telenet.cool Open in urlscan Pro
217.160.0.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://papucvitrini.com/admin/controller/extension/extension/be25
Effective URL:
https://telenet.cool/nl/get.php?loggedin=true&client=5fc5d3bebc67e&sessionid=
Submission: On December 01 via api (December 1st 2020, 5:25:34 am UTC) from BE

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 8 HTTP transactions. The main IP is 217.160.0.221, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is telenet.cool.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on November 26th 2020. Valid for: a year.

This is the only time telenet.cool was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	92.53.126.71 92.53.126.71	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1 3	217.160.0.221 217.160.0.221	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	145.239.131.60 145.239.131.60	16276 (OVH) (OVH)
3	2a02:8400:21:... 2a02:8400:21:1::3	15557 (LDCOMNET) (LDCOMNET)
1	198.102.30.101 198.102.30.101	54839 (EMPIRE) (EMPIRE)
1	80.158.67.40 80.158.67.40	34086 (SCZN-AS) (SCZN-AS)
8	5

1 92.53.126.71 (Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)
PTR: bitrix128.timeweb.ru

papucvitrini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.160.0.221 (Germany) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: 217-160-0-221.elastic-ssl.ui-r.com

telenet.cool	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.131.60 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:8400:21:1::3 (France)

ASN15557 (LDCOMNET, FR)

static.s-sfr.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.102.30.101 (South Bend, United States)

ASN54839 (EMPIRE, US)
PTR: reverse.empire-technology.com

villman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.158.67.40 (Germany)

ASN34086 (SCZN-AS, DE)

www.telekom.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	s-sfr.fr static.s-sfr.fr	48 KB
3	telenet.cool 1 redirects telenet.cool	478 KB
1	telekom.de www.telekom.de	63 KB
1	villman.com villman.com	102 KB
1	ibb.co i.ibb.co	6 KB
1	papucvitrini.com 1 redirects papucvitrini.com	204 B
8	6

	Domain	Requested by
3	static.s-sfr.fr	telenet.cool
3	telenet.cool	1 redirects telenet.cool
1	www.telekom.de
1	villman.com
1	i.ibb.co	telenet.cool
1	papucvitrini.com	1 redirects
8	6

This site contains links to these domains. Also see Links.

Domain
mobi.haldest.com
redirect-4.com

Subject Issuer	Validity	Valid
telenet.cool GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-26` - `2021-11-25`	a year	crt.sh
ibb.co Let's Encrypt Authority X3	`2020-10-02` - `2020-12-31`	3 months	crt.sh
*.s-sfr.fr Certigna Wild CA	`2020-05-11` - `2022-05-11`	2 years	crt.sh
villman.com Let's Encrypt Authority X3	`2020-10-08` - `2021-01-06`	3 months	crt.sh
www.telekom.de TeleSec ServerPass Class 2 CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://telenet.cool/nl/get.php?loggedin=true&client=5fc5d3bebc67e&sessionid=
Frame ID: 9915BF837F816CEA1419DDA43A4AC582
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://papucvitrini.com/admin/controller/extension/extension/be25 HTTP 302
https://telenet.cool/ HTTP 302
https://telenet.cool/nl/get.php?loggedin=true&client=5fc5d3bebc67e&sessionid= Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

8
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

697 kB
Transfer

709 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://mobi.haldest.com/ofc/06d568c7-6ecf142a-3aa72ff3-28ce-6a7c/51529ad6-4572cd55-8c2d4d93-1a8d-1774?Subid={YOUR_PUBID_HERE}&sub_pubid={YOUR_SUB_PUBID_HERE}&externalid={YOUR_CLICKID_HERE}
Title: Profiteer van het aanbod

Search URL Search Domain Scan URL

URL: https://redirect-4.com/o/36952/42745
Title: Profiteer van het aanbod

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://papucvitrini.com/admin/controller/extension/extension/be25 HTTP 302
https://telenet.cool/ HTTP 302
https://telenet.cool/nl/get.php?loggedin=true&client=5fc5d3bebc67e&sessionid= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request get.php Show response telenet.cool/nl/ Redirect Chain http://papucvitrini.com/admin/controller/extension/extension/be25 https://telenet.cool/ https://telenet.cool/nl/get.php?loggedin=true&client=5fc5d3bebc67e&sessionid=	20 KB 3 KB	73ms 73ms	Document text/html	217.160.0.221 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://telenet.cool/nl/get.php?loggedin=true&client=5fc5d3bebc67e&sessionid= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 217.160.0.221 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS 217-160-0-221.elastic-ssl.ui-r.com Software Apache / PHP/7.0.33 Resource Hash `8a0e46911a90618296f815d7f40b0044146754baec77d9aaf102ba5e317d8bac` Request headers :method GET :authority telenet.cool :scheme https :path /nl/get.php?loggedin=true&client=5fc5d3bebc67e&sessionid= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-type text/html; charset=UTF-8 date Tue, 01 Dec 2020 05:25:18 GMT server Apache x-powered-by PHP/7.0.33 content-encoding gzip Redirect headers content-type text/html; charset=UTF-8 date Tue, 01 Dec 2020 05:25:18 GMT server Apache x-powered-by PHP/7.0.33 location /nl/get.php?loggedin=true&client=5fc5d3bebc67e&sessionid=
GET H2	200	style.css telenet.cool/nl/Offres%20Mobile%20_%20SFR_files/	474 KB 474 KB	55ms 55ms	Stylesheet text/css	217.160.0.221 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://telenet.cool/nl/Offres%20Mobile%20_%20SFR_files/style.css Requested by Host: telenet.cool URL: https://telenet.cool/nl/get.php?loggedin=true&client=5fc5d3bebc67e&sessionid= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 217.160.0.221 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS 217-160-0-221.elastic-ssl.ui-r.com Software Apache / Resource Hash `74e34347b92b1a65e5bf73dae7c3bffa31a9599640a5f034964457b2dd4d8cb3` Request headers Referer https://telenet.cool/nl/get.php?loggedin=true&client=5fc5d3bebc67e&sessionid= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Dec 2020 05:25:18 GMT last-modified Fri, 27 Nov 2020 07:08:32 GMT server Apache accept-ranges bytes etag "766e9-5b511540cb563" content-length 485097 content-type text/css
GET H2	200	1.png i.ibb.co/TmhwVRr/	6 KB 6 KB	32ms 32ms	Image image/png	145.239.131.60 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/TmhwVRr/1.png Requested by Host: telenet.cool URL: https://telenet.cool/nl/get.php?loggedin=true&client=5fc5d3bebc67e&sessionid= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 145.239.131.60 , France, ASN16276 (OVH, FR), Reverse DNS i.ibb.co Software openresty / Resource Hash `4e014aec691d789390a09712931a82b637343af053f7cc213e2a1678920b92ee` Request headers Referer https://telenet.cool/nl/get.php?loggedin=true&client=5fc5d3bebc67e&sessionid= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Dec 2020 05:25:18 GMT last-modified Thu, 12 Nov 2020 18:40:52 GMT server openresty access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 5935 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	SFR-Regular.woff2 static.s-sfr.fr/media/v2/assets/fonts/	16 KB 17 KB	74ms 22ms	Font application/octet-stream	2a02:8400:21:1::3 LDCOMNET
General Check archive.org Show headers Download Go to Full URL https://static.s-sfr.fr/media/v2/assets/fonts/SFR-Regular.woff2 Requested by Host: telenet.cool URL: https://telenet.cool/nl/Offres%20Mobile%20_%20SFR_files/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:8400:21:1::3 , France, ASN15557 (LDCOMNET, FR), Reverse DNS Software nginx/1.10.3 / Resource Hash `95c24722f8fceb5874155b7a19736df3e6e6fb72b29ce807795055447123184a` Request headers Origin https://telenet.cool Referer https://telenet.cool/nl/Offres%20Mobile%20_%20SFR_files/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Dec 2020 05:25:19 GMT via 1.0 static.s-sfr.fr, 1.1 mit1-ncdn-middle-http00, 1.1 cbv4-ncdn-edge-http00 sfrvia sa15859adm\|1580\|vs_SFR-FR-GP-http last-modified Mon, 30 Nov 2020 22:35:41 GMT server nginx/1.10.3 age 24577 access-control-allow-methods GET, OPTIONS, HEAD, PUT, POST content-type application/octet-stream;charset=UTF-8 access-control-allow-origin * cache-control max-age=28800, public x-varnish 350411051 351420264, 589071053 521161547 accept-ranges bytes content-length 16500 expires Wed, 02 Dec 2020 22:35:41 GMT
GET H2	200	SFR-Bold.woff2 static.s-sfr.fr/media/v2/assets/fonts/	16 KB 16 KB	101ms 49ms	Font application/octet-stream	2a02:8400:21:1::3 LDCOMNET
General Check archive.org Show headers Download Go to Full URL https://static.s-sfr.fr/media/v2/assets/fonts/SFR-Bold.woff2 Requested by Host: telenet.cool URL: https://telenet.cool/nl/Offres%20Mobile%20_%20SFR_files/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:8400:21:1::3 , France, ASN15557 (LDCOMNET, FR), Reverse DNS Software nginx/1.10.3 / Resource Hash `6b9294600ad20a4b218b76729b938a3d6d01dc7e970a578b0e61115aac42833d` Request headers Origin https://telenet.cool Referer https://telenet.cool/nl/Offres%20Mobile%20_%20SFR_files/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Dec 2020 05:25:19 GMT via 1.0 static.s-sfr.fr, 1.1 bdx1-ncdn-middle-http00, 1.1 cbv4-ncdn-edge-http00 sfrvia sa15860adm\|1580\|vs_SFR-FR-GP-http last-modified Tue, 01 Dec 2020 02:24:19 GMT server nginx/1.10.3 age 10858 access-control-allow-methods GET, OPTIONS, HEAD, PUT, POST content-type application/octet-stream;charset=UTF-8 access-control-allow-origin * cache-control max-age=28800, public x-varnish 251966841 263076399, 585807069 543398931 accept-ranges bytes content-length 16196 expires Thu, 03 Dec 2020 02:24:19 GMT
GET H2	200	SFR-Black.woff2 static.s-sfr.fr/media/v2/assets/fonts/	15 KB 16 KB	93ms 43ms	Font application/octet-stream	2a02:8400:21:1::3 LDCOMNET
General Check archive.org Show headers Download Go to Full URL https://static.s-sfr.fr/media/v2/assets/fonts/SFR-Black.woff2 Requested by Host: telenet.cool URL: https://telenet.cool/nl/Offres%20Mobile%20_%20SFR_files/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:8400:21:1::3 , France, ASN15557 (LDCOMNET, FR), Reverse DNS Software nginx/1.10.3 / Resource Hash `209a4e0ebe7ae12a7e1bfd4564bdb0775fbb4ad0ea19255fa7c6a118debd7366` Request headers Origin https://telenet.cool Referer https://telenet.cool/nl/Offres%20Mobile%20_%20SFR_files/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Dec 2020 05:25:19 GMT via 1.0 static.s-sfr.fr, 1.1 trs1-ncdn-middle-http00, 1.1 cbv4-ncdn-edge-http00 sfrvia sa15860adm\|1580\|vs_SFR-FR-GP-http last-modified Tue, 01 Dec 2020 03:01:05 GMT server nginx/1.10.3 age 8652 access-control-allow-methods GET, OPTIONS, HEAD, PUT, POST content-type application/octet-stream;charset=UTF-8 access-control-allow-origin * cache-control max-age=28800, public x-varnish 47954006 49005264, 588743770 563413052 accept-ranges bytes content-length 15492 expires Thu, 03 Dec 2020 03:01:05 GMT
GET H2	200	iphonepro_max256.gif villman.com/product_photos/	101 KB 102 KB	432ms 141ms	Image image/gif	198.102.30.101 EMPIRE
General Check archive.org Show headers Download Go to Show image Full URL https://villman.com/product_photos/iphonepro_max256.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.102.30.101 South Bend, United States, ASN54839 (EMPIRE, US), Reverse DNS reverse.empire-technology.com Software Apache/2 / Resource Hash `d69b98c5d1bdb9e2879a679c2dcabbae7c9c205fb4e2cf22c21aa90294e7028d` Request headers Referer https://telenet.cool/nl/get.php?loggedin=true&client=5fc5d3bebc67e&sessionid= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Dec 2020 05:25:19 GMT last-modified Mon, 08 Jun 2020 14:34:09 GMT server Apache/2 accept-ranges bytes etag "19535-5a79380fac651" content-length 103733 content-type image/gif
GET H2	200	samsung-galaxy-s20-plus-5g-cosmic-gray-vorne-und-hinten.png www.telekom.de/resources/images/534290/	62 KB 63 KB	114ms 36ms	Image image/png	80.158.67.40 SCZN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.telekom.de/resources/images/534290/samsung-galaxy-s20-plus-5g-cosmic-gray-vorne-und-hinten.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 80.158.67.40 , Germany, ASN34086 (SCZN-AS, DE), Reverse DNS Software Apache / Resource Hash `09edcbad8eacc2ecab87446927461a621a5e2021cec505d481ff5c4a51a5d70a` Request headers Referer https://telenet.cool/nl/get.php?loggedin=true&client=5fc5d3bebc67e&sessionid= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 25 Nov 2020 11:30:30 GMT xkey 534290 age 496488 etag "f04f40c52ecb402c64875d59dc57dd38" x-cache HIT content-language de cache-control max-age=604800 x-varnish 849122911 929137341 accept-ranges bytes content-type image/png;charset=UTF-8 content-length 63380 server Apache

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i.ibb.co
papucvitrini.com
static.s-sfr.fr
telenet.cool
villman.com
www.telekom.de
145.239.131.60
198.102.30.101
217.160.0.221
2a02:8400:21:1::3
80.158.67.40
92.53.126.71
09edcbad8eacc2ecab87446927461a621a5e2021cec505d481ff5c4a51a5d70a
209a4e0ebe7ae12a7e1bfd4564bdb0775fbb4ad0ea19255fa7c6a118debd7366
4e014aec691d789390a09712931a82b637343af053f7cc213e2a1678920b92ee
6b9294600ad20a4b218b76729b938a3d6d01dc7e970a578b0e61115aac42833d
74e34347b92b1a65e5bf73dae7c3bffa31a9599640a5f034964457b2dd4d8cb3
8a0e46911a90618296f815d7f40b0044146754baec77d9aaf102ba5e317d8bac
95c24722f8fceb5874155b7a19736df3e6e6fb72b29ce807795055447123184a
d69b98c5d1bdb9e2879a679c2dcabbae7c9c205fb4e2cf22c21aa90294e7028d

telenet.cool Open in urlscan Pro 217.160.0.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

17 %IPv6

6 Domains

6 Subdomains

5 IPs

4 Countries

697 kBTransfer

709 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

telenet.cool Open in urlscan Pro
217.160.0.221 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

697 kB
Transfer

709 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions