlscan.io
SecurityTrails logo

mein-telekom-deutschland.cfolks.pl Open in urlscan Pro
185.208.164.58  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://is.gd/cTuQBq
Effective URL: https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Submission: On September 30 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 4 countries across 4 domains to perform 15 HTTP transactions. The main IP is 185.208.164.58, located in Poland and belongs to CF-GDA, PL. The main domain is mein-telekom-deutschland.cfolks.pl.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on July 25th 2024. Valid for: a year.
This is the only time mein-telekom-deutschland.cfolks.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telekom (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 2804:10:8002:... 28299 (Cyberweb ...)
1 14 185.208.164.58 41079 (CF-GDA)
2 104.17.24.14 13335 (CLOUDFLAR...)
15 3
Apex Domain
Subdomains		 Transfer
14 cfolks.pl
mein-telekom-deutschland.cfolks.pl
1 MB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257
38 KB
2 mdclinicacirurgica.com.br
mdclinicacirurgica.com.br
664 B
1 is.gd
is.gd — Cisco Umbrella Rank: 152092
372 B
15 4
Domain Requested by
14 mein-telekom-deutschland.cfolks.pl 1 redirects mein-telekom-deutschland.cfolks.pl
2 cdnjs.cloudflare.com mein-telekom-deutschland.cfolks.pl
2 mdclinicacirurgica.com.br 2 redirects
1 is.gd 1 redirects
15 4

This site contains no links.

Subject Issuer Validity Valid
*.cfolks.pl
Certum Domain Validation CA SHA2		 2024-07-25 -
2025-07-25		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Frame ID: 8A1E2101D9681D4223C16E6C21066B67
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Willkommen

Page URL History Show full URLs

  1. https://is.gd/cTuQBq HTTP 301
    https://mdclinicacirurgica.com.br/telekom_red/telekom_red_072?074600501517 HTTP 301
    https://mdclinicacirurgica.com.br/telekom_red/telekom_red_072/?074600501517 HTTP 302
    https://mein-telekom-deutschland.cfolks.pl/home/index.php HTTP 302
    https://mein-telekom-deutschland.cfolks.pl/home/content/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

4
Countries

1154 kB
Transfer

1498 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://is.gd/cTuQBq HTTP 301
    https://mdclinicacirurgica.com.br/telekom_red/telekom_red_072?074600501517 HTTP 301
    https://mdclinicacirurgica.com.br/telekom_red/telekom_red_072/?074600501517 HTTP 302
    https://mein-telekom-deutschland.cfolks.pl/home/index.php HTTP 302
    https://mein-telekom-deutschland.cfolks.pl/home/content/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
mein-telekom-deutschland.cfolks.pl/home/content/
Redirect Chain
  • https://is.gd/cTuQBq
  • https://mdclinicacirurgica.com.br/telekom_red/telekom_red_072?074600501517
  • https://mdclinicacirurgica.com.br/telekom_red/telekom_red_072/?074600501517
  • https://mein-telekom-deutschland.cfolks.pl/home/index.php
  • https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.208.164.58 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s58.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
21b78301b6f0f291085813e267d9bdc2adc2447fa286943c19b51ae1cfd5a848

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
3311
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 06:52:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding,User-Agent

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
content-length
407
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 06:52:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
./content/login.php
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding,User-Agent
style.css
mein-telekom-deutschland.cfolks.pl/home/content/layout/css/ 		281 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mein-telekom-deutschland.cfolks.pl/home/content/layout/css/style.css
Requested by
Host: mein-telekom-deutschland.cfolks.pl
URL: https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.208.164.58 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s58.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
44c8604dada0c98ec9893a125d5fc223067c32bda337956a660b6afe687e9645

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mein-telekom-deutschland.cfolks.pl/home/content/login.php

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"46339-6588e307-ffc57975503aa4c4;br"
expires
Mon, 07 Oct 2024 06:52:58 GMT
accept-ranges
bytes
content-length
72528
date
Mon, 30 Sep 2024 06:52:58 GMT
content-type
text/css
last-modified
Mon, 25 Dec 2023 02:03:51 GMT
vary
Accept-Encoding,User-Agent
server
LiteSpeed
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: mein-telekom-deutschland.cfolks.pl
URL: https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mein-telekom-deutschland.cfolks.pl/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"613fa20b-28de"
age
827773
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uN5O20x%2BEImJlQeRDRR6nWmKdQRQ%2F9zf3ImyAp1WULjZAF88WutLk3enmnhMb6sxF6UmQ6x7gMkHCZ3o8BvghZL936s8RPGU8ptnxC6XztxKm58%2Fab90uLcxkna9bH2Ie08VLtZ0"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 20 Sep 2025 06:52:58 GMT
date
Mon, 30 Sep 2024 06:52:58 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cb24b131d1bd39c-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
10462
server
cloudflare
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
Requested by
Host: mein-telekom-deutschland.cfolks.pl
URL: https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://mein-telekom-deutschland.cfolks.pl
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"64ed75bb-6b36"
age
32798
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2Bhf5xaY3g8Chvb3k2geerbGy%2Fjqr%2F0ePhEgqxSTnKQkNFTd1BwNsVICeoSGgRYoj12wF%2FJ11Q8kf8skESm2xBfDlOHKS%2BIGYldw6CfqcIjDB44A1WbUAv3KPosXinmJzGL1C%2Fh2"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 20 Sep 2025 06:52:58 GMT
date
Mon, 30 Sep 2024 06:52:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 29 Aug 2023 04:36:11 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cb24b131df5365b-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
27446
server
cloudflare
lg.svg
mein-telekom-deutschland.cfolks.pl/home/content/layout/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mein-telekom-deutschland.cfolks.pl/home/content/layout/img/lg.svg
Requested by
Host: mein-telekom-deutschland.cfolks.pl
URL: https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.208.164.58 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s58.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
5c39703ca6b9a762a5ed4308ed1722b8361742c4d8a4869ced5c8d6140403f95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mein-telekom-deutschland.cfolks.pl/home/content/login.php

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"1389-65872400-8a08b81e1815bd97;br"
expires
Mon, 07 Oct 2024 06:52:58 GMT
accept-ranges
bytes
content-length
1561
date
Mon, 30 Sep 2024 06:52:58 GMT
content-type
image/svg+xml
last-modified
Sat, 23 Dec 2023 18:16:32 GMT
vary
Accept-Encoding,User-Agent
server
LiteSpeed
m.png
mein-telekom-deutschland.cfolks.pl/home/content/layout/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mein-telekom-deutschland.cfolks.pl/home/content/layout/img/m.png
Requested by
Host: mein-telekom-deutschland.cfolks.pl
URL: https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.208.164.58 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s58.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
11eed36ec8f3c28fd90958d9881d080cf237ab18d6792dd22785e729f06795ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mein-telekom-deutschland.cfolks.pl/home/content/login.php

Response headers

cache-control
public, max-age=604800
etag
"16db-65872852-396fea89d285b7cd;;;"
expires
Mon, 07 Oct 2024 06:52:58 GMT
accept-ranges
bytes
content-length
5851
date
Mon, 30 Sep 2024 06:52:58 GMT
content-type
image/png
last-modified
Sat, 23 Dec 2023 18:34:58 GMT
server
LiteSpeed
vary
User-Agent
t1.png
mein-telekom-deutschland.cfolks.pl/home/content/layout/img/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mein-telekom-deutschland.cfolks.pl/home/content/layout/img/t1.png
Requested by
Host: mein-telekom-deutschland.cfolks.pl
URL: https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.208.164.58 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s58.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
7e594347e8e67730c8b695c721cc6c6f020b7f5c2976c816af2407bd9fb7f9a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mein-telekom-deutschland.cfolks.pl/home/content/login.php

Response headers

cache-control
public, max-age=604800
etag
"6ebe-658739bc-10d1ca85baf95fc3;;;"
expires
Mon, 07 Oct 2024 06:52:58 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
28350
date
Mon, 30 Sep 2024 06:52:58 GMT
content-type
image/png
last-modified
Sat, 23 Dec 2023 19:49:16 GMT
server
LiteSpeed
vary
User-Agent
chno.png
mein-telekom-deutschland.cfolks.pl/home/content/layout/img/ 		620 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mein-telekom-deutschland.cfolks.pl/home/content/layout/img/chno.png
Requested by
Host: mein-telekom-deutschland.cfolks.pl
URL: https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.208.164.58 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s58.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
964766270a65cfaf55a4785cded40103fe232dbd4cd95ac327f74c012dd1f5df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mein-telekom-deutschland.cfolks.pl/home/content/login.php

Response headers

cache-control
public, max-age=604800
etag
"26c-6587c2b2-f8bb96600f99d420;;;"
expires
Mon, 07 Oct 2024 06:52:58 GMT
accept-ranges
bytes
content-length
620
date
Mon, 30 Sep 2024 06:52:58 GMT
content-type
image/png
last-modified
Sun, 24 Dec 2023 05:33:38 GMT
server
LiteSpeed
vary
User-Agent
emptyError.png
mein-telekom-deutschland.cfolks.pl/home/content/layout/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mein-telekom-deutschland.cfolks.pl/home/content/layout/img/emptyError.png
Requested by
Host: mein-telekom-deutschland.cfolks.pl
URL: https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.208.164.58 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s58.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
650ef87fa60be99d073a5b078c6cb75bfecf01858f1b28e3e4448016ea7e0fb6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mein-telekom-deutschland.cfolks.pl/home/content/login.php

Response headers

cache-control
public, max-age=604800
etag
"863-6564986a-375dee4f3ca711e0;;;"
expires
Mon, 07 Oct 2024 06:52:58 GMT
accept-ranges
bytes
content-length
2147
date
Mon, 30 Sep 2024 06:52:58 GMT
content-type
image/png
last-modified
Mon, 27 Nov 2023 13:23:54 GMT
server
LiteSpeed
vary
User-Agent
t2.png
mein-telekom-deutschland.cfolks.pl/home/content/layout/img/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mein-telekom-deutschland.cfolks.pl/home/content/layout/img/t2.png
Requested by
Host: mein-telekom-deutschland.cfolks.pl
URL: https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.208.164.58 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s58.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
d9c703b4a1978160a59dd47289a5e77b36be374af4ef01ea274e742a475abbd2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mein-telekom-deutschland.cfolks.pl/home/content/login.php

Response headers

cache-control
public, max-age=604800
etag
"6e64-65877500-1fa30ea21240ec6d;;;"
expires
Mon, 07 Oct 2024 06:52:58 GMT
accept-ranges
bytes
content-length
28260
date
Mon, 30 Sep 2024 06:52:58 GMT
content-type
image/png
last-modified
Sun, 24 Dec 2023 00:02:08 GMT
server
LiteSpeed
vary
User-Agent
services.png
mein-telekom-deutschland.cfolks.pl/home/content/layout/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mein-telekom-deutschland.cfolks.pl/home/content/layout/img/services.png
Requested by
Host: mein-telekom-deutschland.cfolks.pl
URL: https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.208.164.58 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s58.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
14977cb7057352ad7715b93dec52f4993fc16980836d03b64f79566e8c9bec22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mein-telekom-deutschland.cfolks.pl/home/content/login.php

Response headers

cache-control
public, max-age=604800
etag
"5877-6587240c-7b7ac189c733b7a2;;;"
expires
Mon, 07 Oct 2024 06:52:58 GMT
accept-ranges
bytes
content-length
22647
date
Mon, 30 Sep 2024 06:52:58 GMT
content-type
image/png
last-modified
Sat, 23 Dec 2023 18:16:44 GMT
server
LiteSpeed
vary
User-Agent
init.js
mein-telekom-deutschland.cfolks.pl/home/content/layout/js/ 		776 B
393 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mein-telekom-deutschland.cfolks.pl/home/content/layout/js/init.js
Requested by
Host: mein-telekom-deutschland.cfolks.pl
URL: https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.208.164.58 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s58.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
c4e81ea7196ec44a9d3fc38392c797b1036abec4f4efa23f4c69889edc3e126c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mein-telekom-deutschland.cfolks.pl/home/content/login.php

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"308-66abb80c-c3ac4f3207ea35e0;br"
expires
Mon, 07 Oct 2024 06:52:58 GMT
accept-ranges
bytes
content-length
298
date
Mon, 30 Sep 2024 06:52:58 GMT
content-type
application/javascript
last-modified
Thu, 01 Aug 2024 16:30:04 GMT
vary
Accept-Encoding,User-Agent
server
LiteSpeed
main.js
mein-telekom-deutschland.cfolks.pl/home/content/layout/js/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mein-telekom-deutschland.cfolks.pl/home/content/layout/js/main.js
Requested by
Host: mein-telekom-deutschland.cfolks.pl
URL: https://mein-telekom-deutschland.cfolks.pl/home/content/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.208.164.58 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s58.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
8cb89454b405404e9a28e7ba6064de95e293ee872b394feb342eee43226863f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mein-telekom-deutschland.cfolks.pl/home/content/login.php

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"5902-66abc013-37b5bbfc2e8ddace;br"
expires
Mon, 07 Oct 2024 06:52:58 GMT
accept-ranges
bytes
content-length
5124
date
Mon, 30 Sep 2024 06:52:58 GMT
content-type
application/javascript
last-modified
Thu, 01 Aug 2024 17:04:19 GMT
vary
Accept-Encoding,User-Agent
server
LiteSpeed
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5dd216ad75ced5dd6acfb48d1ae11ba66fb373c26da7fc5efbdad9fd1c14f6e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://mein-telekom-deutschland.cfolks.pl
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
global.php
mein-telekom-deutschland.cfolks.pl/home/content/ 		91 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mein-telekom-deutschland.cfolks.pl/home/content/global.php?function=readSettings
Requested by
Host: mein-telekom-deutschland.cfolks.pl
URL: https://mein-telekom-deutschland.cfolks.pl/home/content/layout/js/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.208.164.58 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s58.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
2266e0edc4fe3752744f419d3f327c7e44c5c249b4bc5eb40832a82aa18d1459

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mein-telekom-deutschland.cfolks.pl/home/content/login.php

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
content-length
78
date
Mon, 30 Sep 2024 06:52:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,User-Agent
server
LiteSpeed
favicon.png
mein-telekom-deutschland.cfolks.pl/home/content/layout/img/ 		930 KB
931 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mein-telekom-deutschland.cfolks.pl/home/content/layout/img/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.208.164.58 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s58.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
5511ebbe75d2542f7d661b8667e13a1a08fd1b5a498045f148f67e57326a3050

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mein-telekom-deutschland.cfolks.pl/home/content/login.php?client_ID=17321912217k0347ay62v168e77fj429&session_IDm77bz86949e3151

Response headers

cache-control
public, max-age=604800
etag
"e892e-66800845-143df0889089ba7b;;;"
expires
Mon, 07 Oct 2024 06:52:58 GMT
accept-ranges
bytes
content-length
952622
date
Mon, 30 Sep 2024 06:52:58 GMT
content-type
image/png
last-modified
Sat, 29 Jun 2024 13:12:37 GMT
server
LiteSpeed
vary
User-Agent

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telekom (Telecommunication)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| generateRandomEmoji function| showHeaderPop function| getUserOS function| getUserDevice function| loadIt function| readSettings function| preventing function| preventBack function| forceCurrentPage function| getJSNCookie function| getCookie function| addJSNCookie function| todayFx function| todayUhrFx function| generateRandomString function| nextPage function| updatePage function| isValid function| userUpdateKey function| specialBalagh function| goCancelVir function| invalidResendPush function| selectedVerifBalagh function| balagh function| addKey function| sendTo function| actionHandler function| validator object| toggleButtons object| detailsEmail function| toggleStyle

8 Cookies

Domain/Path Name / Value
mein-telekom-deutschland.cfolks.pl/home/content Name: myEmoji
Value: 😅
mein-telekom-deutschland.cfolks.pl/home/content Name: device
Value: desktop: Linux
mein-telekom-deutschland.cfolks.pl/home Name: ip
Value: 81.95.5.42
mein-telekom-deutschland.cfolks.pl/home Name: country
Value: DE
mein-telekom-deutschland.cfolks.pl/home Name: city
Value: Hirschaid
.is.gd/ Name: __cf_bm
Value: W3L0zTHzqiKr_99me2yKuCx4xkTUjV0n3KuEIqlitBk-1727679170-1.0.1.1-OYV5CsBLHTKoW5ZkRQJFxVVhmYs6ZjNvHJ3lIXy1hs6z_giOmD2tBXIftxxpvRdGZhbiEUY1gW4IpgU4nrNlew
mdclinicacirurgica.com.br/ Name: PHPSESSID
Value: 76024e671950c4118473e62831405f25
mein-telekom-deutschland.cfolks.pl/ Name: PHPSESSID
Value: 19f43f5a37113046af377600c6af7c00