my-royalmail.com
Open in
urlscan Pro
103.163.208.93
Malicious Activity!
Public Scan
Effective URL: https://my-royalmail.com/update
Submission: On March 01 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on February 29th 2024. Valid for: 3 months.
This is the only time my-royalmail.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Royal Mail (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 19 | 103.163.208.93 103.163.208.93 | 140683 (STARBOWLT...) (STARBOWLTD-AS-AP Starbow Ltd.) | |
1 | 2606:4700:303... 2606:4700:3032::6815:29e9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
19 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
my-royalmail.com
1 redirects
my-royalmail.com |
967 KB |
1 |
antal.buzz
antal.buzz |
572 B |
19 | 2 |
Domain | Requested by | |
---|---|---|
19 | my-royalmail.com |
1 redirects
my-royalmail.com
|
1 | antal.buzz |
my-royalmail.com
|
19 | 2 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
my-royalmail.com R3 |
2024-02-29 - 2024-05-29 |
3 months | crt.sh |
antal.buzz GTS CA 1P5 |
2024-01-16 - 2024-04-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://my-royalmail.com/update
Frame ID: 3CB1F83EBD5C23852B4E360924E18FC9
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
2D569042-6990-413A-805A-A46371AB1EFDIcon - CollectIcon - LocationIcon - Send itemPage URL History Show full URLs
-
https://my-royalmail.com/
HTTP 302
https://my-royalmail.com/update Page URL
Page Statistics
59 Outgoing links
These are links going to different origins than the main page.
Title: Services near you
Search URL Search Domain Scan URL
Title: Log in
Search URL Search Domain Scan URL
Title: Click & Drop
Search URL Search Domain Scan URL
Title: Shop for stamps
Search URL Search Domain Scan URL
Title: Find a postcode
Search URL Search Domain Scan URL
Title: Parcel Collect
Search URL Search Domain Scan URL
Title: Stamps and supplies
Search URL Search Domain Scan URL
Title: Envelopes
Search URL Search Domain Scan URL
Title: Business mail supplies
Search URL Search Domain Scan URL
Title: All postage and packaging
Search URL Search Domain Scan URL
Title: Blackadder
Search URL Search Domain Scan URL
Title: His Majesty King Charles III: A New Reign
Search URL Search Domain Scan URL
Title: The Legend of Robin Hood
Search URL Search Domain Scan URL
Title: Flowers
Search URL Search Domain Scan URL
Title: HM King Charles III Definitives
Search URL Search Domain Scan URL
Title: All special stamps
Search URL Search Domain Scan URL
Title: Presentation packs
Search URL Search Domain Scan URL
Title: Framed stamps and prints
Search URL Search Domain Scan URL
Title: First Day covers
Search URL Search Domain Scan URL
Title: Coins and medals
Search URL Search Domain Scan URL
Title: Annual Collections
Search URL Search Domain Scan URL
Title: Bundles
Search URL Search Domain Scan URL
Title: All collectibles and gifts
Search URL Search Domain Scan URL
Title: Health
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: How to collect a missed delivery
Search URL Search Domain Scan URL
Title: When we can't deliver
Search URL Search Domain Scan URL
Title: I think my mail is lost
Search URL Search Domain Scan URL
Title: Letters and parcels size guide
Search URL Search Domain Scan URL
Title: Redirection support
Search URL Search Domain Scan URL
Title: Restrictions and prohibitions
Search URL Search Domain Scan URL
Title: Customs information
Search URL Search Domain Scan URL
Title: Wrapping and packaging your mail
Search URL Search Domain Scan URL
Title: How to address your mail
Search URL Search Domain Scan URL
Title: Rubber Bands
Search URL Search Domain Scan URL
Title: Track your item help
Search URL Search Domain Scan URL
Title: Tracking international items
Search URL Search Domain Scan URL
Title: What our tracking messages mean
Search URL Search Domain Scan URL
Title: My tracking message says it's been delivered but it hasn't been
Search URL Search Domain Scan URL
Title: Latest service updates
Search URL Search Domain Scan URL
Title: How to make a claim
Search URL Search Domain Scan URL
Title: Contact Royal Mail
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Track your item
Search URL Search Domain Scan URL
Title: Price finder
Search URL Search Domain Scan URL
Title: Online postage
Search URL Search Domain Scan URL
Title: How to make a claim
Search URL Search Domain Scan URL
Title: Sustainability
Search URL Search Domain Scan URL
Title: Redirect your mail
Search URL Search Domain Scan URL
Title: Parcelforce WorldwideOpens in a new window
Search URL Search Domain Scan URL
Title: British Heart Foundation
Search URL Search Domain Scan URL
Title: Keep Me PostedOpens in a new window
Search URL Search Domain Scan URL
Title: Opens in a new window
Search URL Search Domain Scan URL
Title: Opens in a new window
Search URL Search Domain Scan URL
Title: Opens in a new window
Search URL Search Domain Scan URL
Title: Opens in a new window
Search URL Search Domain Scan URL
Title: JobsOpens in a new window
Search URL Search Domain Scan URL
Title: International Distributions ServicesOpens in a new window
Search URL Search Domain Scan URL
Title: AccessibilityOpens in a new window
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://my-royalmail.com/
HTTP 302
https://my-royalmail.com/update Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
update
my-royalmail.com/ Redirect Chain
|
124 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
my-royalmail.com/ |
133 B 346 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_57lhjrfpj3ddu3r4_9mzrirai8mz8bmsz7byihi7ya8.css
my-royalmail.com/static/css/ |
32 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_wjj-gv0lg6-h5v896dmzgsnac1loy_vttuhtkmyxllg.css
my-royalmail.com/static/css/ |
990 KB 146 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.51b4ccb5.js
my-royalmail.com/assets/ |
309 KB 126 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.7d2c6415.css
my-royalmail.com/assets/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
my-royalmail.com/static/picture/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js_uy2dg2pqknulkouzwhuxcobe9yizgvdq7yewhfohqnq.js
my-royalmail.com/static/js/ |
122 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js_terxot8vmmsfu-rvhjflvsqs0-ryvmjwqua-lk3j5r0.js
my-royalmail.com/static/js/ |
1 MB 427 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pfdintextstd-bold-webfont.woff
my-royalmail.com/static/fonts/ |
33 KB 33 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevinstd-bold.04a2b6dc.5febf201.woff2
my-royalmail.com/assets/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevinstd-medium.79f5c13c.d78b4314.woff2
my-royalmail.com/assets/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevin-medium.woff
my-royalmail.com/static/fonts/ |
34 KB 34 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scam-guidance.png
my-royalmail.com/static/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keep-me-posted.png
my-royalmail.com/static/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
safespace-logo.png
my-royalmail.com/static/picture/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Index.ab7ad509.js
my-royalmail.com/assets/ |
44 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Index.dec93025.css
my-royalmail.com/assets/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
check.php
antal.buzz/php/app/index/ |
129 B 572 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Royal Mail (Government)24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| a2a_config function| once undefined| $ function| jQuery object| drupalSettings object| drupalTranslations object| Drupal object| tabbable function| _typeof function| ownKeys function| _objectSpread function| _defineProperty function| _toPropertyKey function| _toPrimitive object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ function| moment object| Cookies boolean| __vite_is_modern_browser1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
my-royalmail.com/ | Name: PHPSESSID Value: 75fpl429tm4rpkork6qmeb5ljl |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
antal.buzz
my-royalmail.com
103.163.208.93
2606:4700:3032::6815:29e9
1b7356ed9d20479a4fe185a3aeb04e6413c57a8a134e399ef6d66d2ca83428df
23412a473ff5249025a3f3a81fe3ba4af0ea5efa57d99c5773a3cb79945b8244
3060f58cd766bb2fcaab5b176a99cc2d731086d6b895137554ceac63ee31db03
344b29deab56ac203aa9d4c258a097020f4b207da082f1267e2b9a4280903c34
387f872bb765a43e89b3b7e31921ab49ef81b8876beadce9b033c0715c94d5de
41b8c92a2754c62935f690e124fd724f56655bfa8770867a6a56ca0aeefb2da6
46ba27578bc05033e4df4baf40c81cf1dd3a949172efb518f58b9bf61073fffe
532d83836a6a90d50b928b99c07b97728044f582331af0eaed87b0845a21a8d4
59b1b91d85d2c035f814c3bf2022b2b45cff6f816dfb9e918e1820d4e527d451
5a55e53c5c4dc0f7812b398ddc206ee577a42e7fa217b0ee3d6fab7cf35d0f59
5e001149ad167758a03acb66388cc23c2aba60bbe811da33bb2ea44c59157eb7
5febf201204bf57a1560ecd3a705ed4766f1afa1280b900ac44f428d21df74c8
7d2c6415d1f4b260fe6e92098cf43da82c4c174b2df046e477e8e221e28d2201
8e5bd63208d0cf73eb49c33fe135dbb66e5fe3d680fac9abeb4a4670a79b01a7
9314ec2d98780f916a6357eaee875203f4fb04438313c111fafa9a36ba579997
9770811a404364891c45240a4e73c586dd63aa5b0aa6335344b1b3e0c0206470
ab0d37e28146cdcbaed1152d246a8bede90c4bb6c116e076622daf055b858c9f
d78b43147db5b2635d9d509de7db47bb8dafb206426172a70dc754a2819c8542
dec930257b0383e3eb933f651b832a058ebede732a06430ff8190a8a8a52842f
e6e3ce6d79bea4b25debc4b3c1d026e49f02b1fcf06aae27f8bb353ddd289648