www.pakbs.org
Open in
urlscan Pro
198.136.51.4
Malicious Activity!
Public Scan
Submission: On August 07 via automatic, source openphish
Summary
This is the only time www.pakbs.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Swiss Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 198.136.51.4 198.136.51.4 | 33182 (DIMENOC) (DIMENOC - HostDime.com) | |
4 | 2a00:17c8:0:1... 2a00:17c8:0:103::20a | 12511 (CH-POSTNE...) (CH-POSTNETZ Post CH AG) | |
1 | 194.41.189.111 194.41.189.111 | 12511 (CH-POSTNE...) (CH-POSTNETZ Post CH AG) | |
15 | 3 |
ASN33182 (DIMENOC - HostDime.com, Inc., US)
PTR: lin1502.byte90.net
www.pakbs.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
pakbs.org
www.pakbs.org |
254 KB |
5 |
post.ch
www.post.ch n.account.post.ch |
252 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
10 | www.pakbs.org |
www.pakbs.org
|
4 | www.post.ch |
www.pakbs.org
|
1 | n.account.post.ch |
www.pakbs.org
|
15 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
account.post.ch |
www.post.ch |
www.facebook.com |
twitter.com |
www.instagram.com |
www.youtube.com |
www.linkedin.com |
www.xing.com |
Subject Issuer | Validity | Valid |
---|
This page contains 2 frames:
Primary Page:
http://www.pakbs.org/pjbot/PDFs/01(1-2)/post/post/
Frame ID: 82A8C034AE297683C0B5EF866C59D355
Requests: 14 HTTP requests in this frame
Frame:
http://www.pakbs.org/pjbot/PDFs/01(1-2)/post/post/Files/saved_resource.html
Frame ID: ED11D5F43052C9F3980BC2AB9A2E932D
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- env /^Modernizr$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
62 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Startseite
Search URL Search Domain Scan URL
Title: Navigation
Search URL Search Domain Scan URL
Title: Inhalt
Search URL Search Domain Scan URL
Title: Kontakt
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Suche
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Fr
Search URL Search Domain Scan URL
Title: It
Search URL Search Domain Scan URL
Title: En
Search URL Search Domain Scan URL
Title: Die Post - zur Startseite
Search URL Search Domain Scan URL
Title: Privat
Search URL Search Domain Scan URL
Title: Geschäftlich
Search URL Search Domain Scan URL
Title: Über uns
Search URL Search Domain Scan URL
Title: Kundencenter Aktiver Menüpunkt
Search URL Search Domain Scan URL
Title: Medien
Search URL Search Domain Scan URL
Title: Kontakt und Hilfe
Search URL Search Domain Scan URL
Title: Jobs und Karriere
Search URL Search Domain Scan URL
Title: Kundencenter
Search URL Search Domain Scan URL
Title: Einstellungen
Search URL Search Domain Scan URL
Title: Benutzerprofil
Search URL Search Domain Scan URL
Title: Alle Onlinedienste
Search URL Search Domain Scan URL
Title: Info
Search URL Search Domain Scan URL
Title: Kontakt
Search URL Search Domain Scan URL
Title: Passwort vergessen?
Search URL Search Domain Scan URL
Title: Neu registrieren
Search URL Search Domain Scan URL
Title: Mit SuisseID einloggen
Search URL Search Domain Scan URL
Title: Weitere Informationen
Search URL Search Domain Scan URL
Title: Abbrechen
Search URL Search Domain Scan URL
Title: Neu registrieren
Search URL Search Domain Scan URL
Title: Versenden
Search URL Search Domain Scan URL
Title: Empfangen
Search URL Search Domain Scan URL
Title: Alles rund ums Geld
Search URL Search Domain Scan URL
Title: Einkaufen
Search URL Search Domain Scan URL
Title: Briefmarken entdecken
Search URL Search Domain Scan URL
Title: Themen A-Z
Search URL Search Domain Scan URL
Title: Versenden und transportieren
Search URL Search Domain Scan URL
Title: Empfangen
Search URL Search Domain Scan URL
Title: Material bestellen
Search URL Search Domain Scan URL
Title: Werben
Search URL Search Domain Scan URL
Title: Prozesse optimieren
Search URL Search Domain Scan URL
Title: Lagern
Search URL Search Domain Scan URL
Title: Alles rund ums Geld
Search URL Search Domain Scan URL
Title: Themen A-Z
Search URL Search Domain Scan URL
Title: Aktuell
Search URL Search Domain Scan URL
Title: Unternehmen
Search URL Search Domain Scan URL
Title: Themen
Search URL Search Domain Scan URL
Title: Wissenswertes Post
Search URL Search Domain Scan URL
Title: Themen A-Z
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Youtube
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Xing
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Barrierefreiheit
Search URL Search Domain Scan URL
Title: Allgemeine Geschäftsbedingungen
Search URL Search Domain Scan URL
Title: Datenschutz und Rechtliches
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.pakbs.org/pjbot/PDFs/01(1-2)/post/post/ |
34 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
staticasset.css
www.pakbs.org/pjbot/PDFs/01(1-2)/post/post/Files/ |
307 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
staticasset2.css
www.pakbs.org/pjbot/PDFs/01(1-2)/post/post/Files/ |
354 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logrend.css
www.pakbs.org/pjbot/PDFs/01(1-2)/post/post/Files/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
staticasset3.js
www.pakbs.org/pjbot/PDFs/01(1-2)/post/post/Files/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
post-logo-svg.svg
www.pakbs.org/pjbot/PDFs/01(1-2)/post/post/Files/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.0.min.js
www.pakbs.org/pjbot/PDFs/01(1-2)/post/post/Files/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header.js
www.pakbs.org/pjbot/PDFs/01(1-2)/post/post/Files/ |
425 KB 106 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate-1.12.0.min.js
www.pakbs.org/pjbot/PDFs/01(1-2)/post/post/Files/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource.html
www.pakbs.org/pjbot/PDFs/01(1-2)/post/post/Files/ Frame ED11 |
149 B 408 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2a004a53-ac5c-43b3-9eeb-9f74ae4c1609.woff
www.post.ch/assets/fonts/ |
50 KB 51 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Posticon-Regular.woff
www.post.ch/assets/portal/latest/fonts/ |
118 KB 118 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff
www.post.ch/assets/fonts/ |
37 KB 38 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff
www.post.ch/assets/fonts/ |
44 KB 45 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
subscribe
n.account.post.ch/v1/session/ |
0 234 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Swiss Post (Transportation)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| Unic object| html5 object| Modernizr function| yepnope object| digitalData undefined| $ function| jQuery object| POSTWEPP object| ODTracker function| jqueryUnic function| underscoreUnic object| vertx undefined| _ function| purl function| Spinner function| EventEmitter object| eventie function| imagesLoaded boolean| mCustomScrollbar object| jQuery111007321585472197556 function| SockJS function| klpWidget object| mejsL10n object| picturefillCFG function| picturefill string| guiName object| MESSAGES string| layoutType string| preventMaximize0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
n.account.post.ch
www.pakbs.org
www.post.ch
194.41.189.111
198.136.51.4
2a00:17c8:0:103::20a
0001fc565d8fb204bb7dca08752c0c1a74dbf3c1343f3b4a7f7e11bedd357ea8
291cb4d4ba35092b9b8bd849c7156784c4d15c7b6857da97fa41ae0b80e972b9
3870036d469067a4a9f37bc1c3f8dcfb078734417030a3536f905c4fa643c3fe
3e16b88bdcf1ff93d83662971c6bb9eb0de1a04faa2c5417fef45026533a9e98
41502fc0e0b8d11a5a754246b313443ee1bcdad44d1bbf9e31b56c88ae2a1a16
80d9df6a033c91c176960af80250168863680188e01dbdca5b7c53256e5ad769
90eef62309f1075051c036be5e9d93559adbb238894efa4d4659f48c16b01027
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
99caecb8475a08fc86c812cf804ddc904f6e6d3fd1591848a09f2413952f2a97
a045581394eda1ec21b70786a1576ae53ae6f0ab0e8af3544a2bea615a60b39b
c2ce987ece376ce9d2c22ee88624f3eedaec723ca0bbfd8fb218827aebb863b4
dceea27395ed1b2ab536cc460a7b398429d88232a11cea81458db125457a2b1c
e28c396108c83c9c0224a81f76ea11836d6efcfd60a37682334b5cb010b29412
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa4f0aed1d0ec5764d186315819d7d80651bf620bc6378a9745701ad501a4984