urlscan.io logo urlscan.io
SecurityTrails logo

www.longars.com.tr Open in urlscan Pro
104.247.165.3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://scubawarehouse.com.sg/dpo?ID=df395dbbc7a76613843af9a1a49113c4=18kq1Nf04d6eeb73bb2445c57882c053f3f5499
Effective URL: https://www.longars.com.tr/wp-content/upold/dpb/dpd-matn/index.html?verification
Submission: On March 19 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 104.247.165.3, located in Turkey and belongs to GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR. The main domain is www.longars.com.tr.
TLS certificate: Issued by R3 on March 5th 2023. Valid for: 3 months.
This is the only time www.longars.com.tr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DPD (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 2 85.187.128.14 55293 (A2HOSTING)
2 3 104.247.165.3 42846 (GUZELHOST...)
2 3
Apex Domain
Subdomains		 Transfer
3 longars.com.tr
www.longars.com.tr
233 KB
2 scubawarehouse.com.sg
scubawarehouse.com.sg
476 B
2 2
Domain Requested by
3 www.longars.com.tr 2 redirects
2 scubawarehouse.com.sg 1 redirects
2 2

This site contains links to these domains. Also see Links.

Domain
rizarichempire.com
Subject Issuer Validity Valid
scubawarehouse.com.sg
cPanel, Inc. Certification Authority		 2023-01-25 -
2023-04-25		 3 months crt.sh
longars.com.tr
R3		 2023-03-05 -
2023-06-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.longars.com.tr/wp-content/upold/dpb/dpd-matn/index.html?verification
Frame ID: BB5197A5BDA5252BAD2576C2F49A16E4
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zahlung bestätigen - Schweizerische DPD

Page URL History Show full URLs

  1. https://scubawarehouse.com.sg/dpo?ID=df395dbbc7a76613843af9a1a49113c4=18kq1Nf04d6eeb73bb2445c57882c053f3f5499 HTTP 301
    https://scubawarehouse.com.sg/dpo/?ID=df395dbbc7a76613843af9a1a49113c4=18kq1Nf04d6eeb73bb2445c57882c053f3f... Page URL
  2. https://www.longars.com.tr/wp-content/upold/dpb?pwd=psb HTTP 301
    https://www.longars.com.tr/wp-content/upold/dpb/?pwd=psb HTTP 302
    https://www.longars.com.tr/wp-content/upold/dpb/dpd-matn/index.html?verification Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

440 kB
Transfer

589 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://scubawarehouse.com.sg/dpo?ID=df395dbbc7a76613843af9a1a49113c4=18kq1Nf04d6eeb73bb2445c57882c053f3f5499 HTTP 301
    https://scubawarehouse.com.sg/dpo/?ID=df395dbbc7a76613843af9a1a49113c4=18kq1Nf04d6eeb73bb2445c57882c053f3f5499 Page URL
  2. https://www.longars.com.tr/wp-content/upold/dpb?pwd=psb HTTP 301
    https://www.longars.com.tr/wp-content/upold/dpb/?pwd=psb HTTP 302
    https://www.longars.com.tr/wp-content/upold/dpb/dpd-matn/index.html?verification Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://scubawarehouse.com.sg/dpo?ID=df395dbbc7a76613843af9a1a49113c4=18kq1Nf04d6eeb73bb2445c57882c053f3f5499 HTTP 301
  • https://scubawarehouse.com.sg/dpo/?ID=df395dbbc7a76613843af9a1a49113c4=18kq1Nf04d6eeb73bb2445c57882c053f3f5499

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
scubawarehouse.com.sg/dpo/
Redirect Chain
  • https://scubawarehouse.com.sg/dpo?ID=df395dbbc7a76613843af9a1a49113c4=18kq1Nf04d6eeb73bb2445c57882c053f3f5499
  • https://scubawarehouse.com.sg/dpo/?ID=df395dbbc7a76613843af9a1a49113c4=18kq1Nf04d6eeb73bb2445c57882c053f3f5499
161 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://scubawarehouse.com.sg/dpo/?ID=df395dbbc7a76613843af9a1a49113c4=18kq1Nf04d6eeb73bb2445c57882c053f3f5499
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.187.128.14 , Singapore, ASN55293 (A2HOSTING, US),
Reverse DNS
sg1-ss8.a2hosting.com
Software
Apache / PHP/7.4.33
Resource Hash
cf5790bcf3e82a2f4ff215fff0869f1bcc22c8d4852eceaec3dc06263339b530
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Mar 2023 17:24:29 GMT
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33

Redirect headers

content-length
318
content-type
text/html; charset=iso-8859-1
date
Sun, 19 Mar 2023 17:24:29 GMT
location
https://scubawarehouse.com.sg/dpo/?ID=df395dbbc7a76613843af9a1a49113c4=18kq1Nf04d6eeb73bb2445c57882c053f3f5499
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
Primary Request index.html
www.longars.com.tr/wp-content/upold/dpb/dpd-matn/
Redirect Chain
  • https://www.longars.com.tr/wp-content/upold/dpb?pwd=psb
  • https://www.longars.com.tr/wp-content/upold/dpb/?pwd=psb
  • https://www.longars.com.tr/wp-content/upold/dpb/dpd-matn/index.html?verification
362 KB
233 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.longars.com.tr/wp-content/upold/dpb/dpd-matn/index.html?verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.247.165.3 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS
35gMp4g.guzel.net.tr
Software
LiteSpeed /
Resource Hash
c2319e752dc890ccf4f7fa5d4947ef98e283118bc5c712331512ed00e419b49d

Request headers

Referer
https://scubawarehouse.com.sg/dpo/?ID=df395dbbc7a76613843af9a1a49113c4=18kq1Nf04d6eeb73bb2445c57882c053f3f5499
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
238246
content-type
text/html
date
Sun, 19 Mar 2023 17:24:30 GMT
last-modified
Tue, 21 Feb 2023 12:08:32 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 19 Mar 2023 17:24:30 GMT
location
./dpd-matn/index.html?verification#_
server
LiteSpeed
x-powered-by
PHP/7.4.33
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1ff2532853664ecbc145f4dbc95fae8291a3ec722dbb0586b5a248790d9a52f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a123b651c9caea90bfa0b9dd5c1df7ce16ed998ff8ee14801147f0113cc68a14

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/jpeg
truncated
/ 		597 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
255ac343be8acf31ca3debe1a89ecfeb7bf7949ca9bfcce726ec20db90d4ff71

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
truncated
/ 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
441985bca86f350bd89721c5219dbcee393f2d9b206930ba3997919a1f4d2e9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
truncated
/ 		564 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1dd20181a733ac6bad0e65d39105cd1fe1bdd5cb9f68341a82d7a206310a1290

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
truncated
/ 		657 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b07b4ba931d2ff580554dec6bcdad83977282139a2c2278df7b37eeb811c9ade

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
truncated
/ 		187 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf3d35d5cb9529e6a751dd854a9916e390be29855f04209c316a9ae8b2ceadb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
truncated
/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
291cb4d4ba35092b9b8bd849c7156784c4d15c7b6857da97fa41ae0b80e972b9

Request headers

Referer
Origin
https://www.longars.com.tr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
font/woff
truncated
/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dceea27395ed1b2ab536cc460a7b398429d88232a11cea81458db125457a2b1c

Request headers

Referer
Origin
https://www.longars.com.tr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
font/woff
truncated
/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa4f0aed1d0ec5764d186315819d7d80651bf620bc6378a9745701ad501a4984

Request headers

Referer
Origin
https://www.longars.com.tr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
font/woff
truncated
/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
Origin
https://www.longars.com.tr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
font/woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DPD (Transportation)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| sk_opts

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN