www.despacitotour.com
Open in
urlscan Pro
31.11.34.123
Malicious Activity!
Public Scan
Effective URL: http://www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/
Submission: On September 14 via manual from IT — Scanned from IT
Summary
This is the only time www.despacitotour.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PostNord AB (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 14 | 31.11.34.123 31.11.34.123 | 31034 (ARUBA-ASN) (ARUBA-ASN) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
15 | 4 |
ASN31034 (ARUBA-ASN, IT)
PTR: websn3s113.aruba.it
despacitotour.com | |
www.despacitotour.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
despacitotour.com
2 redirects
despacitotour.com www.despacitotour.com |
268 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1171 |
12 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 419 |
34 KB |
15 | 3 |
Domain | Requested by | |
---|---|---|
13 | www.despacitotour.com |
1 redirects
www.despacitotour.com
|
1 | maxcdn.bootstrapcdn.com |
www.despacitotour.com
|
1 | ajax.googleapis.com |
www.despacitotour.com
|
1 | despacitotour.com | 1 redirects |
15 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/
Frame ID: C70BEBE36AF4F2CB2DD2BFC2386940ED
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
PostNordPage URL History Show full URLs
-
http://despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8
HTTP 301
http://www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8 HTTP 301
http://www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8
HTTP 301
http://www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8 HTTP 301
http://www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/ Redirect Chain
|
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/src/ |
152 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/src/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
creditCardValidator.js
www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/src/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/src/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popper.min.js
www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/src/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/src/ |
57 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pn-blue.svg
www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/src/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uSHMClk.jpg
www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/src/ |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ship.jpg
www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/src/ |
116 KB 117 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
36 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.payform.min.js
www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/assets/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.js
www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/assets/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontawesome-webfont.woff2
www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.despacitotour.com
- URL
- http://www.despacitotour.com/wp-includes/js/bruger/f32b30c2a289bfca2c9857ffc5871ac8/fonts/fontawesome-webfont.woff2?v=4.7.0
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PostNord AB (Transportation)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $cc function| $ function| jQuery function| Popper object| bootstrap object| jQuery1124055147911061488820 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
despacitotour.com
maxcdn.bootstrapcdn.com
www.despacitotour.com
www.despacitotour.com
2606:4700::6812:bcf
2a00:1450:4001:828::200a
31.11.34.123
03f5c3670a8445c0af75a1b934be176f6c1cde339fbe76b1062cc51e590bca98
0c6229b990f01328e91bbfba00d9317e197c7a85e5682466a14b3ba034b575f3
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
5314c05004534b7ad529b2ed9f83c58eca0004ff24a5b876ffb09b4b4aacb4d0
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
9e7b1e70327a9422d64b9ec894b9cdd15b8c05983078d297cd21c058c841a754
aa588e5b7c3849f4812327fe7f0d6e21732061e658f66b45bf2a3829f50346c9
d509cb9938f42afa415b52da70d88ca9337c814eb336f161f2d5be12370d7259
dff81136fd39f062791cd1c48d6b6588b5061e58f34ec375497bffcf1c3ff95c
ed5d378eba9e2bfb95d14968add94c0555fd743315e7a6b1052e4a6aaaf5b3fd
f0db1480de6f84e05f04a26ca83480a1abcbc779da03c4ad9c06dadb578a98c9