urlscan.io logo urlscan.io
SecurityTrails logo

78254429inf82.sells-for-u.com Open in urlscan Pro
162.0.228.17  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Submission: On December 30 via manual from EE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 21 HTTP transactions. The main IP is 162.0.228.17, located in United States and belongs to NAMECHEAP-NET, US. The main domain is 78254429inf82.sells-for-u.com.
TLS certificate: Issued by R3 on December 29th 2022. Valid for: 3 months.
This is the only time 78254429inf82.sells-for-u.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SEB Group (Banking)

Domain & IP information

IP Address AS Autonomous System
18 162.0.228.17 22612 (NAMECHEAP...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
21 3
Apex Domain
Subdomains		 Transfer
18 sells-for-u.com
78254429inf82.sells-for-u.com
325 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356
35 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1204
14 KB
21 3
Domain Requested by
18 78254429inf82.sells-for-u.com 78254429inf82.sells-for-u.com
2 cdnjs.cloudflare.com 78254429inf82.sells-for-u.com
1 maxcdn.bootstrapcdn.com 78254429inf82.sells-for-u.com
21 3

This site contains no links.

Subject Issuer Validity Valid
78254429inf82.sells-for-u.com
R3		 2022-12-29 -
2023-03-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Frame ID: 6A89D162A66CF8C4CE1C3F8C42B71200
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SEB Erakliendi Internetipank / Login sisse

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

374 kB
Transfer

868 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request oauth.php
78254429inf82.sells-for-u.com/ee/login/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
70ff4aac368acbd9f2b8c6752c8b31125575410d60f5e8e9010935ec8c193f59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 10:08:11 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
styles.css
78254429inf82.sells-for-u.com/ee/login/css/ 		234 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/styles.css
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
ec5832786fb977400e95400261f6ca5207ce29d7e0fed480492964a039cc3482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 23:18:26 GMT
server
nginx
etag
W/"63990842-3a6b0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 30 Dec 2022 22:08:12 GMT
consent.css
78254429inf82.sells-for-u.com/ee/login/css/ 		1 KB
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/consent.css
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
4b22dfb3dd8a5e8201d74ae4a3e0478adc86e00ea6f1ca3ddd86e5a235c9a55e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 23:18:22 GMT
server
nginx
etag
W/"6399083e-483"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 30 Dec 2022 22:08:12 GMT
fonts.css
78254429inf82.sells-for-u.com/ee/login/css/ 		2 KB
678 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/fonts.css
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
0da21b786de8d0874e94672918cdb16c1a5023ca7b2b8ae1c46c0392ca43744b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 23:20:48 GMT
server
nginx
etag
W/"639908d0-93d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 30 Dec 2022 22:08:12 GMT
styles_content_desktop.css
78254429inf82.sells-for-u.com/ee/login/css/ 		86 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/styles_content_desktop.css
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
58999bf942b956c342831f0ef08282c6301479be6bd3b42d32c5aca79daa93cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 23:22:42 GMT
server
nginx
etag
W/"63990942-159c4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 30 Dec 2022 22:08:12 GMT
styles_frame_wide.cache680032247.css
78254429inf82.sells-for-u.com/ee/login/css/ 		33 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/styles_frame_wide.cache680032247.css
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
a22269e29ab4003169b0545908c0ac4a753509bb80f29bad4396e9b93dbd5c0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 23:24:20 GMT
server
nginx
etag
W/"639909a4-849b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 30 Dec 2022 22:08:12 GMT
seb_logotype_rgb.svg
78254429inf82.sells-for-u.com/ee/login/css/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/seb_logotype_rgb.svg
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
7a7bccff70302456e747faae2f97c0ac05f15d9d128b8fe974e2fab776f4e5c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 13 Dec 2022 23:17:26 GMT
server
nginx
etag
"63990806-4af"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1199
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.6.1/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.6.1/jquery.min.js
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5396572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28293
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-164ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYwPw%2FWqjywMw%2BQBXUTuhVVKH30eCH6%2By%2FQ7o4PHYNqXuS%2Fiidg4zf%2B%2Fx9c9YE5GQzm0zQSmczvVROsVSEA1zio%2BgWYyghRcCsLavpGNPGYcQjMpUyOZm3DImEs48ZSWNwT%2FxLnll%2BYorZZS%2Bfre9XIx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7819f90bee11bbb5-FRA
expires
Wed, 20 Dec 2023 10:08:12 GMT
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1955140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6638
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-5a1e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmJCD23Amh8YKGxgTx7y9ye7ukmXFiqy2OWojVUaNq4ue0jwauE6JkcGZWSm%2FCmZ3SDm8bNjxJSfD1xW603kFDJSmSPGm9I3gk2UNHMa5OWuKu2K5J1QKW%2BwgrDW%2FAObJbNT9kh6MtKzS3Ylw73mKeRy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7819f90bee14bbb5-FRA
expires
Wed, 20 Dec 2023 10:08:12 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617, 617
age
29297588
cdn-cachedat
2021-06-08 14:29:21
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
395e10f82368220a7b7579d8f1c28956
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
7819f90bedb19193-FRA
cdn-requestpullsuccess
True
styles_content_portable.css
78254429inf82.sells-for-u.com/ee/login/css/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/styles_content_portable.css
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
cefacc3eafd83a347a149bc0cac4cf05c1480461c8036b1334e404c31d3fc87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 23:21:56 GMT
server
nginx
etag
W/"63990914-744b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 30 Dec 2022 22:08:12 GMT
styles_notsupported.cache680032247.css
78254429inf82.sells-for-u.com/ee/login/css/ 		154 B
357 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/styles_notsupported.cache680032247.css
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
fd9838183c4125f84ef471dcba1a2b5952f2fa85fda91977ab13507da61fb95c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 13 Dec 2022 23:24:36 GMT
server
nginx
etag
"639909b4-9a"
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
content-length
154
expires
Fri, 30 Dec 2022 22:08:12 GMT
styles_frame_narrow.cache680032247.css
78254429inf82.sells-for-u.com/ee/login/css/ 		82 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/styles_frame_narrow.cache680032247.css
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
0a21b73acc44d250f6aca228c6d732c1e50fbf44175e30a9e5d2d76d2a7dfdbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 23:24:14 GMT
server
nginx
etag
W/"6399099e-1483f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 30 Dec 2022 22:08:12 GMT
styles_frame_narrow_extend.cache680032247.css
78254429inf82.sells-for-u.com/ee/login/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/styles_frame_narrow_extend.cache680032247.css
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
5d731ba73487154f73156cf099b40c50a3d0f596c974ce52ee0a5086c5b3c9aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 23:24:18 GMT
server
nginx
etag
W/"639909a2-b63"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 30 Dec 2022 22:08:12 GMT
styles_frame_medium.cache680032247.css
78254429inf82.sells-for-u.com/ee/login/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/styles_frame_medium.cache680032247.css
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
7e2a74cd248ba3d28ca3a5c0a28e49d7c005b3efa0b1974a703beef60ec70e78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/ee/login/oauth.php?authorize_type=code&appIdKey=7339e0fe0c42ae4&country=ET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 23:24:10 GMT
server
nginx
etag
W/"6399099a-255c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 30 Dec 2022 22:08:12 GMT
bg_private.png
78254429inf82.sells-for-u.com/ee/login/css/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/bg_private.png
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/css/styles_frame_wide.cache680032247.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
92aa8109b5f9a5896665be0e003501733c7cff19874abe6c0308e255f5b500b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/ee/login/css/styles_frame_wide.cache680032247.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 13 Dec 2022 23:18:00 GMT
server
nginx
etag
"63990828-1434d"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
82765
expires
Sun, 29 Jan 2023 10:08:12 GMT
SEBSansSerif-Regular.woff
78254429inf82.sells-for-u.com/ee/login/css/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/SEBSansSerif-Regular.woff
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
d261343362265355dacf1d3e20e78983480a505dc95bebac5dc6439ef441dd17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://78254429inf82.sells-for-u.com/ee/login/css/fonts.css
Origin
https://78254429inf82.sells-for-u.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 13 Dec 2022 23:19:30 GMT
server
nginx
etag
"63990882-ab5c"
content-type
font/woff
accept-ranges
bytes
content-length
43868
bg22b.png
78254429inf82.sells-for-u.com/ee/login/css/ 		144 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/bg22b.png
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/css/styles_content_desktop.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
a2c6c4e0cedf8c3afa92d6d27e3a1647b27bfa9cc1a14a4b1d60dba9bc66ed56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://78254429inf82.sells-for-u.com/ee/login/css/styles_content_desktop.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 13 Dec 2022 23:18:06 GMT
server
nginx
etag
"6399082e-90"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
144
expires
Sun, 29 Jan 2023 10:08:12 GMT
SEBSansSerif-Bold.woff
78254429inf82.sells-for-u.com/ee/login/css/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/SEBSansSerif-Bold.woff
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
7a49247a2da465ca0d773044badce7fb5858ca741b569df92ce9f207ed5c7e00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://78254429inf82.sells-for-u.com/ee/login/css/fonts.css
Origin
https://78254429inf82.sells-for-u.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 13 Dec 2022 23:19:26 GMT
server
nginx
etag
"6399087e-adac"
content-type
font/woff
accept-ranges
bytes
content-length
44460
sebicons.woff
78254429inf82.sells-for-u.com/ee/login/css/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/sebicons.woff?-clvi3d
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
1796db684596632ed37a7fcd5c9a02fb2f7f1f7cdf4ee6c3b866260c39395fde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://78254429inf82.sells-for-u.com/ee/login/css/fonts.css
Origin
https://78254429inf82.sells-for-u.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 13 Dec 2022 23:19:30 GMT
server
nginx
etag
"63990882-1f04"
content-type
font/woff
accept-ranges
bytes
content-length
7940
SEBSansSerif-Medium.woff
78254429inf82.sells-for-u.com/ee/login/css/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://78254429inf82.sells-for-u.com/ee/login/css/SEBSansSerif-Medium.woff
Requested by
Host: 78254429inf82.sells-for-u.com
URL: https://78254429inf82.sells-for-u.com/ee/login/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.228.17 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.qx3bi8lx.com
Software
nginx /
Resource Hash
8959c5f937555929877f9ea348bfa7f7f590d5b06048419170f97b4834a328c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://78254429inf82.sells-for-u.com/ee/login/css/fonts.css
Origin
https://78254429inf82.sells-for-u.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 10:08:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 13 Dec 2022 23:19:28 GMT
server
nginx
etag
"63990880-aba8"
content-type
font/woff
accept-ranges
bytes
content-length
43944

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SEB Group (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery object| bootstrap

1 Cookies

Domain/Path Name / Value
78254429inf82.sells-for-u.com/ Name: PHPSESSID
Value: uog0thn8q288g4672sh69b6bca

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

78254429inf82.sells-for-u.com
cdnjs.cloudflare.com
maxcdn.bootstrapcdn.com
162.0.228.17
2606:4700::6811:180e
2606:4700::6812:bcf
0a21b73acc44d250f6aca228c6d732c1e50fbf44175e30a9e5d2d76d2a7dfdbc
0da21b786de8d0874e94672918cdb16c1a5023ca7b2b8ae1c46c0392ca43744b
1796db684596632ed37a7fcd5c9a02fb2f7f1f7cdf4ee6c3b866260c39395fde
4b22dfb3dd8a5e8201d74ae4a3e0478adc86e00ea6f1ca3ddd86e5a235c9a55e
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
58999bf942b956c342831f0ef08282c6301479be6bd3b42d32c5aca79daa93cb
5d731ba73487154f73156cf099b40c50a3d0f596c974ce52ee0a5086c5b3c9aa
70ff4aac368acbd9f2b8c6752c8b31125575410d60f5e8e9010935ec8c193f59
7a49247a2da465ca0d773044badce7fb5858ca741b569df92ce9f207ed5c7e00
7a7bccff70302456e747faae2f97c0ac05f15d9d128b8fe974e2fab776f4e5c7
7e2a74cd248ba3d28ca3a5c0a28e49d7c005b3efa0b1974a703beef60ec70e78
8959c5f937555929877f9ea348bfa7f7f590d5b06048419170f97b4834a328c9
92aa8109b5f9a5896665be0e003501733c7cff19874abe6c0308e255f5b500b4
a22269e29ab4003169b0545908c0ac4a753509bb80f29bad4396e9b93dbd5c0e
a2c6c4e0cedf8c3afa92d6d27e3a1647b27bfa9cc1a14a4b1d60dba9bc66ed56
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
cefacc3eafd83a347a149bc0cac4cf05c1480461c8036b1334e404c31d3fc87c
d261343362265355dacf1d3e20e78983480a505dc95bebac5dc6439ef441dd17
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ec5832786fb977400e95400261f6ca5207ce29d7e0fed480492964a039cc3482
fd9838183c4125f84ef471dcba1a2b5952f2fa85fda91977ab13507da61fb95c