6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app
Open in
urlscan Pro
2a05:d014:275:cb00::c8
Malicious Activity!
Public Scan
Submission: On June 02 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on December 21st 2022. Valid for: a year.
This is the only time 6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Swiss Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 2a05:d014:275... 2a05:d014:275:cb00::c8 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 143.204.207.250 143.204.207.250 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2606:4700:1::... 2606:4700:1::6813:844e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 35.190.43.134 35.190.43.134 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
30 | 6 |
ASN16509 (AMAZON-02, US)
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net
sc-static.net |
ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
netlify.app
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app |
645 KB |
5 |
snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 845 |
1 KB |
3 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 101 |
270 B |
3 |
mgid.com
a.mgid.com — Cisco Umbrella Rank: 21975 |
6 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165 |
111 KB |
1 |
sc-static.net
sc-static.net — Cisco Umbrella Rank: 1047 |
15 KB |
30 | 6 |
Domain | Requested by | |
---|---|---|
16 | 6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app |
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app
|
5 | tr.snapchat.com |
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app
|
3 | www.facebook.com |
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app
|
3 | a.mgid.com |
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app
|
2 | connect.facebook.net |
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app
|
1 | sc-static.net |
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app
|
30 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
track.em-trkcd.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.netlify.app DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-12-21 - 2024-01-21 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-03-11 - 2023-06-09 |
3 months | crt.sh |
sc-static.net Amazon RSA 2048 M02 |
2023-01-20 - 2024-02-18 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-11 - 2024-04-10 |
a year | crt.sh |
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-04-13 - 2024-04-12 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/
Frame ID: B0CC2BE90A53364BC72F0C18507401C9
Requests: 27 HTTP requests in this frame
Frame:
https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
Frame ID: 7CF5EBAF4FAAD647D08D108699DC2A58
Requests: 1 HTTP requests in this frame
Frame:
https://tr.snapchat.com/p
Frame ID: 671E8A415E5729AD2DE477183C092A1D
Requests: 1 HTTP requests in this frame
Frame:
https://tr.snapchat.com/p
Frame ID: B423C57728FD2BA2861BFF4D447AC674
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
(1) Die Schweizerische PostDetected technologies
animate.css (Web Frameworks) ExpandDetected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Netlify (Web Servers) Expand
Detected patterns
- ^https?://[^/]+\.netlify\.(?:com|app)/
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Einreichen Sie Ihre Lieferadresse ein
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/ |
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
57 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mgsensor.js
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scevent.js
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
399694290689525.js
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
288 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
100 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v9e118mez8
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
7 KB 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbcode1.js
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
2 KB 866 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
post-logo-1.png
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
post.svg
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
package.png
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
496 KB 497 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.png
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
product.png
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/media/ |
13 KB 976 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
106 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scevent.min.js
sc-static.net/ |
33 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mgsensor.js
a.mgid.com/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1x1.gif
a.mgid.com/ |
43 B 384 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init
tr.snapchat.com/ |
126 B 446 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
is_enabled
tr.snapchat.com/collector/ |
79 B 165 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
tr.snapchat.com/cm/ Frame 7CF5 |
0 201 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr.snapchat.com/ Frame 671E |
68 B 281 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr.snapchat.com/ Frame B423 |
68 B 374 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
399694290689525
connect.facebook.net/signals/config/ |
288 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 31 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1x1.gif
a.mgid.com/ |
43 B 95 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 54 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Swiss Post (Transportation)35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| fbq function| _fbq function| snaptr object| r object| MgSensorData object| MgSensor function| MgSensorInvoke function| MgSensorInvoke0 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgr object| _mghl object| snaptrContext boolean| triedToSendCookieToNative object| WebJSBridge8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sc-static.net/scevent.min.js | Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e |
|
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/ | Name: MgidSensorNVis Value: 1 |
|
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/ | Name: MgidSensorHref Value: https://6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/ |
|
.6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/ | Name: _scid Value: d4e235b2-4740-4fe2-b5f4-ae41244571c4 |
|
.6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/ | Name: _fbp Value: fb.2.1685671148986.1984026529 |
|
.6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app/ | Name: _scid_r Value: d4e235b2-4740-4fe2-b5f4-ae41244571c4 |
|
.snapchat.com/ | Name: sc_at Value: v2|H4sIAAAAAAAAAA3GyQ3AMAgEwIqQjLPLUU6MTBUUn8xr0PsW8hWPSgEZErr+7fbT+ZCoGbWguSpy1gdTju/+MgAAAA== |
|
.mgid.com/ | Name: __cf_bm Value: 1IfPCySSQ2mXUzqiJlrfQOCWzK6_cn6rCv1AdXUcL2Y-1685671149-0-AWDaM7J2PwQy6qubHbWHDG0KHJoO4w7Rn2Wla5jaS9xUu1Xxhs72+LQxke+zcx9BQMcyHjq+arpLH9JNGm6VLAk= |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
6477da8a921f4510ad9e719a--lustrous-truffle-3d93fc.netlify.app
a.mgid.com
connect.facebook.net
sc-static.net
tr.snapchat.com
www.facebook.com
143.204.207.250
2606:4700:1::6813:844e
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d014:275:cb00::c8
35.190.43.134
0316423dfbe95b9c081bde528edbc17cdc8c1c565f701fa9fa5e7dd59780282f
1667b13d21e9bcd8acdca05e96ab8e904a87137192da66c29c04ba65210e588a
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3b19eeb21d7fbd9b8b260e57c2d9198f83732339a9e3cbd5d2264f77e722df26
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
4a08c761769c3a3c7543a9a9159c6cb6045e7b5d4c641b2e4e4c124b57e11b2f
4c055e6d0d9ba2b8f1be4719110e92c1b9499ed0759f0d1c48fccd16a7b31dcf
4cf42b49cf7e1856000a6383e59b587c108f4bac7ae5da57916cf835788cbd56
6754cecbb1ee2d4c965ee52e5f456f6cc258b124b93e5ce046f0e99edd35fa10
704d84bb9b6b9ae3ae19d749a6bd0abb9ba6fd1e1750a4347113788000f7dfa8
7a5655aa2dc7b5663c2cfb1913aa32876db5e6c8feedf26b0f1a01f9028f49c6
9e6065eb4a7a83e47a1b8db3acc1596c8ba8d8a3a9b6e6f7bf04f2b1e6856bba
9fe8a8e2261e527d5b294b5cd8781b93cecf8223e22ba45630345578599cf308
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff
b1d8e73aeaca62e519b792ade3c0400821a86647bb75095a1367ae0301af807d
b3f2d797aa29b93b8919af68290b7399ebcb02dc93ddf8aa9f57b4ad1df8500e
d04d8a6e353001c207904cfbe2009eb6e95e51cf74a6d28a4b6af0868adb2e5b
d4d2c5c9d0208261f7c2b111958538a938334cef0081ecc6660fc28a9cae2c33
dcc6b633543bcc378409b05b180dd30d3d8104624c0948612f7ea501b103fe25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea49ba22b8f0ba550cc5bd5e8228454aa10b1a697917a5d548904e7aee8aac47
f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a
fc85702baca03c9e5cea9b68ee081a4fcb99d8ab9c028772dc69e908208128f7