postnord-dk.icu
Open in
urlscan Pro
172.67.208.143
Malicious Activity!
Public Scan
Submission: On August 22 via automatic, source phishtank — Scanned from DK
Summary
TLS certificate: Issued by WE1 on August 20th 2024. Valid for: 3 months.
This is the only time postnord-dk.icu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PostNord AB (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
29 | 172.67.208.143 172.67.208.143 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
29 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
postnord-dk.icu
postnord-dk.icu |
390 KB |
29 | 1 |
Domain | Requested by | |
---|---|---|
29 | postnord-dk.icu |
postnord-dk.icu
|
29 | 1 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
postnord-dk.icu WE1 |
2024-08-20 - 2024-11-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://postnord-dk.icu/DSGzt9/
Frame ID: B5E0E8D2E50C4F2C828D92A7BBF23247
Requests: 29 HTTP requests in this frame
36 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Brug appen
Search URL Search Domain Scan URL
Title: Brug appen
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Kundeportalen
Search URL Search Domain Scan URL
Title: Netbutik
Search URL Search Domain Scan URL
Title: Gods Online
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Find Pakkeboks eller posthus
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
postnord-dk.icu/DSGzt9/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index-6a5a1645.js
postnord-dk.icu/DSGzt9/assets/ |
493 KB 146 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f6170fbbbRia6.css
postnord-dk.icu/DSGzt9/assets/ |
952 B 956 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
06974353ZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
786e03d7ZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
52 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
postnord-dk.icu/ |
632 B 1 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
70f23461ZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
34 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
09bf01f8ZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7de68cc5ZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ae452234ZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
117 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c27b6911ZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dba37626bRia6.css
postnord-dk.icu/DSGzt9/assets/ |
84 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5ce5fa4eZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4cd1ec68bRia6.css
postnord-dk.icu/DSGzt9/assets/ |
323 B 695 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
MC43NzM1MzE1OTA4NzU0NDM5
postnord-dk.icu/api/ |
532 B 904 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b1baedebZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
111 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
postnord-dk.icu/socket.io/ |
118 B 533 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c2deb89eZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
112 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f4397cedbRia6.css
postnord-dk.icu/DSGzt9/assets/ |
400 B 761 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
93914d45bRia6.woff2
postnord-dk.icu/DSGzt9/assets/ |
25 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7e113240bRia6.woff2
postnord-dk.icu/DSGzt9/assets/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6f78aac6bRia6.woff2
postnord-dk.icu/DSGzt9/assets/ |
27 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
postnord-dk.icu/socket.io/ |
2 B 413 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
postnord-dk.icu/socket.io/ |
32 B 440 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
postnord-dk.icu/socket.io/ |
58 B 485 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
postnord-dk.icu/socket.io/ |
2 B 412 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
postnord-dk.icu/socket.io/ |
98 B 517 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
postnord-dk.icu/socket.io/ |
1 B 404 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
MC40ODQ4NzcyNTI5MjQ0OTg0Ng==
postnord-dk.icu/api/ |
36 B 481 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PostNord AB (Transportation)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| IMask boolean| __vite_is_modern_browser boolean| __VUE__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
postnord-dk.icu
172.67.208.143
05affd9815693c3b671a53ffc38a60f36bfc470c087834e125941bf7dfa71a31
0dd309d6c971ab65c12ff410b469084b87516e4f720e04f2e698b46beea27dc7
229aabb3db33d604462e3d8a48ac853182dbffb8bc8b7c0229c0cfce12f254e2
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
43aac3f836f900f13718f562faba12662eb02249bb21672ad34101b1b37b2ef5
44194c17318edb717e421551162d503fb967445cc74a74262de58010a3071496
4b1a58eae69c38b656fcc5be6e4a650ead6c3029597b2ee2a4d4cc942e9dd6a5
4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64
684a6807a52e8934ec1adbd04c57efbfcba0f9b724cd0d895d5897e6e83da36c
6f78aac65f196e103c049969af692b75300c6ee41ece2df98293918edceca448
6ffa3c2999a0b44b762ca4db8bc565f9e73e8d2eaa995f65a32b4cf37bcf24f2
76b82471c29544fd879de7abdc151906da3f8812d2f74c68c4abfe24b87486fd
7e113240915eaee7a6b2ac0f50df00b852c409f6e9ec94067081dd24be92f214
7efcbd9a9cf0c49bf7d791790a99a623e7c6f127048bd41f42ea7e2d85a05eef
914cd9fdbc172d3edcf9a61f563cd296fd276d4d33e29c4e293937e9bd9760c7
9229bc150b7631494ae964c0185067f6d40d62dbba088ddf93026c0179062d50
93914d4538d1d68f086a4650fcaa932e8597caa2c86072650a44e9e7589955ff
a3481b83b5a989d47d6073b17f5991dd96c6fc1659348cdf19d0223c2ad774d5
b107f77594db3f7853a1cb841852eb0fc6e7ee2760c21728bbf4161f0aac6dcb
b1166fb0052605d6c229087e475ce0715585dad7eb40d2170252e1a350c8ee0c
b6f15c2d70ddbfaa73d033a48308ce0e286ad7d4bcafe90380a815764db70acb
bf2e92ac5fdfde49ccd3f829353e9b48bd0e4b32b5657ac6f3919d4b72b5243b
bfe487694adff1d4111e60cfd762873a9e29a06ce112877b50d8928beb334659
dba376269356c632a5a02c82da180a4b3370002aac4c5c715d9f91bb01f6e04e
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e82a18843adf1adcd57a350581835af847537e5cdecf35519f0b2a742547fe3b
f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917
f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911