postusers-ptg.icu Open in urlscan Pro
47.253.44.198 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.ly/OsbVK?a=qvEaP
Effective URL:
https://postusers-ptg.icu/pt/
Submission: On July 17 via manual (July 17th 2024, 8:47:41 am UTC) from GR — Scanned from GB

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 27 HTTP transactions. The main IP is 47.253.44.198, located in United States and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is postusers-ptg.icu.
TLS certificate: Issued by R11 on July 17th 2024. Valid for: 3 months.

This is the only time postusers-ptg.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Swiss Post (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6814:3775	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 28	47.253.44.198 47.253.44.198	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
27	1

1 2606:4700:10::6814:3775 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 47.253.44.198 (United States) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

postusers-ptg.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	postusers-ptg.icu 1 redirects postusers-ptg.icu	448 KB
1	t.ly 1 redirects t.ly — Cisco Umbrella Rank: 29484	1 KB
27	2

	Domain	Requested by
28	postusers-ptg.icu	1 redirects postusers-ptg.icu
1	t.ly	1 redirects
27	2

This site contains no links.

Subject Issuer	Validity	Valid
postusers-ptg.icu R11	`2024-07-17` - `2024-10-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://postusers-ptg.icu/pt/
Frame ID: 7C08D72559B10F5A071B466EA4D5FB6E
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.ly/OsbVK?a=qvEaP HTTP 302
https://postusers-ptg.icu/pt?a=qvEaP HTTP 301
https://postusers-ptg.icu/pt/ Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

27
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

447 kB
Transfer

1451 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.ly/OsbVK?a=qvEaP HTTP 302
https://postusers-ptg.icu/pt?a=qvEaP HTTP 301
https://postusers-ptg.icu/pt/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response postusers-ptg.icu/pt/ Redirect Chain https://t.ly/OsbVK?a=qvEaP https://postusers-ptg.icu/pt?a=qvEaP https://postusers-ptg.icu/pt/	2 KB 1 KB	111ms 111ms	Document text/html	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `c104e96e97fd7f9c5a4816ffb50539cc89bd034e9cf964f96211a2a658218985` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Wed, 17 Jul 2024 08:47:34 GMT ETag W/"666-18fc33e2930" Last-Modified Wed, 29 May 2024 07:26:22 GMT Server nginx/1.24.0 Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Access-Control-Allow-Origin * Connection keep-alive Content-Length 64 Content-Type text/html; charset=utf-8 Date Wed, 17 Jul 2024 08:47:34 GMT Location /pt/ Server nginx/1.24.0 Vary Accept
GET H/1.1	200 OK	index-d5dd028f.js Show response postusers-ptg.icu/pt/assets/	492 KB 146 KB	327ms 326ms	Script application/javascript	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `0308246c0484f7069cf81968b4a070b7440ca41969cf24175606c769032530f5` Request headers Referer https://postusers-ptg.icu/pt/ Origin https://postusers-ptg.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:34 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 07:26:32 GMT Server nginx/1.24.0 ETag W/"7b07c-18fc33e5040" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	f6170fbbzZtXD.css postusers-ptg.icu/pt/assets/	952 B 1 KB	521ms 191ms	Stylesheet text/css	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/f6170fbbzZtXD.css Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911` Request headers Referer https://postusers-ptg.icu/pt/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:35 GMT Last-Modified Wed, 29 May 2024 07:26:22 GMT Server nginx/1.24.0 ETag W/"3b8-18fc33e2930" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 952
GET H/1.1	200 OK	23dd9a612zwtb.js Show response postusers-ptg.icu/pt/assets/	5 KB 2 KB	109ms 108ms	Script application/javascript	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/23dd9a612zwtb.js Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `43fe9ded4af50a4b1310de1734c8cf2b9dd64451e204aecd00236d7613d922e2` Request headers Referer Origin https://postusers-ptg.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:35 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 07:26:26 GMT Server nginx/1.24.0 ETag W/"127b-18fc33e38d0" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	6896b9822zwtb.js Show response postusers-ptg.icu/pt/assets/	52 KB 17 KB	133ms 131ms	Script application/javascript	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/6896b9822zwtb.js Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `b8c99e879fa48b1629d109a091025b0da6e74178c02c13922a8814102fb77426` Request headers Referer Origin https://postusers-ptg.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:35 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 07:26:26 GMT Server nginx/1.24.0 ETag W/"d0db-18fc33e38d0" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	favicon.ico postusers-ptg.icu/	5 KB 6 KB	213ms 107ms	Other image/vnd.microsoft.icon	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `fc318c3144c47fbc707b298a601977a95ce5800573ec764950ea1dc1c5c02e6f` Request headers Referer https://postusers-ptg.icu/pt/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:35 GMT Last-Modified Wed, 29 May 2024 07:26:16 GMT Server nginx/1.24.0 ETag W/"1536-18fc33e11c0" Content-Type image/vnd.microsoft.icon Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 5430
GET H/1.1	200 OK	11a90fc72zwtb.js Show response postusers-ptg.icu/pt/assets/	34 KB 11 KB	112ms 110ms	Script application/javascript	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/11a90fc72zwtb.js Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `6bbbe252998178a4618fa9b0bf58f1fda39bcdca0a4e5d27853e26c82eb8cab2` Request headers Referer Origin https://postusers-ptg.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:35 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 07:26:22 GMT Server nginx/1.24.0 ETag W/"892d-18fc33e2930" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	09bf01f82zwtb.js Show response postusers-ptg.icu/pt/assets/	2 KB 1 KB	316ms 199ms	Script application/javascript	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/09bf01f82zwtb.js Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `9711b66c88c18bac0dc71b2558d3f7870461bdc51b5da2963c036eeb05414250` Request headers Referer Origin https://postusers-ptg.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:35 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 07:26:22 GMT Server nginx/1.24.0 ETag W/"88a-18fc33e2930" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	ce2f637a2zwtb.js Show response postusers-ptg.icu/pt/assets/	3 KB 1 KB	351ms 114ms	Script application/javascript	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/ce2f637a2zwtb.js Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `84548b958841c00c2b31f9574c7b3a7d89fc2c133ba2b6057ae1c0fa2125c498` Request headers Referer Origin https://postusers-ptg.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:35 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 07:26:30 GMT Server nginx/1.24.0 ETag W/"a52-18fc33e4870" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	be17c94c2zwtb.js Show response postusers-ptg.icu/pt/assets/	580 KB 151 KB	445ms 208ms	Script application/javascript	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/be17c94c2zwtb.js Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `eb80c93ba4c0c1f929c4b76bb86cfec6d45910ddf9e3c1dff1429c1f49726486` Request headers Referer Origin https://postusers-ptg.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:35 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 07:26:30 GMT Server nginx/1.24.0 ETag W/"90e4e-18fc33e4870" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	79d444cczZtXD.css postusers-ptg.icu/pt/assets/	13 KB 5 KB	235ms 159ms	Stylesheet text/css	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/79d444cczZtXD.css Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `79d444cc85b736617e80f2dd9c2f86a1026f7bd4fd6f2a1527e2ba29209946a4` Request headers Referer https://postusers-ptg.icu/pt/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:35 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 07:26:22 GMT Server nginx/1.24.0 ETag W/"3376-18fc33e2930" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	17b41af52zwtb.js Show response postusers-ptg.icu/pt/assets/	6 KB 3 KB	387ms 115ms	Script application/javascript	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/17b41af52zwtb.js Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `07e8d32ad1586e1698aee210256657f6ba0a4cd4136da0f9f6807f4dd222dfd3` Request headers Referer Origin https://postusers-ptg.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:35 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 07:26:22 GMT Server nginx/1.24.0 ETag W/"19da-18fc33e2930" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	c27b69112zwtb.js Show response postusers-ptg.icu/pt/assets/	2 KB 1 KB	434ms 163ms	Script application/javascript	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/c27b69112zwtb.js Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `5d19a0b262b41dded6b193fb73b9027227decef72f579f1a8b0dfdca1bc6ec2a` Request headers Referer Origin https://postusers-ptg.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:35 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 07:26:30 GMT Server nginx/1.24.0 ETag W/"779-18fc33e4870" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	90d68448zZtXD.css postusers-ptg.icu/pt/assets/	370 B 697 B	234ms 122ms	Stylesheet text/css	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/90d68448zZtXD.css Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `90d6844806a5e2ee88f1f9fbcc2c844a6fcc57988cb46f4f1e5a81d58441bbee` Request headers Referer https://postusers-ptg.icu/pt/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:35 GMT Last-Modified Wed, 29 May 2024 07:26:22 GMT Server nginx/1.24.0 ETag W/"172-18fc33e2930" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 370
POST H/1.1	200 OK	MC40Mzk1NTk4NDkzODMxNDI1 Show response postusers-ptg.icu/api/	692 B 937 B	243ms 242ms	XHR application/json	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/api/MC40Mzk1NTk4NDkzODMxNDI1 Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f3980438abbddcc7fff3bd9cf761a4c071586bc9514cd51953b7cff6d82df375` Request headers Referer https://postusers-ptg.icu/pt/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/encrypt Response headers Access-Control-Allow-Origin * Date Wed, 17 Jul 2024 08:47:35 GMT Server nginx/1.24.0 Connection keep-alive ETag W/"2b4-qIkIQnV9f0CMKl5PFYLhelwb1sY" Content-Length 692 Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	57c373272zwtb.js Show response postusers-ptg.icu/pt/assets/	111 KB 33 KB	123ms 123ms	Script application/javascript	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/57c373272zwtb.js Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `55261a2e8fd9669c30effc156e7e2951e53fd261ebb914333746dcfd80111c56` Request headers Referer Origin https://postusers-ptg.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:36 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 07:26:26 GMT Server nginx/1.24.0 ETag W/"1bb72-18fc33e38d0" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	/ Show response postusers-ptg.icu/socket.io/	118 B 339 B	109ms 108ms	XHR text/plain	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/socket.io/?EIO=4&transport=polling&t=P2_u2KJ Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/57c373272zwtb.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `6e9c8421a1f25ba2cebd47b88cc1171c5e2519321362ed70e5a26ec0884c68fc` Request headers Accept / Referer https://postusers-ptg.icu/pt/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 17 Jul 2024 08:47:36 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 118 Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	c6b4f9fc2zwtb.js Show response postusers-ptg.icu/pt/assets/	113 KB 36 KB	142ms 141ms	Script application/javascript	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/c6b4f9fc2zwtb.js Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `38ad59a78fedf73bdf35f98b3d45664612053e6c38dd50ff24cdad3b7ef28fdb` Request headers Referer Origin https://postusers-ptg.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:36 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 07:26:30 GMT Server nginx/1.24.0 ETag W/"1c5d3-18fc33e4870" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	f4397cedzZtXD.css postusers-ptg.icu/pt/assets/	400 B 727 B	107ms 107ms	Stylesheet text/css	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/f4397cedzZtXD.css Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917` Request headers Referer https://postusers-ptg.icu/pt/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:36 GMT Last-Modified Wed, 29 May 2024 07:26:22 GMT Server nginx/1.24.0 ETag W/"190-18fc33e2930" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 400
POST H/1.1	200 OK	/ Show response postusers-ptg.icu/socket.io/	2 B 205 B	235ms 233ms	XHR text/html	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/socket.io/?EIO=4&transport=polling&t=P2_u2M3&sid=jNURqNQqprEOq7D9AH4t Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/57c373272zwtb.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://postusers-ptg.icu/pt/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Wed, 17 Jul 2024 08:47:36 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 2 Content-Type text/html
GET H/1.1	200 OK	/ Show response postusers-ptg.icu/socket.io/	32 B 252 B	232ms 231ms	XHR text/plain	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/socket.io/?EIO=4&transport=polling&t=P2_u2M4&sid=jNURqNQqprEOq7D9AH4t Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/57c373272zwtb.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `d5ef1015a7764696054c411853473cfb48afe5f52f350df3a2ff46415c101133` Request headers Accept / Referer https://postusers-ptg.icu/pt/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 17 Jul 2024 08:47:36 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 32 Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	dc645ddfzZtXD.woff2 postusers-ptg.icu/pt/assets/	29 KB 29 KB	113ms 113ms	Font font/woff2	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/pt/assets/dc645ddfzZtXD.woff2 Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/79d444cczZtXD.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `dc645ddffd4b66feb1f5be4d4c661a9ab2e9be2a26c4a08b376ab68d9025dcd9` Request headers Referer https://postusers-ptg.icu/pt/assets/79d444cczZtXD.css Origin https://postusers-ptg.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Wed, 17 Jul 2024 08:47:36 GMT Last-Modified Wed, 29 May 2024 07:26:22 GMT Server nginx/1.24.0 ETag W/"730c-18fc33e2930" Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 29452
GET H/1.1	200 OK	/ Show response postusers-ptg.icu/socket.io/	59 B 279 B	114ms 114ms	XHR text/plain	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/socket.io/?EIO=4&transport=polling&t=P2_u2Pl&sid=jNURqNQqprEOq7D9AH4t Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/57c373272zwtb.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `41cd86de159b91a1e3dd4036cb9fab9579a18c58c29373341613ecb5a151b901` Request headers Accept / Referer https://postusers-ptg.icu/pt/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 17 Jul 2024 08:47:36 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 59 Content-Type text/plain; charset=UTF-8
POST H/1.1	200 OK	/ Show response postusers-ptg.icu/socket.io/	2 B 205 B	142ms 140ms	XHR text/html	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/socket.io/?EIO=4&transport=polling&t=P2_u2Pn&sid=jNURqNQqprEOq7D9AH4t Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/57c373272zwtb.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://postusers-ptg.icu/pt/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Wed, 17 Jul 2024 08:47:36 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 2 Content-Type text/html
GET H/1.1	200 OK	/ Show response postusers-ptg.icu/socket.io/	98 B 318 B	147ms 147ms	XHR text/plain	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/socket.io/?EIO=4&transport=polling&t=P2_u2RZ&sid=jNURqNQqprEOq7D9AH4t Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/57c373272zwtb.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `cda0b632eb7da8d5cb1d3d6c270644772d39e716b5d0d2272cccff575ea68137` Request headers Accept / Referer https://postusers-ptg.icu/pt/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 17 Jul 2024 08:47:36 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 98 Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	/ Show response postusers-ptg.icu/socket.io/	1 B 220 B	160ms 160ms	XHR text/plain	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/socket.io/?EIO=4&transport=polling&t=P2_u2Tv&sid=jNURqNQqprEOq7D9AH4t Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/57c373272zwtb.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683` Request headers Accept / Referer https://postusers-ptg.icu/pt/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 17 Jul 2024 08:47:36 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 1 Content-Type text/plain; charset=UTF-8
POST H/1.1	200 OK	MC4wNjgzNDU2NzQxOTUxNjA0Nw== Show response postusers-ptg.icu/api/	36 B 279 B	186ms 185ms	XHR application/json	47.253.44.198 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://postusers-ptg.icu/api/MC4wNjgzNDU2NzQxOTUxNjA0Nw== Requested by Host: postusers-ptg.icu URL: https://postusers-ptg.icu/pt/assets/index-d5dd028f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 47.253.44.198 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `c7f38ec5d0fa816cbeabb5e6e6d1c4ba6f765755fbd72648de3d7307df4789d1` Request headers Referer https://postusers-ptg.icu/pt/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/encrypt Response headers Access-Control-Allow-Origin * Date Wed, 17 Jul 2024 08:47:38 GMT Server nginx/1.24.0 Connection keep-alive ETag W/"24-iU10qChzkvAFmxto89bOuVRq3BI" Content-Length 36 Content-Type application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swiss Post (Transportation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| IMask boolean| __vite_is_modern_browser boolean| __VUE__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

postusers-ptg.icu
t.ly
2606:4700:10::6814:3775
47.253.44.198
0308246c0484f7069cf81968b4a070b7440ca41969cf24175606c769032530f5
07e8d32ad1586e1698aee210256657f6ba0a4cd4136da0f9f6807f4dd222dfd3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
38ad59a78fedf73bdf35f98b3d45664612053e6c38dd50ff24cdad3b7ef28fdb
41cd86de159b91a1e3dd4036cb9fab9579a18c58c29373341613ecb5a151b901
43fe9ded4af50a4b1310de1734c8cf2b9dd64451e204aecd00236d7613d922e2
55261a2e8fd9669c30effc156e7e2951e53fd261ebb914333746dcfd80111c56
5d19a0b262b41dded6b193fb73b9027227decef72f579f1a8b0dfdca1bc6ec2a
6bbbe252998178a4618fa9b0bf58f1fda39bcdca0a4e5d27853e26c82eb8cab2
6e9c8421a1f25ba2cebd47b88cc1171c5e2519321362ed70e5a26ec0884c68fc
79d444cc85b736617e80f2dd9c2f86a1026f7bd4fd6f2a1527e2ba29209946a4
84548b958841c00c2b31f9574c7b3a7d89fc2c133ba2b6057ae1c0fa2125c498
90d6844806a5e2ee88f1f9fbcc2c844a6fcc57988cb46f4f1e5a81d58441bbee
9711b66c88c18bac0dc71b2558d3f7870461bdc51b5da2963c036eeb05414250
b8c99e879fa48b1629d109a091025b0da6e74178c02c13922a8814102fb77426
c104e96e97fd7f9c5a4816ffb50539cc89bd034e9cf964f96211a2a658218985
c7f38ec5d0fa816cbeabb5e6e6d1c4ba6f765755fbd72648de3d7307df4789d1
cda0b632eb7da8d5cb1d3d6c270644772d39e716b5d0d2272cccff575ea68137
d5ef1015a7764696054c411853473cfb48afe5f52f350df3a2ff46415c101133
dc645ddffd4b66feb1f5be4d4c661a9ab2e9be2a26c4a08b376ab68d9025dcd9
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
eb80c93ba4c0c1f929c4b76bb86cfec6d45910ddf9e3c1dff1429c1f49726486
f3980438abbddcc7fff3bd9cf761a4c071586bc9514cd51953b7cff6d82df375
f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917
f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911
fc318c3144c47fbc707b298a601977a95ce5800573ec764950ea1dc1c5c02e6f

postusers-ptg.icu Open in urlscan Pro 47.253.44.198 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

447 kBTransfer

1451 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

postusers-ptg.icu Open in urlscan Pro
47.253.44.198 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

447 kB
Transfer

1451 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!