Submitted URL: https://fiebfce.r.af.d.sendibt2.com/tr/cl/Lg-ECY9YssfGXuv8HFyPlsYz1IRhOsj_mh95XjimodcAMPfqukfc0JKpS9k6dWGyFUOHWiB9r-c0hJ_G9jQN5NcUEY...
Effective URL: https://84tc.short.gy/txrV8X
Submission: On March 22 via automatic, source phishtank — Scanned from FR

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 10 HTTP transactions. The main IP is 18.184.197.212, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is 84tc.short.gy.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 8th 2023. Valid for: 3 months.
This is the only time 84tc.short.gy was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 1.179.112.197 396982 (GOOGLE-CL...)
1 18.184.197.212 16509 (AMAZON-02)
7 188.120.226.245 29182 (RU-JSCIOT)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.211.9.43 16625 (AKAMAI-AS)
10 4
Apex Domain
Subdomains
Transfer
7 navigator-agb-client-update.com
navigator-agb-client-update.com
68 KB
1 ui-portal.de
img.ui-portal.de — Cisco Umbrella Rank: 22700
25 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 305
83 KB
1 short.gy
84tc.short.gy
2 KB
1 sendibt2.com
fiebfce.r.af.d.sendibt2.com
176 B
10 5
Domain Requested by
7 navigator-agb-client-update.com 84tc.short.gy
navigator-agb-client-update.com
1 img.ui-portal.de navigator-agb-client-update.com
1 ajax.googleapis.com navigator-agb-client-update.com
1 84tc.short.gy
1 fiebfce.r.af.d.sendibt2.com 1 redirects
10 5

This site contains no links.

Subject Issuer Validity Valid
*.short.gy
ZeroSSL RSA Domain Secure Site CA
2023-03-08 -
2023-06-06
3 months crt.sh
navigator-agb-client-update.com
R3
2023-03-10 -
2023-06-08
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
img.ui-portal.de
GeoTrust RSA CA 2018
2022-07-25 -
2023-07-25
a year crt.sh

This page contains 2 frames:

Primary Page: https://84tc.short.gy/txrV8X
Frame ID: CDFC4EFD9AFD92A8A87C6CC6E4A1822E
Requests: 1 HTTP requests in this frame

Frame: https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
Frame ID: 44DD8EA582FE796097E2C4735BEA5533
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

GMX Login

Page URL History Show full URLs

  1. https://fiebfce.r.af.d.sendibt2.com/tr/cl/Lg-ECY9YssfGXuv8HFyPlsYz1IRhOsj_mh95XjimodcAMPfqukfc0JKpS9k6dWGyFUOHWi... HTTP 302
    https://84tc.short.gy/txrV8X Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

178 kB
Transfer

370 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fiebfce.r.af.d.sendibt2.com/tr/cl/Lg-ECY9YssfGXuv8HFyPlsYz1IRhOsj_mh95XjimodcAMPfqukfc0JKpS9k6dWGyFUOHWiB9r-c0hJ_G9jQN5NcUEYgpfmzEFonyDpAbj5Pz-GF_6YeDFjgOzQBkT2oCYf-urn8O9e0hl413WS5hkQFJj2jrRy9Tfjl_3vw5fSKvIBnVMWe9Tc0TOQvZ5q8sW6ERFOHK8beL958F8L6xgLcbFqxQrjrkS8h0BBF5Ow HTTP 302
    https://84tc.short.gy/txrV8X Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request txrV8X
84tc.short.gy/
Redirect Chain
  • https://fiebfce.r.af.d.sendibt2.com/tr/cl/Lg-ECY9YssfGXuv8HFyPlsYz1IRhOsj_mh95XjimodcAMPfqukfc0JKpS9k6dWGyFUOHWiB9r-c0hJ_G9jQN5NcUEYgpfmzEFonyDpAbj5Pz-GF_6YeDFjgOzQBkT2oCYf-urn8O9e0hl413WS5hkQFJj2j...
  • https://84tc.short.gy/txrV8X
2 KB
2 KB
Document
General
Full URL
https://84tc.short.gy/txrV8X
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.184.197.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
eu-ip-2.short.io
Software
/ Short.io link shortener
Resource Hash
b0af329e1eae5614d007202eef6c013805dae4734e59dfffb6cbe7c9a2403bc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Date
Wed, 22 Mar 2023 11:37:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
connection
close
content-length
2027
content-type
text/html; charset=utf-8
pragma
no-cache
x-content-type-options
nosniff
x-powered-by
Short.io link shortener

Redirect headers

content-length
51
content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 11:37:44 GMT
location
https://84tc.short.gy/txrV8X
x-content-type-options
nosniff
x-sib-server
gke-gke-public-clust-gke-public-clust-68c94d10-7jw1
x-xss-protection
1
/
navigator-agb-client-update.com/dereferer/ Frame 44DD
111 KB
24 KB
Document
General
Full URL
https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
Requested by
Host: 84tc.short.gy
URL: https://84tc.short.gy/txrV8X
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.120.226.245 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
watko.cedric.ispvds.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
273a32791bd626f9f6079aea79cd3220b0fb4e20fe728ae96fa05ffd8db7a3a5

Request headers

Referer
https://84tc.short.gy/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Mar 2023 11:37:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
intenseblue.css
navigator-agb-client-update.com/dereferer/ Frame 44DD
13 KB
3 KB
Stylesheet
General
Full URL
https://navigator-agb-client-update.com/dereferer/intenseblue.css
Requested by
Host: navigator-agb-client-update.com
URL: https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.120.226.245 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
watko.cedric.ispvds.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9d8b7eed3e64abb793c5331df00c4155a573e4e77e4794e80d1bd6a859fdb60a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 22 Mar 2023 11:37:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Mar 2023 16:50:38 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"640b5fde-3281"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 23 Mar 2023 11:37:44 GMT
RobotoCondensed-Light-webfont.woff
navigator-agb-client-update.com/dereferer/ Frame 44DD
18 KB
19 KB
Font
General
Full URL
https://navigator-agb-client-update.com/dereferer/RobotoCondensed-Light-webfont.woff
Requested by
Host: navigator-agb-client-update.com
URL: https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.120.226.245 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
watko.cedric.ispvds.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4cde34c1e366e3d7625d453914da07e72c137c195ec9191db06f41775e65a01b

Request headers

Referer
https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
Origin
https://navigator-agb-client-update.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 22 Mar 2023 11:37:45 GMT
Last-Modified
Fri, 10 Mar 2023 16:50:38 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"640b5fde-49c0"
Content-Type
application/font-woff
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18880
Expires
Thu, 23 Mar 2023 11:37:45 GMT
bt_gmx.css
navigator-agb-client-update.com/dereferer/ Frame 44DD
1 KB
761 B
Stylesheet
General
Full URL
https://navigator-agb-client-update.com/dereferer/bt_gmx.css
Requested by
Host: navigator-agb-client-update.com
URL: https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.120.226.245 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
watko.cedric.ispvds.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6d75e6f14ac125e8ccfba03d9eecf61a5295285cd2c1ba815025e366089a4a40

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 22 Mar 2023 11:37:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Mar 2023 16:50:38 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"640b5fde-432"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 23 Mar 2023 11:37:45 GMT
uni_gmxnet-ver-8F0F56A96D41F7E60B8775D33600549A.css
navigator-agb-client-update.com/dereferer/ Frame 44DD
74 KB
13 KB
Stylesheet
General
Full URL
https://navigator-agb-client-update.com/dereferer/uni_gmxnet-ver-8F0F56A96D41F7E60B8775D33600549A.css
Requested by
Host: navigator-agb-client-update.com
URL: https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.120.226.245 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
watko.cedric.ispvds.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0573200df3c44071d963dbdde0559f3f39ad45456b26f41baaf1e067b94b2ce5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 22 Mar 2023 11:37:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Mar 2023 16:50:38 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"640b5fde-1280b"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 23 Mar 2023 11:37:45 GMT
style-ver-8D41ABD893936B28AD1F98ABB3770E42.css
navigator-agb-client-update.com/dereferer/ Frame 44DD
43 KB
9 KB
Stylesheet
General
Full URL
https://navigator-agb-client-update.com/dereferer/style-ver-8D41ABD893936B28AD1F98ABB3770E42.css
Requested by
Host: navigator-agb-client-update.com
URL: https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.120.226.245 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
watko.cedric.ispvds.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
57239acc838860d3d73e811b4c1ae0951e50397664151235d283e1bcbdbdece4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 22 Mar 2023 11:37:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Mar 2023 16:50:38 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"640b5fde-acfb"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 23 Mar 2023 11:37:45 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame 44DD
82 KB
83 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: navigator-agb-client-update.com
URL: https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://navigator-agb-client-update.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 06:28:55 GMT
x-content-type-options
nosniff
age
18530
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Mar 2024 06:28:55 GMT
sprite-ver-888AB25C3C2117A160F929BF1561A8A3.svg
navigator-agb-client-update.com/dereferer/ciss/resource/_cp._/::/gui/assets/icons/ Frame 44DD
0
0
Other
General
Full URL
https://navigator-agb-client-update.com/dereferer/ciss/resource/_cp._/::/gui/assets/icons/sprite-ver-888AB25C3C2117A160F929BF1561A8A3.svg
Requested by
Host: navigator-agb-client-update.com
URL: https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.120.226.245 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
watko.cedric.ispvds.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://navigator-agb-client-update.com/dereferer/?redirectUrl=htts%3A%2F%2Fupdate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 22 Mar 2023 11:37:45 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
Roboto-Medium-webfont.woff
img.ui-portal.de/ci/gmx/global/fonts/roboto/ Frame 44DD
24 KB
25 KB
Font
General
Full URL
https://img.ui-portal.de/ci/gmx/global/fonts/roboto/Roboto-Medium-webfont.woff
Requested by
Host: navigator-agb-client-update.com
URL: https://navigator-agb-client-update.com/dereferer/uni_gmxnet-ver-8F0F56A96D41F7E60B8775D33600549A.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.43 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-43.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ca845a97256742debfc82004246fe03d97da1aae5b41b691b23d90b70df3910

Request headers

Referer
https://navigator-agb-client-update.com/
Origin
https://navigator-agb-client-update.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 11:37:45 GMT
content-encoding
gzip
last-modified
Thu, 27 Feb 2014 04:45:46 GMT
server
Apache
etag
"61d8-4f35bfe9b3280-gzip"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=2439677
accept-ranges
bytes
x-robots-tag
noindex
content-length
24997

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| isIOS function| cloneDeviceMotionEvent object| iframe

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://navigator-agb-client-update.com/dereferer/ciss/resource/_cp._/::/gui/assets/icons/sprite-ver-888AB25C3C2117A160F929BF1561A8A3.svg#avatar
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff