geosnippitsreboot.com Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wayuc.net/dla/2/paczki.html
Effective URL:
https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes
Submission: On March 29 via manual (March 29th 2024, 9:52:06 am UTC) from PL — Scanned from PL

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is geosnippitsreboot.com.
TLS certificate: Issued by GTS CA 1P5 on March 5th 2024. Valid for: 3 months.

This is the only time geosnippitsreboot.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DPD (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1	78.135.83.190 78.135.83.190	207326 (HOSTLAB) (HOSTLAB)
2 15	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2

1 78.135.83.190 (Istanbul, Turkey)

ASN207326 (HOSTLAB, TR)
PTR: nequegxwkt.exciited.net

wayuc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 188.114.96.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

geosnippitsreboot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	geosnippitsreboot.com 2 redirects geosnippitsreboot.com	250 KB
1	wayuc.net wayuc.net	464 B
14	2

	Domain	Requested by
15	geosnippitsreboot.com	2 redirects wayuc.net geosnippitsreboot.com
1	wayuc.net
14	2

This site contains no links.

Subject Issuer	Validity	Valid
wayuc.net ZeroSSL RSA Domain Secure Site CA	`2024-03-03` - `2024-06-01`	3 months	crt.sh
geosnippitsreboot.com GTS CA 1P5	`2024-03-05` - `2024-06-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes
Frame ID: 54000CCDCA87322E00689D0DED3FC40A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Follow My Parcel

Page URL History Show full URLs

https://wayuc.net/dla/2/paczki.html Page URL
https://geosnippitsreboot.com/assets/plnn HTTP 301
https://geosnippitsreboot.com/assets/plnn/ HTTP 302
https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes Page URL

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

249 kB
Transfer

448 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wayuc.net/dla/2/paczki.html Page URL
https://geosnippitsreboot.com/assets/plnn HTTP 301
https://geosnippitsreboot.com/assets/plnn/ HTTP 302
https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 paczki.html
wayuc.net/dla/2/ 203 B
464 B 324ms
73ms Document
text/html 78.135.83.190
HOSTLAB

General

Check archive.org

Show headers Download Go to

Full URL: https://wayuc.net/dla/2/paczki.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.135.83.190 Istanbul, Turkey, ASN207326 (HOSTLAB, TR),
Reverse DNS: nequegxwkt.exciited.net
Software: LiteSpeed /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: pl-PL,pl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-type: text/html
date: Fri, 29 Mar 2024 09:52:00 GMT
etag: "cb-660681ab-2d0236bb;gz"
last-modified: Fri, 29 Mar 2024 08:54:03 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H3

200

Primary Request tracking-load.html Show response
geosnippitsreboot.com/assets/plnn/
Redirect Chain

https://geosnippitsreboot.com/assets/plnn
https://geosnippitsreboot.com/assets/plnn/
https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes

23 KB
5 KB

359ms
359ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes

Requested by

Host: wayuc.net
URL: https://wayuc.net/dla/2/paczki.html

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb96272804e7572bf87e994c11396f89f2ba19ef25225f5e01952cf9e01567cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://wayuc.net/dla/2/paczki.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: pl-PL,pl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86bef6f9ebce39f1-FRA
content-encoding: br
content-type: text/html
date: Fri, 29 Mar 2024 09:52:01 GMT
last-modified: Fri, 29 Mar 2024 08:40:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=41R0gk49oc1uOjRykIed%2B5ZZIeqimvhx5Z2N6CJXSutLlpaQpdny5pZ3cHm1VZmi2%2BaATY%2B2GDtE8aotCjWlaYkxjLkwDhQ5Z7rGiYgn%2FYgEXcoiINbEz6Du3kxe2qIXRsXeebfDtp4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86bef6f7aa0639f1-FRA
content-type: text/html; charset=UTF-8
date: Fri, 29 Mar 2024 09:52:01 GMT
location: tracking-load.html?ssl=yes
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jyIry1QpV9FlgTrMYxpabYoK0y6wUfBeJRFb8jlmFn5AkuJIWhR7n3yTkoZizAeDpZ3WK25mBGKKTjeXywhIYbxrC%2BQWjVPTwb3FOhzcK6njJexlINiBhLHjKXeMpR68khZVCMuJJ2g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000

GET
H3 200 app.css
geosnippitsreboot.com/assets/plnn/files/ 183 KB
21 KB 88ms
87ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geosnippitsreboot.com/assets/plnn/files/app.css

Requested by

Host: geosnippitsreboot.com
URL: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3a9d53bed47724a9a3a6134220f6079537ca8d78c0e5cb70d6adc69f863b90c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes
accept-language: pl-PL,pl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 09:52:01 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Mar 2024 08:40:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 89
etag: W/"66067e8c-2dbb9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bd8Li3R0Z4n3MbTCdVOy83m2TP3PdCeb2R0%2B782USFJcoEEIIkdG40i0%2BsAMXzJOkyEgQCw8d1EpGqxMlBzVekziHkRbQPX%2F6HnJBNkCzIyLFMHWNQKysHcH328p5%2FIAXeshhl6Lm3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 86bef6fc2dc739f1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 app2.css
geosnippitsreboot.com/assets/plnn/files/ 29 KB
6 KB 89ms
89ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geosnippitsreboot.com/assets/plnn/files/app2.css

Requested by

Host: geosnippitsreboot.com
URL: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5f09705b4e1052ee58ce24a921810cd38a151051deb168cf58dc25cca746f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes
accept-language: pl-PL,pl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 09:52:01 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Mar 2024 08:40:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 89
etag: W/"66067e8c-7210"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2Bexu94nox9YxsSPSiw%2BuBDnk0sMJfSY21AJ2TPgmfAlrbcrvWNPyAK%2BDYtxyMMja9qR8QFPX5CgkTjsgIswqI3OxyIoO3Ukd1h2VoEdHToNiDLpgh6yj6RhY4ppPlhbvr0sgcWUvz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 86bef6fc2dca39f1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 dpd.png
geosnippitsreboot.com/assets/plnn/files/ 21 KB
21 KB 48ms
48ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geosnippitsreboot.com/assets/plnn/files/dpd.png

Requested by

Host: geosnippitsreboot.com
URL: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268b37ae55b70848676c6c100f52249325e99c6d511d95ebe841ad03bc685069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes
accept-language: pl-PL,pl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 09:52:01 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89
alt-svc: h3=":443"; ma=86400
content-length: 21097
last-modified: Fri, 29 Mar 2024 08:40:44 GMT
server: cloudflare
etag: "66067e8c-5269"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qWnG8L0MMVc6oX7iGVYh7R3ZJMQ4lzK8RpDcalzpMdjp0sm%2F0gKD%2F438s%2F%2BcDIAeQqEcwnteZHfO4xYkDpbFVZAQtjYheDTDfb25zLFJ28WP%2BJ6wIFLyH%2BKrqaSopgn9pBiMu%2FxA1Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bef6fc2dcb39f1-FRA

GET
H3 200 claim.png
geosnippitsreboot.com/assets/plnn/files/ 17 KB
18 KB 129ms
128ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geosnippitsreboot.com/assets/plnn/files/claim.png

Requested by

Host: geosnippitsreboot.com
URL: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

863a24f0e0d23c794479143baad6d856fcbdfaec2701a67988fbd5b85b5b1218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes
accept-language: pl-PL,pl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 09:52:01 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89
alt-svc: h3=":443"; ma=86400
content-length: 17674
last-modified: Fri, 29 Mar 2024 08:40:44 GMT
server: cloudflare
etag: "66067e8c-450a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VmNJtIuX05wBIywRo%2B6TxcntpeIFdyLcB213U3fo%2F0mOZHZaYSw%2F7aSBfKzFLLvMZXT3gkX5Znt%2FbN2qd0YuzNpt1vZYTYPg2Q%2FCgoH0A%2FV9LeZ38TXKtGK0EixLrkDtUL%2B1DFIw3zc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bef6fc2dcc39f1-FRA

GET
H3 200 warning_red.png
geosnippitsreboot.com/assets/plnn/files/ 3 KB
3 KB 121ms
120ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geosnippitsreboot.com/assets/plnn/files/warning_red.png

Requested by

Host: geosnippitsreboot.com
URL: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a89397dda9a9adbd6a118c432895e46317944ce976d794c895f3788d27b0286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes
accept-language: pl-PL,pl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 09:52:01 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89
alt-svc: h3=":443"; ma=86400
content-length: 2703
last-modified: Fri, 29 Mar 2024 08:40:44 GMT
server: cloudflare
etag: "66067e8c-a8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GscEsyGsASGJwPywIav%2B9odF43wzE7orQHI7PDVJWOEtPHFPAGkiKha50GdRv1Sbqv%2BG5mrO9t9yxylt%2Bh1t9NBePUCBx%2BXttEf%2FL8yRNCaCJm%2BwpkPkxbqzjrQ84lYRmlwRkqm%2FhHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bef6fc3dd539f1-FRA

GET
H3 200 loading.gif
geosnippitsreboot.com/assets/plnn/files/ 17 KB
18 KB 121ms
121ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geosnippitsreboot.com/assets/plnn/files/loading.gif

Requested by

Host: geosnippitsreboot.com
URL: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85e34065774eebcb0f3d652d24ce47c0ecbfd5c190228a20d3dc7c698eb279e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes
accept-language: pl-PL,pl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 09:52:01 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89
alt-svc: h3=":443"; ma=86400
content-length: 17698
last-modified: Fri, 29 Mar 2024 08:40:44 GMT
server: cloudflare
etag: "66067e8c-4522"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l012okSYow0EZ4yDlZ78pc9YXkvb5JK18p7t%2BctpWRDNdvzeTefAtIN6P2752Bou2COgLH012QttYNMwA68jUPNNCCP7u98Bk2k8WrO3EW%2B1wwbf7YhgKO%2BEhVuv8BYEitLulhnooAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bef6fc3dd639f1-FRA

GET
H3 200 dpd_group_82x22.png
geosnippitsreboot.com/assets/plnn/files/ 3 KB
3 KB 157ms
157ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geosnippitsreboot.com/assets/plnn/files/dpd_group_82x22.png

Requested by

Host: geosnippitsreboot.com
URL: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e72e47498366f1af8dc4972041ce63172ed73fc49553c3e729c66191e6ff2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes
accept-language: pl-PL,pl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 09:52:01 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89
alt-svc: h3=":443"; ma=86400
content-length: 2947
last-modified: Fri, 29 Mar 2024 08:40:44 GMT
server: cloudflare
etag: "66067e8c-b83"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jZgrJ%2BkxCBK3Z1tpj%2BxriVv%2Ft1OaF02QbOBY1Lhc7Hf0XNeqiU%2BIgmezlptC%2BBe9LJ51bCRIrO10c2Fk%2F8piOlds7QNtCCExQMWaycbiKUK8K16Xxy%2BmKVWvtolWRljhWYhQyoBT%2BjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bef6fc3dd739f1-FRA

GET
H3 200 dpd-mobile.png
geosnippitsreboot.com/assets/plnn/files/ 32 KB
32 KB 156ms
156ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geosnippitsreboot.com/assets/plnn/files/dpd-mobile.png

Requested by

Host: geosnippitsreboot.com
URL: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

438df4c1bd39c959c09f81575c789beb3afbcd3b63474e3c9d43b5c95fdd5451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes
accept-language: pl-PL,pl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 09:52:01 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89
alt-svc: h3=":443"; ma=86400
content-length: 32766
last-modified: Fri, 29 Mar 2024 08:40:44 GMT
server: cloudflare
etag: "66067e8c-7ffe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f8kbEKD8VXl90d5IcSa2sa%2BlqtQGq0cYPBpWNqbKtAq7%2FYA9dXxVTebyv7yh4AI1ko6rOOW2ZrcVYaLt%2BgYq1vWwAUYFbcQbP7i7l9jWE6RLv%2ByINDw0fjpEFFEpB%2FNtlLw4MTgSK4M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bef6fc3dd839f1-FRA

GET
H3 200 plutosansdpdlight-web.woff
geosnippitsreboot.com/assets/plnn/files/ 59 KB
60 KB 50ms
48ms Font
font/woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geosnippitsreboot.com/assets/plnn/files/plutosansdpdlight-web.woff

Requested by

Host: geosnippitsreboot.com
URL: https://geosnippitsreboot.com/assets/plnn/files/app.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e462606602d426b676f2b6f9c0b6629b02f91204214898f7d4a56749c4e00d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://geosnippitsreboot.com/assets/plnn/files/app.css
Origin: https://geosnippitsreboot.com
accept-language: pl-PL,pl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 09:52:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89
alt-svc: h3=":443"; ma=86400
content-length: 60781
last-modified: Fri, 29 Mar 2024 08:40:44 GMT
server: cloudflare
etag: "66067e8c-ed6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6N5ha3%2BZ%2B9X1JJX2KXi9GdUxvWTWFEegPB8%2B3soNF%2FE98ORogAlV7r4hnbeyMpCz1iVy6bwrPfX95obSqCwSNC8CSQm9RS1r3B9j02zuDuEGU8G5sktanHOXGxrGOOOFFnLLxzdVLDY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bef6fd0e7439f1-FRA

GET
H3 200 ico-magnifying-glass-14x14.png
geosnippitsreboot.com/assets/plnn/files/ 1 KB
2 KB 78ms
77ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geosnippitsreboot.com/assets/plnn/files/ico-magnifying-glass-14x14.png

Requested by

Host: geosnippitsreboot.com
URL: https://geosnippitsreboot.com/assets/plnn/files/app.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d7224d9babceb8ed6e0b7c860678d49c0ea5b53df49153d8db99c18c1e4a986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://geosnippitsreboot.com/assets/plnn/files/app.css
accept-language: pl-PL,pl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 09:52:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89
alt-svc: h3=":443"; ma=86400
content-length: 1136
last-modified: Fri, 29 Mar 2024 08:40:44 GMT
server: cloudflare
etag: "66067e8c-470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2BcGkrnGbxdf3AFmuIu4ZXYIq88wtxum0kUvrbebR2osSFG%2BBGJp9NLuaNDmDH0TJbaPPJQCAg9vC0RXdmNutzsXpQpO6Qj4PZxWnp0BssutQG%2B%2BrCfCtPchufVfZxaucuahVZku%2FyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bef6fd0e7539f1-FRA

GET
H3 200 plutosansdpdregular-web.woff
geosnippitsreboot.com/assets/plnn/files/ 59 KB
59 KB 79ms
78ms Font
font/woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geosnippitsreboot.com/assets/plnn/files/plutosansdpdregular-web.woff

Requested by

Host: geosnippitsreboot.com
URL: https://geosnippitsreboot.com/assets/plnn/files/app.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c99d0b5a290e48d4e4cbb86c29dd12436f465696702a81ded130a411f1e98cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://geosnippitsreboot.com/assets/plnn/files/app.css
Origin: https://geosnippitsreboot.com
accept-language: pl-PL,pl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 09:52:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89
alt-svc: h3=":443"; ma=86400
content-length: 60042
last-modified: Fri, 29 Mar 2024 08:40:44 GMT
server: cloudflare
etag: "66067e8c-ea8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BXEFFC5D%2FyQfSWikUeAakRLk%2BzpVluhrnLjItKaD6g9RvnzfLtHq0tgf10hJXmfE5Va4TrmT%2Fx7lftfiZHVu35zm3Y45gY03Y4J13ppVMq4GlOOeFzqZbetyj6z6iHlv8Fs%2FG5hu9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bef6fd0e7639f1-FRA

GET
H3 200 favicon.ico
geosnippitsreboot.com/assets/plnn/files/ 1 KB
1 KB 51ms
51ms Other
image/x-icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geosnippitsreboot.com/assets/plnn/files/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aea80e00fd6ac1583e0a3b692ca30571d18545435c49590df96cdd7e0f7eadb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes
accept-language: pl-PL,pl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 09:52:02 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Mar 2024 08:40:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 87
etag: W/"66067e8c-47e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3w365CY5z2qEJKoge97vtjJGOmGGEoDxmBQqvas6KvI57J6I0LEZGXsIs2S9jA2U3lpUvrxMS%2B69qpjhdBIrnziy0qTweZOP4f5XPvJ5czSXqNDeaF7XmCNZUahC5z2bjQIF5SV0kyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 86bef6fd9eea39f1-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DPD (Transportation)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

geosnippitsreboot.com
wayuc.net
188.114.96.3
78.135.83.190
268b37ae55b70848676c6c100f52249325e99c6d511d95ebe841ad03bc685069
438df4c1bd39c959c09f81575c789beb3afbcd3b63474e3c9d43b5c95fdd5451
7a89397dda9a9adbd6a118c432895e46317944ce976d794c895f3788d27b0286
7d7224d9babceb8ed6e0b7c860678d49c0ea5b53df49153d8db99c18c1e4a986
85e34065774eebcb0f3d652d24ce47c0ecbfd5c190228a20d3dc7c698eb279e1
863a24f0e0d23c794479143baad6d856fcbdfaec2701a67988fbd5b85b5b1218
9e462606602d426b676f2b6f9c0b6629b02f91204214898f7d4a56749c4e00d0
9e72e47498366f1af8dc4972041ce63172ed73fc49553c3e729c66191e6ff2ea
aea80e00fd6ac1583e0a3b692ca30571d18545435c49590df96cdd7e0f7eadb9
c99d0b5a290e48d4e4cbb86c29dd12436f465696702a81ded130a411f1e98cd3
d3a9d53bed47724a9a3a6134220f6079537ca8d78c0e5cb70d6adc69f863b90c
e5f09705b4e1052ee58ce24a921810cd38a151051deb168cf58dc25cca746f36
fb96272804e7572bf87e994c11396f89f2ba19ef25225f5e01952cf9e01567cf

geosnippitsreboot.com Open in urlscan Pro 188.114.96.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

249 kBTransfer

448 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

geosnippitsreboot.com Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

249 kB
Transfer

448 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!