URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Submission: On April 14 via manual from DE — Scanned from DE

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 18 HTTP transactions. The main IP is 103.28.39.29, located in Viet Nam and belongs to NHANHOA-AS-VN NhanHoa Software company, VN. The main domain is zoldz.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 9th 2023. Valid for: 3 months.
This is the only time zoldz.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Postbank (Banking)

Domain & IP information

IP Address AS Autonomous System
12 103.28.39.29 131353 (NHANHOA-A...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
18 5
Apex Domain
Subdomains
Transfer
12 zoldz.net
zoldz.net
541 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 206
413 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 358
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 707
30 KB
18 5
Domain Requested by
12 zoldz.net zoldz.net
2 cdnjs.cloudflare.com zoldz.net
2 cdn.jsdelivr.net zoldz.net
1 fonts.googleapis.com zoldz.net
1 code.jquery.com zoldz.net
18 5

This site contains no links.

Subject Issuer Validity Valid
zoldz.net
cPanel, Inc. Certification Authority
2023-03-09 -
2023-06-07
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh

This page contains 1 frames:

Primary Page: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Frame ID: 3B096EF38DDECC7B750E55EE9AF0CDBB
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

18
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

1033 kB
Transfer

2364 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
5 KB
5 KB
Document
General
Full URL
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.28.39.29 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
share-linux11u.nhanhoa.com
Software
Apache /
Resource Hash
e687d7d44eca6a008f5a225be2372e72526d143de8f0173fb40629e598285637

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
4620
Content-Type
text/html
Date
Fri, 14 Apr 2023 12:38:03 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 13 Apr 2023 13:57:41 GMT
Server
Apache
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/
152 KB
25 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 12:38:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4421066
x-jsd-version
5.0.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230097-FRA, cache-yyz4521-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVdXbBNt1pupO8Q%2FOQlmQX%2BbcDAie0MGhUi4l%2FaJy3ghYR8qTTutQF0tcl6OsJI86JUed%2BXYqBVLOaC3r1V3Pb8LV%2F8GWCjQYcsYw5Ufp5QEDPNE3tu8LV24%2BM3OnOTxZuA%2BbvRnRbb9yzOI7Jk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7b7c00f37a202bda-FRA
helpers.css
zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//css/
41 KB
41 KB
Stylesheet
General
Full URL
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//css/helpers.css
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.28.39.29 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
share-linux11u.nhanhoa.com
Software
Apache /
Resource Hash
1c7070cf33da6adcb7a6b9ff7eb6e06fd8f64958622d61569b990e8b92c58615

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 12:38:04 GMT
Last-Modified
Thu, 13 Apr 2023 13:57:41 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
41899
style.css
zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//css/
12 KB
13 KB
Stylesheet
General
Full URL
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//css/style.css
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.28.39.29 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
share-linux11u.nhanhoa.com
Software
Apache /
Resource Hash
0ffe4d48f6868e1f0b61527b5b689048a27c52acc5c12c02eb0781a9c94f84fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 12:38:04 GMT
Last-Modified
Thu, 13 Apr 2023 13:57:41 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12611
logo2.svg
zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/
7 KB
7 KB
Image
General
Full URL
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/logo2.svg
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.28.39.29 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
share-linux11u.nhanhoa.com
Software
Apache /
Resource Hash
d4664dd3d67bd3bbe6653fe5273756db06a66ed9f6b2e3d317a28c5bd04ecb90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 12:38:04 GMT
Last-Modified
Thu, 13 Apr 2023 13:57:41 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
7082
logimg1.png
zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/
88 KB
88 KB
Image
General
Full URL
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/logimg1.png
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.28.39.29 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
share-linux11u.nhanhoa.com
Software
Apache /
Resource Hash
f4933276582f42e29e00e79314014818b1088e095d4808a7c8b9a8192affbaab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 12:38:04 GMT
Last-Modified
Thu, 13 Apr 2023 13:57:41 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
90272
logimg12.png
zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/
89 KB
89 KB
Image
General
Full URL
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/logimg12.png
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.28.39.29 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
share-linux11u.nhanhoa.com
Software
Apache /
Resource Hash
cf786324eff6916dcbc74e04b69b236597b9d4a9f5ed5d67f780aba86c412b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 12:38:04 GMT
Last-Modified
Thu, 13 Apr 2023 13:57:41 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
91163
logimg2.png
zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/
17 KB
17 KB
Image
General
Full URL
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/logimg2.png
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.28.39.29 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
share-linux11u.nhanhoa.com
Software
Apache /
Resource Hash
5754444150a7f513b30b378986ba69c92783de495c91bc6e6f42e8f6a3524bb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 12:38:04 GMT
Last-Modified
Thu, 13 Apr 2023 13:57:41 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
17096
logimg22.png
zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/
17 KB
17 KB
Image
General
Full URL
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/logimg22.png
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.28.39.29 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
share-linux11u.nhanhoa.com
Software
Apache /
Resource Hash
b1f13a360a96dcdb7806680c5e729211107a693c1f2f0263248370b39be2f25f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 12:38:04 GMT
Last-Modified
Thu, 13 Apr 2023 13:57:41 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
17392
logimg3.png
zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/
10 KB
10 KB
Image
General
Full URL
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/logimg3.png
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.28.39.29 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
share-linux11u.nhanhoa.com
Software
Apache /
Resource Hash
a5f985846156353d78b0e5559eaebed7ef5a8e1bd763703d8f2a4908e59083c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 12:38:04 GMT
Last-Modified
Thu, 13 Apr 2023 13:57:41 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
9816
logimg32.png
zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/
10 KB
10 KB
Image
General
Full URL
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/logimg32.png
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.28.39.29 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
share-linux11u.nhanhoa.com
Software
Apache /
Resource Hash
f9c68be40131697e91d850db025a2ae0463efe9fc767e03e37c499b113d06523

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 12:38:04 GMT
Last-Modified
Thu, 13 Apr 2023 13:57:41 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
9776
jquery-3.6.1.min.js
code.jquery.com/
88 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 12:38:04 GMT
content-encoding
gzip
last-modified
Fri, 26 Aug 2022 17:36:05 GMT
server
nginx
etag
W/"63090485-15e40"
vary
Accept-Encoding
x-hw
1681475884.dop147.am5.t,1681475884.cds243.am5.hn,1681475884.cds012.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30957
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/
77 KB
23 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 12:38:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4421066
x-jsd-version
5.0.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230080-FRA, cache-yyz4577-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ti7ZgJbIZDJ9LK6myuHNSiJPTRGZBnTaB4vQ4QWTpSRi6Lncq3vqN8o47xWpkdtAp7pt0tN0G%2FyKyA6hAwpjeQe7C5gNOWeWIjzl3EaxKxwNNa1eD6ztELIdkui3lCGeXeGcdifY4CHmlx4ofg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7b7c00f38a352bda-FRA
all.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/
1 MB
410 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 12:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4182605
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
418541
last-modified
Tue, 30 Aug 2022 20:09:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"630e6e62-662ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTdSeIRmtVj9wBNycjLATHezi6pel86JDX1SzZ%2FKoLRUXWaRhw%2Fok9klibRaeIWZVESw9iALJwdTUqSHV2lV74crqdorEyNVrUtmRtp5du4wIrEZ401ggLiqRxdfM61aDF%2FfbSgNynFHGkEDZeE%2BZclI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b7c00f39b003832-FRA
expires
Wed, 03 Apr 2024 12:38:04 GMT
jquery.mask.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/
8 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 12:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3870502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3074
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-2087"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBZ4JgO7PWaqTOF8%2B95QtviYv7qeQRNCvX3Kb3uIOBVG6o4SLZwvAYbQc6uJwezW9TdHkL8dSo6GIWXgzUb8kbNjFN%2B0XgVomgPsJyDPdiE4aFNrJ6CLAcXWYYxoqHl5gR%2BcYLc5fANSNAxLKyTQQw9d"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b7c00f3ab023832-FRA
expires
Wed, 03 Apr 2024 12:38:04 GMT
js.js
zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//js/
453 B
707 B
Script
General
Full URL
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//js/js.js
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.28.39.29 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
share-linux11u.nhanhoa.com
Software
Apache /
Resource Hash
c430f66f08a3053fe6e78e13c43f1c368d9b0a979abcd1a2fe6f2a2bd3a6808b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 12:38:04 GMT
Last-Modified
Thu, 13 Apr 2023 13:57:41 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
453
css2
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44ae834599a225b4443bec7f289d3bab97a8eab981697086d476c7dd6a858e6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Apr 2023 12:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 11:22:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Apr 2023 12:38:04 GMT
bg.jpg
zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/
243 KB
243 KB
Image
General
Full URL
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//imgs/bg.jpg
Requested by
Host: zoldz.net
URL: https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.28.39.29 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
share-linux11u.nhanhoa.com
Software
Apache /
Resource Hash
8c477933a91763dd80d66840a72f9b25bee4250bc4adb2ec15932d5f6a473ecf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zoldz.net/.tmp/post-Online-checking/post-Online-checking/501ba/media//css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Fri, 14 Apr 2023 12:38:04 GMT
Last-Modified
Thu, 13 Apr 2023 13:57:41 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
248757

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Postbank (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery number| uidEvent object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| $jscomp boolean| loaded

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
zoldz.net
103.28.39.29
2001:4de0:ac18::1:a:1b
2606:4700::6810:5814
2606:4700::6811:190e
2a00:1450:4001:812::200a
0ffe4d48f6868e1f0b61527b5b689048a27c52acc5c12c02eb0781a9c94f84fc
1c7070cf33da6adcb7a6b9ff7eb6e06fd8f64958622d61569b990e8b92c58615
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
44ae834599a225b4443bec7f289d3bab97a8eab981697086d476c7dd6a858e6d
5754444150a7f513b30b378986ba69c92783de495c91bc6e6f42e8f6a3524bb1
6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
8c477933a91763dd80d66840a72f9b25bee4250bc4adb2ec15932d5f6a473ecf
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a5f985846156353d78b0e5559eaebed7ef5a8e1bd763703d8f2a4908e59083c5
b1f13a360a96dcdb7806680c5e729211107a693c1f2f0263248370b39be2f25f
c430f66f08a3053fe6e78e13c43f1c368d9b0a979abcd1a2fe6f2a2bd3a6808b
cf786324eff6916dcbc74e04b69b236597b9d4a9f5ed5d67f780aba86c412b09
d4664dd3d67bd3bbe6653fe5273756db06a66ed9f6b2e3d317a28c5bd04ecb90
e687d7d44eca6a008f5a225be2372e72526d143de8f0173fb40629e598285637
f4933276582f42e29e00e79314014818b1088e095d4808a7c8b9a8192affbaab
f9c68be40131697e91d850db025a2ae0463efe9fc767e03e37c499b113d06523