thebridgeonline.net Open in urlscan Pro
45.60.98.252 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://privadaes.page.link/tnrV
Effective URL:
https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php
Submission Tags: 7497695
Submission: On April 25 via api (April 25th 2022, 8:12:22 am UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 45.60.98.252, located in United States and belongs to INCAPSULA, US. The main domain is thebridgeonline.net.
TLS certificate: Issued by R3 on March 10th 2022. Valid for: 3 months.

This is the only time thebridgeonline.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Swiss Post (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:82f::200e		15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3034::ac43:bc7d		13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 21	45.60.98.252 45.60.98.252		19551 (INCAPSULA) (INCAPSULA)
18	2

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

privadaes.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:bc7d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kutt.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 45.60.98.252 (United States) 4 redirects

ASN19551 (INCAPSULA, US)

thebridgeonline.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	thebridgeonline.net 4 redirects thebridgeonline.net	747 KB
1	kutt.it 1 redirects kutt.it — Cisco Umbrella Rank: 949167	995 B
1	page.link 1 redirects privadaes.page.link	1 KB
18	3

	Domain	Requested by
21	thebridgeonline.net	4 redirects thebridgeonline.net
1	kutt.it	1 redirects
1	privadaes.page.link	1 redirects
18	3

This site contains no links.

Subject Issuer	Validity	Valid
autodiscover.thebridgeonline.net R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php
Frame ID: 2B374A02BC78739600EE4477B6E7E322
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Schweizer Post

Page URL History Show full URLs

https://privadaes.page.link/tnrV HTTP 302
https://kutt.it/SwSwS HTTP 302
https://thebridgeonline.net/div/cd/SW Page URL
https://thebridgeonline.net/div/cd/SW HTTP 301
https://thebridgeonline.net/div/cd/SW/ HTTP 302
https://thebridgeonline.net/div/cd/SW/06ab8e7b16 HTTP 301
https://thebridgeonline.net/div/cd/SW/06ab8e7b16/ HTTP 302
https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

747 kB
Transfer

1839 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://privadaes.page.link/tnrV HTTP 302
https://kutt.it/SwSwS HTTP 302
https://thebridgeonline.net/div/cd/SW Page URL
https://thebridgeonline.net/div/cd/SW HTTP 301
https://thebridgeonline.net/div/cd/SW/ HTTP 302
https://thebridgeonline.net/div/cd/SW/06ab8e7b16 HTTP 301
https://thebridgeonline.net/div/cd/SW/06ab8e7b16/ HTTP 302
https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://privadaes.page.link/tnrV HTTP 302
https://kutt.it/SwSwS HTTP 302
https://thebridgeonline.net/div/cd/SW

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	SW Show response thebridgeonline.net/div/cd/ Redirect Chain https://privadaes.page.link/tnrV https://kutt.it/SwSwS https://thebridgeonline.net/div/cd/SW	212 B 558 B	793ms 144ms	Document text/html	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://thebridgeonline.net/div/cd/SW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store content-length 212 content-type text/html x-iinfo 5-18422176-0 0NNN RT(1650874331856 301) q(0 -1 -1 0) r(0 -1) B10(4,314,0) U18 Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 70159cb94c740f52-MXP content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests default-src 'self' http: https: data: blob: 'unsafe-inline' content-type text/html; charset=utf-8 date Mon, 25 Apr 2022 08:12:12 GMT expect-ct max-age=0 location https://thebridgeonline.net/div/cd/SW nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer no-referrer-when-downgrade report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYBgssrBFiaNTs%2B5Z%2FBfzAS3o7sdiJcqtqrhPVMz1T759H3Tcy4gVEpwrp3QULJRUSn6xb67JWZIw8T99MSowai3VQt24LBmPucKS5r3Wjs9rU480hABn6X7vPtS04mGux0dTYRZ"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains; preload vary Accept x-content-type-options nosniff nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN SAMEORIGIN x-permitted-cross-domain-policies none x-xss-protection 0 1; mode=block
GET H2	200	_Incapsula_Resource Show response thebridgeonline.net/	178 KB 25 KB	154ms 153ms	Script application/javascript	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://thebridgeonline.net/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3 Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `1fd263666f9c27c0423883f8fe48742f630671f51098e805ae5b6ecb58f062ea` Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers content-encoding gzip cache-control no-cache, no-store x-robots-tag noindex content-length 26024 content-type application/javascript
GET H2	200	_Incapsula_Resource thebridgeonline.net/	29 B 56 B	144ms 144ms	XHR application/javascript	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://thebridgeonline.net/_Incapsula_Resource?SWHANEDL=3810996440696144371,16508609442032722666,16817612355891659941,92067 Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers cache-control no-cache, no-store x-robots-tag noindex content-length 29 content-type application/javascript
GET H2	200	Primary Request cc.php Show response thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/ Redirect Chain https://thebridgeonline.net/div/cd/SW https://thebridgeonline.net/div/cd/SW/ https://thebridgeonline.net/div/cd/SW/06ab8e7b16 https://thebridgeonline.net/div/cd/SW/06ab8e7b16/ https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php	5 KB 1 KB	248ms 248ms	Document text/html	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software nginx/1.19.10 / Resource Hash `591c42db4310fef210dcfb958d4d0d7d23684f536e9b3b8e02a37e424260d1db` Request headers Referer https://thebridgeonline.net/div/cd/SW Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 1197 content-type text/html; charset=UTF-8 date Mon, 25 Apr 2022 08:12:15 GMT expires Thu, 19 Nov 1981 08:52:00 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== pragma no-cache server nginx/1.19.10 vary Accept-Encoding x-cdn Imperva x-iinfo 5-18422176-18422451 PNNN RT(1650874331856 2773) q(0 0 0 -1) r(1 1) U12 x-server-cache false Redirect headers content-length 0 content-type text/html; charset=UTF-8 date Mon, 25 Apr 2022 08:12:15 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== location z0n51/cc.php server nginx/1.19.10 x-cdn Imperva x-iinfo 5-18422176-18422451 PNNN RT(1650874331856 2419) q(0 0 0 -1) r(2 2) U11 x-server-cache false
GET H2	200	_Incapsula_Resource thebridgeonline.net/	1 B 35 B	144ms 143ms	Image text/plain	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://thebridgeonline.net/_Incapsula_Resource?SWKMTFSR=1&e=0.29811371606193626 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers cache-control no-cache, no-store x-robots-tag noindex content-length 1 content-type text/plain
GET		_Incapsula_Resource thebridgeonline.net/	0 0

GET H2	200	bootstrap.min.css thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/css/	152 KB 35 KB	500ms 500ms	Stylesheet text/css	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/css/bootstrap.min.css Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash `60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36` Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 08:12:15 GMT content-encoding gzip last-modified Mon, 25 Apr 2022 08:12:14 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type text/css x-iinfo 5-18422176-18420272 2NNN RT(1650874331856 3035) q(0 0 0 -1) r(3 3) U18 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== x-cdn Imperva
GET H2	200	helpers.css thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/css/	41 KB 5 KB	355ms 355ms	Stylesheet text/css	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/css/helpers.css Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash `f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765` Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 08:12:15 GMT content-encoding gzip last-modified Mon, 25 Apr 2022 08:12:14 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type text/css x-iinfo 5-18422176-18410529 2NNN RT(1650874331856 3037) q(0 0 0 -1) r(3 3) U18 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 5411 x-cdn Imperva
GET H2	200	fonts.css thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/css/	4 KB 544 B	359ms 359ms	Stylesheet text/css	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/css/fonts.css Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash `213e1c07e15eea7f20b56e8dab08ce45429188b20c55cd91d45c84cdda5c0635` Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 08:12:15 GMT content-encoding gzip last-modified Mon, 25 Apr 2022 08:12:14 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type text/css x-iinfo 5-18422176-18387077 2NNN RT(1650874331856 3038) q(0 0 0 -1) r(3 3) U18 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 453 x-cdn Imperva
GET H2	200	main.css thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/css/	6 KB 2 KB	355ms 355ms	Stylesheet text/css	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/css/main.css Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash `71bfb5ed11bf84da5e21d7997d31ded591a6eb0f43a2478074e63b37c094d7be` Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 08:12:15 GMT content-encoding gzip last-modified Mon, 25 Apr 2022 08:12:14 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type text/css x-iinfo 5-18422176-18385955 2NNN RT(1650874331856 3039) q(0 0 0 -1) r(3 3) U18 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 1855 x-cdn Imperva
GET H2	200	img2.jpg thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/images/	151 KB 153 KB	785ms 784ms	Image image/jpeg	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/images/img2.jpg Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash `c0fd87cbe1718e7a2140b62a61aab06780d561b17113e32d8d4e9bf434da3d30` Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 08:12:16 GMT last-modified Mon, 25 Apr 2022 08:12:14 GMT server Apache accept-ranges bytes content-type image/jpeg x-iinfo 5-18422176-18387077 2NNN RT(1650874331856 3169) q(0 2 2 -1) r(3 3) U18 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 155122 x-cdn Imperva
GET H2	200	logo.png thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/images/	7 KB 7 KB	785ms 784ms	Image image/png	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/images/logo.png Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash `6c29076d08b81084605997ae36ffe8df41fcef907b33c77e9b7626efd3724910` Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 08:12:16 GMT last-modified Mon, 25 Apr 2022 08:12:14 GMT server Apache accept-ranges bytes content-type image/png x-iinfo 5-18422176-18387079 2NNN RT(1650874331856 3170) q(0 2 2 -1) r(3 3) U18 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 7393 x-cdn Imperva
GET H2	200	jquery.min.js Show response thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/js/	86 KB 38 KB	369ms 368ms	Script application/javascript	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/js/jquery.min.js Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash `2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a` Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 08:12:15 GMT content-encoding gzip last-modified Mon, 25 Apr 2022 08:12:14 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript x-iinfo 5-18422176-18418464 2NNN RT(1650874331856 3039) q(0 0 0 -1) r(3 3) U18 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== x-cdn Imperva
GET H2	200	popper.min.js Show response thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/js/	20 KB 9 KB	370ms 368ms	Script application/javascript	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/js/popper.min.js Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash `315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58` Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 08:12:15 GMT content-encoding gzip last-modified Mon, 25 Apr 2022 08:12:14 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript x-iinfo 5-18422176-18389708 2NNN RT(1650874331856 3041) q(0 0 0 -1) r(3 3) U18 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 8611 x-cdn Imperva
GET H2	200	bootstrap.min.js Show response thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/js/	133 KB 41 KB	512ms 511ms	Script application/javascript	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/js/bootstrap.min.js Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash `2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700` Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 08:12:15 GMT content-encoding gzip last-modified Mon, 25 Apr 2022 08:12:14 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript x-iinfo 5-18422176-18385955 2NNN RT(1650874331856 3042) q(0 3 3 -1) r(3 3) U18 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== x-cdn Imperva
GET H2	200	fontawesome.min.js Show response thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/js/	1 MB 423 KB	513ms 511ms	Script application/javascript	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/js/fontawesome.min.js Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash `21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e` Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 08:12:15 GMT content-encoding gzip last-modified Mon, 25 Apr 2022 08:12:14 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript x-iinfo 5-18422176-18410529 2NNN RT(1650874331856 3043) q(0 3 3 -1) r(3 3) U18 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== x-cdn Imperva
GET H2	200	jquery.payment.js Show response thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/js/	18 KB 5 KB	642ms 641ms	Script application/javascript	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/js/jquery.payment.js Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash `d7399d77beb8b8da046b06a4e106e28ac095ec09882a6cf6e04d52735396a1b6` Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 08:12:15 GMT content-encoding gzip last-modified Mon, 25 Apr 2022 08:12:14 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript x-iinfo 5-18422176-18387077 2NNN RT(1650874331856 3045) q(0 2 2 -1) r(2 2) U18 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 4851 x-cdn Imperva
GET H2	200	main.js Show response thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/js/	2 KB 775 B	786ms 785ms	Script application/javascript	45.60.98.252 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://thebridgeonline.net/div/cd/SW/06ab8e7b16/assets/js/main.js Requested by Host: thebridgeonline.net URL: https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.98.252 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash `8de47e339b24ca8b2e847918578e2051b2e6b94f0c9956b056a48481ace3cafe` Request headers accept-language de-DE,de;q=0.9 Referer https://thebridgeonline.net/div/cd/SW/06ab8e7b16/z0n51/cc.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 08:12:16 GMT content-encoding gzip last-modified Mon, 25 Apr 2022 08:12:14 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript x-iinfo 5-18422176-18410527 2NNN RT(1650874331856 3167) q(0 1 1 -1) r(2 3) U18 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 685 x-cdn Imperva

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: thebridgeonline.net
URL: https://thebridgeonline.net/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A10%2Cc%3A160%2Cr%3A2054)

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swiss Post (Transportation)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| Popper object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome boolean| isShift string| seperator string| dash function| cc_date function| date_of_birth

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.thebridgeonline.net/	1970-01-20 11:20:05	Name: visid_incap_2709185 Value: TRqimNDAS/qd0Sba6KdJSdxXZmIAAAAAQUIPAAAAAABuwE+m59CRXgExAlH1A0ot
			.thebridgeonline.net/	1969-12-31 23:59:59	Name: incap_ses_676_2709185 Value: 7DOFZdH6OxIjrzXAEqNhCdxXZmIAAAAAuK2DmUGPnRS6/MaRk9CWAQ==
			thebridgeonline.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4fc167c3978709f4ea996d2f63b6383a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kutt.it
privadaes.page.link
thebridgeonline.net
thebridgeonline.net
2606:4700:3034::ac43:bc7d
2a00:1450:4001:82f::200e
45.60.98.252
1fd263666f9c27c0423883f8fe48742f630671f51098e805ae5b6ecb58f062ea
213e1c07e15eea7f20b56e8dab08ce45429188b20c55cd91d45c84cdda5c0635
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58
591c42db4310fef210dcfb958d4d0d7d23684f536e9b3b8e02a37e424260d1db
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6c29076d08b81084605997ae36ffe8df41fcef907b33c77e9b7626efd3724910
71bfb5ed11bf84da5e21d7997d31ded591a6eb0f43a2478074e63b37c094d7be
8de47e339b24ca8b2e847918578e2051b2e6b94f0c9956b056a48481ace3cafe
c0fd87cbe1718e7a2140b62a61aab06780d561b17113e32d8d4e9bf434da3d30
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
d7399d77beb8b8da046b06a4e106e28ac095ec09882a6cf6e04d52735396a1b6
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765