plannit.be Open in urlscan Pro
2001:bc8:4::2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://montage-himki.ru/
Effective URL:
https://plannit.be/home.html/autoload.html?c=info
Submission: On March 28 via api (March 28th 2023, 9:13:48 pm UTC) from IE — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 2001:bc8:4::2, located in France and belongs to Online SAS, FR. The main domain is plannit.be.
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.

This is the only time plannit.be was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a03:6f00:1::... 2a03:6f00:1::5c35:60f3	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1 19	2001:bc8:4::2 2001:bc8:4::2	12876 (Online SAS) (Online SAS)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
22	3

1 2a03:6f00:1::5c35:60f3 (Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)

montage-himki.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2001:bc8:4::2 (France) 1 redirects

ASN12876 (Online SAS, FR)

plannit.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	plannit.be 1 redirects plannit.be	614 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 673	30 KB
1	montage-himki.ru 1 redirects montage-himki.ru	97 B
0	jsdelivr.net Failed cdn.jsdelivr.net Failed
0	ipinfo.io Failed ipinfo.io Failed
0	googleapis.com Failed ajax.googleapis.com Failed
22	6

	Domain	Requested by
19	plannit.be	1 redirects plannit.be code.jquery.com
1	code.jquery.com	plannit.be
1	montage-himki.ru	1 redirects
0	cdn.jsdelivr.net Failed	code.jquery.com
0	ipinfo.io Failed	plannit.be
0	ajax.googleapis.com Failed	plannit.be
22	6

This site contains no links.

Subject Issuer	Validity	Valid
plannit.be R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://plannit.be/home.html/autoload.html?c=info
Frame ID: 6B066C54DAFCF5228DB75A22FC22D528
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tracking | DHL | Global

Page URL History Show full URLs

https://montage-himki.ru/ HTTP 302
https://plannit.be/express.php HTTP 302
https://plannit.be/home.html/autoload.html?c=info Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/

Page Statistics

22
Requests

86 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

3
IPs

3
Countries

650 kB
Transfer

1871 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://montage-himki.ru/ HTTP 302
https://plannit.be/express.php HTTP 302
https://plannit.be/home.html/autoload.html?c=info Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request autoload.html Show response plannit.be/home.html/ Redirect Chain https://montage-himki.ru/ https://plannit.be/express.php https://plannit.be/home.html/autoload.html?c=info	8 KB 2 KB	20ms 19ms	Document text/html	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/home.html/autoload.html?c=info Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash `8689aa8540c1992900e9002970efc35896376eda3f09d37e8e04b2881e05134c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 1869 Content-Type text/html Date Tue, 28 Mar 2023 21:13:42 GMT ETag "2093-5f3e26d17fb80-gzip" Last-Modified Sat, 04 Feb 2023 16:38:22 GMT Vary Accept-Encoding server nginx Redirect headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Tue, 28 Mar 2023 21:13:42 GMT Transfer-Encoding chunked X-Powered-By PHP/7.3.16 location home.html/autoload.html?c=info server nginx
GET H/1.1	200 OK	dhl.css plannit.be/dist/	1 MB 308 KB	57ms 57ms	Stylesheet text/css	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/dist/dhl.css Requested by Host: plannit.be URL: https://plannit.be/home.html/autoload.html?c=info Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash `778d663e07388f5468a1debe8acde343ace8673f06f3afb6836fd7cfd8046b2e` Request headers accept-language de-DE,de;q=0.9 Referer https://plannit.be/home.html/autoload.html?c=info User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:42 GMT Content-Encoding gzip Last-Modified Thu, 19 Jan 2023 19:42:44 GMT server nginx ETag "15b189-5f2a322fab500-gzip" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	67ms 18ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: plannit.be URL: https://plannit.be/home.html/autoload.html?c=info Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash `f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d` Request headers Referer https://plannit.be/ Origin https://plannit.be accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 21:13:42 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 10:50:39 GMT server nginx etag W/"620cd6ff-15d84" vary Accept-Encoding x-hw 1680038022.dop231.am5.t,1680038022.cds304.am5.hn,1680038022.cds312.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H/1.1	200 OK	js.cookie.js Show response plannit.be/dist/	3 KB 2 KB	55ms 19ms	Script application/javascript	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/dist/js.cookie.js Requested by Host: plannit.be URL: https://plannit.be/home.html/autoload.html?c=info Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash `9df6e8c4bc8ea670d2f4da40a35a41772cc8857aca288a77acfa891cf1a54c36` Request headers accept-language de-DE,de;q=0.9 Referer https://plannit.be/home.html/autoload.html?c=info User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:42 GMT Content-Encoding gzip Last-Modified Mon, 25 Jul 2022 20:59:54 GMT server nginx ETag "d60-5e4a777322680-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1387
GET H/1.1	200 OK	jquery-lang.js Show response plannit.be/dist/	27 KB 7 KB	56ms 20ms	Script application/javascript	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/dist/jquery-lang.js Requested by Host: plannit.be URL: https://plannit.be/home.html/autoload.html?c=info Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash `67829a15eafd08a53376a78dc3574724e4bf87455bdc7b52c9b01828df272ca2` Request headers accept-language de-DE,de;q=0.9 Referer https://plannit.be/home.html/autoload.html?c=info User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:42 GMT Content-Encoding gzip Last-Modified Sat, 21 Jan 2023 18:03:52 GMT server nginx ETag "6c2d-5f2c9fd165200-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 7000
GET		jquery.min.js ajax.googleapis.com/ajax/libs/jquery/1.10.2/	0 0

GET H/1.1	200 OK	default-274a65bae9742377aaf010bb1a7de971.woff plannit.be/dist/fonts/	40 KB 40 KB	20ms 20ms	Font application/x-font-woff	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff Requested by Host: plannit.be URL: https://plannit.be/dist/dhl.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash `5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940` Request headers Referer https://plannit.be/dist/dhl.css Origin https://plannit.be accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:42 GMT Last-Modified Mon, 25 Jul 2022 20:59:54 GMT server nginx ETag "a07c-5e4a777322680" Content-Type application/x-font-woff Connection keep-alive Accept-Ranges bytes Content-Length 41084
GET H/1.1	200 OK	load.php Show response plannit.be/dist/	5 KB 1 KB	24ms 24ms	XHR text/html	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/dist/load.php Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.5.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / PHP/7.3.16 Resource Hash `b332366c284ca97fc1e69f7b66810942e1623373de507ab574405a86a3079d97` Request headers Accept text/html, /; q=0.01 Referer https://plannit.be/home.html/autoload.html?c=info X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:42 GMT Content-Encoding gzip server nginx X-Powered-By PHP/7.3.16 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Connection keep-alive
GET H/1.1	200 OK	head.php Show response plannit.be/dist/	10 KB 3 KB	45ms 45ms	XHR text/html	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/dist/head.php Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.5.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / PHP/7.3.16 Resource Hash `1813f7cf810838f298a501e856e2f1534b8841057d73c6f676b51ff3c6a107b2` Request headers Accept text/html, /; q=0.01 Referer https://plannit.be/home.html/autoload.html?c=info X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:43 GMT Content-Encoding gzip server nginx X-Powered-By PHP/7.3.16 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Connection keep-alive
GET H/1.1	200 OK	footer.php Show response plannit.be/dist/	14 KB 6 KB	49ms 49ms	XHR text/html	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/dist/footer.php Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.5.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / PHP/7.3.16 Resource Hash `0a17cc1dbc15c47c565cecab662ee4cf8a2512ccae8e69f97724f8aefc93917e` Request headers Accept text/html, /; q=0.01 Referer https://plannit.be/home.html/autoload.html?c=info X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:43 GMT Content-Encoding gzip server nginx X-Powered-By PHP/7.3.16 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Connection keep-alive
GET DATA	200 OK	truncated /	1 KB 1 KB		Image application/octet-stream
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6239160640a5be2d5a3e3bb42443e9121fea2e7bcca3b205c8b17c33646c8de9` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type application/octet-stream
GET		country ipinfo.io/	0 0

GET DATA	200 OK	truncated /	2 KB 2 KB		Image application/octet-stream
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a001e8e960cf691881c9ae116c9ecc1af366e94545e498590feb1dcd3f4a9438` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type application/octet-stream
GET DATA	200 OK	truncated /	605 B 605 B		Image application/octet-stream
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ff82d55778ba3b61dadfcb93e367a5ff53e5ffbcb831a5951db5d36a05ed022c` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type application/octet-stream
GET DATA	200 OK	truncated /	488 B 488 B		Image application/octet-stream
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0fb9845652885577f0309199beb51d1f5938b1f6ac662ca8b9cc3be827fd4ce6` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type application/octet-stream
GET DATA	200 OK	truncated /	659 B 659 B		Image application/octet-stream
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8f02587278297e427e0da3d6da6d806ed73d1cbb47de2636518f430e4570ca94` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type application/octet-stream
GET DATA	200 OK	truncated /	1 KB 1 KB		Image application/octet-stream
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4f756eb552a635a349a79e6f166076d760ac1d3a66120abe9df53708130ba299` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type application/octet-stream
GET H/1.1	200 OK	default-815fcbb4d2c57901701125d768f09d67.woff plannit.be/dist/fonts/	40 KB 41 KB	37ms 36ms	Font application/x-font-woff	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff Requested by Host: plannit.be URL: https://plannit.be/dist/dhl.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash `19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383` Request headers Referer https://plannit.be/dist/dhl.css Origin https://plannit.be accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:43 GMT Last-Modified Mon, 25 Jul 2022 20:59:54 GMT server nginx ETag "a170-5e4a777322680" Content-Type application/x-font-woff Connection keep-alive Accept-Ranges bytes Content-Length 41328
GET H/1.1	200 OK	dhl.css plannit.be/dist/	93 KB 93 KB	57ms 57ms	Image text/css	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://plannit.be/dist/dhl.css Requested by Host: plannit.be URL: https://plannit.be/dist/dhl.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://plannit.be/dist/dhl.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:43 GMT Content-Encoding gzip Last-Modified Thu, 19 Jan 2023 19:42:44 GMT server nginx ETag "15b189-5f2a322fab500-gzip" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes
GET H/1.1	200 OK	default-3e828e80f6e985c352eba4474518978d.woff plannit.be/dist/fonts/	43 KB 43 KB	20ms 19ms	Font application/x-font-woff	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff Requested by Host: plannit.be URL: https://plannit.be/dist/dhl.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash `87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5` Request headers Referer https://plannit.be/dist/dhl.css Origin https://plannit.be accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:43 GMT Last-Modified Mon, 25 Jul 2022 20:59:54 GMT server nginx ETag "ace4-5e4a777322680" Content-Type application/x-font-woff Connection keep-alive Accept-Ranges bytes Content-Length 44260
GET H/1.1	200 OK	iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff plannit.be/dist/fonts/	9 KB 9 KB	40ms 20ms	Font application/x-font-woff	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff Requested by Host: plannit.be URL: https://plannit.be/dist/dhl.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash `6d051536af97fbd33fae0683a1b6ce3749757ab43c8ee8c89295755fd4595807` Request headers Referer https://plannit.be/dist/dhl.css Origin https://plannit.be accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:43 GMT Last-Modified Mon, 25 Jul 2022 20:59:54 GMT server nginx ETag "2464-5e4a777322680" Content-Type application/x-font-woff Connection keep-alive Accept-Ranges bytes Content-Length 9316
GET H/1.1	200 OK	info.php Show response plannit.be/dist/	12 KB 3 KB	37ms 37ms	XHR text/html	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/dist/info.php Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.5.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / PHP/7.3.16 Resource Hash `09fd6be097dcbafd54a71502e6a97566c425d26068b2bfb64528ee2d2ed20690` Request headers Accept text/html, /; q=0.01 Referer https://plannit.be/home.html/autoload.html?c=info X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:44 GMT Content-Encoding gzip server nginx X-Powered-By PHP/7.3.16 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Connection keep-alive
GET H/1.1	200 OK	floating-label.js Show response plannit.be/dist/	3 KB 1 KB	19ms 19ms	XHR application/javascript	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/dist/floating-label.js Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.5.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash `1ccdc89cef7482a447e0cfd73382ff1102ddad003c8c7968b1af563d299411b2` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer https://plannit.be/home.html/autoload.html?c=info X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:45 GMT Content-Encoding gzip Last-Modified Mon, 25 Jul 2022 20:59:54 GMT server nginx ETag "d24-5e4a777322680-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1015
GET H/1.1	200 OK	jquery.validate.min.js Show response plannit.be/dist/	24 KB 8 KB	20ms 20ms	XHR application/javascript	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/dist/jquery.validate.min.js Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.5.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash `b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer https://plannit.be/home.html/autoload.html?c=info X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:45 GMT Content-Encoding gzip Last-Modified Mon, 25 Jul 2022 20:59:54 GMT server nginx ETag "5f38-5e4a777322680-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 7815
GET		popper.min.js cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/	0 0

GET H/1.1	200 OK	autoload.html Show response plannit.be/home.html/	8 KB 2 KB	19ms 19ms	XHR text/html	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/home.html/autoload.html?c=info../dist/langpack/en.json Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.5.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash `8689aa8540c1992900e9002970efc35896376eda3f09d37e8e04b2881e05134c` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://plannit.be/home.html/autoload.html?c=info X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:45 GMT Content-Encoding gzip Last-Modified Sat, 04 Feb 2023 16:38:22 GMT server nginx ETag "2093-5f3e26d17fb80-gzip" Vary Accept-Encoding Content-Type text/html Connection keep-alive Accept-Ranges bytes Content-Length 1869
GET H/1.1	200 OK	autoload.html Show response plannit.be/home.html/	8 KB 2 KB	19ms 19ms	XHR text/html	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/home.html/autoload.html?c=info../dist/langpack/en.json Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.5.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash `8689aa8540c1992900e9002970efc35896376eda3f09d37e8e04b2881e05134c` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://plannit.be/home.html/autoload.html?c=info X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:45 GMT Content-Encoding gzip Last-Modified Sat, 04 Feb 2023 16:38:22 GMT server nginx ETag "2093-5f3e26d17fb80-gzip" Vary Accept-Encoding Content-Type text/html Connection keep-alive Accept-Ranges bytes Content-Length 1869
GET H/1.1	200 OK	default-5a6dd86f272b304a8b83f7df61f11c2f.woff plannit.be/dist/fonts/	40 KB 41 KB	37ms 37ms	Font application/x-font-woff	2001:bc8:4::2 Online SAS
General Check archive.org Show headers Download Go to Full URL https://plannit.be/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff Requested by Host: plannit.be URL: https://plannit.be/dist/dhl.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:bc8:4::2 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash `b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4` Request headers Referer https://plannit.be/dist/dhl.css Origin https://plannit.be accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 21:13:45 GMT Last-Modified Mon, 25 Jul 2022 20:59:54 GMT server nginx ETag "a188-5e4a777322680" Content-Type application/x-font-woff Connection keep-alive Accept-Ranges bytes Content-Length 41352

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Domain: ipinfo.io
URL: http://ipinfo.io/country

Domain: cdn.jsdelivr.net
URL: http://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://plannit.be/home.html/autoload.html?c=info Message: Mixed Content: The page at 'https://plannit.be/home.html/autoload.html?c=info' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	(Line 1) Message: Mixed Content: The page at 'https://plannit.be/home.html/autoload.html?c=info' was loaded over HTTPS, but requested an insecure resource 'http://ipinfo.io/country'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://code.jquery.com/jquery-3.5.1.min.js(Line 1) Message: Mixed Content: The page at 'https://plannit.be/home.html/autoload.html?c=info' was loaded over HTTPS, but requested an insecure script 'http://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
code.jquery.com
ipinfo.io
montage-himki.ru
plannit.be
ajax.googleapis.com
cdn.jsdelivr.net
ipinfo.io
2001:4de0:ac18::1:a:3a
2001:bc8:4::2
2a03:6f00:1::5c35:60f3
09fd6be097dcbafd54a71502e6a97566c425d26068b2bfb64528ee2d2ed20690
0a17cc1dbc15c47c565cecab662ee4cf8a2512ccae8e69f97724f8aefc93917e
0fb9845652885577f0309199beb51d1f5938b1f6ac662ca8b9cc3be827fd4ce6
1813f7cf810838f298a501e856e2f1534b8841057d73c6f676b51ff3c6a107b2
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383
1ccdc89cef7482a447e0cfd73382ff1102ddad003c8c7968b1af563d299411b2
4f756eb552a635a349a79e6f166076d760ac1d3a66120abe9df53708130ba299
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940
6239160640a5be2d5a3e3bb42443e9121fea2e7bcca3b205c8b17c33646c8de9
67829a15eafd08a53376a78dc3574724e4bf87455bdc7b52c9b01828df272ca2
6d051536af97fbd33fae0683a1b6ce3749757ab43c8ee8c89295755fd4595807
778d663e07388f5468a1debe8acde343ace8673f06f3afb6836fd7cfd8046b2e
8689aa8540c1992900e9002970efc35896376eda3f09d37e8e04b2881e05134c
87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5
8f02587278297e427e0da3d6da6d806ed73d1cbb47de2636518f430e4570ca94
9df6e8c4bc8ea670d2f4da40a35a41772cc8857aca288a77acfa891cf1a54c36
a001e8e960cf691881c9ae116c9ecc1af366e94545e498590feb1dcd3f4a9438
b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
b332366c284ca97fc1e69f7b66810942e1623373de507ab574405a86a3079d97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff82d55778ba3b61dadfcb93e367a5ff53e5ffbcb831a5951db5d36a05ed022c

plannit.be Open in urlscan Pro 2001:bc8:4::2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

86 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

3 IPs

3 Countries

650 kBTransfer

1871 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

plannit.be Open in urlscan Pro
2001:bc8:4::2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

86 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

3
IPs

3
Countries

650 kB
Transfer

1871 kB
Size

0
Cookies

22 HTTP transactions
6 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!