www.4trustwear.com
Open in
urlscan Pro
65.21.134.177
Malicious Activity!
Public Scan
Effective URL: https://www.4trustwear.com/stat/se/contents/
Submission: On September 13 via manual from SE — Scanned from SE
Summary
TLS certificate: Issued by R3 on July 24th 2023. Valid for: 3 months.
This is the only time www.4trustwear.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Tracking (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 104.21.31.213 104.21.31.213 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 65.21.134.177 65.21.134.177 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 185.15.59.240 185.15.59.240 | 14907 (WIKIMEDIA) (WIKIMEDIA) | |
19 | 2 |
ASN24940 (HETZNER-AS, DE)
PTR: business200.mypowerfulserver.com
www.4trustwear.com |
ASN14907 (WIKIMEDIA, US)
PTR: upload-lb.esams.wikimedia.org
upload.wikimedia.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
4trustwear.com
www.4trustwear.com |
60 KB |
2 |
stantoinemauritius.com
2 redirects
stantoinemauritius.com |
852 B |
1 |
wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 3073 |
63 KB |
19 | 3 |
Domain | Requested by | |
---|---|---|
18 | www.4trustwear.com |
www.4trustwear.com
|
2 | stantoinemauritius.com | 2 redirects |
1 | upload.wikimedia.org |
www.4trustwear.com
|
19 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.visa.gr |
www.mastercard.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
4trustwear.com R3 |
2023-07-24 - 2023-10-22 |
3 months | crt.sh |
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-10-27 - 2023-11-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.4trustwear.com/stat/se/contents/
Frame ID: 18B3EEA8389061EDE5B9EB760BD84DF7
Requests: 18 HTTP requests in this frame
Frame:
https://www.4trustwear.com/stat/se/contents/vbv_files/saved_resource.html
Frame ID: 0EE900AB3AB6DD9CF9F5D0F8E251160C
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Postnord.sePage URL History Show full URLs
-
https://stantoinemauritius.com/tn/r/MXVrxai
HTTP 302
https://stantoinemauritius.com/tn/ste.php HTTP 302
https://www.4trustwear.com/stat/se/contents/ Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://stantoinemauritius.com/tn/r/MXVrxai
HTTP 302
https://stantoinemauritius.com/tn/ste.php HTTP 302
https://www.4trustwear.com/stat/se/contents/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.4trustwear.com/stat/se/contents/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vpos3_euro_3DS.css
www.4trustwear.com/stat/se/contents/vbv_files/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js.t%C3%A9l%C3%A9charger
www.4trustwear.com/stat/se/contents/vbv_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vpos.js.t%C3%A9l%C3%A9charger
www.4trustwear.com/stat/se/contents/vbv_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2560px-PostNord_wordmark.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/a/a3/PostNord_wordmark.svg/ |
63 KB 63 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
visa_verified.png
www.4trustwear.com/stat/se/contents/vbv_files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mastercard_securecode.png
www.4trustwear.com/stat/se/contents/vbv_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
visa.png
www.4trustwear.com/stat/se/contents/vbv_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mastercard.png
www.4trustwear.com/stat/se/contents/vbv_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
maestro.png
www.4trustwear.com/stat/se/contents/vbv_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
CVV.JPG
www.4trustwear.com/stat/se/contents/vbv_files/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
CID.JPG
www.4trustwear.com/stat/se/contents/vbv_files/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PaymentHandler
www.4trustwear.com/stat/se/contents/vbv_files/ |
143 B 159 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
x.gif
www.4trustwear.com/stat/se/contents/vbv_files/ |
661 B 680 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
saved_resource.html
www.4trustwear.com/stat/se/contents/vbv_files/ Frame 0EE9 |
149 B 175 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
x.gif
www.4trustwear.com/stat/se/contents/vbv_files/ |
661 B 676 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EurobankSans-Regular.woff
www.4trustwear.com/stat/se/contents/vbv_files/euro_new/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EurobankSans-Light.woff
www.4trustwear.com/stat/se/contents/vbv_files/euro_new/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EurobankSans-Bold.woff
www.4trustwear.com/stat/se/contents/vbv_files/euro_new/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Tracking (Transportation)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
stantoinemauritius.com
upload.wikimedia.org
www.4trustwear.com
104.21.31.213
185.15.59.240
65.21.134.177
0762085252dfb8ccd2ece5b27995d17e2de80892745730dde75bbdef22ec87a9
078795b78d922985187df7d94d238b4510fde9ccdb2662b7952c9d93893d99fe
11631495a8a7b2cb49e02290cae651ec9552bd850d201d259cd278bb09512223
1c15722d5a2faf49e6b28cc88ace15878725000aaffe6b017c54e6fc845a7841
1d6b7722721362778eb55559eacde7741ff3472a4ed534d8d3554216f4cc95c8
47c7ccd5bd79e33e62cef299b910406e1f6ef6e66922654f999ab06998cea933
5252a27dbac77e0128d6afe6445beaae27da5669f096a0b7b1180dca1fcead94
6a96541883039b7eedcfd56d037d3398fe8f8ae6a94021f96f16dfc4546749a6
78be9441943a8406bc5f57cf731edc08b4d5a22c41cf690f0335939427b353b0
88eb2f34894290347636bb5b5de715e3d97ea7dafe8066d3b6d9fa8f0ad70a55
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
aa65221cec37785bd0226398102479df573eee338ff8db4e4a42b54145e6fbbc
af1814b7a3cf414c966ea0d179175bfa2138ffca72a682134717d4329c6cbd9b