urlscan.io logo urlscan.io
SecurityTrails logo

dewinemechanicalinc.com Open in urlscan Pro
151.101.66.159  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://shwt-zcmp.maillist-manage.eu/click.zc?m=1&mrd=11aeac95f260965b&od=3z70d57AB12ABCDEFGHIJKLMNOPQ060c48&linkDgs=11aeac95f240ea08...
Effective URL: https://dewinemechanicalinc.com/d.p.d-ch/
Submission: On October 05 via api from CH — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 4 countries across 4 domains to perform 18 HTTP transactions. The main IP is 151.101.66.159, located in United States and belongs to FASTLY, US. The main domain is dewinemechanicalinc.com.
TLS certificate: Issued by R3 on August 31st 2022. Valid for: 3 months.
This is the only time dewinemechanicalinc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DPD (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 1 185.230.212.128 205111 (ZOHO-EU)
1 1 45.84.188.71 42846 (GUZELHOST...)
2 19 151.101.66.159 54113 (FASTLY)
1 194.41.184.182 12511 (CH-POSTNE...)
18 2
Apex Domain
Subdomains		 Transfer
19 dewinemechanicalinc.com
dewinemechanicalinc.com
399 KB
1 post.ch
account.post.ch
1 KB
1 polismevzuat.com
www.polismevzuat.com
296 B
1 maillist-manage.eu
shwt-zcmp.maillist-manage.eu
996 B
18 4
Domain Requested by
19 dewinemechanicalinc.com 2 redirects dewinemechanicalinc.com
1 account.post.ch dewinemechanicalinc.com
1 www.polismevzuat.com 1 redirects
1 shwt-zcmp.maillist-manage.eu 1 redirects
18 4

This site contains no links.

Subject Issuer Validity Valid
dewinemechanicalinc.com
R3		 2022-08-31 -
2022-11-29		 3 months crt.sh
account.post.ch
SwissSign RSA TLS OV ICA 2021 - 1		 2022-04-26 -
2023-04-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://dewinemechanicalinc.com/d.p.d-ch/
Frame ID: 1315B1B7F35EC87C14522080534E0CF7
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zahlung bestätigen - Schweizerische DPD

Page URL History Show full URLs

  1. https://shwt-zcmp.maillist-manage.eu/click.zc?m=1&mrd=11aeac95f260965b&od=3z70d57AB12ABCDEFGHIJKLMNOPQ060c48&link... HTTP 302
    https://www.polismevzuat.com/ HTTP 302
    https://dewinemechanicalinc.com/d.p.d-ch HTTP 301
    http://dewinemechanicalinc.com/d.p.d-ch/ HTTP 301
    https://dewinemechanicalinc.com/d.p.d-ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

4
Countries

399 kB
Transfer

1078 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://shwt-zcmp.maillist-manage.eu/click.zc?m=1&mrd=11aeac95f260965b&od=3z70d57AB12ABCDEFGHIJKLMNOPQ060c48&linkDgs=11aeac95f240ea08&repDgs=11aeac95f261239d HTTP 302
    https://www.polismevzuat.com/ HTTP 302
    https://dewinemechanicalinc.com/d.p.d-ch HTTP 301
    http://dewinemechanicalinc.com/d.p.d-ch/ HTTP 301
    https://dewinemechanicalinc.com/d.p.d-ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dewinemechanicalinc.com/d.p.d-ch/
Redirect Chain
  • https://shwt-zcmp.maillist-manage.eu/click.zc?m=1&mrd=11aeac95f260965b&od=3z70d57AB12ABCDEFGHIJKLMNOPQ060c48&linkDgs=11aeac95f240ea08&repDgs=11aeac95f261239d
  • https://www.polismevzuat.com/
  • https://dewinemechanicalinc.com/d.p.d-ch
  • http://dewinemechanicalinc.com/d.p.d-ch/
  • https://dewinemechanicalinc.com/d.p.d-ch/
18 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
5cb1c58f96e993b8c4c1cd39e74b4874b04989edc6e942d7c683910020835fce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
4289
content-type
text/html; charset=UTF-8
date
Wed, 05 Oct 2022 18:08:20 GMT
fastly-restarts
1
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Flywheel/5.1.0
vary
Accept-Encoding
x-cache
HIT
x-cache-hits
1
x-cacheable
NO:Not Cacheable
x-content-type-options
nosniff
x-fw-dynamic
TRUE
x-fw-hash
y7gvlgxb1j
x-fw-serve
TRUE
x-fw-server
Flywheel/5.1.0
x-fw-static
NO
x-fw-type
VISIT
x-fw-version
5.0.0
x-served-by
cache-ams21038-AMS
x-timer
S1664993301.686250,VS0,VE1
x-xss-protection
1

Redirect headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Wed, 05 Oct 2022 18:08:20 GMT
Location
https://dewinemechanicalinc.com/d.p.d-ch/
Referrer-Policy
no-referrer-when-downgrade
Server
Flywheel/5.1.0
Vary
Authorization
X-Cache
HIT
X-Cache-Hits
1
X-Content-Type-Options
nosniff
X-FW-Hash
y7gvlgxb1j
X-FW-Serve
TRUE
X-FW-Server
Flywheel/5.1.0
X-FW-Static
NO
X-FW-Type
VISIT
X-FW-Version
5.0.0
X-Served-By
cache-ams21052-AMS
X-Timer
S1664993301.669941,VS0,VE2
X-XSS-Protection
1
post.css
dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/ 		752 KB
148 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/post.css
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
86e6333345575e50c4deb7c8a00ecb622a87984ed60d2021c24813f93a82f575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dewinemechanicalinc.com/d.p.d-ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
150817
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:46 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.723905,VS0,VE3
etag
W/"633d71b2-bbea0"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
logrend.css
dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/logrend.css
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
dce6086758e5c3ad6d2e66f50c9bbd6ab47a9b76b91f2e4054cd70a940240649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dewinemechanicalinc.com/d.p.d-ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
4222
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:46 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.724450,VS0,VE3
etag
W/"633d71b2-4641"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
font-awesome.min.css
dewinemechanicalinc.com/d.p.d-ch/fonts/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/fonts/font-awesome.min.css
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dewinemechanicalinc.com/d.p.d-ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
7781
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:45 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.724417,VS0,VE3
etag
W/"633d71b1-7918"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
cleave.min.js
dewinemechanicalinc.com/d.p.d-ch/etc/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/etc/cleave.min.js
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
c774620028f108842050fdfb5a94b095250190ee0b9788fcf9b80e64006786fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dewinemechanicalinc.com/d.p.d-ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
8001
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:45 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.724401,VS0,VE1
etag
W/"633d71b1-80ad"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
application/javascript
vary
Accept-Encoding, Authorization
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
DPDG_logo_redgrad_rgb_responsive.svg
dewinemechanicalinc.com/d.p.d-ch/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/img/DPDG_logo_redgrad_rgb_responsive.svg
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
c1ff2532853664ecbc145f4dbc95fae8291a3ec722dbb0586b5a248790d9a52f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dewinemechanicalinc.com/d.p.d-ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
2273
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:45 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.742937,VS0,VE2
etag
W/"633d71b1-11ad"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
image/svg+xml
vary
Accept-Encoding, Authorization
access-control-allow-origin
*
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
sesam-buttons.css
dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/sesam-buttons.css
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
a4461ff41155bb709242d2a9df5d1fe2c285337436bc62931e51aaa67ff6b83a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dewinemechanicalinc.com/d.p.d-ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
998
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:46 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.742488,VS0,VE2
etag
W/"633d71b2-b9c"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
login-statics-cache-filter.css
dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/ 		60 B
429 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/login-statics-cache-filter.css
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
61310e10b0cedcfbb60654fcb113828e3609052112fa443a01bd55b1c072b70a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dewinemechanicalinc.com/d.p.d-ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
78
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:46 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.743011,VS0,VE2
etag
W/"633d71b2-3c"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
18138_2_1527064174.jpg
dewinemechanicalinc.com/d.p.d-ch/img/ 		12 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/img/18138_2_1527064174.jpg
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
a123b651c9caea90bfa0b9dd5c1df7ce16ed998ff8ee14801147f0113cc68a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dewinemechanicalinc.com/d.p.d-ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
11344
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:45 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.743434,VS0,VE2
etag
W/"633d71b1-3115"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
image/jpeg
vary
Accept-Encoding, Authorization
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
1.png
dewinemechanicalinc.com/d.p.d-ch/img/ 		597 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/img/1.png
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
255ac343be8acf31ca3debe1a89ecfeb7bf7949ca9bfcce726ec20db90d4ff71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dewinemechanicalinc.com/d.p.d-ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
625
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:45 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.743415,VS0,VE2
etag
W/"633d71b1-255"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
image/png
vary
Accept-Encoding, Authorization
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
2.png
dewinemechanicalinc.com/d.p.d-ch/img/ 		572 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/img/2.png
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
441985bca86f350bd89721c5219dbcee393f2d9b206930ba3997919a1f4d2e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dewinemechanicalinc.com/d.p.d-ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
577
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:45 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.743395,VS0,VE1
etag
W/"633d71b1-23c"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
image/png
vary
Accept-Encoding, Authorization
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
3.png
dewinemechanicalinc.com/d.p.d-ch/img/ 		564 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/img/3.png
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
1dd20181a733ac6bad0e65d39105cd1fe1bdd5cb9f68341a82d7a206310a1290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dewinemechanicalinc.com/d.p.d-ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
589
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:45 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.743377,VS0,VE1
etag
W/"633d71b1-234"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
image/png
vary
Accept-Encoding, Authorization
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
4.png
dewinemechanicalinc.com/d.p.d-ch/img/ 		657 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/img/4.png
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
b07b4ba931d2ff580554dec6bcdad83977282139a2c2278df7b37eeb811c9ade
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dewinemechanicalinc.com/d.p.d-ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
665
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:45 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.743357,VS0,VE1
etag
W/"633d71b1-291"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
image/png
vary
Accept-Encoding, Authorization
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
arrow.svg
account.post.ch/login/resources/nevislogrend/applications/def/webdata/img/ 		187 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.post.ch/login/resources/nevislogrend/applications/def/webdata/img/arrow.svg
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/logrend.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.41.184.182 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
bf3d35d5cb9529e6a751dd854a9916e390be29855f04209c316a9ae8b2ceadb9
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'nonce-j3/QsIxUHZqM0e9dB5+ybA==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.google-analytics.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.google-analytics.com *.googletagmanager.com *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/KLP/p/enforced
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/logrend.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
object-src 'none'; script-src 'nonce-j3/QsIxUHZqM0e9dB5+ybA==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.google-analytics.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.google-analytics.com *.googletagmanager.com *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/KLP/p/enforced
date
Wed, 05 Oct 2022 18:08:21 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
server
Apache
content-type
image/svg+xml
cache-control
must-revalidate
x-xss-protection
1; mode=block
expires
Wed, 05 Oct 2022 18:07:21 GMT
frutiger55roman.woff
dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/frutiger55roman.woff
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/post.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
291cb4d4ba35092b9b8bd849c7156784c4d15c7b6857da97fa41ae0b80e972b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/post.css
Origin
https://dewinemechanicalinc.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
45300
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:45 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.799896,VS0,VE3
etag
"633d71b1-b0f4"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
application/font-woff
vary
Authorization
access-control-allow-origin
*
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
frutiger65bold.woff
dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/frutiger65bold.woff
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/post.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
dceea27395ed1b2ab536cc460a7b398429d88232a11cea81458db125457a2b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/post.css
Origin
https://dewinemechanicalinc.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
38068
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:45 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.799923,VS0,VE7
etag
"633d71b1-94b4"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
application/font-woff
vary
Authorization
access-control-allow-origin
*
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
frutiger45light.woff
dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/frutiger45light.woff
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/post.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
fa4f0aed1d0ec5764d186315819d7d80651bf620bc6378a9745701ad501a4984
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://dewinemechanicalinc.com/d.p.d-ch/login/resources/nevislogrend/applications/def/webdata/css/post.css
Origin
https://dewinemechanicalinc.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
51456
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:45 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.799989,VS0,VE2
etag
"633d71b1-c900"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
application/font-woff
vary
Authorization
access-control-allow-origin
*
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
fontawesome-webfont.woff2
dewinemechanicalinc.com/d.p.d-ch/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dewinemechanicalinc.com/d.p.d-ch/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: dewinemechanicalinc.com
URL: https://dewinemechanicalinc.com/d.p.d-ch/fonts/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://dewinemechanicalinc.com/d.p.d-ch/fonts/font-awesome.min.css
Origin
https://dewinemechanicalinc.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 05 Oct 2022 18:08:20 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21038-AMS
x-fw-type
VISIT
content-length
77160
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 11:59:45 GMT
server
Flywheel/5.1.0
x-timer
S1664993301.799981,VS0,VE2
etag
"633d71b1-12d68"
x-fw-hash
y7gvlgxb1j
x-fw-version
5.0.0
content-type
application/octet-stream
access-control-allow-origin
*
x-fw-serve
TRUE
cache-control
public, max-age=31536000
vary
Authorization
accept-ranges
bytes
x-cache-hits
1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DPD (Transportation)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| Cleave function| isInputNumber string| guiName object| MESSAGES string| layoutType string| preventMaximize function| getGlobalHostError function| getGlobalHostMsg object| POPUP_TEXT

4 Cookies

Domain/Path Name / Value
shwt-zcmp.maillist-manage.eu/ Name: 1e5a17c8ab
Value: 6aee27535d1d2cea5f181d63cb361d80
shwt-zcmp.maillist-manage.eu/ Name: ZCAMPAIGN_CSRF_TOKEN
Value: 7f297d4e-03a9-46f2-84d2-549980752d6e
shwt-zcmp.maillist-manage.eu/ Name: _zcsr_tmp
Value: 7f297d4e-03a9-46f2-84d2-549980752d6e
shwt-zcmp.maillist-manage.eu/ Name: JSESSIONID
Value: CFF21761CFCED7FEE6AA987681F1527C

1 Console Messages

Source Level URL
Text
network error URL: https://dewinemechanicalinc.com/d.p.d-ch/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1