ch-sendungsverfolgung-die-post.com Open in urlscan Pro
20.198.3.28 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ch-sendungsverfolgung-die-post.com/
Submission: On December 19 via api (December 19th 2022, 11:03:15 am UTC) from JP — Scanned from JP

Summary HTTP 25 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 25 HTTP transactions. The main IP is 20.198.3.28, located in Pune, India and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ch-sendungsverfolgung-die-post.com.

This is the only time ch-sendungsverfolgung-die-post.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Swiss Post (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
19	20.198.3.28 20.198.3.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	198.50.182.78 198.50.182.78	16276 (OVH) (OVH)
1	2404:6800:400... 2404:6800:4004:820::200a	15169 (GOOGLE) (GOOGLE)
3	194.41.184.89 194.41.184.89	12511 (CH-POSTNE...) (CH-POSTNETZ Post CH AG)
25	4

19 20.198.3.28 (Pune, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ch-sendungsverfolgung-die-post.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.50.182.78 (Canada)

ASN16276 (OVH, FR)

click123.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.41.184.89 (Switzerland)

ASN12511 (CH-POSTNETZ Post CH AG, CH)

fonts.post.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	ch-sendungsverfolgung-die-post.com ch-sendungsverfolgung-die-post.com	352 KB
3	post.ch fonts.post.ch — Cisco Umbrella Rank: 508003	92 KB
2	click123.ca click123.ca	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	917 B
25	4

	Domain	Requested by
19	ch-sendungsverfolgung-die-post.com	ch-sendungsverfolgung-die-post.com
3	fonts.post.ch	ch-sendungsverfolgung-die-post.com
2	click123.ca	ch-sendungsverfolgung-die-post.com
1	fonts.googleapis.com	ch-sendungsverfolgung-die-post.com
25	4

This site contains links to these domains. Also see Links.

Domain
click123.ca

Subject Issuer	Validity	Valid
click123.ca cPanel, Inc. Certification Authority	`2022-10-09` - `2023-01-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
fonts.post.ch SwissSign RSA TLS OV ICA 2021 - 1	`2022-05-12` - `2023-05-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://ch-sendungsverfolgung-die-post.com/
Frame ID: 0DA0AF24D2F564E34034870C714AE1E4
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DIE Post - CH

Page Statistics

25
Requests

24 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

447 kB
Transfer

2540 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://click123.ca/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ch-sendungsverfolgung-die-post.com/ 293 KB
48 KB 385ms
140ms Document
text/html 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: c8651857915af8a59ad8912f965b1964f5c2f7842f4e0f6f9053e55dd37bae3f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 48467
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Dec 2022 11:03:08 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK staticasset.css
ch-sendungsverfolgung-die-post.com/header/css/ 11 KB
2 KB 245ms
122ms Stylesheet
text/css 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/staticasset.css
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: aa3e42cd825bf41478a7ddbf8db133fdaa717b60c03de17b8b00b277c84f0820

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:24:23 GMT
Server: nginx
ETag: W/"639c0f17-2ad7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK staticasset2.css
ch-sendungsverfolgung-die-post.com/header/css/ 24 KB
4 KB 248ms
123ms Stylesheet
text/css 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/staticasset2.css
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a25dfc3218cf7e0d8ef931a8484e7c3ee5d849568e60c59659977b25eb71092

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:24:24 GMT
Server: nginx
ETag: W/"639c0f18-5f0b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK staticasset3.css
ch-sendungsverfolgung-die-post.com/header/css/ 355 KB
36 KB 257ms
132ms Stylesheet
text/css 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/staticasset3.css
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e75bddbbe19539b3c7f745fb74948378df59ae6f12c85c72928f73e110ab4bde

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:24:33 GMT
Server: nginx
ETag: W/"639c0f21-58aea"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK staticasset4.css
ch-sendungsverfolgung-die-post.com/header/css/ 281 KB
29 KB 260ms
134ms Stylesheet
text/css 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/staticasset4.css
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d4350370980440d6ac166ea9c802fa09560f172e9a097d38451c083beffbaeb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:24:32 GMT
Server: nginx
ETag: W/"639c0f20-46530"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK avgk.css
ch-sendungsverfolgung-die-post.com/header/css/ 21 KB
4 KB 261ms
134ms Stylesheet
text/css 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/avgk.css
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 9078f5be6100c40ba61e6c1d3f11a15383d11faf5675410e940d83501bc7d769

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:23:49 GMT
Server: nginx
ETag: W/"639c0ef5-541b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.css
ch-sendungsverfolgung-die-post.com/header/css/ 31 KB
4 KB 356ms
125ms Stylesheet
text/css 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/main.css
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 34de64f77ce8d8eb483e1aa9bfc3100b9638bd8100ae2e03d1ddbe382a8000c0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:24:04 GMT
Server: nginx
ETag: W/"639c0f04-7c69"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main2.css
ch-sendungsverfolgung-die-post.com/header/css/ 824 KB
66 KB 369ms
127ms Stylesheet
text/css 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/main2.css
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a7c3978014e02992f34bb76246d4b2b6594c2154f7b9c0357f62d0b256cd454

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:24:16 GMT
Server: nginx
ETag: W/"639c0f10-ce1ba"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK CoveoFullSearch.css
ch-sendungsverfolgung-die-post.com/header/css/ 495 KB
54 KB 384ms
139ms Stylesheet
text/css 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/CoveoFullSearch.css
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: c6e2e510fb8ca2cf90e44ed06b7cb2655c4459cefa6278803254f6449642f542

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:23:58 GMT
Server: nginx
ETag: W/"639c0efe-7bdf8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK CoveoForSitecore.css
ch-sendungsverfolgung-die-post.com/header/css/ 3 KB
1 KB 389ms
130ms Stylesheet
text/css 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/CoveoForSitecore.css
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 127f46d8e3c5e2ef9eea5a261168b1ac975bf01de34202d90a1c7fa87fb2cd41

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:23:52 GMT
Server: nginx
ETag: W/"639c0ef8-d50"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK scripts.js Show response
ch-sendungsverfolgung-die-post.com/header/css/ 4 KB
2 KB 478ms
124ms Script
application/javascript 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/scripts.js
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 16b0fcf0bd2c044a6574bd1a872767fef935296cef78fa1f098ef5b75005a74b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:24:23 GMT
Server: nginx
ETag: W/"639c0f17-10d6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 snow.js Show response
click123.ca/dist/js/ 2 KB
1 KB 923ms
250ms Script
application/javascript 198.50.182.78
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://click123.ca/dist/js/snow.js

Requested by

Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.50.182.78 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bad5184636f0735c683a8fbcf0beebe5213fddf75770001c5653ff4dd270d6e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:02:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 14:26:47 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 843
expires: Mon, 26 Dec 2022 11:02:58 GMT

GET
H/1.1 200
OK Logo.svg
ch-sendungsverfolgung-die-post.com/header/css/ 3 KB
2 KB 123ms
123ms Image
image/svg+xml 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/Logo.svg
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: b1d8e73aeaca62e519b792ade3c0400821a86647bb75095a1367ae0301af807d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:24:03 GMT
Server: nginx
ETag: W/"639c0f03-dde"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK barcode.png
ch-sendungsverfolgung-die-post.com/header/css/ 9 KB
9 KB 123ms
123ms Image
image/png 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/barcode.png
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: b000a4932233e8f87294c07aaf6173088e549c588e4d968cd9889a28efe821f1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:09 GMT
Last-Modified: Fri, 16 Dec 2022 06:23:51 GMT
Server: nginx
ETag: "639c0ef7-2427"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9255
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found GetPreviewImage
ch-sendungsverfolgung-die-post.com/Paketetiketten%20Inland_files/ 1 KB
1 KB 124ms
124ms Image
text/html 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ch-sendungsverfolgung-die-post.com/Paketetiketten%20Inland_files/GetPreviewImage
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 133dde60f6f9e3cf581138ab67656ee61c65160f547359f71dd43465ad946f3d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:10:01 GMT
Server: nginx
ETag: W/"5c5-5efebd1e01c9b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H/1.1 404
Not Found GetPreviewImage
ch-sendungsverfolgung-die-post.com/vgkklp2/avgk/Standardprozess/ 1 KB
1 KB 127ms
127ms Image
text/html 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ch-sendungsverfolgung-die-post.com/vgkklp2/avgk/Standardprozess/GetPreviewImage
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 133dde60f6f9e3cf581138ab67656ee61c65160f547359f71dd43465ad946f3d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:10:01 GMT
Server: nginx
ETag: W/"5c5-5efebd1e01c9b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 2 KB
917 B 86ms
41ms Stylesheet
text/css 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/header/css/CoveoFullSearch.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 11:03:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 09:29:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 11:03:09 GMT

GET
H2 200 snow.gif
click123.ca/dist/img/ 256 B
376 B 251ms
251ms Image
image/gif 198.50.182.78
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://click123.ca/dist/img/snow.gif

Requested by

Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.50.182.78 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

LiteSpeed /

Resource Hash

99c08f9c4463033c6216aac7c5548fe53a81f47d9d68574aac2c4000e28e3d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ch-sendungsverfolgung-die-post.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:02:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Dec 2014 03:28:55 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 256
expires: Mon, 26 Dec 2022 11:02:59 GMT

GET
H/1.1 200
OK 9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff
ch-sendungsverfolgung-die-post.com/header/css/ 37 KB
37 KB 125ms
125ms Font
font/woff 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/header/css/staticasset4.css
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: dceea27395ed1b2ab536cc460a7b398429d88232a11cea81458db125457a2b1c

Request headers

Referer: http://ch-sendungsverfolgung-die-post.com/header/css/staticasset4.css
Origin: http://ch-sendungsverfolgung-die-post.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:10 GMT
Last-Modified: Fri, 16 Dec 2022 06:23:47 GMT
Server: nginx
ETag: "639c0ef3-94b4"
Content-Type: font/woff
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38068
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK FrutigerNeueforPostW05-Rg.woff2
fonts.post.ch/frutigerneueforpost/v2/ 30 KB
31 KB 994ms
193ms Font
font/woff2 194.41.184.89
CH-POSTNETZ Post ...

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.post.ch/frutigerneueforpost/v2/FrutigerNeueforPostW05-Rg.woff2

Requested by

Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/header/css/main2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.41.184.89 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),

Reverse DNS

Software

Apache /

Resource Hash

c0dff120512a8b623a3dbc0b98fcc028d8380961dbb89c0f9ad391b47a2a13b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ch-sendungsverfolgung-die-post.com/
Origin: http://ch-sendungsverfolgung-die-post.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:10 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
X-RP-UNIQUE_ID: Y6BE7tn25rGvn9IojFUZhQAAAIs
Connection: Keep-Alive
Content-Length: 30652
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 19 Dec 2022 07:39:39 GMT
Server: Apache
ETag: "77bc-5f0296bf384c0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK FrutigerNeueforPostW05-Lt.woff2
fonts.post.ch/frutigerneueforpost/v2/ 31 KB
31 KB 992ms
191ms Font
font/woff2 194.41.184.89
CH-POSTNETZ Post ...

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.post.ch/frutigerneueforpost/v2/FrutigerNeueforPostW05-Lt.woff2

Requested by

Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/header/css/main2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.41.184.89 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),

Reverse DNS

Software

Apache /

Resource Hash

f241569fa67822be0a1d7fcf2406745c9c196d62fd5cdb9826f2e071ca3bb8ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ch-sendungsverfolgung-die-post.com/
Origin: http://ch-sendungsverfolgung-die-post.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:10 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
X-RP-UNIQUE_ID: Y6BE7tn25rGvn9IojFUZhAAAAJc
Connection: Keep-Alive
Content-Length: 31252
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 19 Dec 2022 07:39:39 GMT
Server: Apache
ETag: "7a14-5f0296bf384c0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK FrutigerNeueforPostW05-Bold.woff2
fonts.post.ch/frutigerneueforpost/v2/ 30 KB
31 KB 991ms
190ms Font
font/woff2 194.41.184.89
CH-POSTNETZ Post ...

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.post.ch/frutigerneueforpost/v2/FrutigerNeueforPostW05-Bold.woff2

Requested by

Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/header/css/main2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.41.184.89 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),

Reverse DNS

Software

Apache /

Resource Hash

6dbba61ebcd011f90651705072296582ef12065838be406c1033a7b198b1ea1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ch-sendungsverfolgung-die-post.com/
Origin: http://ch-sendungsverfolgung-die-post.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:10 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
X-RP-UNIQUE_ID: Y6BE7liiRw3yPTXlL9ub-AAAAAM
Connection: Keep-Alive
Content-Length: 30688
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 19 Dec 2022 07:39:39 GMT
Server: Apache
ETag: "77e0-5f0296bf384c0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK 2a004a53-ac5c-43b3-9eeb-9f74ae4c1609.woff
ch-sendungsverfolgung-die-post.com/header/css/ 50 KB
51 KB 123ms
123ms Font
font/woff 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/2a004a53-ac5c-43b3-9eeb-9f74ae4c1609.woff
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/header/css/staticasset4.css
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: fa4f0aed1d0ec5764d186315819d7d80651bf620bc6378a9745701ad501a4984

Request headers

Referer: http://ch-sendungsverfolgung-die-post.com/header/css/staticasset4.css
Origin: http://ch-sendungsverfolgung-die-post.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:10 GMT
Last-Modified: Fri, 16 Dec 2022 06:23:47 GMT
Server: nginx
ETag: "639c0ef3-c900"
Content-Type: font/woff
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51456
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found 3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff
ch-sendungsverfolgung-die-post.com/header/css/ 0
0 124ms
123ms Font
text/html 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/header/css/staticasset4.css
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ch-sendungsverfolgung-die-post.com/header/css/staticasset4.css
Origin: http://ch-sendungsverfolgung-die-post.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:10:01 GMT
Server: nginx
ETag: W/"5c5-5efebd1e01c9b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H/1.1 404
Not Found 076311f8-a01b-4389-a5eb-334a62e62d45.ttf
ch-sendungsverfolgung-die-post.com/header/css/ 0
0 124ms
123ms Font
text/html 20.198.3.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ch-sendungsverfolgung-die-post.com/header/css/076311f8-a01b-4389-a5eb-334a62e62d45.ttf
Requested by: Host: ch-sendungsverfolgung-die-post.com
URL: http://ch-sendungsverfolgung-die-post.com/header/css/staticasset4.css
Protocol: HTTP/1.1
Server: 20.198.3.28 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ch-sendungsverfolgung-die-post.com/header/css/staticasset4.css
Origin: http://ch-sendungsverfolgung-die-post.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 11:03:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 06:10:01 GMT
Server: nginx
ETag: W/"5c5-5efebd1e01c9b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swiss Post (Transportation)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://ch-sendungsverfolgung-die-post.com/Paketetiketten%20Inland_files/GetPreviewImage Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://ch-sendungsverfolgung-die-post.com/vgkklp2/avgk/Standardprozess/GetPreviewImage Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://ch-sendungsverfolgung-die-post.com/header/css/3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://ch-sendungsverfolgung-die-post.com/header/css/076311f8-a01b-4389-a5eb-334a62e62d45.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ch-sendungsverfolgung-die-post.com
click123.ca
fonts.googleapis.com
fonts.post.ch
194.41.184.89
198.50.182.78
20.198.3.28
2404:6800:4004:820::200a
127f46d8e3c5e2ef9eea5a261168b1ac975bf01de34202d90a1c7fa87fb2cd41
133dde60f6f9e3cf581138ab67656ee61c65160f547359f71dd43465ad946f3d
16b0fcf0bd2c044a6574bd1a872767fef935296cef78fa1f098ef5b75005a74b
34de64f77ce8d8eb483e1aa9bfc3100b9638bd8100ae2e03d1ddbe382a8000c0
5a7c3978014e02992f34bb76246d4b2b6594c2154f7b9c0357f62d0b256cd454
6dbba61ebcd011f90651705072296582ef12065838be406c1033a7b198b1ea1b
7a25dfc3218cf7e0d8ef931a8484e7c3ee5d849568e60c59659977b25eb71092
8d4350370980440d6ac166ea9c802fa09560f172e9a097d38451c083beffbaeb
9078f5be6100c40ba61e6c1d3f11a15383d11faf5675410e940d83501bc7d769
99c08f9c4463033c6216aac7c5548fe53a81f47d9d68574aac2c4000e28e3d99
aa3e42cd825bf41478a7ddbf8db133fdaa717b60c03de17b8b00b277c84f0820
b000a4932233e8f87294c07aaf6173088e549c588e4d968cd9889a28efe821f1
b1d8e73aeaca62e519b792ade3c0400821a86647bb75095a1367ae0301af807d
bad5184636f0735c683a8fbcf0beebe5213fddf75770001c5653ff4dd270d6e3
c0dff120512a8b623a3dbc0b98fcc028d8380961dbb89c0f9ad391b47a2a13b7
c6e2e510fb8ca2cf90e44ed06b7cb2655c4459cefa6278803254f6449642f542
c8651857915af8a59ad8912f965b1964f5c2f7842f4e0f6f9053e55dd37bae3f
dceea27395ed1b2ab536cc460a7b398429d88232a11cea81458db125457a2b1c
e75bddbbe19539b3c7f745fb74948378df59ae6f12c85c72928f73e110ab4bde
f241569fa67822be0a1d7fcf2406745c9c196d62fd5cdb9826f2e071ca3bb8ff
fa4f0aed1d0ec5764d186315819d7d80651bf620bc6378a9745701ad501a4984
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d

ch-sendungsverfolgung-die-post.com Open in urlscan Pro 20.198.3.28 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

25 Requests

24 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

4 Countries

447 kBTransfer

2540 kBSize

0 Cookies

1 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

28 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

ch-sendungsverfolgung-die-post.com Open in urlscan Pro
20.198.3.28 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

24 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

447 kB
Transfer

2540 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!