delivery.post-track.ch Open in urlscan Pro
217.148.3.185  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

• https://reporting.web-asbas.ch/log/?type=pageview&uuid=3e2311ec-794c-4496-acb9-fa4074986e74 HTTP 302
• https://phishingdashboard.advact.ch/awareness/de/sbb/posttracking/4/9tniaj93swz505kybycp/?p=3e2311ec-794c-4496-acb9-fa4074986e74

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response delivery.post-track.ch/h/	21 KB 21 KB	194ms 40ms	Document text/html	217.148.3.185 MTF-CLOUD
General Check archive.org Show headers Download Go to Full URL https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.185 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash dce7adcf5f52a094246b1dc61e03cd5269daa66326f6eb7851bf6aa038e9aaba Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 21081 content-type text/html date Wed, 06 Nov 2024 00:44:18 GMT etag "6724d2e9-5259" last-modified Fri, 01 Nov 2024 13:08:57 GMT permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self) referrer-policy no-referrer strict-transport-security max-age=0 x-content-type-options nosniff x-envoy-upstream-service-time 0 x-frame-options SAMEORIGIN x-robots-tag noindex, nofollow, nosnippet, noarchive
GET H2	200	jquery-ui.css delivery.post-track.ch/resources/css/	27 KB 28 KB	117ms 115ms	Stylesheet text/css	217.148.3.185 MTF-CLOUD
General Check archive.org Show headers Download Go to Full URL https://delivery.post-track.ch/resources/css/jquery-ui.css Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.185 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash fbd489168ae612c6b66a27e30b546e56734462b028ad526efd7c6cf860483c7b Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=0 x-robots-tag noindex, nofollow, nosnippet, noarchive etag "6724d325-6be4" x-envoy-upstream-service-time 1 x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self) accept-ranges bytes content-length 27620 date Wed, 06 Nov 2024 00:44:18 GMT content-type text/css last-modified Fri, 01 Nov 2024 13:09:57 GMT x-frame-options SAMEORIGIN
GET H2	200	chosen.css delivery.post-track.ch/resources/css/	14 KB 14 KB	95ms 94ms	Stylesheet text/css	217.148.3.185 MTF-CLOUD
General Check archive.org Show headers Download Go to Full URL https://delivery.post-track.ch/resources/css/chosen.css Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.185 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash 9f4148b3eb74ea45fe039370ebf008778728c5b31909bd3f786ad37d4e12ed53 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=0 x-robots-tag noindex, nofollow, nosnippet, noarchive etag "6724d390-3712" x-envoy-upstream-service-time 0 x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self) accept-ranges bytes content-length 14098 date Wed, 06 Nov 2024 00:44:18 GMT content-type text/css last-modified Fri, 01 Nov 2024 13:11:44 GMT x-frame-options SAMEORIGIN
GET H2	200	magnific-popup.css delivery.post-track.ch/resources/css/	8 KB 8 KB	96ms 95ms	Stylesheet text/css	217.148.3.185 MTF-CLOUD
General Check archive.org Show headers Download Go to Full URL https://delivery.post-track.ch/resources/css/magnific-popup.css Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.185 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash bf2911b44c7fa0b1734ab6f03b8cb46245cef7df3cdf8deb0c9a1ad8c6294b7b Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=0 x-robots-tag noindex, nofollow, nosnippet, noarchive etag "6724d3cf-1e06" x-envoy-upstream-service-time 0 x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self) accept-ranges bytes content-length 7686 date Wed, 06 Nov 2024 00:44:18 GMT content-type text/css last-modified Fri, 01 Nov 2024 13:12:47 GMT x-frame-options SAMEORIGIN
GET H2	200	trackAndTrace2f3a.css delivery.post-track.ch/resources/css/	44 KB 45 KB	42ms 41ms	Stylesheet text/css	217.148.3.185 MTF-CLOUD
General Check archive.org Show headers Download Go to Full URL https://delivery.post-track.ch/resources/css/trackAndTrace2f3a.css?version=04.16.04.00 Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.185 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash bc784011a203cfa8d4d455d8ed496cd8447bd69d2e70e6f54ddac4f37be09a05 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=0 x-robots-tag noindex, nofollow, nosnippet, noarchive etag "6724d2ea-b0c8" x-envoy-upstream-service-time 0 x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self) accept-ranges bytes content-length 45256 date Wed, 06 Nov 2024 00:44:18 GMT content-type text/css last-modified Fri, 01 Nov 2024 13:08:58 GMT x-frame-options SAMEORIGIN
GET H2	200	asbas.js Show response reporting.web-asbas.ch/static/asbas/js/	2 KB 2 KB	217ms 57ms	Script application/javascript	217.148.3.184 MTF-CLOUD
General Check archive.org Show headers Download Go to Full URL https://reporting.web-asbas.ch/static/asbas/js/asbas.js Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.184 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash ffc54eedba5d8e2e3192c7d2bbf7845f09dd17da54f4043a4ef20981fd8d9adf Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers x-robots-tag noindex, nofollow, nosnippet, noarchive etag "672a175b-61b" x-content-type-options nosniff date Wed, 06 Nov 2024 00:44:18 GMT content-type application/javascript last-modified Tue, 05 Nov 2024 13:02:19 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains content-security-policy default-src 'self' cache-control no-store x-envoy-upstream-service-time 0 referrer-policy strict-origin permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=() accept-ranges bytes content-length 1563 x-xss-protection 1;mode=block
GET H2	200	asbas.js Show response reporting.asbas.ch/static/asbas/js/	2 KB 2 KB	240ms 80ms	Script application/javascript	217.148.3.184 MTF-CLOUD
General Check archive.org Show headers Download Go to Full URL https://reporting.asbas.ch/static/asbas/js/asbas.js Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.184 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash ffc54eedba5d8e2e3192c7d2bbf7845f09dd17da54f4043a4ef20981fd8d9adf Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers x-robots-tag noindex, nofollow, nosnippet, noarchive etag "672a171f-61b" x-content-type-options nosniff date Wed, 06 Nov 2024 00:44:18 GMT content-type application/javascript last-modified Tue, 05 Nov 2024 13:01:19 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains content-security-policy default-src 'self' cache-control no-store x-envoy-upstream-service-time 0 referrer-policy strict-origin permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=() accept-ranges bytes content-length 1563 x-xss-protection 1;mode=block
GET H2	200	head-portal.min02cd.js Show response delivery.post-track.ch/resources/latest/js/	11 KB 11 KB	117ms 116ms	Script application/javascript	217.148.3.185 MTF-CLOUD
General Check archive.org Show headers Download Go to Full URL https://delivery.post-track.ch/resources/latest/js/head-portal.min02cd.js Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.185 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash 61cbac5c5c25beb1d16b0d15c25133f4ef25efefe265b16b86f8cdab36d51c86 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=0 x-robots-tag noindex, nofollow, nosnippet, noarchive etag "6724d325-2af2" x-envoy-upstream-service-time 1 x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self) accept-ranges bytes content-length 10994 date Wed, 06 Nov 2024 00:44:18 GMT content-type application/javascript last-modified Fri, 01 Nov 2024 13:09:57 GMT x-frame-options SAMEORIGIN
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.10.2/	91 KB 33 KB	149ms 25ms	Script text/javascript	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip age 550415 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Thu, 30 Oct 2025 15:50:43 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 15:50:43 GMT last-modified Tue, 03 Mar 2020 19:15:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 32954 x-xss-protection 0 server sffe
GET H2	200	print.css delivery.post-track.ch/resources/css/	42 B 597 B	498ms 486ms	Stylesheet text/css	217.148.3.185 MTF-CLOUD
General Check archive.org Show headers Download Go to Full URL https://delivery.post-track.ch/resources/css/print.css Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.185 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash 7e49969bb719d4ccb44bff9148db810c5eb0de56a36054b928f4ce442ca8a7c7 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=0 x-robots-tag noindex, nofollow, nosnippet, noarchive etag "6724d325-2a" x-envoy-upstream-service-time 0 x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self) accept-ranges bytes content-length 42 date Wed, 06 Nov 2024 00:44:18 GMT content-type text/css last-modified Fri, 01 Nov 2024 13:09:57 GMT x-frame-options SAMEORIGIN
GET H2	200	main.min02cd.css delivery.post-track.ch/resources/latest/css/	1 MB 1 MB	44ms 40ms	Stylesheet text/css	217.148.3.185 MTF-CLOUD
General Check archive.org Show headers Download Go to Full URL https://delivery.post-track.ch/resources/latest/css/main.min02cd.css Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.185 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash 19806a5a0c876a81f50ba19eae03d8d182420f39798d16766acee0a314ab4f7b Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=0 x-robots-tag noindex, nofollow, nosnippet, noarchive etag "6724d391-13dcc5" x-envoy-upstream-service-time 0 x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self) accept-ranges bytes content-length 1301701 date Wed, 06 Nov 2024 00:44:18 GMT content-type text/css last-modified Fri, 01 Nov 2024 13:11:45 GMT x-frame-options SAMEORIGIN
GET H/1.1	200 OK	post-logo-svg.svg www.post.ch/-/media/framework/logos/	2 KB 3 KB	275ms 33ms	Image image/svg+xml	2a00:17c8:0:103::20a CH-POSTNETZ Post ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.post.ch/-/media/framework/logos/post-logo-svg.svg?la=de&vs=2 Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:17c8:0:103::20a , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH), Reverse DNS Software Delivery2 / Resource Hash 99caecb8475a08fc86c812cf804ddc904f6e6d3fd1591848a09f2413952f2a97 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers X-RP-UNIQUE_ID Zyq74g52EFvv1Z4dL9QB3QAAEgU ETag f95c06fed5a449529a04f5561773bd56 Age 398735 X-Content-Type-Options nosniff traceparent 00-e3e6203c3b94cfa96eb396921bbaaf43-7154b67c203f0d27-01 Server-Timing dtSInfo;desc="0", dtRpid;desc="-282581772" X-UA-Compatible IE=Edge Keep-Alive timeout=5 Date Fri, 01 Nov 2024 09:58:42 GMT Content-Type image/svg+xml Last-Modified Wed, 06 Mar 2019 13:13:10 GMT Content-Disposition inline; filename="post-logo-svg.svg" Strict-Transport-Security max-age=31536000 Link <https://www.post.ch/-/media/framework/logos/post-logo-svg.svg?sc_lang=en&hash=D1B066F344088F9E7CA21D5634DD6867>; rel="canonical" Cache-Control public, max-age=2592000 Connection Keep-Alive Referrer-Policy no-referrer-when-downgrade Accept-Ranges bytes Content-Length 2100 X-Xss-Protection 1; mode=block Server Delivery2
GET H2	200	filled_yellow.jpg delivery.post-track.ch/resources/img/	71 B 628 B	97ms 93ms	Image image/jpeg	217.148.3.185 MTF-CLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://delivery.post-track.ch/resources/img/filled_yellow.jpg Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.185 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash fabce7ba364c56479069ac0f4aee0fff4a105b1190b21773f25dff680b1385e8 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=0 x-robots-tag noindex, nofollow, nosnippet, noarchive etag "6724d3cf-47" x-envoy-upstream-service-time 0 x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self) accept-ranges bytes content-length 71 date Wed, 06 Nov 2024 00:44:18 GMT content-type image/jpeg last-modified Fri, 01 Nov 2024 13:12:47 GMT x-frame-options SAMEORIGIN
GET H2	200	icon0a3e.png delivery.post-track.ch/resources/	555 B 1 KB	545ms 491ms	Image image/png	217.148.3.185 MTF-CLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://delivery.post-track.ch/resources/icon0a3e.png?iconId=21&useDefault=true Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.185 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash c892e321d2b04067584a6627359be5b0c10bb78ddb137414594761896d479541 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=0 x-robots-tag noindex, nofollow, nosnippet, noarchive etag "6724d325-22b" x-envoy-upstream-service-time 1 x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self) accept-ranges bytes content-length 555 date Wed, 06 Nov 2024 00:44:18 GMT content-type image/png last-modified Fri, 01 Nov 2024 13:09:57 GMT x-frame-options SAMEORIGIN
GET H2	200	icon_arrow.jpg delivery.post-track.ch/resources/img/timeline/	170 B 728 B	538ms 485ms	Image image/jpeg	217.148.3.185 MTF-CLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://delivery.post-track.ch/resources/img/timeline/icon_arrow.jpg Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.185 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash 26b2da0c6e6e997b02a30d3aed9c3091c0333219c845d83dd5420cff89d34202 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=0 x-robots-tag noindex, nofollow, nosnippet, noarchive etag "6724d390-aa" x-envoy-upstream-service-time 0 x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self) accept-ranges bytes content-length 170 date Wed, 06 Nov 2024 00:44:18 GMT content-type image/jpeg last-modified Fri, 01 Nov 2024 13:11:44 GMT x-frame-options SAMEORIGIN
GET H2	200	icon94eb.png delivery.post-track.ch/resources/	536 B 1 KB	504ms 487ms	Image image/png	217.148.3.185 MTF-CLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://delivery.post-track.ch/resources/icon94eb.png?iconId=22&useDefault=true Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.185 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash 9fc689a1bcffa72e6bafa1893eefc195b32a26a55e381071a2531f886bd8109c Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=0 x-robots-tag noindex, nofollow, nosnippet, noarchive etag "6724d3cf-218" x-envoy-upstream-service-time 0 x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self) accept-ranges bytes content-length 536 date Wed, 06 Nov 2024 00:44:18 GMT content-type image/png last-modified Fri, 01 Nov 2024 13:12:47 GMT x-frame-options SAMEORIGIN
GET H2	200	iconb52e.png delivery.post-track.ch/resources/	589 B 1 KB	502ms 490ms	Image image/png	217.148.3.185 MTF-CLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://delivery.post-track.ch/resources/iconb52e.png?iconId=23&useDefault=true Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.185 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash 9eeb3028b3db631598b99bc816360d8bce42741a31468c7309223ba0a9b6b181 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=0 x-robots-tag noindex, nofollow, nosnippet, noarchive etag "6724d2ea-24d" x-envoy-upstream-service-time 0 x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self) accept-ranges bytes content-length 589 date Wed, 06 Nov 2024 00:44:18 GMT content-type image/png last-modified Fri, 01 Nov 2024 13:08:58 GMT x-frame-options SAMEORIGIN
GET H2	200	main.min02cd.js Show response delivery.post-track.ch/resources/latest/js/	716 KB 718 KB	465ms 432ms	Script application/javascript	217.148.3.185 MTF-CLOUD
General Check archive.org Show headers Download Go to Full URL https://delivery.post-track.ch/resources/latest/js/main.min02cd.js Requested by Host: delivery.post-track.ch URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.148.3.185 Kleinandelfingen, Switzerland, ASN20988 (MTF-CLOUD, CH), Reverse DNS Software / Resource Hash 0b0c74d102d5024cd12b7b411f40c3fc3f96ed28d0689db5816c04857a7a36fb Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=0 x-robots-tag noindex, nofollow, nosnippet, noarchive etag "6724d2ea-b3062" x-envoy-upstream-service-time 0 x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self) accept-ranges bytes content-length 733282 date Wed, 06 Nov 2024 00:44:18 GMT content-type application/javascript last-modified Fri, 01 Nov 2024 13:08:58 GMT x-frame-options SAMEORIGIN
GET		/ phishingdashboard.advact.ch/awareness/de/sbb/posttracking/4/9tniaj93swz505kybycp/ Redirect Chain https://reporting.web-asbas.ch/log/?type=pageview&uuid=3e2311ec-794c-4496-acb9-fa4074986e74 https://phishingdashboard.advact.ch/awareness/de/sbb/posttracking/4/9tniaj93swz505kybycp/?p=3e2311ec-794c-4496-acb9-fa4074986e74	0 0
GET		2a004a53-ac5c-43b3-9eeb-9f74ae4c1609.woff www.post.ch/assets/fonts/	0 0
GET		Posticon-Regular.woff www.post.ch/assets/portal/latest/fonts/	0 0
GET		3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff www.post.ch/assets/fonts/	0 0
GET		9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff www.post.ch/assets/fonts/	0 0
GET		74d53f3b-1683-4d5a-a556-e13f6553cdf0.ttf www.post.ch/assets/fonts/	0 0
GET		Posticon-Regular.ttf www.post.ch/assets/portal/latest/fonts/	0 0
GET		076311f8-a01b-4389-a5eb-334a62e62d45.ttf www.post.ch/assets/fonts/	0 0
GET		6faffbf4-f8e8-4817-b24b-a390e166be7e.ttf www.post.ch/assets/fonts/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

phishingdashboard.advact.ch

URL

https://phishingdashboard.advact.ch/awareness/de/sbb/posttracking/4/9tniaj93swz505kybycp/?p=3e2311ec-794c-4496-acb9-fa4074986e74

Domain

www.post.ch

URL

https://www.post.ch/assets/fonts/2a004a53-ac5c-43b3-9eeb-9f74ae4c1609.woff

Domain

www.post.ch

URL

https://www.post.ch/assets/portal/latest/fonts/Posticon-Regular.woff?v=aaq2gb6i5t1v4vkgjqhhwnmfa07cqmop

Domain

www.post.ch

URL

https://www.post.ch/assets/fonts/3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff

Domain

www.post.ch

URL

https://www.post.ch/assets/fonts/9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff

Domain

www.post.ch

URL

https://www.post.ch/assets/fonts/74d53f3b-1683-4d5a-a556-e13f6553cdf0.ttf

Domain

www.post.ch

URL

https://www.post.ch/assets/portal/latest/fonts/Posticon-Regular.ttf?v=aaq2gb6i5t1v4vkgjqhhwnmfa07cqmop

Domain

www.post.ch

URL

https://www.post.ch/assets/fonts/076311f8-a01b-4389-a5eb-334a62e62d45.ttf

Domain

www.post.ch

URL

https://www.post.ch/assets/fonts/6faffbf4-f8e8-4817-b24b-a390e166be7e.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swiss Post (Transportation)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| asbas string| to_remove function| formsubmit function| webinfection function| formsubmitWithCallbackNotWorkingYet function| logSentCallback function| awarenessRedirect object| Unic object| html5 object| Modernizr function| yepnope function| jQuery function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| jqueryUnic function| underscoreUnic object| vertx function| purl function| Spinner function| EventEmitter object| eventie function| imagesLoaded boolean| mCustomScrollbar object| jQuery110207635692953972351 function| iFrameResize function| SockJS function| klpWidget

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			delivery.post-track.ch/	1969-12-31 23:59:59	Name: mailuuid Value: 3e2311ec-794c-4496-acb9-fa4074986e74

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
javascript	error	URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74(Line 111) Message: Access to XMLHttpRequest at 'https://phishingdashboard.advact.ch/awareness/de/sbb/posttracking/4/9tniaj93swz505kybycp/?p=3e2311ec-794c-4496-acb9-fa4074986e74' (redirected from 'https://reporting.web-asbas.ch/log/?type=pageview&uuid=3e2311ec-794c-4496-acb9-fa4074986e74') from origin 'https://delivery.post-track.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://phishingdashboard.advact.ch/awareness/de/sbb/posttracking/4/9tniaj93swz505kybycp/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Message: Access to font at 'https://www.post.ch/assets/fonts/2a004a53-ac5c-43b3-9eeb-9f74ae4c1609.woff' from origin 'https://delivery.post-track.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.post.ch/assets/fonts/2a004a53-ac5c-43b3-9eeb-9f74ae4c1609.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Message: Access to font at 'https://www.post.ch/assets/portal/latest/fonts/Posticon-Regular.woff?v=aaq2gb6i5t1v4vkgjqhhwnmfa07cqmop' from origin 'https://delivery.post-track.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.post.ch/assets/portal/latest/fonts/Posticon-Regular.woff?v=aaq2gb6i5t1v4vkgjqhhwnmfa07cqmop Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Message: Access to font at 'https://www.post.ch/assets/fonts/3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff' from origin 'https://delivery.post-track.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.post.ch/assets/fonts/3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Message: Access to font at 'https://www.post.ch/assets/fonts/9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff' from origin 'https://delivery.post-track.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.post.ch/assets/fonts/9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Message: Access to font at 'https://www.post.ch/assets/fonts/74d53f3b-1683-4d5a-a556-e13f6553cdf0.ttf' from origin 'https://delivery.post-track.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.post.ch/assets/fonts/74d53f3b-1683-4d5a-a556-e13f6553cdf0.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Message: Access to font at 'https://www.post.ch/assets/portal/latest/fonts/Posticon-Regular.ttf?v=aaq2gb6i5t1v4vkgjqhhwnmfa07cqmop' from origin 'https://delivery.post-track.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.post.ch/assets/portal/latest/fonts/Posticon-Regular.ttf?v=aaq2gb6i5t1v4vkgjqhhwnmfa07cqmop Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Message: Access to font at 'https://www.post.ch/assets/fonts/076311f8-a01b-4389-a5eb-334a62e62d45.ttf' from origin 'https://delivery.post-track.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.post.ch/assets/fonts/076311f8-a01b-4389-a5eb-334a62e62d45.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Message: Access to font at 'https://www.post.ch/assets/fonts/6faffbf4-f8e8-4817-b24b-a390e166be7e.ttf' from origin 'https://delivery.post-track.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.post.ch/assets/fonts/6faffbf4-f8e8-4817-b24b-a390e166be7e.ttf Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
delivery.post-track.ch
phishingdashboard.advact.ch
reporting.asbas.ch
reporting.web-asbas.ch
www.post.ch
phishingdashboard.advact.ch
www.post.ch
217.148.3.184
217.148.3.185
2a00:1450:4001:831::200a
2a00:17c8:0:103::20a
0b0c74d102d5024cd12b7b411f40c3fc3f96ed28d0689db5816c04857a7a36fb
19806a5a0c876a81f50ba19eae03d8d182420f39798d16766acee0a314ab4f7b
26b2da0c6e6e997b02a30d3aed9c3091c0333219c845d83dd5420cff89d34202
61cbac5c5c25beb1d16b0d15c25133f4ef25efefe265b16b86f8cdab36d51c86
7e49969bb719d4ccb44bff9148db810c5eb0de56a36054b928f4ce442ca8a7c7
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
99caecb8475a08fc86c812cf804ddc904f6e6d3fd1591848a09f2413952f2a97
9eeb3028b3db631598b99bc816360d8bce42741a31468c7309223ba0a9b6b181
9f4148b3eb74ea45fe039370ebf008778728c5b31909bd3f786ad37d4e12ed53
9fc689a1bcffa72e6bafa1893eefc195b32a26a55e381071a2531f886bd8109c
bc784011a203cfa8d4d455d8ed496cd8447bd69d2e70e6f54ddac4f37be09a05
bf2911b44c7fa0b1734ab6f03b8cb46245cef7df3cdf8deb0c9a1ad8c6294b7b
c892e321d2b04067584a6627359be5b0c10bb78ddb137414594761896d479541
dce7adcf5f52a094246b1dc61e03cd5269daa66326f6eb7851bf6aa038e9aaba
fabce7ba364c56479069ac0f4aee0fff4a105b1190b21773f25dff680b1385e8
fbd489168ae612c6b66a27e30b546e56734462b028ad526efd7c6cf860483c7b
ffc54eedba5d8e2e3192c7d2bbf7845f09dd17da54f4043a4ef20981fd8d9adf