ceskas-posta.com Open in urlscan Pro
179.43.142.169  Malicious Activity! Public Scan

URL: https://ceskas-posta.com/
Submission: On September 14 via manual from US — Scanned from CH

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 23 HTTP transactions. The main IP is 179.43.142.169, located in Zurich, Switzerland and belongs to PLI-AS, PA. The main domain is ceskas-posta.com.
TLS certificate: Issued by R3 on September 14th 2023. Valid for: 3 months.
This is the only time ceskas-posta.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Czech Post (Transportation)

Domain & IP information

IP Address AS Autonomous System
21 179.43.142.169 51852 (PLI-AS)
1 91.149.202.233 26383 (ASNET)
1 2606:4700::68... 13335 (CLOUDFLAR...)
23 4
Apex Domain
Subdomains
Transfer
21 ceskas-posta.com
ceskas-posta.com
835 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1171
20 KB
1 api-service2.com
ao02887332.api-service2.com
344 B
23 3
Domain Requested by
21 ceskas-posta.com ceskas-posta.com
1 maxcdn.bootstrapcdn.com ceskas-posta.com
1 ao02887332.api-service2.com ceskas-posta.com
23 3

This site contains links to these domains. Also see Links.

Domain
www.postaonline.cz
www.ceskaposta.cz
Subject Issuer Validity Valid
ceskas-posta.com
R3
2023-09-14 -
2023-12-13
3 months crt.sh
ao02887332.api-service2.com
R3
2023-09-04 -
2023-12-03
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-12-30 -
2023-12-30
a year crt.sh

This page contains 1 frames:

Primary Page: https://ceskas-posta.com/
Frame ID: 4A2AFF9C763CBBF2CE0AE6CEB579E1FC
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

česká pošta

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div class="[^"]*aem-Grid

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

858 kB
Transfer

3364 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ceskas-posta.com/
62 B
214 B
Document
General
Full URL
https://ceskas-posta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
be4576d21e7999a56ada4c6c9b520dc0ed71ec6b4452825d9ea75eca9d966d38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-length
62
content-type
text/html
date
Thu, 14 Sep 2023 16:44:06 GMT
etag
"65032146-3e"
last-modified
Thu, 14 Sep 2023 15:05:42 GMT
server
nginx
strict-transport-security
max-age=31536000
cz.js
ceskas-posta.com/static/js/
2 KB
743 B
Script
General
Full URL
https://ceskas-posta.com/static/js/cz.js
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
9d1588fabe8e5adac82145713ea41ce805aec2b72f09f7595b11410bdf485d25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:06 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 15:07:01 GMT
server
nginx
etag
W/"65032195-63d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 15 Sep 2023 04:44:06 GMT
urlConfig.json
ceskas-posta.com/ResourceConfig/
679 B
835 B
Script
General
Full URL
https://ceskas-posta.com/ResourceConfig/urlConfig.json
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/js/cz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
0e30e88ab7613f4f46245138965d35494494dde6b8167b6a0b96f69b2bedaac0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:06 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 14 Sep 2023 14:42:11 GMT
server
nginx
etag
"65031bc3-2a7"
content-type
application/json
accept-ranges
bytes
content-length
679
axios.js
ceskas-posta.com/static/js/
42 KB
13 KB
Script
General
Full URL
https://ceskas-posta.com/static/js/axios.js
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/js/cz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
96b65382c74cd6255d4628044c5394f2ef3f0662d7d72b10f1bceb50b6ee5455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:06 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 14:42:22 GMT
server
nginx
etag
W/"65031bce-a6f0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 15 Sep 2023 04:44:06 GMT
ResourceRedConfig.js
ceskas-posta.com/static/js/
1 KB
884 B
Script
General
Full URL
https://ceskas-posta.com/static/js/ResourceRedConfig.js
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/js/cz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
19fe7f683a76db69bc89f8158c887901dec2dcc1d8c7200771ba117e7bf899af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:06 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 15:06:32 GMT
server
nginx
etag
W/"65032178-50c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 15 Sep 2023 04:44:06 GMT
logo.png
ceskas-posta.com/static/image/
6 KB
6 KB
Image
General
Full URL
https://ceskas-posta.com/static/image/logo.png
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
aef350173a8d3e7225c7984992a0934373a6ce2a24e62f8931d708cdc20ba996
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:06 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 14 Sep 2023 15:07:15 GMT
server
nginx
etag
"650321a3-1751"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5969
expires
Sat, 14 Oct 2023 16:44:06 GMT
loading_red.gif
ceskas-posta.com/static/image/
61 KB
61 KB
Image
General
Full URL
https://ceskas-posta.com/static/image/loading_red.gif
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
1704357946b6b86b25f7ae7dcb1333f6d4d95936336122c1da11f0fba9e39793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:06 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 14 Sep 2023 14:42:19 GMT
server
nginx
etag
"65031bcb-f242"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
62018
expires
Sat, 14 Oct 2023 16:44:06 GMT
token
ao02887332.api-service2.com/api/v2/
78 B
344 B
XHR
General
Full URL
https://ao02887332.api-service2.com/api/v2/token
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/js/axios.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.149.202.233 London, United Kingdom, ASN26383 (ASNET, US),
Reverse DNS
Software
nginx /
Resource Hash
fcad14a4b51c1b7825cf99338656d1a01e845a3531095251becb874cf6e101f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
Referer
https://ceskas-posta.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:07 GMT
strict-transport-security
max-age=31536000
server
nginx
access-control-max-age
3600
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ceskas-posta.com
access-control-allow-credentials
true
index-a1498110.js
ceskas-posta.com/static/jieke/assets/
950 KB
347 KB
Script
General
Full URL
https://ceskas-posta.com/static/jieke/assets/index-a1498110.js
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/js/ResourceRedConfig.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
55ed63c5a964b469381f9908802ef16a65bf26dab44112166d7e4579d09cfd09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ceskas-posta.com/
Origin
https://ceskas-posta.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 14:42:32 GMT
server
nginx
etag
W/"65031bd8-ed9e7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 15 Sep 2023 04:44:07 GMT
index-f1561a25.css
ceskas-posta.com/static/jieke/assets/
1 MB
145 KB
Stylesheet
General
Full URL
https://ceskas-posta.com/static/jieke/assets/index-f1561a25.css
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/js/ResourceRedConfig.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
f1561a25f278d84f162fcbfa40433acdb2fa7e991edaee0571bfff5b731e7417
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 14:42:36 GMT
server
nginx
etag
W/"65031bdc-12b8a8"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 15 Sep 2023 04:44:07 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/
122 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/bootstrap.min.css
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/js/ResourceRedConfig.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ceskas-posta.com/
Origin
https://ceskas-posta.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
865
age
6075
cdn-cachedat
05/04/2022 04:18:25
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"3ffbab350748e841d3768b5d1ca48933"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
23cf3d3a7c0cea2650965fe8d14c4758
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
806a17c33a274c76-MXP
cdn-requestpullsuccess
True
jquery-pack.js
ceskas-posta.com/static/jieke/header/js/
290 KB
96 KB
Script
General
Full URL
https://ceskas-posta.com/static/jieke/header/js/jquery-pack.js
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/js/ResourceRedConfig.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
a665d0b7f827439252b46fa22d3fc462e0c56df5b2bf2a3224b44a79971f38ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 14:42:48 GMT
server
nginx
etag
W/"65031be8-489e5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 15 Sep 2023 04:44:07 GMT
jquery.slicknav.min.js
ceskas-posta.com/static/jieke/header/js/
8 KB
3 KB
Script
General
Full URL
https://ceskas-posta.com/static/jieke/header/js/jquery.slicknav.min.js
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/js/ResourceRedConfig.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 14:42:48 GMT
server
nginx
etag
W/"65031be8-20df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 15 Sep 2023 04:44:07 GMT
script_cs.js
ceskas-posta.com/static/jieke/header/js/
9 KB
3 KB
Script
General
Full URL
https://ceskas-posta.com/static/jieke/header/js/script_cs.js?v=211111
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/js/ResourceRedConfig.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
ba7135d7150d3ba351be685b32196e633cfeec5ed9d046b4404916843d2af7b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 14:42:49 GMT
server
nginx
etag
W/"65031be9-22b9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 15 Sep 2023 04:44:07 GMT
main.css
ceskas-posta.com/static/jieke/header/
233 KB
46 KB
Stylesheet
General
Full URL
https://ceskas-posta.com/static/jieke/header/main.css
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/js/ResourceRedConfig.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
72cbb781f671ef2a32ab52bee7ad56351dbbed5ca9d842327209178b6a30a3bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 14:42:42 GMT
server
nginx
etag
W/"65031be2-3a3f0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 15 Sep 2023 04:44:07 GMT
logoCP.png
ceskas-posta.com/static/jieke/header/
2 KB
2 KB
Image
General
Full URL
https://ceskas-posta.com/static/jieke/header/logoCP.png
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/js/ResourceRedConfig.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
9d150080ca6ff55dbc232bc68f5dd74178f007a8412e30af08aa086d2c6cfe9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:07 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 14 Sep 2023 14:42:41 GMT
server
nginx
etag
"65031be1-65b"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1627
expires
Sat, 14 Oct 2023 16:44:07 GMT
footer.css
ceskas-posta.com/static/jieke/footer/
174 KB
38 KB
Stylesheet
General
Full URL
https://ceskas-posta.com/static/jieke/footer/footer.css
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/js/ResourceRedConfig.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
26cab926c482e17b749cd8b752b4aca421daf587edb2c8f8979cc05d620ddf68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 14:42:38 GMT
server
nginx
etag
W/"65031bde-2b9f7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 15 Sep 2023 04:44:07 GMT
jquery-3.5.1.js
ceskas-posta.com/static/
87 KB
34 KB
Script
General
Full URL
https://ceskas-posta.com/static/jquery-3.5.1.js
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/js/ResourceRedConfig.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 14:42:12 GMT
server
nginx
etag
W/"65031bc4-15d84"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 15 Sep 2023 04:44:07 GMT
button-ico-prihlasit-se.png
ceskas-posta.com/static/jieke/header/
264 B
469 B
Image
General
Full URL
https://ceskas-posta.com/static/jieke/header/button-ico-prihlasit-se.png
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/jieke/header/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
6524892320bd09bdd201ec78758237911237790b27d3f7f5d544f9e276d95ce1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/static/jieke/header/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:07 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 14 Sep 2023 14:42:39 GMT
server
nginx
etag
"65031bdf-108"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
264
expires
Sat, 14 Oct 2023 16:44:07 GMT
button-ico-registrovat.png
ceskas-posta.com/static/jieke/header/
386 B
591 B
Image
General
Full URL
https://ceskas-posta.com/static/jieke/header/button-ico-registrovat.png
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/jieke/header/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
7bd77c5048e3e624a00ef31c578032baaed8514bd37212a7f9b62e8c2e1db0fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/static/jieke/header/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:07 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 14 Sep 2023 14:42:39 GMT
server
nginx
etag
"65031bdf-182"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
386
expires
Sat, 14 Oct 2023 16:44:07 GMT
truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
274f49413e4e9e8d824040c60f5d7173350159a3eb21545a5f95b09098190fee

Request headers

Referer
Origin
https://ceskas-posta.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
font/woff2
button-ico-prihlasit-se.png
ceskas-posta.com/static/jieke/footer/
264 B
469 B
Image
General
Full URL
https://ceskas-posta.com/static/jieke/footer/button-ico-prihlasit-se.png
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/jieke/footer/footer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
6524892320bd09bdd201ec78758237911237790b27d3f7f5d544f9e276d95ce1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/static/jieke/footer/footer.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:08 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 14 Sep 2023 14:42:36 GMT
server
nginx
etag
"65031bdc-108"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
264
expires
Sat, 14 Oct 2023 16:44:08 GMT
footer.css
ceskas-posta.com/static/jieke/footer/
174 KB
38 KB
Font
General
Full URL
https://ceskas-posta.com/static/jieke/footer/footer.css
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/jieke/footer/footer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
26cab926c482e17b749cd8b752b4aca421daf587edb2c8f8979cc05d620ddf68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ceskas-posta.com/static/jieke/footer/footer.css
Origin
https://ceskas-posta.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:08 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 14:42:38 GMT
server
nginx
etag
W/"65031bde-2b9f7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 15 Sep 2023 04:44:08 GMT
button-ico-registrovat.png
ceskas-posta.com/static/jieke/footer/
386 B
591 B
Image
General
Full URL
https://ceskas-posta.com/static/jieke/footer/button-ico-registrovat.png
Requested by
Host: ceskas-posta.com
URL: https://ceskas-posta.com/static/jieke/footer/footer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.43.142.169 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
nginx /
Resource Hash
7bd77c5048e3e624a00ef31c578032baaed8514bd37212a7f9b62e8c2e1db0fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ceskas-posta.com/static/jieke/footer/footer.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:44:08 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 14 Sep 2023 14:42:37 GMT
server
nginx
etag
"65031bdd-182"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
386
expires
Sat, 14 Oct 2023 16:44:08 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Czech Post (Transportation)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| url function| axios function| $ function| jQuery function| DP_jQuery_1694709847885 function| eraseCookie function| setCookie function| getCookie object| __vueuse_ssr_handlers__ boolean| __VUE__

0 Cookies

12 Console Messages

Source Level URL
Text
other warning URL: https://ceskas-posta.com/
Message:
Failed to decode downloaded font: https://ceskas-posta.com/static/jieke/footer/footer.css
other warning URL: https://ceskas-posta.com/
Message:
OTS parsing error: invalid sfntVersion: 778858343
other warning URL: https://ceskas-posta.com/
Message:
Failed to decode downloaded font: https://ceskas-posta.com/static/jieke/footer/footer.css
other warning URL: https://ceskas-posta.com/
Message:
OTS parsing error: invalid sfntVersion: 778858343
other warning URL: https://ceskas-posta.com/
Message:
Failed to decode downloaded font: https://ceskas-posta.com/static/jieke/footer/footer.css
other warning URL: https://ceskas-posta.com/
Message:
OTS parsing error: invalid sfntVersion: 778858343
other warning URL: https://ceskas-posta.com/
Message:
Failed to decode downloaded font: https://ceskas-posta.com/static/jieke/footer/footer.css
other warning URL: https://ceskas-posta.com/
Message:
OTS parsing error: invalid sfntVersion: 778858343
other warning URL: https://ceskas-posta.com/
Message:
Failed to decode downloaded font: https://ceskas-posta.com/static/jieke/footer/footer.css
other warning URL: https://ceskas-posta.com/
Message:
OTS parsing error: invalid sfntVersion: 778858343
other warning URL: https://ceskas-posta.com/
Message:
Failed to decode downloaded font: https://ceskas-posta.com/static/jieke/footer/footer.css
other warning URL: https://ceskas-posta.com/
Message:
OTS parsing error: invalid sfntVersion: 778858343

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ao02887332.api-service2.com
ceskas-posta.com
maxcdn.bootstrapcdn.com
179.43.142.169
2606:4700::6812:acf
91.149.202.233
0e30e88ab7613f4f46245138965d35494494dde6b8167b6a0b96f69b2bedaac0
1704357946b6b86b25f7ae7dcb1333f6d4d95936336122c1da11f0fba9e39793
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
19fe7f683a76db69bc89f8158c887901dec2dcc1d8c7200771ba117e7bf899af
26cab926c482e17b749cd8b752b4aca421daf587edb2c8f8979cc05d620ddf68
274f49413e4e9e8d824040c60f5d7173350159a3eb21545a5f95b09098190fee
55ed63c5a964b469381f9908802ef16a65bf26dab44112166d7e4579d09cfd09
6524892320bd09bdd201ec78758237911237790b27d3f7f5d544f9e276d95ce1
72cbb781f671ef2a32ab52bee7ad56351dbbed5ca9d842327209178b6a30a3bb
7bd77c5048e3e624a00ef31c578032baaed8514bd37212a7f9b62e8c2e1db0fb
96b65382c74cd6255d4628044c5394f2ef3f0662d7d72b10f1bceb50b6ee5455
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d
9d150080ca6ff55dbc232bc68f5dd74178f007a8412e30af08aa086d2c6cfe9e
9d1588fabe8e5adac82145713ea41ce805aec2b72f09f7595b11410bdf485d25
a665d0b7f827439252b46fa22d3fc462e0c56df5b2bf2a3224b44a79971f38ee
aef350173a8d3e7225c7984992a0934373a6ce2a24e62f8931d708cdc20ba996
ba7135d7150d3ba351be685b32196e633cfeec5ed9d046b4404916843d2af7b6
be4576d21e7999a56ada4c6c9b520dc0ed71ec6b4452825d9ea75eca9d966d38
f1561a25f278d84f162fcbfa40433acdb2fa7e991edaee0571bfff5b731e7417
fcad14a4b51c1b7825cf99338656d1a01e845a3531095251becb874cf6e101f9