etin.vn
Open in
urlscan Pro
172.67.138.49
Malicious Activity!
Public Scan
Effective URL: https://etin.vn/SBB/index/
Submission: On April 27 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by E1 on March 29th 2024. Valid for: 3 months.
This is the only time etin.vn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Schweizerische Bundesbahnen (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 172.67.138.49 172.67.138.49 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 3.66.100.247 3.66.100.247 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a02:26f0:350... 2a02:26f0:3500:591::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2606:4700::68... 2606:4700::6813:b134 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 5 |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-100-247.eu-central-1.compute.amazonaws.com
cdn.app.sbb.ch |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
etin.vn
1 redirects
etin.vn |
209 KB |
1 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 306 |
7 KB |
1 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 427 |
38 KB |
1 |
sbb.ch
cdn.app.sbb.ch — Cisco Umbrella Rank: 420692 |
14 KB |
17 | 4 |
Domain | Requested by | |
---|---|---|
14 | etin.vn |
1 redirects
etin.vn
|
1 | cdn.cookielaw.org |
etin.vn
|
1 | assets.adobedtm.com |
etin.vn
|
1 | cdn.app.sbb.ch |
etin.vn
|
17 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
etin.vn E1 |
2024-03-29 - 2024-06-27 |
3 months | crt.sh |
*.app.sbb.ch Amazon RSA 2048 M02 |
2023-08-16 - 2024-09-13 |
a year | crt.sh |
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-11 - 2024-08-10 |
a year | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2024-03-01 - 2024-12-31 |
10 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://etin.vn/SBB/index/
Frame ID: 547582A072CD3740E650B24D8610AD48
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Anmeldung | SwissPassPage URL History Show full URLs
-
http://etin.vn/SBB/index
HTTP 307
https://etin.vn/SBB/index HTTP 301
https://etin.vn/SBB/index/ Page URL
Detected technologies
Modernizr (JavaScript Libraries) ExpandDetected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
OneTrust (Cookie compliance) Expand
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://etin.vn/SBB/index
HTTP 307
https://etin.vn/SBB/index HTTP 301
https://etin.vn/SBB/index/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
etin.vn/SBB/index/ Redirect Chain
|
28 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sso.min-20200819.css
etin.vn/SBB/index/resources/css/normal/app/ |
180 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_text_de-20200819.svg
etin.vn/SBB/index/resources/img/ |
137 KB 16 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-20200819.svg
etin.vn/SBB/index/resources/img/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loader-20200819.png
etin.vn/SBB/index/resources/img/ |
272 B 767 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rocket-loader.min.js
etin.vn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
login_bg.jpg
etin.vn/SBB/index/resources/img/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SBBWeb-Light.woff2
cdn.app.sbb.ch/fonts/v1_6_subset/ |
14 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icomoon.woff2
etin.vn/SBB/index/resources/fonts/icomoon/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
swisspass.min-20200819.js
etin.vn/SBB/index/resources/js/ |
97 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vendor.min-20200819.js
etin.vn/SBB/index/resources/js/vendor/ |
178 KB 55 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-20200819.js
etin.vn/SBB/index/resources/primefaces/jquery/ |
95 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
modernizr-20200820.js
etin.vn/SBB/index/resources/js/vendor/head/modernizr/ |
360 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-6cc731e967aa.min.js
assets.adobedtm.com/15ff638fdec4/7a0c4d63ddff/ |
124 KB 38 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
modernizr-20200819.js
etin.vn/SBB/index/resources/js/vendor/head/modernizr/ |
8 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icomoon.ttf
etin.vn/SBB/index/resources/fonts/icomoon/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- etin.vn
- URL
- https://etin.vn/SBB/index/resources/fonts/icomoon/icomoon.ttf?7m5yri
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Schweizerische Bundesbahnen (Transportation)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| __cfQR1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
etin.vn/ | Name: PHPSESSID Value: pj7pk5mtr18la9ektib0iscgk1 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
cdn.app.sbb.ch
cdn.cookielaw.org
etin.vn
etin.vn
172.67.138.49
2606:4700::6813:b134
2a02:26f0:3500:591::1e80
3.66.100.247
15c179af6a66be10fa288925824cbf9fea1e277066233e55425c119dd01db43e
230d91b44ffd4de6a3cfe521b2560e5ed59763df51a5de76fc01513787fb1682
2b2485b0669a2f73c4846e82eb5a37421358591a8ac8ba21d8149bfb88adcbfb
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
7a9fa521a58ee93001981f3a7db498c589233d8cc616e8d09af0119388a865bc
9c50211b34ab0377f3b35c243c98e402315127bfa5b51e147cb22c702174ca60
c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07
c70f7664d75abee0029d9e93cd523b9e5447a308c4e37a2457113123162bf2ed
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909
df1e617507098c8826a05c6487106c27e13f067537dbaf4f44d0de4f7d5e8ee3
f053f049a78c3afbce0d34f57d0bea4a24f7964d0e1e45197a35c06124b5e357
f5e694ba6b63a657fae3f561dc0e8ae0247534616d9e844005d11d8ba2535338
f766c7457c6ec463eaa85778aa47261344f1772e0b7cf1987ad212f889f472f5