www-inpostapl.xyz
Open in
urlscan Pro
95.181.167.39
Malicious Activity!
Public Scan
Submission: On January 24 via manual from PL
Summary
TLS certificate: Issued by R3 on January 18th 2021. Valid for: 3 months.
This is the only time www-inpostapl.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Visa (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 95.181.167.39 95.181.167.39 | 8764 (TELIA-LIE...) (TELIA-LIETUVA) | |
2 | 2606:4700::68... 2606:4700::6810:135e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 185.129.100.100 185.129.100.100 | 57724 (DDOS-GUARD) (DDOS-GUARD) | |
3 | 151.101.12.133 151.101.12.133 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:81a::200a | 15169 (GOOGLE) (GOOGLE) | |
6 | 2a00:1450:400... 2a00:1450:4001:801::2003 | 15169 (GOOGLE) (GOOGLE) | |
26 | 7 |
ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
check.ddos-guard.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
www-inpostapl.xyz
www-inpostapl.xyz |
124 KB |
6 |
gstatic.com
fonts.gstatic.com |
73 KB |
3 |
githubusercontent.com
raw.githubusercontent.com |
110 KB |
2 |
ddos-guard.net
check.ddos-guard.net |
742 B |
2 |
cloudflare.com
cdnjs.cloudflare.com |
31 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
26 | 6 |
Domain | Requested by | |
---|---|---|
12 | www-inpostapl.xyz |
www-inpostapl.xyz
|
6 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | raw.githubusercontent.com |
www-inpostapl.xyz
|
2 | check.ddos-guard.net |
www-inpostapl.xyz
|
2 | cdnjs.cloudflare.com |
www-inpostapl.xyz
|
1 | fonts.googleapis.com |
www-inpostapl.xyz
|
26 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www-inpostapl.xyz R3 |
2021-01-18 - 2021-04-18 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
*.ddos-guard.net Sectigo RSA Domain Validation Secure Server CA |
2019-07-03 - 2021-07-02 |
2 years | crt.sh |
www.github.com DigiCert SHA2 High Assurance Server CA |
2020-05-06 - 2022-04-14 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www-inpostapl.xyz/cards/12342753
Frame ID: C8C4C5001DB466CD480D8BA1AAD917EA
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www-inpostapl.xyz/cards/12342753 Page URL
- https://www-inpostapl.xyz/cards/12342753 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www-inpostapl.xyz/cards/12342753 Page URL
- https://www-inpostapl.xyz/cards/12342753 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
12342753
www-inpostapl.xyz/cards/ |
24 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
12342753
www-inpostapl.xyz/cards/ |
0 109 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
12342753
www-inpostapl.xyz/cards/ |
76 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
card-pay.css
www-inpostapl.xyz/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/ |
157 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chat1.css
www-inpostapl.xyz/chat/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.js
check.ddos-guard.net/ |
152 B 490 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
www-inpostapl.xyz/img/ |
17 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chip.png
raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.min.js
www-inpostapl.xyz/js/ |
91 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue-the-mask.js
www-inpostapl.xyz/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www-inpostapl.xyz/js/ |
2 KB 852 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www-inpostapl.xyz/js/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/js/ |
59 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wait_in.gif
www-inpostapl.xyz/img/ |
16 KB 11 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
15 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
426 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HI_XiYsKILxRpg3hIP6sJ7fM7PqtzsjDs-cq7Gq0DA.woff2
fonts.gstatic.com/s/sourcecodepro/v13/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevWnsUnxg.woff2
fonts.gstatic.com/s/sourcecodepro/v13/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lujVj9_mf.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRdu3cOWxy40.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11.jpeg
raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/ |
88 KB 88 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visa.png
raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zXg6b20B9jfk4oUv
www-inpostapl.xyz/.well-known/ddos-guard/id/ |
68 B 219 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zXg6b20B9jfk4oUv
check.ddos-guard.net/set/id/ |
68 B 252 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Visa (Financial)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| Vue object| VueTheMask function| $ function| jQuery object| bootstrap number| opened function| openForm function| closeForm function| checkFocus function| update function| sendmsg5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www-inpostapl.xyz/ | Name: PHPSESSID Value: p4i436n4b3uvjpjap16audn4s7 |
|
www-inpostapl.xyz/ | Name: __ddos2 Value: 4d885498-45f8-4dd9-b669-bb216cebcfc6 |
|
.www-inpostapl.xyz/ | Name: __ddg2 Value: zXg6b20B9jfk4oUv |
|
www-inpostapl.xyz/ | Name: __ddos1 Value: EPOffDQdjte51JegMOyg2-axknU |
|
.www-inpostapl.xyz/ | Name: __ddg1 Value: 8ZT7OAh1CSNHSsLJJUzx |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
check.ddos-guard.net
fonts.googleapis.com
fonts.gstatic.com
raw.githubusercontent.com
www-inpostapl.xyz
151.101.12.133
185.129.100.100
2606:4700::6810:135e
2a00:1450:4001:801::2003
2a00:1450:4001:81a::200a
95.181.167.39
0464057af6c7706992a371b3a15af336565685b1da3b58bc6b6171793e5fd24b
04b70d566e3565f58b96d67396e342efa19f6d63390c911ac7e06280c16ef010
1437e8feeeb06db15306819c5abfef699017de902840630900e634f943127dbb
1a9548347c9b338b3168bc5eb94c8206490a3462efc3c674632e9e9236785d54
1d00c6f0cc689179cfc4dab54f10163635df53e0472ec87fb40790a74f4dbce2
23847663eb401c7099766c713af22907e4b76f6472476e14ef6bee4dbb2a67a4
339b1fa5e1770c751e13a973dd4878556f781847d458b6fa07ff31abb816145d
4468830bc05c98695658b7bf3ae5f7b02f04740d43204ce5c5e327ada9587e4f
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
59eeb7a3af23b4cb043ab57a8491d375cde37cc7f22931ea27f9e18925bffa89
59fd4f207936792ab9910baa7df5f1f7bff899e35e0428df34ab9a1319184052
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
612d3c3f8efad0b9073b164950a2c3b5ed6d73e214fe539e6c21b4f18fed0ad8
6e92ea8a036305feed6f43cf1ba9d37ae6ba4fc90236080ca3dce4299d5723d8
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
9ad58bb5360bb0ac3964d9af1781d36e4e91e91be40e506bf6a174be865b7e4e
9ef6dd0c1dbd61b792f7791c989d68b3939263c502269643f8e96c28f7e49a15
c3c4d4d399f21b3e0cd99fd2bbeb547b797086b5b0ca5d9539ed2387decc2e71
c4c9d4f6fbcbe3b591646b902e33b914083d983374cf38cefcd6054ccc5dd3b3
e8dc2d8cbce3bb583998cf8d42b3d282b48060b9479692175de36af92b66176f
eb5ecaf214e7d715e9abf93f12a7ad6f874b79ddc2348e26b55b9b2ae776b1ff
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d