moving-pieces.com
Open in
urlscan Pro
208.73.206.222
Malicious Activity!
Public Scan
Effective URL: https://moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/index2.php?=&2c84266448010b5305...
Submission: On October 28 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 27th 2021. Valid for: 3 months.
This is the only time moving-pieces.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 162.213.249.122 162.213.249.122 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 27 | 208.73.206.222 208.73.206.222 | 19318 (IS-AS-1) (IS-AS-1) | |
27 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
moving-pieces.com
1 redirects
moving-pieces.com |
2 MB |
1 |
lubidgame.com
lubidgame.com |
1 KB |
27 | 2 |
Domain | Requested by | |
---|---|---|
27 | moving-pieces.com |
1 redirects
lubidgame.com
moving-pieces.com |
1 | lubidgame.com | |
27 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
lubidgame.com R3 |
2021-10-27 - 2022-01-25 |
3 months | crt.sh |
moving-pieces.com R3 |
2021-10-27 - 2022-01-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/index2.php?=&2c84266448010b5305fb201cc5daf90c&&https://tas.dhl.com/tas/servlet/LoginServlet?returnTo&id=hadooyoung@navig8newbuilds.com&2c84266448010b5305fb201cc5daf90c&
Frame ID: F26C8546159323C8D146EB938DD9FBB5
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
DHL Trade Automation Service - LoginPage URL History Show full URLs
- https://lubidgame.com/zasheckeing/durendorrff/weichester/madiscon/tokyoprof/esinkins/eruthfhsgchae... Page URL
-
https://moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/?id=hadooyo...
HTTP 302
https://moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/index2.php?... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://lubidgame.com/zasheckeing/durendorrff/weichester/madiscon/tokyoprof/esinkins/eruthfhsgchae.html?id=hadooyoung@navig8newbuilds.com Page URL
-
https://moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/?id=hadooyoung@navig8newbuilds.com
HTTP 302
https://moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/index2.php?=&2c84266448010b5305fb201cc5daf90c&&https://tas.dhl.com/tas/servlet/LoginServlet?returnTo&id=hadooyoung@navig8newbuilds.com&2c84266448010b5305fb201cc5daf90c& Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
eruthfhsgchae.html
lubidgame.com/zasheckeing/durendorrff/weichester/madiscon/tokyoprof/esinkins/ |
943 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index2.php
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/ Redirect Chain
|
38 KB 39 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.css
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
30 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ui.jqgrid.css
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
12 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
305 KB 306 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cui.js
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
validation.js
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
569 B 855 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.9.1.js
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
262 KB 262 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.js
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
426 KB 427 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grid.locale-en.js
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
6 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.jqGrid.min.js
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
260 KB 260 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.jqGrid.js
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
436 KB 436 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dhl_logo.gif
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
443 B 716 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blank.gif
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
43 B 315 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Express.png
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
34 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/members/ |
82 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dp-dhl_logo.gif
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/members/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shadow_main_right.gif
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
552 B 825 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shadow_content_main_right.png
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
820 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
servicelink_separator.gif
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
44 B 316 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_navigation_bg.gif
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
118 B 391 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow.gif
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
94 B 366 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shadow_content_title_right.png
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
495 B 768 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shadow_footer_right.gif
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
396 B 669 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shadow_navigation_main_bottom.png
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/tas/ |
495 B 768 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
screen_resolution.php
moving-pieces.com/cgi-binbi/dfeferfyjeu/geniuss/egrgfgf/FSdlhlhatesi21/lgomolomowo/members/ |
21 B 318 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| confirmMsg function| confirmLink function| changeConfirm function| popup function| popupDetailed function| newWindow function| alertLink function| actionLink function| popupLink function| windowLink function| closeAndRefresh function| submitOpener function| closeAndSubmitOpener function| closeAndSubmitOpenerIfHasDataElem function| toggleOtherElements function| refreshPage function| delayedRefresh function| setOpenerField function| setOpenerFieldAndTriggerChange function| setOpenerFieldCloseAndSubmit function| setFieldValue function| setFieldChecked function| setFieldValueAndSubmit function| confirmSetFieldValueAndSubmit function| jumpToError function| $ function| jQuery object| xmlJsonClass function| tableToGrid string| entryOptionalTxt function| openHelpWindow function| decodeForHTMLStandard function| toDecodeLoginName string| gVersion function| decodeTexts object| _0x10fa1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
moving-pieces.com/ | Name: PHPSESSID Value: 8fc572d33b2f70770e14734e2845977d |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
lubidgame.com
moving-pieces.com
162.213.249.122
208.73.206.222
099ee1ba42a20a5a02ef61c4bf17fe63c7ed13bd1257221978492dd69a17a63f
1060ba101d2a066d2f490291232af6df4fbc9d1285501c4c04b0e3249323da85
114ada17229369eac4e0b9dfbdc64c5bcbf63d5272da646b488a09c0043128ab
1eab1155833e0338dd30b57b84672eccaf1eb4736a5c3419841872dfe67ffd92
2f2bad8dfbf2077dbe6dc65e8524c8ef1a51f393f64bfb1dfba473bf8d7c7b02
2f680b51b19fc3c5befd02bd9d0d4e88c2722a5210157e4ef68933c5ba352109
3863ee0a9a320461c866f2b3b4b746e6acf6251770f062fec4136d31ff1c0f99
39e497c371ffd1b08dffbb9adb2501ee39240e4dde3f0905dacc0e64bdae0895
3b1e18e59f3d575f34e93c3d9cbaba02e32ca31bf12c78fd391c367f92cf8276
4416e230b4085ddbf4422df832b85b4523436bd728e0ea4db4debce24adbbfaf
56339f51135994efac211b0f6df72db8fcbc0e62e94fa0d53adabdd46e8fd36f
57da6c798bb28eafd8e68f5c482e73f667bcbb6a3b82b86a49e24e9edbac2ba7
5c1005dd205a7facee84211cd71491d7d933601b0fc5baed554e98e53e0d8459
5eac43a00134151521ab9d3d7c116296d438cedb0736332f4583fbe85624c1c2
6903058432ab79deb8831f89747c157eb5e84dc31a2be9546d1e47653be3ef33
694bd1099097b87b24b31d347a28655216306675a431ba0befdcd725c8eeb9a5
7e877fb1f62edae80322fad8d6cb262b3aac4fd65801f91b715faafee3d2da01
80522d76a61675bfedca8438bf27085bae239064e1eb10c4aa9b980511e28a21
9f5302c7b9ced160ced349abb00da16b6ee08ff60093823b3606a5e23bc02beb
bad90bd2534fb12270020c55172073d9ed3a5b2d636a316c28d7fb2d94d82987
c59764f1e16596d80eeffbf6b9ed1eab3b9da45dc85444f594f5fa2f594fcc83
c6380fde8a207e2a31fe857e5e45f5d59ee7c28e947532aabd11e834c22c2df7
c653efeea8b26e61785d12aa13be3695221a99f03820fb18be29995e91c49a93
d233657e86bcdc818edebfd01971431ddf84a891c25d936bb65a2cee694d3c9f
d973c9d42863e39cabde4bc73739c310c56641b220b8b01becc4e9609805aafc
e09ffdeaf732a6a9e335ef66b78febceece94c6c508e9063057be47cf0a65096
e9dfb0e5924566bfcd0aecb7294bc5d2caef213de6755ec1d1dce662f257ce2b