![](/screenshots/77696a05-944b-4dc4-8c0e-6b601008e2a2.png)
shadoov193.beget.tech
Open in
urlscan Pro
5.101.152.222
Malicious Activity!
Public Scan
Submission: On April 24 via manual from CH
Summary
This is the only time shadoov193.beget.tech was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Swiss Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 5.101.152.222 5.101.152.222 | 198610 (BEGET-AS) (BEGET-AS) | |
4 | 2a00:17c8:0:1... 2a00:17c8:0:103::20a | 12511 (CH-POSTNE...) (CH-POSTNETZ Post CH AG) | |
1 | 194.41.189.111 194.41.189.111 | 12511 (CH-POSTNE...) (CH-POSTNETZ Post CH AG) | |
17 | 3 |
ASN198610 (BEGET-AS, RU)
PTR: m2.talon.beget.com
shadoov193.beget.tech |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
beget.tech
shadoov193.beget.tech |
229 KB |
5 |
post.ch
www.post.ch n.account.post.ch |
252 KB |
17 | 2 |
Domain | Requested by | |
---|---|---|
12 | shadoov193.beget.tech |
shadoov193.beget.tech
|
4 | www.post.ch |
shadoov193.beget.tech
|
1 | n.account.post.ch |
shadoov193.beget.tech
|
17 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
account.post.ch |
www.post.ch |
www.facebook.com |
twitter.com |
www.instagram.com |
www.youtube.com |
www.linkedin.com |
www.xing.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.post.ch SwissSign Server Gold CA 2014 - G22 |
2018-03-28 - 2020-03-28 |
2 years | crt.sh |
n.account.post.ch SwissSign Server Gold CA 2014 - G22 |
2017-10-26 - 2020-10-26 |
3 years | crt.sh |
This page contains 2 frames:
Primary Page:
http://shadoov193.beget.tech/pst_ch/poste_ch/post/
Frame ID: 709B2D9DBD81BC6208C663448F4902AD
Requests: 16 HTTP requests in this frame
Frame:
http://shadoov193.beget.tech/pst_ch/poste_ch/post/Files/saved_resource.html
Frame ID: FE4AD9B2C7CF0BC44BC2DD5942CD385B
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/77696a05-944b-4dc4-8c0e-6b601008e2a2.png)
Detected technologies
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Detected patterns
- env /^Modernizr$/i
Detected patterns
- env /^jQuery$/i
Page Statistics
62 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Startseite
Search URL Search Domain Scan URL
Title: Navigation
Search URL Search Domain Scan URL
Title: Inhalt
Search URL Search Domain Scan URL
Title: Kontakt
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Suche
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Fr
Search URL Search Domain Scan URL
Title: It
Search URL Search Domain Scan URL
Title: En
Search URL Search Domain Scan URL
Title: Die Post - zur Startseite
Search URL Search Domain Scan URL
Title: Privat
Search URL Search Domain Scan URL
Title: Geschäftlich
Search URL Search Domain Scan URL
Title: Über uns
Search URL Search Domain Scan URL
Title: Kundencenter Aktiver Menüpunkt
Search URL Search Domain Scan URL
Title: Medien
Search URL Search Domain Scan URL
Title: Kontakt und Hilfe
Search URL Search Domain Scan URL
Title: Jobs und Karriere
Search URL Search Domain Scan URL
Title: Kundencenter
Search URL Search Domain Scan URL
Title: Einstellungen
Search URL Search Domain Scan URL
Title: Benutzerprofil
Search URL Search Domain Scan URL
Title: Alle Onlinedienste
Search URL Search Domain Scan URL
Title: Info
Search URL Search Domain Scan URL
Title: Kontakt
Search URL Search Domain Scan URL
Title: Passwort vergessen?
Search URL Search Domain Scan URL
Title: Neu registrieren
Search URL Search Domain Scan URL
Title: Mit SuisseID einloggen
Search URL Search Domain Scan URL
Title: Weitere Informationen
Search URL Search Domain Scan URL
Title: Abbrechen
Search URL Search Domain Scan URL
Title: Neu registrieren
Search URL Search Domain Scan URL
Title: Versenden
Search URL Search Domain Scan URL
Title: Empfangen
Search URL Search Domain Scan URL
Title: Alles rund ums Geld
Search URL Search Domain Scan URL
Title: Einkaufen
Search URL Search Domain Scan URL
Title: Briefmarken entdecken
Search URL Search Domain Scan URL
Title: Themen A-Z
Search URL Search Domain Scan URL
Title: Versenden und transportieren
Search URL Search Domain Scan URL
Title: Empfangen
Search URL Search Domain Scan URL
Title: Material bestellen
Search URL Search Domain Scan URL
Title: Werben
Search URL Search Domain Scan URL
Title: Prozesse optimieren
Search URL Search Domain Scan URL
Title: Lagern
Search URL Search Domain Scan URL
Title: Alles rund ums Geld
Search URL Search Domain Scan URL
Title: Themen A-Z
Search URL Search Domain Scan URL
Title: Aktuell
Search URL Search Domain Scan URL
Title: Unternehmen
Search URL Search Domain Scan URL
Title: Themen
Search URL Search Domain Scan URL
Title: Wissenswertes Post
Search URL Search Domain Scan URL
Title: Themen A-Z
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Youtube
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Xing
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Barrierefreiheit
Search URL Search Domain Scan URL
Title: Allgemeine Geschäftsbedingungen
Search URL Search Domain Scan URL
Title: Datenschutz und Rechtliches
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
shadoov193.beget.tech/pst_ch/poste_ch/post/ |
34 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
staticasset.css
shadoov193.beget.tech/pst_ch/poste_ch/post/Files/ |
307 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
staticasset2.css
shadoov193.beget.tech/pst_ch/poste_ch/post/Files/ |
354 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logrend.css
shadoov193.beget.tech/pst_ch/poste_ch/post/Files/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
staticasset3.js
shadoov193.beget.tech/pst_ch/poste_ch/post/Files/ |
11 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
post-logo-svg.svg
shadoov193.beget.tech/pst_ch/poste_ch/post/Files/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.0.min.js
shadoov193.beget.tech/pst_ch/poste_ch/post/Files/ |
95 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header.js
shadoov193.beget.tech/pst_ch/poste_ch/post/Files/ |
425 KB 106 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate-1.12.0.min.js
shadoov193.beget.tech/pst_ch/poste_ch/post/Files/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
klp.js.t%C3%A9l%C3%A9chargement
shadoov193.beget.tech/pst_ch/poste_ch/post/Files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource.html
shadoov193.beget.tech/pst_ch/poste_ch/post/Files/ Frame FE4A |
149 B 466 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff
www.post.ch/assets/fonts/ |
37 KB 38 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2a004a53-ac5c-43b3-9eeb-9f74ae4c1609.woff
www.post.ch/assets/fonts/ |
50 KB 51 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Posticon-Regular.woff
www.post.ch/assets/portal/latest/fonts/ |
118 KB 118 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff
www.post.ch/assets/fonts/ |
44 KB 45 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
subscribe
n.account.post.ch/v1/session/ |
0 234 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
klp.js.t%C3%A9l%C3%A9chargement
shadoov193.beget.tech/pst_ch/poste_ch/post/Files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Swiss Post (Transportation)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| Unic object| html5 object| Modernizr function| yepnope object| digitalData undefined| $ function| jQuery object| POSTWEPP object| ODTracker function| jqueryUnic function| underscoreUnic object| vertx undefined| _ function| purl function| Spinner function| EventEmitter object| eventie function| imagesLoaded boolean| mCustomScrollbar object| jQuery11100655293261236277 function| SockJS function| klpWidget object| mejsL10n object| picturefillCFG function| picturefill string| guiName object| MESSAGES string| layoutType string| preventMaximize0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
n.account.post.ch
shadoov193.beget.tech
www.post.ch
194.41.189.111
2a00:17c8:0:103::20a
5.101.152.222
0001fc565d8fb204bb7dca08752c0c1a74dbf3c1343f3b4a7f7e11bedd357ea8
291cb4d4ba35092b9b8bd849c7156784c4d15c7b6857da97fa41ae0b80e972b9
3e16b88bdcf1ff93d83662971c6bb9eb0de1a04faa2c5417fef45026533a9e98
41502fc0e0b8d11a5a754246b313443ee1bcdad44d1bbf9e31b56c88ae2a1a16
80d9df6a033c91c176960af80250168863680188e01dbdca5b7c53256e5ad769
90eef62309f1075051c036be5e9d93559adbb238894efa4d4659f48c16b01027
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
99caecb8475a08fc86c812cf804ddc904f6e6d3fd1591848a09f2413952f2a97
a045581394eda1ec21b70786a1576ae53ae6f0ab0e8af3544a2bea615a60b39b
c2ce987ece376ce9d2c22ee88624f3eedaec723ca0bbfd8fb218827aebb863b4
dcd08e65d91e9b8ef99c05079e26a70223dc6e297e3ba80764dd8580ef02401d
dceea27395ed1b2ab536cc460a7b398429d88232a11cea81458db125457a2b1c
e28c396108c83c9c0224a81f76ea11836d6efcfd60a37682334b5cb010b29412
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa4f0aed1d0ec5764d186315819d7d80651bf620bc6378a9745701ad501a4984