navaj-hopi.com
Open in
urlscan Pro
164.132.235.17
Malicious Activity!
Public Scan
Effective URL: https://navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/
Submission: On August 15 via manual from SA
Summary
TLS certificate: Issued by R3 on August 6th 2021. Valid for: 3 months.
This is the only time navaj-hopi.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Saudi Post (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:10:... 2606:4700:10::ac43:8ee | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 21 | 164.132.235.17 164.132.235.17 | 16276 (OVH) (OVH) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 54.192.219.60 54.192.219.60 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:811::2003 | 15169 (GOOGLE) (GOOGLE) | |
24 | 4 |
ASN15169 (GOOGLE, US)
translate.googleapis.com |
ASN16509 (AMAZON-02, US)
PTR: server-54-192-219-60.mrs52.r.cloudfront.net
ksaimg4.b8cdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
navaj-hopi.com
1 redirects
navaj-hopi.com |
76 KB |
2 |
gstatic.com
www.gstatic.com |
3 KB |
1 |
b8cdn.com
ksaimg4.b8cdn.com |
9 KB |
1 |
googleapis.com
translate.googleapis.com |
3 KB |
1 |
cutt.ly
1 redirects
cutt.ly |
525 B |
24 | 5 |
Domain | Requested by | |
---|---|---|
21 | navaj-hopi.com |
1 redirects
navaj-hopi.com
|
2 | www.gstatic.com |
navaj-hopi.com
translate.googleapis.com |
1 | ksaimg4.b8cdn.com |
navaj-hopi.com
|
1 | translate.googleapis.com |
navaj-hopi.com
|
1 | cutt.ly | 1 redirects |
24 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.paytabs.com |
mci.gov.sa |
Subject Issuer | Validity | Valid | |
---|---|---|---|
navaj-hopi.com R3 |
2021-08-06 - 2021-11-04 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-07-12 - 2021-10-04 |
3 months | crt.sh |
*.b8cdn.com Go Daddy Secure Certificate Authority - G2 |
2021-03-15 - 2022-04-16 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-07-12 - 2021-10-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/
Frame ID: 3AA9D184A49D93302C7CCE6CF9023FF6
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://cutt.ly/uQKRSrt
HTTP 301
https://navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/ HTTP 302
https://navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: mci.gov.sa
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://cutt.ly/uQKRSrt
HTTP 301
https://navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/ HTTP 302
https://navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/ Redirect Chain
|
45 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
134 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
2 KB 812 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans.css
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
1 KB 533 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translateelement.css
translate.googleapis.com/translate_static/css/ |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading_payment.gif
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
11 KB 11 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saudi_post-logo-en.png
ksaimg4.b8cdn.com/images/templates/saudi_post/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cards.png
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p1.png
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p2.png
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p3.png
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
credit-cards.png
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
62617_1589791686.jpg
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visa-icon.png
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
master-card-icon.png
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sadad-en-2016.png
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rotate-device.png
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ |
825 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0b.woff2
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
navaj-hopi.com/modules/supercheckout/views/img/front/notification/SA/SAOUDAIPOSTAL/NV6588123/files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Saudi Post (Government)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| $cc1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.navaj-hopi.com/ | Name: PrestaShop-f1a30de3eaf153a0bb5394ebe187a55a Value: 1LcRZ0BXl2dWVp7eQrxFQ1HoNGWUKOV892YWK8BK1iTZD3uAAk%2BqFbR5Qb1wQiGmohg3l435JHsfpZ4aQfmnIrFqn%2BXYWOoSwsjEyJDzh%2B6DbBS%2F%2FkXkDyouScj8t3XbuXYqJafQoTtYFS0NAGbRGysjQchZFheOIRGWkY9hc8J9dtVKPgh9z1OiIKioL7Ckv6%2FhBNnvsSTrmYoWlFBsnkl8sooY%2BRnjHRvYpsDRHypaNvdmHhL0KZYvufapEbclxQ6luDPiS2K2mJFgCiKBcaCrrf1Jj5q52NK48tihViZJpT568IVTdupqYr3gipLUXho7xiqz5H2NdukOpsNO2WjvoVMLQegM3%2BttCt5CR4UFZPTpmvyFKXoSp6wYYhKOTLEJelpTTeVdTLHQ7pkAQUWLNCcNunM4XRt1tD2HMQE%3D000305 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cutt.ly
ksaimg4.b8cdn.com
navaj-hopi.com
translate.googleapis.com
www.gstatic.com
164.132.235.17
2606:4700:10::ac43:8ee
2a00:1450:4001:811::2003
2a00:1450:4001:830::200a
54.192.219.60
0d38c2901f916ed13747352b787d6335ded7fa0096b030577e753111f24f337f
1002919cf892616d83524f1ee83e2886ee71b1326c9559c3c4f0e1e078de9583
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
4f5cb44eaf44171c773db823b43d2f71b143ab0ccd73dafe2d4da75a9b527fba
5432b59decde382eae206cbe12dee7dd05ca9dcacb67f027a59b6a97a4379f07
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
704f42f2b8d5c2cf34161340102f38f70ead0a89f3a616b6f2c3ec1f500de3bd
8269d1a14f51751893709c6e8cf650e13e461fdd0f2f1ecc4a28c1ccfe740b19
8a67af5b95d4b4ff29b868b7d5ff794db7f269dfa67e43249f1053a874385b6e
8cab535899226d06d469729ec985b9e6c3d02839580011dd3f2bc2496cb95217
92eda55cfcd4423dfa402b96ec7c4c4016e6299d06ef3f0393862c4216304d04
95ca2aecfd0c06c7c138910cd402deb49c713befd6e335e7270d8877b18bd125
a5ca036a508c4c10c3b1d0c1aa0bfd155ccffe2a63ed248fc1b22aaba1399a39
a60a31e4e77b8fb6360b986653ac24762db5249892d8907099b7109d2194110c
a6c46c09291b11b56ec8272f62213a7e29ed57ad13e943a61a7588a029bd65fa
a7a929e9986ff28daf0d6e93093ca394c33aabb143b6351a5e8ef6bc2a15f88a
cfc58e473751b9799c4b2d29216ea07d36eba4ccefeab6a704d550b4412a43f6
d5dce38263f5759f49f991a2a50098a91aa82ba3ce5a2eb33a66ea2a29855feb
e981a7d8f07e0a8c1955d960a85f511fb9d77325c58346d3a84c60925204ea70
fd420bd53afb73813efe037efbe844409d1323b9652a6c7fe784f19757e15b24