anthoc.org Open in urlscan Pro
162.240.43.203 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ansprak.se/8804684/
Effective URL:
https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654
Submission: On May 30 via automatic, source openphish (May 30th 2023, 2:06:04 pm UTC) — Scanned from SE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 162.240.43.203, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is anthoc.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 19th 2023. Valid for: 3 months.

This is the only time anthoc.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	77.111.240.111 77.111.240.111	51468 (ONECOM) (ONECOM)
3 16	162.240.43.203 162.240.43.203	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
13	2

1 77.111.240.111 (Denmark) 1 redirects

ASN51468 (ONECOM, DK)
PTR: webcluster2.webpod10-cph3.one.com

www.ansprak.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 162.240.43.203 (United States) 3 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-954032.radioeldia.com

anthoc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	anthoc.org 3 redirects anthoc.org	2 MB
1	ansprak.se 1 redirects www.ansprak.se	300 B
13	2

	Domain	Requested by
16	anthoc.org	3 redirects anthoc.org
1	www.ansprak.se	1 redirects
13	2

This site contains no links.

Subject Issuer	Validity	Valid
anthoc.org cPanel, Inc. Certification Authority	`2023-05-19` - `2023-08-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654
Frame ID: 6393A95D19CFA126F320A45454334A10
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DHL Express

Page URL History Show full URLs

http://www.ansprak.se/8804684/ HTTP 302
https://anthoc.org/colis-JD00352039780/ HTTP 302
https://anthoc.org/colis-JD00352039780/dv?65d31ed478e70ed7b61b02c66bf0a780 HTTP 301
https://anthoc.org/colis-JD00352039780/dv/?65d31ed478e70ed7b61b02c66bf0a780 HTTP 302
https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2257 kB
Transfer

2255 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ansprak.se/8804684/ HTTP 302
https://anthoc.org/colis-JD00352039780/ HTTP 302
https://anthoc.org/colis-JD00352039780/dv?65d31ed478e70ed7b61b02c66bf0a780 HTTP 301
https://anthoc.org/colis-JD00352039780/dv/?65d31ed478e70ed7b61b02c66bf0a780 HTTP 302
https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request indx.aspx.php Show response
anthoc.org/colis-JD00352039780/dv/
Redirect Chain

http://www.ansprak.se/8804684/
https://anthoc.org/colis-JD00352039780/
https://anthoc.org/colis-JD00352039780/dv?65d31ed478e70ed7b61b02c66bf0a780
https://anthoc.org/colis-JD00352039780/dv/?65d31ed478e70ed7b61b02c66bf0a780
https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654

16 KB
17 KB

249ms
249ms

Document
text/html

162.240.43.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.43.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-954032.radioeldia.com

Software

Apache /

Resource Hash

5a6e6281da8376cc604f1fad177b3b3e9ee57626e8e3a249966328f1fff6288f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 30 May 2023 14:05:54 GMT
Keep-Alive: timeout=5, max=97
Server: Apache
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 30 May 2023 14:05:54 GMT
Keep-Alive: timeout=5, max=98
Location: ./indx.aspx.php?0ff822128545235e01cab16f1bf2d654
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.css
anthoc.org/colis-JD00352039780/dv/css/ 216 KB
216 KB 241ms
240ms Stylesheet
text/css 162.240.43.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://anthoc.org/colis-JD00352039780/dv/css/bootstrap.min.css

Requested by

Host: anthoc.org
URL: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.43.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-954032.radioeldia.com

Software

Apache /

Resource Hash

d744893fb20082e5da5f9b65833bd0f130e7fca1ac04979fa0c3f904d237ea8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 14:05:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 May 2023 02:17:31 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 220784
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
anthoc.org/colis-JD00352039780/dv/js/ 79 KB
79 KB 641ms
240ms Script
application/javascript 162.240.43.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://anthoc.org/colis-JD00352039780/dv/js/bootstrap.bundle.min.js

Requested by

Host: anthoc.org
URL: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.43.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-954032.radioeldia.com

Software

Apache /

Resource Hash

fa59c8c6e9b0eb5a0f5fccdfde1a456d079718765bdda2b545c7167a21d00000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 14:05:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 May 2023 02:17:31 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 80605
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found config.js
anthoc.org/colis-JD00352039780/dv/js/ 0
0 645ms
240ms Script
text/html 162.240.43.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://anthoc.org/colis-JD00352039780/dv/js/config.js
Requested by: Host: anthoc.org
URL: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.43.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-954032.radioeldia.com
Software: Apache /
Resource Hash

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 14:05:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK main.26ebbd26.js Show response
anthoc.org/colis-JD00352039780/dv/js/ 1 MB
1 MB 242ms
241ms Script
application/javascript 162.240.43.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://anthoc.org/colis-JD00352039780/dv/js/main.26ebbd26.js

Requested by

Host: anthoc.org
URL: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.43.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-954032.radioeldia.com

Software

Apache /

Resource Hash

4abae720580596a7b88e30e4c9a94f437a481bfde09389ec918868b55abd86d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 14:05:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 May 2023 02:17:31 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1154586
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.990eced2.css
anthoc.org/colis-JD00352039780/dv/css/ 11 KB
12 KB 439ms
242ms Stylesheet
text/css 162.240.43.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://anthoc.org/colis-JD00352039780/dv/css/main.990eced2.css

Requested by

Host: anthoc.org
URL: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.43.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-954032.radioeldia.com

Software

Apache /

Resource Hash

f0100c8506a5140fb7ba6566e2722207e47a7540d562b97c776fe2580529e8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 14:05:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 May 2023 02:17:31 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 11744
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo.df3eb5d0978a7a83f632.png
anthoc.org/colis-JD00352039780/dv/media/ 26 KB
27 KB 241ms
241ms Image
image/png 162.240.43.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anthoc.org/colis-JD00352039780/dv/media/logo.df3eb5d0978a7a83f632.png

Requested by

Host: anthoc.org
URL: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.43.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-954032.radioeldia.com

Software

Apache /

Resource Hash

7029f306a6ee534682e5f50f289e61ab5b8514e3f1536db903bf23596b99c735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 14:05:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 May 2023 02:17:31 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 27107
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK card1.7f3aad9b90177796d3ab.jpg
anthoc.org/colis-JD00352039780/dv/media/ 17 KB
17 KB 241ms
240ms Image
image/jpeg 162.240.43.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anthoc.org/colis-JD00352039780/dv/media/card1.7f3aad9b90177796d3ab.jpg

Requested by

Host: anthoc.org
URL: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.43.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-954032.radioeldia.com

Software

Apache /

Resource Hash

4c706c16b7f18e67f7a2b9fd15d8613c8005cd4b74a1f63cc847e07db4e3354c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 14:05:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 May 2023 02:17:31 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 17148
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK card2.23e0940ac34476c5cecd.jpg
anthoc.org/colis-JD00352039780/dv/media/ 23 KB
24 KB 254ms
253ms Image
image/jpeg 162.240.43.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anthoc.org/colis-JD00352039780/dv/media/card2.23e0940ac34476c5cecd.jpg

Requested by

Host: anthoc.org
URL: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.43.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-954032.radioeldia.com

Software

Apache /

Resource Hash

e74050e6368f236a391c0a953ab4252bd0a06086955bcb5558b325907d293dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 14:05:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 May 2023 02:17:31 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 23854
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK card3.d6f68627a371b84a4480.png
anthoc.org/colis-JD00352039780/dv/media/ 48 KB
48 KB 250ms
249ms Image
image/png 162.240.43.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anthoc.org/colis-JD00352039780/dv/media/card3.d6f68627a371b84a4480.png

Requested by

Host: anthoc.org
URL: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.43.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-954032.radioeldia.com

Software

Apache /

Resource Hash

3a6c9c9011e90dcb3750c15002d35d044d695d947592ad5a7a675f1e1a548385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 14:05:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 May 2023 02:17:31 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 48715
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK glo-footer-logo.svg
anthoc.org/colis-JD00352039780/dv/media/ 12 KB
12 KB 685ms
243ms Image
image/svg+xml 162.240.43.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anthoc.org/colis-JD00352039780/dv/media/glo-footer-logo.svg

Requested by

Host: anthoc.org
URL: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.43.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-954032.radioeldia.com

Software

Apache /

Resource Hash

5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 14:05:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 May 2023 02:17:31 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 11968
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 904b70e4997d2154d462c8514522e03846ba539466c01c3b310a824ea4418caa

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK background.cd051765990837aea485.jpg
anthoc.org/colis-JD00352039780/dv/media/ 644 KB
644 KB 632ms
243ms Image
image/jpeg 162.240.43.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anthoc.org/colis-JD00352039780/dv/media/background.cd051765990837aea485.jpg

Requested by

Host: anthoc.org
URL: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.43.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-954032.radioeldia.com

Software

Apache /

Resource Hash

8ebd15900197bea282b13825f7b74fc3c3265fac7999b010479e2a0798c579aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://anthoc.org/colis-JD00352039780/dv/indx.aspx.php?0ff822128545235e01cab16f1bf2d654
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 14:05:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 May 2023 02:17:31 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 658981
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK iconfont-da52a17c1b8deb953bfe.da52a17c1b8deb953bfe.woff
anthoc.org/colis-JD00352039780/dv/media/ 34 KB
34 KB 450ms
242ms Font
font/woff 162.240.43.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://anthoc.org/colis-JD00352039780/dv/media/iconfont-da52a17c1b8deb953bfe.da52a17c1b8deb953bfe.woff

Requested by

Host: anthoc.org
URL: https://anthoc.org/colis-JD00352039780/dv/css/main.990eced2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.43.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-954032.radioeldia.com

Software

Apache /

Resource Hash

8b8888bc016e1313438b7a9a1ca18aa288f6098122265fc03e985ca40e82a27c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://anthoc.org/colis-JD00352039780/dv/css/main.990eced2.css
Origin: https://anthoc.org
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 14:05:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 May 2023 02:17:31 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 34820
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless number| uidEvent object| bootstrap function| Buffer

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			anthoc.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: e0f2c0c1e44ce1b44ac6eba10e449eaa

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://anthoc.org/colis-JD00352039780/dv/js/config.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anthoc.org
www.ansprak.se
162.240.43.203
77.111.240.111
3a6c9c9011e90dcb3750c15002d35d044d695d947592ad5a7a675f1e1a548385
4abae720580596a7b88e30e4c9a94f437a481bfde09389ec918868b55abd86d0
4c706c16b7f18e67f7a2b9fd15d8613c8005cd4b74a1f63cc847e07db4e3354c
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038
5a6e6281da8376cc604f1fad177b3b3e9ee57626e8e3a249966328f1fff6288f
7029f306a6ee534682e5f50f289e61ab5b8514e3f1536db903bf23596b99c735
8b8888bc016e1313438b7a9a1ca18aa288f6098122265fc03e985ca40e82a27c
8ebd15900197bea282b13825f7b74fc3c3265fac7999b010479e2a0798c579aa
904b70e4997d2154d462c8514522e03846ba539466c01c3b310a824ea4418caa
d744893fb20082e5da5f9b65833bd0f130e7fca1ac04979fa0c3f904d237ea8c
e74050e6368f236a391c0a953ab4252bd0a06086955bcb5558b325907d293dfb
f0100c8506a5140fb7ba6566e2722207e47a7540d562b97c776fe2580529e8f3
fa59c8c6e9b0eb5a0f5fccdfde1a456d079718765bdda2b545c7167a21d00000

anthoc.org Open in urlscan Pro 162.240.43.203 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

2257 kBTransfer

2255 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

anthoc.org Open in urlscan Pro
162.240.43.203 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2257 kB
Transfer

2255 kB
Size

1
Cookies

13 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!