geosnippitsreboot.com
Open in
urlscan Pro
188.114.96.3
Malicious Activity!
Public Scan
Effective URL: https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes
Submission: On March 29 via manual from PL — Scanned from PL
Summary
TLS certificate: Issued by GTS CA 1P5 on March 5th 2024. Valid for: 3 months.
This is the only time geosnippitsreboot.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DPD (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 78.135.83.190 78.135.83.190 | 207326 (HOSTLAB) (HOSTLAB) | |
2 15 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
geosnippitsreboot.com
2 redirects
geosnippitsreboot.com |
250 KB |
1 |
wayuc.net
wayuc.net |
464 B |
14 | 2 |
Domain | Requested by | |
---|---|---|
15 | geosnippitsreboot.com |
2 redirects
wayuc.net
geosnippitsreboot.com |
1 | wayuc.net | |
14 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
wayuc.net ZeroSSL RSA Domain Secure Site CA |
2024-03-03 - 2024-06-01 |
3 months | crt.sh |
geosnippitsreboot.com GTS CA 1P5 |
2024-03-05 - 2024-06-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes
Frame ID: 54000CCDCA87322E00689D0DED3FC40A
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Follow My ParcelPage URL History Show full URLs
- https://wayuc.net/dla/2/paczki.html Page URL
-
https://geosnippitsreboot.com/assets/plnn
HTTP 301
https://geosnippitsreboot.com/assets/plnn/ HTTP 302
https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes Page URL
Detected technologies
ZURB Foundation (Web Frameworks) ExpandDetected patterns
- <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://wayuc.net/dla/2/paczki.html Page URL
-
https://geosnippitsreboot.com/assets/plnn
HTTP 301
https://geosnippitsreboot.com/assets/plnn/ HTTP 302
https://geosnippitsreboot.com/assets/plnn/tracking-load.html?ssl=yes Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
paczki.html
wayuc.net/dla/2/ |
203 B 464 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
tracking-load.html
geosnippitsreboot.com/assets/plnn/ Redirect Chain
|
23 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.css
geosnippitsreboot.com/assets/plnn/files/ |
183 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app2.css
geosnippitsreboot.com/assets/plnn/files/ |
29 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dpd.png
geosnippitsreboot.com/assets/plnn/files/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
claim.png
geosnippitsreboot.com/assets/plnn/files/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
warning_red.png
geosnippitsreboot.com/assets/plnn/files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loading.gif
geosnippitsreboot.com/assets/plnn/files/ |
17 KB 18 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dpd_group_82x22.png
geosnippitsreboot.com/assets/plnn/files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dpd-mobile.png
geosnippitsreboot.com/assets/plnn/files/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
plutosansdpdlight-web.woff
geosnippitsreboot.com/assets/plnn/files/ |
59 KB 60 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ico-magnifying-glass-14x14.png
geosnippitsreboot.com/assets/plnn/files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
plutosansdpdregular-web.woff
geosnippitsreboot.com/assets/plnn/files/ |
59 KB 59 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
geosnippitsreboot.com/assets/plnn/files/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DPD (Transportation)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onpagereveal0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
geosnippitsreboot.com
wayuc.net
188.114.96.3
78.135.83.190
268b37ae55b70848676c6c100f52249325e99c6d511d95ebe841ad03bc685069
438df4c1bd39c959c09f81575c789beb3afbcd3b63474e3c9d43b5c95fdd5451
7a89397dda9a9adbd6a118c432895e46317944ce976d794c895f3788d27b0286
7d7224d9babceb8ed6e0b7c860678d49c0ea5b53df49153d8db99c18c1e4a986
85e34065774eebcb0f3d652d24ce47c0ecbfd5c190228a20d3dc7c698eb279e1
863a24f0e0d23c794479143baad6d856fcbdfaec2701a67988fbd5b85b5b1218
9e462606602d426b676f2b6f9c0b6629b02f91204214898f7d4a56749c4e00d0
9e72e47498366f1af8dc4972041ce63172ed73fc49553c3e729c66191e6ff2ea
aea80e00fd6ac1583e0a3b692ca30571d18545435c49590df96cdd7e0f7eadb9
c99d0b5a290e48d4e4cbb86c29dd12436f465696702a81ded130a411f1e98cd3
d3a9d53bed47724a9a3a6134220f6079537ca8d78c0e5cb70d6adc69f863b90c
e5f09705b4e1052ee58ce24a921810cd38a151051deb168cf58dc25cca746f36
fb96272804e7572bf87e994c11396f89f2ba19ef25225f5e01952cf9e01567cf