cargo.postlogistics.ch
Open in
urlscan Pro
20.76.31.2
Malicious Activity!
Public Scan
Effective URL: https://cargo.postlogistics.ch/Authentication/Login
Submission: On May 08 via manual from CH — Scanned from CH
Summary
TLS certificate: Issued by SwissSign RSA TLS OV ICA 2021 - 1 on May 30th 2023. Valid for: a year.
This is the only time cargo.postlogistics.ch was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Swiss Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 28 | 20.76.31.2 20.76.31.2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
27 | 1 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cargo.postlogistics.ch |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
postlogistics.ch
1 redirects
cargo.postlogistics.ch |
642 KB |
27 | 1 |
Domain | Requested by | |
---|---|---|
28 | cargo.postlogistics.ch |
1 redirects
cargo.postlogistics.ch
|
27 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
auth.postlogistics.ch |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cargo.postlogistics.ch SwissSign RSA TLS OV ICA 2021 - 1 |
2023-05-30 - 2024-05-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://cargo.postlogistics.ch/Authentication/Login
Frame ID: 3919A95F860B829D932C9E96F20EACE1
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
LoginPage URL History Show full URLs
-
http://cargo.postlogistics.ch/
HTTP 307
https://cargo.postlogistics.ch/ HTTP 302
https://cargo.postlogistics.ch/Authentication/Login Page URL
Detected technologies
Cargo (CMS) ExpandDetected patterns
- /cargo\.
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- <input[^>]+name="__VIEWSTATE
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Passwort vergessen?
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://cargo.postlogistics.ch/
HTTP 307
https://cargo.postlogistics.ch/ HTTP 302
https://cargo.postlogistics.ch/Authentication/Login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Login
cargo.postlogistics.ch/Authentication/ Redirect Chain
|
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
25 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
95 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
104 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
27 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
25 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
62 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eos.min.css
cargo.postlogistics.ch/Content/ |
236 KB 60 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
public-access.min.css
cargo.postlogistics.ch/Content/ |
2 KB 1016 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MsAjaxJs
cargo.postlogistics.ch/bundles/ |
142 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebFormsJs
cargo.postlogistics.ch/bundles/ |
60 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eos.min.js
cargo.postlogistics.ch/Scripts/ |
697 KB 262 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Login.min.js
cargo.postlogistics.ch/users/authentication/ |
522 B 545 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
198 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
150 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
4 KB 959 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
38 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
1 KB 469 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
4 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
88 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
27 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
5 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
22 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXR.axd
cargo.postlogistics.ch/ |
43 B 112 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
post-de.svg
cargo.postlogistics.ch/Content/img/logos/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
cargo.postlogistics.ch/fonts/ |
75 KB 76 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
cargo.postlogistics.ch/ |
4 KB 4 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Swiss Post (Transportation)225 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| theForm function| __doPostBack function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $removeHandler function| $get function| $find function| $addHandler function| $addHandlers function| $clearHandlers function| Type object| Sys object| _events function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer function| GridView function| GridView_createPropertyString function| GridView_setStateValue function| GridView_OnCallback function| GridView_getHiddenFieldContents function| createPropertyStringFromValues_GridView function| DetailsView function| DetailsView_createPropertyString function| DetailsView_setStateValue function| DetailsView_OnCallback function| DetailsView_getHiddenFieldContents function| createPropertyStringFromValues_DetailsView function| TreeView_HoverNode function| TreeView_GetNodeText function| TreeView_PopulateNode function| TreeView_ProcessNodeData function| TreeView_SelectNode function| TreeView_ToggleNode function| TreeView_UnhoverNode function| Point function| __wpTranslateOffset function| __wpGetPageEventLocation function| __wpClearSelection function| WebPart function| WebPart_Dispose function| WebPart_OnMouseDown function| WebPart_OnDragStart function| WebPart_OnDrag function| WebPart_OnDragEnd function| WebPart_GetParentWebPartElement function| WebPart_UpdatePosition function| Zone function| Zone_Dispose function| Zone_OnDragEnter function| Zone_OnDragOver function| Zone_OnDrop function| Zone_GetParentZoneElement function| Zone_AddWebPart function| Zone_ToggleDropCues function| Zone_GetWebPartIndex function| Zone_UpdatePosition function| WebPartDragState function| WebPartMenu function| WebPartMenu_Dispose function| WebPartMenu_Show function| WebPartMenu_Hide function| WebPartMenu_Hover function| WebPartMenu_Unhover function| WebPartMenu_OnClick function| WebPartMenu_OnKeyPress function| WebPartMenu_OnMouseEnter function| WebPartMenu_OnMouseLeave function| WebPartManager function| WebPartManager_Dispose function| WebPartManager_AddZone function| WebPartManager_IsDragDropEnabled function| WebPartManager_DragDrop function| WebPartManager_InitiateWebPartDragDrop function| WebPartManager_CompleteWebPartDragDrop function| WebPartManager_ContinueWebPartDragDrop function| WebPartManager_Execute function| WebPartManager_ProcessWebPartDragEnter function| WebPartManager_ProcessWebPartDragOver function| WebPartManager_ProcessWebPartDrop function| WebPartManager_ShowHelp function| WebPartManager_ExportWebPart function| WebPartManager_UpdatePositions function| WebPartManager_SubmitPage object| __pendingCallbacks number| __synchronousCallBackIndex boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes object| __disabledControlArray string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes object| __wpm object| utils object| inputUtils object| ms_logout object| gb_mp_js object| controls_masterpage_menuv2 object| controls_generic_popupYesNo object| noty function| docWriteWrapper function| qzReady function| qzDonePrinting object| print_control function| ES6Promise function| $ function| jQuery function| moment function| Noty object| MsGlobalResources object| Login object| login object| ASPx object| dx object| ASPxClientUtils function| ListBoxTemporaryCache object| Ident function| AccessKeysHelper function| AccessKey object| CheckBoxCheckState object| CheckBoxInputKey function| ASPxClientEvent function| ASPxClientEventArgs function| ASPxClientCancelEventArgs function| ASPxClientProcessingModeEventArgs function| ASPxClientProcessingModeCancelEventArgs function| IntersectionObserversManager function| IntersectionObserversManagerForOldBrowsers function| ASPxStateItem function| ASPxClientStateEventArgs function| ASPxStateController object| PagerCommands function| ASPxClientBeginCallbackEventArgs function| ASPxClientGlobalBeginCallbackEventArgs function| ASPxClientEndCallbackEventArgs function| ASPxClientGlobalEndCallbackEventArgs function| ASPxClientCallbackErrorEventArgs function| ASPxClientGlobalCallbackErrorEventArgs function| ASPxClientCustomDataCallbackEventArgs function| ASPxClientValidationCompletedEventArgs function| ASPxClientControlsInitializedEventArgs function| ASPxClientControlBeforePronounceEventArgs function| ASPxClientControlUnloadEventArgs function| ASPxClientEndFocusEventArgs function| ASPxClientItemFocusedEventArgs function| ASPxClientControlCollection function| ASPxClientControlBase function| ASPxClientControl function| ASPxClientComponent function| ASPxClientLoadingPanel function| ASPxClientButton object| gb_mp_loadingPanel object| dynamicControlSiteMap_ctl00 object| dynamicControlSiteMap_ctl01 object| dynamicControlSiteMap_ctl02 object| dynamicControlSiteMap_ctl034 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
cargo.postlogistics.ch/ | Name: eos_session Value: 5redb5h5gkkyhx1rmxdb41xz |
|
cargo.postlogistics.ch/ | Name: eos_AntiXsrfToken Value: 30fc40981ba14f3fa774a85e3102cb30 |
|
cargo.postlogistics.ch/ | Name: eos_lang Value: de |
|
cargo.postlogistics.ch/ | Name: NSC_MCWT_QSPE_IUUQ_JJT_DPPLJFJOTFSU Value: ffffffffc3a0a21445525d5f4f58455e445a4a423660 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; font-src 'self' data:; img-src 'self' data:; frame-src *; |
Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cargo.postlogistics.ch
20.76.31.2
06032e3e2c53d5e6b432f315130ba3abe8a7d1ab0764f66172fc3c3038f9a990
0780a791d24ffc4a4ab0c78702ec8a92541436d010418b71365ff4f32b4f8fed
1dc915070a94d318e6b72545e6c5fa70a7b1803a52bae83e8888f319c0aec8be
1ef0ce78929ca5ed37a51053a6c57c21e3ea7077635e99ec48cf577c917fb002
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ffa84767109c9624f2dc4be352add3c6f85380cb83eae7f4ea69ae33b2642d5
3017b189d4731c62a0c024e348ef1bf623fd4f3b86dac997658cbea116ca8f21
3a088b2ef6ffe7075f584627bcc72cf6b4353924e5711284c4dce3fbac19c7cd
3f402997edc84c83b61745053cbac9f9e917e5c335107854fcb11c91b0020fac
42fda7de792b042566efe0379b335509470de2566361f8b0d4ce218ea326e595
594e60989897c3fe7e623be3e586d11d1e80d5288270d9604ab2b492d79cbcc9
5f5ed502613abf4b364c84f7066ce2bf478c4f77b26af27a72e6bfb1cf00d3cd
60369a21d77d6a55980702230842210059b4c9295243fbe32154edb6e5845190
6d2cc8f8d9aebed1f8c9a9178b1893b0fd6dc4e1de429807be366a8b6f22400d
6de3d244cb663b977d0621f96db93337027c1ca5f6b7f46b8dd529e3879d1775
7a0716cadb7e3185b9b8b3436a0b160e4276faeaa090f952621d6b475dc96678
88cd9a0080384a7b60b6dc20ae2bd62e3625f2f04ee721cced81cca23a842d76
898f3324f9a61ebc70a307308f4e3adfa79073654437324ef89e5357e11e47ae
99caecb8475a08fc86c812cf804ddc904f6e6d3fd1591848a09f2413952f2a97
a4b287f922751ecc980013c1e7e1bacd14e05f64997c480db92c8a8e28df3dce
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c2ad797ce18b1c070b42e25a3197cfa5846d85319cb262af0b9de30a95945616
c33d2eeb46f41ebdccc2b62b178a76466645fc91a640c3e718a9999a6b4b9965
cf0c0df73b024ee38dfbd09a88646929bbe715b47adc6fff4e80584ce996290b
e0b0a5dcfdcd2b2b1cb034ec31a2574cd15f8c0954ee93416b79c96d93806602
ebecd6de120c6bf3a4ffb63638d34f37bcef40dd1456e3a61e220bef04e30b37
ef744fee19a33caa2ca1f1c66c3f39d54ac0f3de23561121e62ca9bb0e143d91