urlscan.io logo urlscan.io
SecurityTrails logo

hbte-svr-prod.com Open in urlscan Pro
185.4.76.58  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rebrand.ly/exf6do7
Effective URL: http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/umzug.php
Submission: On April 27 via manual from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 7 HTTP transactions. The main IP is 185.4.76.58, located in Trouville-sur-Mer, France and belongs to KWAOO K-NET SARL, FR. The main domain is hbte-svr-prod.com.
This is the only time hbte-svr-prod.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.5.176.237 14618 (AMAZON-AES)
1 1 143.198.147.212 14061 (DIGITALOC...)
1 2 185.4.76.58 24904 (KWAOO K-N...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:f50... 20940 (AKAMAI-ASN1)
1 162.19.58.161 16276 (OVH)
2 2606:4700::68... 13335 (CLOUDFLAR...)
7 6
1    52.5.176.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-176-237.compute-1.amazonaws.com
rebrand.ly
1    143.198.147.212 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
bo-creator-pogu.instawp.xyz
2    185.4.76.58 (Trouville-sur-Mer, France)

ASN24904 (KWAOO K-NET SARL, FR)
PTR: 58-76-4-185.ftth.cust.kwaoo.net
hbte-svr-prod.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a02:26f0:f500:6::216:5bc8 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.fedex.com
1    162.19.58.161 (France)

ASN16276 (OVH, FR)
PTR: ns3096669.ip-162-19-58.eu
i.ibb.co
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
38 KB
2 gstatic.com
www.gstatic.com
6 KB
2 hbte-svr-prod.com
hbte-svr-prod.com
511 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 10780
100 KB
1 fedex.com
www.fedex.com — Cisco Umbrella Rank: 13058
1 instawp.xyz
bo-creator-pogu.instawp.xyz
141 B
1 rebrand.ly
rebrand.ly — Cisco Umbrella Rank: 47945
171 B
7 7
Domain Requested by
2 cdnjs.cloudflare.com hbte-svr-prod.com
2 www.gstatic.com hbte-svr-prod.com
2 hbte-svr-prod.com 1 redirects
1 i.ibb.co hbte-svr-prod.com
1 www.fedex.com hbte-svr-prod.com
1 bo-creator-pogu.instawp.xyz 1 redirects
1 rebrand.ly 1 redirects
7 7

This site contains links to these domains. Also see Links.

Domain
imgbb.com
www.facebook.com
www.youtube.com
www.linkedin.com
www.instagram.com
Subject Issuer Validity Valid
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.fedex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
i.ibb.co
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh

This page contains 1 frames:

Primary Page: http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/umzug.php
Frame ID: 933C703A375902AAE7348B20C05BF58C
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FedEx Express | Expresní dodávky, kurýrní a přepravní služby | RakouskoUmzug - PostAG

Page URL History Show full URLs

  1. https://rebrand.ly/exf6do7 HTTP 301
    https://bo-creator-pogu.instawp.xyz/red/ HTTP 302
    http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/frta.php HTTP 302
    http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/umzug.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

86 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

826 kB
Transfer

1497 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rebrand.ly/exf6do7 HTTP 301
    https://bo-creator-pogu.instawp.xyz/red/ HTTP 302
    http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/frta.php HTTP 302
    http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/umzug.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request umzug.php
hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/
Redirect Chain
  • https://rebrand.ly/exf6do7
  • https://bo-creator-pogu.instawp.xyz/red/
  • http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/frta.php
  • http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/umzug.php
1 MB
511 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/umzug.php
Protocol
HTTP/1.1
Server
185.4.76.58 Trouville-sur-Mer, France, ASN24904 (KWAOO K-NET SARL, FR),
Reverse DNS
58-76-4-185.ftth.cust.kwaoo.net
Software
/
Resource Hash
f76d67f050104dfd91b80a5776bfb35509f3a6ed4e58809f4cedd66757a7cd90

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Apr 2023 07:11:37 GMT
Keep-Alive
timeout=20
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Apr 2023 07:11:37 GMT
Keep-Alive
timeout=20
Location
umzug.php
Transfer-Encoding
chunked
Vary
Accept-Encoding
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css
Requested by
Host: hbte-svr-prod.com
URL: http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/umzug.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hbte-svr-prod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 13:20:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4396
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 00:11:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 13:20:18 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: hbte-svr-prod.com
URL: http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/umzug.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hbte-svr-prod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 07:05:32 GMT
x-content-type-options
nosniff
age
365
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
846
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 26 Apr 2024 07:05:32 GMT
logo.png
www.fedex.com/content/dam/fedex-com/logos/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fedex.com/content/dam/fedex-com/logos/logo.png
Requested by
Host: hbte-svr-prod.com
URL: http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/umzug.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:6::216:5bc8 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hbte-svr-prod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
Screenshot-9.png
i.ibb.co/zb8gmsW/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/zb8gmsW/Screenshot-9.png
Requested by
Host: hbte-svr-prod.com
URL: http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/umzug.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
62cdfe75c9533991f012f7e6e0a268b7be8ab67a5e088f3ac1f3685655f6d191

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hbte-svr-prod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 07:11:37 GMT
last-modified
Sat, 25 Mar 2023 03:53:33 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
101822
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: hbte-svr-prod.com
URL: http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/umzug.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hbte-svr-prod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 07:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
528041
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27198
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1514f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXZjH4%2Brm%2BWIgmKWOFZOAj0C7jk0%2BcTE0VRMvSaipCdC%2Bi6Oy8gx8WWvZz4Iy1aNtNkNBELTuffC56rMXErd8OpzxuAbkTT4JpMmO61sVY3%2Fa3CaN2VT3Cyl%2FUQcnuoYnF29YXJnO2elbkewKxP4ZQla"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7be540a2e89337f1-FRA
expires
Tue, 16 Apr 2024 07:11:37 GMT
imask.min.js
cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/ 		45 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/imask.min.js
Requested by
Host: hbte-svr-prod.com
URL: http://hbte-svr-prod.com/wordpress/wp-admin/network/ccs/css/Fedec/herka/LoginServices/main/umzug.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b76b3502583edddf22df0b9c6ee640053a2cdfeaa113ceff3ea9b61d1f6410d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hbte-svr-prod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 07:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7357622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10899
last-modified
Mon, 04 May 2020 16:11:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9f-b217"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rz4LrQzrERH4zRpDIaqaKpgFPPMi0V3RTjaBsdPejIbqsg%2F8P2dqQ6viO5krirn8DSY9%2F1gPqLZIs5YUHQXaixJmwn1DF8OUoK41jtBS8D08mq%2Fcj16bXxjlZcVEd0MZThtt52m6F25WT%2BjpzCVBx%2BpW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7be540a2e89637f1-FRA
expires
Tue, 16 Apr 2024 07:11:37 GMT
truncated
/ 		534 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92ccff15c08a6f16916e3ee6356f4a19e16451acbba3b364df2c34ba84670698

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hbte-svr-prod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3b9b469d31790096180616fae0155d3af8088924ef1d724bfd085ff3d12f075

Request headers

Referer
http://hbte-svr-prod.com/
Origin
http://hbte-svr-prod.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/ 		108 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
281442cf45996ccfa2562eab455e17d37f070b15fad6faa1f90db74b6fa0ab5d

Request headers

Referer
http://hbte-svr-prod.com/
Origin
http://hbte-svr-prod.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
933bff0361186c08db1d4359090544c77cf38d9e6fde710c61d67bb2dbb6a832

Request headers

Referer
http://hbte-svr-prod.com/
Origin
http://hbte-svr-prod.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1a6432e8aff5d2e64ebbcb411139e62ac9225ac7ea6a4cc904965c8ab83a4ed

Request headers

Referer
http://hbte-svr-prod.com/
Origin
http://hbte-svr-prod.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/octet-stream

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| date number| year number| month number| day function| $ function| jQuery object| __core-js_shared__ object| core function| IMask

0 Cookies