service-providers-of-communications2-v53.eu
Open in
urlscan Pro
13.115.53.123
Malicious Activity!
Public Scan
Submission: On April 06 via api from CA
Summary
This is the only time service-providers-of-communications2-v53.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: TNT (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 13.115.53.123 13.115.53.123 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 104.111.235.174 104.111.235.174 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
12 | 2 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-115-53-123.ap-northeast-1.compute.amazonaws.com
service-providers-of-communications2-v53.eu |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-235-174.deploy.static.akamaitechnologies.com
www.tnt.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
service-providers-of-communications2-v53.eu
service-providers-of-communications2-v53.eu |
615 KB |
1 |
tnt.com
www.tnt.com |
14 KB |
12 | 2 |
Domain | Requested by | |
---|---|---|
11 | service-providers-of-communications2-v53.eu |
service-providers-of-communications2-v53.eu
|
1 | www.tnt.com |
service-providers-of-communications2-v53.eu
|
12 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.tnt.com GeoTrust RSA CA 2018 |
2018-05-04 - 2019-08-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://service-providers-of-communications2-v53.eu/stnt/
Frame ID: 1EB6047A2FCC7A125FC6B9B1D3300455
Requests: 12 HTTP requests in this frame
Screenshot
Detected technologies
RoundCube (Web Mail) ExpandDetected patterns
- env /^(?:rcmail|rcube_|roundcube)/i
PHP (Programming Languages) Expand
Detected patterns
- env /^(?:rcmail|rcube_|roundcube)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
- script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery-ui.*\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
service-providers-of-communications2-v53.eu/stnt/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
service-providers-of-communications2-v53.eu/stnt/app_files/ |
53 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.css
service-providers-of-communications2-v53.eu/stnt/app_files/ |
43 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ui.js
service-providers-of-communications2-v53.eu/stnt/app_files/ |
26 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
service-providers-of-communications2-v53.eu/stnt/app_files/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
service-providers-of-communications2-v53.eu/stnt/app_files/ |
14 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
service-providers-of-communications2-v53.eu/stnt/app_files/ |
150 KB 150 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jstz.js
service-providers-of-communications2-v53.eu/stnt/app_files/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.js
service-providers-of-communications2-v53.eu/stnt/app_files/ |
231 KB 231 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twbfeexplu-f_hrz_2c_pos_rgb.png
www.tnt.com/content/dam/tnt_express_media/tnt-local-pages/fr_fr/images/site/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linen.jpg
service-providers-of-communications2-v53.eu/stnt/app_files/images/ |
348 B 348 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linen_login.jpg
service-providers-of-communications2-v53.eu/stnt/app_files/images/ |
354 B 354 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: TNT (Transportation)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| rcube_mail_ui function| rcube_scroller function| rcube_splitter function| $ function| jQuery number| CONTROL_KEY number| SHIFT_KEY number| CONTROL_SHIFT_KEY function| roundcube_browser object| rcube_event function| rcube_event_engine function| rcube_check_email function| rcube_clone_object function| urlencode function| rcube_find_object function| rcube_mouse_is_over function| setCookie function| getCookie object| bw object| Base64 function| rcube_parse_query function| rcube_webmail object| jstz object| rcmail object| UI0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
service-providers-of-communications2-v53.eu
www.tnt.com
104.111.235.174
13.115.53.123
062a58cadef7626875dea1278e5c5cd9d2645d504855ac0f7067d0a08f71fb56
2c149834a46d58db3ffa710c40cc882c7ac953e6eb86d9da737ea9b72b51af81
4274e99a2688df8b39ece1eec00fc62bb6bc97d2a4a333c8ed63ed2a0b18fbf8
4e1b1532559ec511cca73f32ae51df3303fba2e383dfd244ecf373193e18aa2b
5722c210dd5719dd9ea8acc797d19923275f0961fdb6a278c30c0db14f19c5ac
5f8088534e5268595c43139b8d42b006027c8575bd4d0a11226b7dd9bc7385df
64b0116e455a72defed4d8687389809588bbfc5a986dd66b319b50c5c55fc091
744254c4e60b2a279c9f96f34517c9d66564ff08d6e60421a8b4e084ae8b1e93
82c27281c95e0ae6af6929e73fbe96f5b435e5c534f05afb9860cbb7d2c2c427
8939925e6817263244cf4fba7d0767820cd49d48c20f047047c4734e94fef904
8a77772c5b9570e44cb86c6473cf30a7fbb10a711fa438f3d87fd22396bb9fb7
aa75366a3251b7b5b11d12fb7c475ac6cae0393a78910457df4a502581fb7434