www.mbc.dream.com.swift2claim.com Open in urlscan Pro
196.203.63.106  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.mbc.dream.com.swift2claim.com/	3 KB 2 KB	277ms 84ms	Document text/html	196.203.63.106 TUNISIANA
General Check archive.org Show headers Download Go to Full URL https://www.mbc.dream.com.swift2claim.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 196.203.63.106 , Tunisia, ASN37693 (TUNISIANA, TN), Reverse DNS Software nginx / Resource Hash a5589103e0312dcdc28ef27cd6d8910fb393a08ac3ecd729ba1a876da162a186 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Mon, 20 Feb 2023 23:27:01 GMT Last-Modified Mon, 20 Feb 2023 23:26:16 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-Content-Type-Options nosniff X-Nginx-Upstream-Cache-Status EXPIRED X-Server-Powered-By Engintron X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	mbc_shaded.35f7c30d.png mydream.mbc.net/dream/static/media/	29 KB 30 KB	83ms 19ms	Image image/png	46.16.75.196 IONOS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mydream.mbc.net/dream/static/media/mbc_shaded.35f7c30d.png Requested by Host: www.mbc.dream.com.swift2claim.com URL: https://www.mbc.dream.com.swift2claim.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.16.75.196 , Germany, ASN51862 (IONOS-AS, DE), Reverse DNS ip46-16-75-196.pbiaas.com Software nginx/1.20.1 / Resource Hash 59d8982d46421484517e56a36525ee2fef2cecb2c7eaa0f3ba8adfbe7a32c374 Request headers accept-language de-DE,de;q=0.9 Referer https://www.mbc.dream.com.swift2claim.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 23:27:01 GMT X-GeoCountry Germany Last-Modified Wed, 15 Feb 2023 13:17:08 GMT Server nginx/1.20.1 ETag "63ecdb54-7508" X-GeoCode DE Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 29960
GET H/1.1	200 OK	dream1.png swift2claim.com/img/	5 KB 5 KB	377ms 58ms	Image image/png	196.203.63.106 TUNISIANA
General Check archive.org Show headers Download Go to Show image Full URL https://swift2claim.com/img/dream1.png Requested by Host: www.mbc.dream.com.swift2claim.com URL: https://www.mbc.dream.com.swift2claim.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 196.203.63.106 , Tunisia, ASN37693 (TUNISIANA, TN), Reverse DNS Software nginx / Resource Hash bc3d49628b6e283cabde2bea3737b173f1fc66607de499eceba2207aa5ca8358 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.mbc.dream.com.swift2claim.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Expires Fri, 21 Apr 2023 23:27:01 GMT Date Mon, 20 Feb 2023 23:27:01 GMT X-Server-Powered-By Engintron X-Content-Type-Options nosniff Last-Modified Mon, 20 Feb 2023 20:57:23 GMT Server nginx Content-Type image/png Cache-Control max-age=5184000 Connection keep-alive Accept-Ranges bytes Content-Length 4955 X-XSS-Protection 1; mode=block X-Nginx-Upstream-Cache-Status HIT
GET H/1.1	200 OK	dream-j23_p100-ar.ba6b5241.png mydream.mbc.net/dream/static/media/	446 KB 447 KB	67ms 20ms	Image image/png	46.16.75.196 IONOS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mydream.mbc.net/dream/static/media/dream-j23_p100-ar.ba6b5241.png Requested by Host: www.mbc.dream.com.swift2claim.com URL: https://www.mbc.dream.com.swift2claim.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.16.75.196 , Germany, ASN51862 (IONOS-AS, DE), Reverse DNS ip46-16-75-196.pbiaas.com Software nginx/1.20.1 / Resource Hash fe29cc02680a3f2c92bb60906a50003b957dd47a4d4b957c110b6224bc55c979 Request headers accept-language de-DE,de;q=0.9 Referer https://www.mbc.dream.com.swift2claim.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 23:27:01 GMT X-GeoCountry Germany Last-Modified Wed, 15 Feb 2023 13:17:08 GMT Server nginx/1.20.1 ETag "63ecdb54-6f9c6" X-GeoCode DE Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 457158
GET H2	200	3796ecd.js Show response d2bb5k76l7oivo.cloudfront.net/	23 KB 7 KB	252ms 206ms	Script application/javascript	2600:9000:211a:4400:d:e9c:2500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2bb5k76l7oivo.cloudfront.net/3796ecd.js Requested by Host: www.mbc.dream.com.swift2claim.com URL: https://www.mbc.dream.com.swift2claim.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:4400:d:e9c:2500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d212a5a732e0632cb7a63412830a021c8c0a4aaa835a604ef008c1b0e4b00300 Request headers accept-language de-DE,de;q=0.9 Referer https://www.mbc.dream.com.swift2claim.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 23:18:48 GMT content-encoding br via 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront) last-modified Wed, 11 Jan 2023 21:50:46 GMT server AmazonS3 x-amz-cf-pop VIE50-C2 age 499 etag W/"8ab72c4473621e1b30a24ec89af90bcf" vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript x-amz-cf-id 0-lEchtXEUHhePair8sLFAFRFZtjCKTL6BZRAnBcZ4mCeX7TfF8cmg==
GET H/1.1	200 OK	background_clouds.e473d46a.jpg mbc.mobc.com/Dream_MBC_Online/images/	322 KB 322 KB	1133ms 302ms	Image image/jpeg	213.132.48.103 DU-AS1
General Check archive.org Show headers Download Go to Show image Full URL https://mbc.mobc.com/Dream_MBC_Online/images/background_clouds.e473d46a.jpg Requested by Host: www.mbc.dream.com.swift2claim.com URL: https://www.mbc.dream.com.swift2claim.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 213.132.48.103 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 149d6bea3b9c48e17c6609fdccdc4739e0baa57d44ba04d9a38eeebe788c1886 Request headers accept-language de-DE,de;q=0.9 Referer https://www.mbc.dream.com.swift2claim.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 23:27:05 GMT Last-Modified Tue, 29 Dec 2020 19:13:29 GMT Server Microsoft-IIS/8.5 ETag "8092bfb016ded61:0" X-Powered-By ASP.NET Content-Type image/jpeg Accept-Ranges bytes Content-Length 329584
GET H2	200	html.3272051.2122d.0.js Show response d2punpeg7vtjci.cloudfront.net/public/external/v2/	14 KB 14 KB	412ms 342ms	Script application/javascript	2600:9000:2260:2000:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/external/v2/html.3272051.2122d.0.js Requested by Host: d2bb5k76l7oivo.cloudfront.net URL: https://d2bb5k76l7oivo.cloudfront.net/3796ecd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2260:2000:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 645f07baef01b60dfefc31892559fda5388f3356ec2b80dc7e23379143262ac7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.mbc.dream.com.swift2claim.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 23:27:01 GMT via 1.1 f5a41f2e2650c6e3da553e0f45e52bfa.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop TXL50-P3 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id BAncd8mQvwbZmwhoVMf2PR5p08U5NdfosAEcSIEXCkYm6VFedYqoaw==
GET H2	200	css_front.css d2punpeg7vtjci.cloudfront.net/public/external/	6 KB 7 KB	246ms 177ms	Stylesheet text/css	2600:9000:2260:2000:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/external/css_front.css Requested by Host: d2bb5k76l7oivo.cloudfront.net URL: https://d2bb5k76l7oivo.cloudfront.net/3796ecd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2260:2000:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers accept-language de-DE,de;q=0.9 Referer https://www.mbc.dream.com.swift2claim.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 23:27:01 GMT via 1.1 f5a41f2e2650c6e3da553e0f45e52bfa.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop TXL50-P3 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id 9fWswg3nsew3DSdNxS8eEUrZtDDS1P00knMZ8G_yY99zznEIpvCWHQ==
GET H2	200	css.css d2punpeg7vtjci.cloudfront.net/public/clockers/PrimeApps/	1010 B 1 KB	176ms 176ms	Stylesheet text/css	2600:9000:2260:2000:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/clockers/PrimeApps/css.css Requested by Host: d2bb5k76l7oivo.cloudfront.net URL: https://d2bb5k76l7oivo.cloudfront.net/3796ecd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2260:2000:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers accept-language de-DE,de;q=0.9 Referer https://www.mbc.dream.com.swift2claim.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 23:27:02 GMT via 1.1 f5a41f2e2650c6e3da553e0f45e52bfa.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop TXL50-P3 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id PTCwMDxK9z78vMZhMinBcaVZpetb4za9lAJF_ZDMUirTKP7lZgXX9w==
GET H2	200	guid Show response d2punpeg7vtjci.cloudfront.net/public/	0 278 B	175ms 175ms	Script text/html	2600:9000:2260:2000:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/guid?cpguid=ip7facpxr&e=ll&t=1676935622543 Requested by Host: d2bb5k76l7oivo.cloudfront.net URL: https://d2bb5k76l7oivo.cloudfront.net/3796ecd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2260:2000:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.mbc.dream.com.swift2claim.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 23:27:02 GMT via 1.1 f5a41f2e2650c6e3da553e0f45e52bfa.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop TXL50-P3 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id 44DlQnEHzpbmMPq0WYNBbpvzMO_68Sg1yaF7GqnIAnFGsfg7QqwI-Q==
GET H2	200	check.php Show response d2punpeg7vtjci.cloudfront.net/public/external/	78 B 372 B	338ms 338ms	Script application/javascript	2600:9000:2260:2000:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/external/check.php?it=3272051&time=1676935624132 Requested by Host: d2bb5k76l7oivo.cloudfront.net URL: https://d2bb5k76l7oivo.cloudfront.net/3796ecd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2260:2000:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language de-DE,de;q=0.9 Referer https://www.mbc.dream.com.swift2claim.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 23:27:04 GMT via 1.1 f5a41f2e2650c6e3da553e0f45e52bfa.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop TXL50-P3 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id wppoCnDC6RmbbkV8ZTl10s5jrQRZvHfarmDxX3mndpz8MpT7U9sykw==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.mbc.dream.com.swift2claim.com/	1970-01-20 10:03:19	Name: _cpguid Value: ip7facpxr

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2bb5k76l7oivo.cloudfront.net
d2punpeg7vtjci.cloudfront.net
mbc.mobc.com
mydream.mbc.net
swift2claim.com
www.mbc.dream.com.swift2claim.com
196.203.63.106
213.132.48.103
2600:9000:211a:4400:d:e9c:2500:21
2600:9000:2260:2000:1c:8de0:8c80:21
46.16.75.196
149d6bea3b9c48e17c6609fdccdc4739e0baa57d44ba04d9a38eeebe788c1886
59d8982d46421484517e56a36525ee2fef2cecb2c7eaa0f3ba8adfbe7a32c374
645f07baef01b60dfefc31892559fda5388f3356ec2b80dc7e23379143262ac7
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a5589103e0312dcdc28ef27cd6d8910fb393a08ac3ecd729ba1a876da162a186
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
bc3d49628b6e283cabde2bea3737b173f1fc66607de499eceba2207aa5ca8358
d212a5a732e0632cb7a63412830a021c8c0a4aaa835a604ef008c1b0e4b00300
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe29cc02680a3f2c92bb60906a50003b957dd47a4d4b957c110b6224bc55c979