transfer-pakete-schweiz.com
Open in
urlscan Pro
172.67.137.194
Malicious Activity!
Public Scan
Effective URL: https://transfer-pakete-schweiz.com/login/dpdch/
Submission: On April 08 via api from HU — Scanned from CH
Summary
TLS certificate: Issued by GTS CA 1P5 on April 8th 2024. Valid for: 3 months.
This is the only time transfer-pakete-schweiz.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DPD (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 138.118.166.201 138.118.166.201 | 52799 (ADENTRO D...) (ADENTRO DATA CENTER SOLUTIONS LTDA) | |
3 22 | 172.67.137.194 172.67.137.194 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.250.186.170 142.250.186.170 | 15169 (GOOGLE) (GOOGLE) | |
1 | 194.41.184.182 194.41.184.182 | 12511 (CH-POSTNE...) (CH-POSTNETZ Post CH AG) | |
21 | 3 |
ASN52799 (ADENTRO DATA CENTER SOLUTIONS LTDA, BR)
PTR: camponovo.adentro.com.br
cfcnunes.com.br |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
fonts.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
transfer-pakete-schweiz.com
3 redirects
transfer-pakete-schweiz.com |
398 KB |
1 |
post.ch
account.post.ch — Cisco Umbrella Rank: 877083 |
3 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38 |
1012 B |
1 |
cfcnunes.com.br
1 redirects
cfcnunes.com.br |
277 B |
21 | 4 |
Domain | Requested by | |
---|---|---|
22 | transfer-pakete-schweiz.com |
3 redirects
transfer-pakete-schweiz.com
|
1 | account.post.ch |
transfer-pakete-schweiz.com
|
1 | fonts.googleapis.com |
transfer-pakete-schweiz.com
|
1 | cfcnunes.com.br | 1 redirects |
21 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
transfer-pakete-schweiz.com GTS CA 1P5 |
2024-04-08 - 2024-07-07 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
account.post.ch SwissSign RSA TLS OV ICA 2022 - 1 |
2024-03-04 - 2025-03-04 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://transfer-pakete-schweiz.com/login/dpdch/
Frame ID: 2A3593518538E1654B7F58E59AA0ADB0
Requests: 19 HTTP requests in this frame
Frame:
https://transfer-pakete-schweiz.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: 6B5D75E1B38B3DB3805ABE1789064F3A
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Zahlung bestätigen - Schweizerische DPDPage URL History Show full URLs
-
https://cfcnunes.com.br/gr/
HTTP 302
https://transfer-pakete-schweiz.com/login/ Page URL
-
https://transfer-pakete-schweiz.com/login/
HTTP 302
https://transfer-pakete-schweiz.com/login/dpdch HTTP 301
http://transfer-pakete-schweiz.com/login/dpdch/ HTTP 307
https://transfer-pakete-schweiz.com/login/dpdch/ Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://cfcnunes.com.br/gr/
HTTP 302
https://transfer-pakete-schweiz.com/login/ Page URL
-
https://transfer-pakete-schweiz.com/login/
HTTP 302
https://transfer-pakete-schweiz.com/login/dpdch HTTP 301
http://transfer-pakete-schweiz.com/login/dpdch/ HTTP 307
https://transfer-pakete-schweiz.com/login/dpdch/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://cfcnunes.com.br/gr/ HTTP 302
- https://transfer-pakete-schweiz.com/login/
- https://transfer-pakete-schweiz.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://transfer-pakete-schweiz.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
transfer-pakete-schweiz.com/login/ Redirect Chain
|
19 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
transfer-pakete-schweiz.com/login/ |
0 612 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
transfer-pakete-schweiz.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 6B5D Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
transfer-pakete-schweiz.com/ |
548 B 517 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
87129db0fd8a9e66
transfer-pakete-schweiz.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6B5D |
0 513 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
transfer-pakete-schweiz.com/login/dpdch/ Redirect Chain
|
18 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
post.css
transfer-pakete-schweiz.com/login/dpdch/login/resources/nevislogrend/applications/def/webdata/css/ |
752 KB 131 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logrend.css
transfer-pakete-schweiz.com/login/dpdch/login/resources/nevislogrend/applications/def/webdata/css/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
transfer-pakete-schweiz.com/login/dpdch/fonts/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cleave.min.js
transfer-pakete-schweiz.com/login/dpdch/etc/ |
32 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
13 KB 1012 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DPDG_logo_redgrad_rgb_responsive.svg
transfer-pakete-schweiz.com/login/dpdch/img/ |
4 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sesam-buttons.css
transfer-pakete-schweiz.com/login/dpdch/login/resources/nevislogrend/applications/def/webdata/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-statics-cache-filter.css
transfer-pakete-schweiz.com/login/dpdch/login/resources/nevislogrend/applications/def/webdata/css/ |
60 B 359 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18138_2_1527064174.png
transfer-pakete-schweiz.com/login/dpdch/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow.svg
account.post.ch/login/resources/nevislogrend/applications/def/webdata/img/ |
187 B 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frutiger55roman.woff
transfer-pakete-schweiz.com/login/dpdch/login/resources/nevislogrend/applications/def/webdata/css/ |
44 KB 45 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frutiger65bold.woff
transfer-pakete-schweiz.com/login/dpdch/login/resources/nevislogrend/applications/def/webdata/css/ |
37 KB 38 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frutiger45light.woff
transfer-pakete-schweiz.com/login/dpdch/login/resources/nevislogrend/applications/def/webdata/css/ |
50 KB 51 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
transfer-pakete-schweiz.com/login/dpdch/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18138_2_1527064174.png
transfer-pakete-schweiz.com/login/dpdch/img/ |
2 KB 3 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DPD (Transportation)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| Cleave function| isInputNumber string| guiName object| MESSAGES string| layoutType string| preventMaximize function| getGlobalHostError function| getGlobalHostMsg object| POPUP_TEXT10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
transfer-pakete-schweiz.com/ | Name: lyZfZIJIeCJ99YOM44hC5jqrnx0 Value: 9ta8H1ygmxj7DmTRKTk3RQz1Qs8 |
|
transfer-pakete-schweiz.com/ | Name: VzgYKMi5rM-LsddbxsUud9p1feY Value: 1712583062 |
|
transfer-pakete-schweiz.com/ | Name: o6KQMf641X8pcEjrePLuxnxVLoc Value: 1712669462 |
|
transfer-pakete-schweiz.com/ | Name: _kkX1FY09Kn66S5odjwo-jq_8Bc Value: V_IB1UH5slGQjbCxu3AHjLCfLL0 |
|
transfer-pakete-schweiz.com/ | Name: HBwiCMjtPTZHXZ9PFlWwj8XFPto Value: X44R4WI9ynaMj2jUIjlRNbh75Zo |
|
transfer-pakete-schweiz.com/ | Name: 6hcxENcujxk5vMjxeKrF0mJDg5A Value: 1712583068 |
|
transfer-pakete-schweiz.com/ | Name: e7M7WE9azDWBPsFcr1XiPspYS6c Value: 1712669468 |
|
transfer-pakete-schweiz.com/ | Name: 90k5cOLaE-MGJRwpnkfAFw0013U Value: ecLH8Lt1hlhFoRECBKivi7cOfc0 |
|
.transfer-pakete-schweiz.com/ | Name: cf_clearance Value: HteSqf0PPkPsOxzoZHp5qGUPE2iUpXXvvoQ3iDDD_Dw-1712583069-1.0.1.1-oY.XoQ6fxKihyZw8uEgfwg30lit0_oSHmLToPtKyjrWE85g4vmyQh6pdEx7FFFghxMGBD2ZfYiJ4fb61nIqkLg |
|
transfer-pakete-schweiz.com/ | Name: PHPSESSID Value: ddf5de77127380307a4441c7b183e3c5 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
account.post.ch
cfcnunes.com.br
fonts.googleapis.com
transfer-pakete-schweiz.com
138.118.166.201
142.250.186.170
172.67.137.194
194.41.184.182
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
291cb4d4ba35092b9b8bd849c7156784c4d15c7b6857da97fa41ae0b80e972b9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
61310e10b0cedcfbb60654fcb113828e3609052112fa443a01bd55b1c072b70a
6e87c81e834a4c58963ebf9257a5fb2789b87db506167a3b05b8c36e5dcbc560
75a7aaa95ae9fd6c2a0f256528d1700364ca7d52e47e8f56f4990e2f20d298bd
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
86e6333345575e50c4deb7c8a00ecb622a87984ed60d2021c24813f93a82f575
8d6780e5ccaa62481356b208f74406e1f17252b723a7c4d362cc466b3d82c3ba
9efcaff49b17bf7262371abd52ad37c3f5759e331db2116b364fcda40cfceac4
a4461ff41155bb709242d2a9df5d1fe2c285337436bc62931e51aaa67ff6b83a
bf3d35d5cb9529e6a751dd854a9916e390be29855f04209c316a9ae8b2ceadb9
c1ff2532853664ecbc145f4dbc95fae8291a3ec722dbb0586b5a248790d9a52f
c774620028f108842050fdfb5a94b095250190ee0b9788fcf9b80e64006786fa
ccaf08ea0795e029b4dadf5adeebcd2586489b3e1bbcb91763327ce6fa14b6ae
dce6086758e5c3ad6d2e66f50c9bbd6ab47a9b76b91f2e4054cd70a940240649
dceea27395ed1b2ab536cc460a7b398429d88232a11cea81458db125457a2b1c
fa4f0aed1d0ec5764d186315819d7d80651bf620bc6378a9745701ad501a4984