0.zibertmunchen.life
Open in
urlscan Pro
188.166.68.96
Malicious Activity!
Public Scan
Submitted URL: https://www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/
Effective URL: https://0.zibertmunchen.life/?p=giytqmtdmu5gi3bpgy4denq&sub2=clark&sub1=demitoru
Submission Tags: phishing malicious Search All
Submission: On February 07 via api from IT — Scanned from IT
Effective URL: https://0.zibertmunchen.life/?p=giytqmtdmu5gi3bpgy4denq&sub2=clark&sub1=demitoru
Submission Tags: phishing malicious Search All
Submission: On February 07 via api from IT — Scanned from IT
Summary
This website contacted 7 IPs
in 5 countries
across 5 domains to perform 37 HTTP transactions.
The main IP is 188.166.68.96, located in
Amsterdam, Netherlands and
belongs to DIGITALOCEAN-ASN, US.
The main domain is 0.zibertmunchen.life.
TLS certificate: Issued by R3 on January 11th 2022. Valid for: 3 months.
This is the only time 0.zibertmunchen.life was scanned on urlscan.io!
TLS certificate: Issued by R3 on January 11th 2022. Valid for: 3 months.
This is the only time 0.zibertmunchen.life was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Poste Italiane (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 24 | 134.209.252.73 134.209.252.73 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 3 | 62.241.12.20 62.241.12.20 | 15720 (Viale Europa) (Viale Europa) | |
| 1 | 62.241.12.24 62.241.12.24 | 15720 (Viale Europa) (Viale Europa) | |
| 1 4 | 45.9.150.78 45.9.150.78 | 49447 (NICEIT) (NICEIT) | |
| 2 | 188.166.68.96 188.166.68.96 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 37 | 7 |
24
134.209.252.73
(Frankfurt am Main, Germany)
ASN14061 (DIGITALOCEAN-ASN, US)
PTR: host5.webapricot.am
ASN14061 (DIGITALOCEAN-ASN, US)
PTR: host5.webapricot.am
| www.fondfreedom.com |
4
45.9.150.78
(Switzerland)
ASN49447 (NICEIT, DM)
ASN49447 (NICEIT, DM)
| line.storerightdesicion.com | |
| chess.storerightdesicion.com |
2
188.166.68.96
(Amsterdam, Netherlands)
ASN14061 (DIGITALOCEAN-ASN, US)
ASN14061 (DIGITALOCEAN-ASN, US)
| zibertmunchen.life | |
| 0.zibertmunchen.life |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 24 |
fondfreedom.com
1 redirects
www.fondfreedom.com |
187 KB |
| 4 |
storerightdesicion.com
1 redirects
line.storerightdesicion.com — Cisco Umbrella Rank: 604795 chess.storerightdesicion.com Failed |
2 KB |
| 4 |
poste.it
securelogin.poste.it www.poste.it — Cisco Umbrella Rank: 142945 |
11 KB |
| 2 |
zibertmunchen.life
zibertmunchen.life Failed 0.zibertmunchen.life |
50 KB |
| 1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2427 |
25 KB |
| 37 | 5 |
| Domain | Requested by | |
|---|---|---|
| 24 | www.fondfreedom.com |
1 redirects
www.fondfreedom.com
|
| 3 | chess.storerightdesicion.com |
line.storerightdesicion.com
chess.storerightdesicion.com |
| 3 | securelogin.poste.it |
www.fondfreedom.com
|
| 1 | 0.zibertmunchen.life |
zibertmunchen.life
|
| 1 | zibertmunchen.life |
chess.storerightdesicion.com
|
| 1 | line.storerightdesicion.com |
www.fondfreedom.com
|
| 1 | www.poste.it |
www.fondfreedom.com
|
| 1 | stackpath.bootstrapcdn.com |
www.fondfreedom.com
|
| 37 | 8 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.fondfreedom.com R3 |
2022-01-19 - 2022-04-19 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-29 - 2023-01-29 |
a year | crt.sh |
| securelogin.poste.it GlobalSign Extended Validation CA - SHA256 - G3 |
2021-02-24 - 2022-03-28 |
a year | crt.sh |
| www.poste.it GlobalSign Extended Validation CA - SHA256 - G3 |
2021-02-24 - 2022-03-28 |
a year | crt.sh |
| line.storerightdesicion.com R3 |
2021-12-19 - 2022-03-19 |
3 months | crt.sh |
| chess.storerightdesicion.com R3 |
2021-12-19 - 2022-03-19 |
3 months | crt.sh |
| zibertmunchen.life R3 |
2022-01-11 - 2022-04-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://0.zibertmunchen.life/?p=giytqmtdmu5gi3bpgy4denq&sub2=clark&sub1=demitoru
Frame ID: FAE8FC81279516F89113AD1CF7388B3F
Requests: 41 HTTP requests in this frame
Screenshot
Page Title
verifica umanaPage URL History Show full URLs
-
https://www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/
HTTP 302
https://www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/payment.php Page URL
-
https://chess.storerightdesicion.com/s.php?pid=584-348576743-22
HTTP 302
https://chess.storerightdesicion.com/c.php?id=226-658347-44-223895 Page URL
- https://chess.storerightdesicion.com/go.php?id=79699-347-3485623-44 Page URL
- https://zibertmunchen.life/?p=giytqmtdmu5gi3bpgy4denq&sub2=clark&sub1=demitoru Page URL
- https://0.zibertmunchen.life/?p=giytqmtdmu5gi3bpgy4denq&sub2=clark&sub1=demitoru Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/
HTTP 302
https://www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/payment.php Page URL
-
https://chess.storerightdesicion.com/s.php?pid=584-348576743-22
HTTP 302
https://chess.storerightdesicion.com/c.php?id=226-658347-44-223895 Page URL
- https://chess.storerightdesicion.com/go.php?id=79699-347-3485623-44 Page URL
- https://zibertmunchen.life/?p=giytqmtdmu5gi3bpgy4denq&sub2=clark&sub1=demitoru Page URL
- https://0.zibertmunchen.life/?p=giytqmtdmu5gi3bpgy4denq&sub2=clark&sub1=demitoru Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/ HTTP 302
- https://www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/payment.php
- https://chess.storerightdesicion.com/s.php?pid=584-348576743-22 HTTP 302
- https://chess.storerightdesicion.com/c.php?id=226-658347-44-223895
37 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
payment.php
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/ Redirect Chain
|
19 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ |
152 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-poste-italiane-medium.png
securelogin.poste.it/risorse_dt/condivise/immagini/loghi/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
simplebar.css
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/plugins/simplebar/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
perfect-scrollbar.css
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/plugins/perfectscrollbar/css/ |
2 KB 695 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
metisMenu.min.css
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/plugins/metismenu/css/ |
2 KB 871 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
smart_wizard_all.mi.css
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/plugins/smartwizard/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pace.min.css
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/css/ |
2 KB 653 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pace.min.js
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/css/ |
185 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-extended.css
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.css
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/css/ |
35 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icons.css
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/css/ |
114 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dark-theme.css
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/css/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
semi-dark.css
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/css/ |
3 KB 812 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header-colors.css
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.bundle.min.js
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/js/ |
76 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/js/ |
90 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
simplebar.min.js
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/plugins/simplebar/js/ |
57 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
metisMenu.min.js
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/plugins/metismenu/js/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
perfect-scrollbar.js
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/plugins/perfectscrollbar/js/ |
26 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.smartWizard.min.js
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/plugins/smartwizard/js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
form-wizard.js
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/js/ |
3 KB 1001 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.js
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/js/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ico-chiamaci.png
securelogin.poste.it/risorse_dt/condivise/immagini/icone/icone-default-on/ |
677 B 1018 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ico-scrivici.png
securelogin.poste.it/risorse_dt/condivise/immagini/icone/icone-default-on/ |
630 B 971 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
ico-vieni-in-poste-cerca-up.png
securelogin.poste.it/risorse_dt/condivise/immagini/icone/icone-default-on/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cresceresostenibili.png
www.poste.it/img/1476527483616/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
valid.js
www.fondfreedom.com/wp-includes/js/tinymce/plugins/directionality/track/assets/js/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
line.storerightdesicion.com/ping/ |
1 KB 921 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
s.php
chess.storerightdesicion.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
c.php
chess.storerightdesicion.com/ Redirect Chain
|
912 B 671 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
go.php
chess.storerightdesicion.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
go.php
chess.storerightdesicion.com/ |
252 B 418 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
zibertmunchen.life/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
zibertmunchen.life/ |
25 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
748 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
0.zibertmunchen.life/ |
25 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
748 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
378 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
377 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- securelogin.poste.it
- URL
- https://securelogin.poste.it/risorse_dt/condivise/immagini/icone/icone-default-on/ico-vieni-in-poste-cerca-up.png
- Domain
- chess.storerightdesicion.com
- URL
- https://chess.storerightdesicion.com/s.php?pid=584-348576743-22
- Domain
- chess.storerightdesicion.com
- URL
- https://chess.storerightdesicion.com/go.php?id=79699-347-3485623-44
- Domain
- zibertmunchen.life
- URL
- https://zibertmunchen.life/?p=giytqmtdmu5gi3bpgy4denq&sub2=clark&sub1=demitoru
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Poste Italiane (Online)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS function| urlB64ToUint8Array3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.fondfreedom.com/ | Name: PHPSESSID Value: 15skvq23v5g84tupns4m6a9ls3 |
|
| .zibertmunchen.life/ | Name: uuid Value: 2f7cc83d-210d-4202-87d3-02e0d5ead09e |
|
| .0.zibertmunchen.life/ | Name: uuid Value: 2f7cc83d-210d-4202-87d3-02e0d5ead09e |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0.zibertmunchen.life
chess.storerightdesicion.com
line.storerightdesicion.com
securelogin.poste.it
stackpath.bootstrapcdn.com
www.fondfreedom.com
www.poste.it
zibertmunchen.life
chess.storerightdesicion.com
securelogin.poste.it
zibertmunchen.life
134.209.252.73
188.166.68.96
2606:4700::6812:bcf
45.9.150.78
62.241.12.20
62.241.12.24
099ac56e52f547f59624894dd9416afbcd13ba299bd439f649f597bee2b7a9c6
13eb5bf323748eeac033a52c0808a6cfd869aead32081ee3a5fd275d12d26134
199bf5253860461e080930bec92048b82628a653b0d6ccd9dffd54fd0870c468
2e90bf023b7b7faf91e6deb6630fa4294a063939b10e250e58085162a7fe28b0
40ebfe1c6d8aa2e889bb3a14314a9b90ec15715f9d758ea8b4de5ca166ee8967
4107c25521da5ee37c5d24e380378112c466e5e3d26925e2e296c7783de26f53
4cbca36d802725d8170ee71ee71c8fd2264ca9f2c02604726e17e774e9c2dbc7
50059bd6d627fe34cc644414b2516d08b3ada784803e9873625607e2fc914c42
53d559fbad2132e378cbfb5cf69d1eb9d49b8dd92593f3393b55b01f7df287f3
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
62fa616e35ad4686909a307b09da66ecd3be9a3a658d58a61f0557ec6d691736
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
705ab1e8a4c87d391dd8990b5edf1b62eebabf97403cfecded1e88b1529db2da
7baa865b9dafd450443b1b34e2987cb7bd077992e8debbe47457873b16f1c32e
7bf5b60e5622792947abb3b1f0961d929f858b901c00da4317aa3594ded24776
7df02cbdad5be43843d5494d69649e6d3f15d3695b279f032af44c76c76afa5d
8027afd3ac51d591ef45c0cad6192c3c7c839293a8501ef289bf9fb9079230d1
80760c513a5854e77007899dd6ac928816279727d308190b8ec4237cbdd005d1
84575d0fa5cc23015b6b8213423a6fe56584e79ef0e8ed30f5145f9868c8cf89
8c8ac2c86181d0dba70a4d86f623c3d6a162ff955bd2a89206110f2b5d09a87a
9dcc45b03d8ef705eea0bc8d41d77da961e4b5ea4eda67272fb59578da8cb4c1
9ff77f4a96667c4c35e7572f597b733d13f34396c8d5d4c9fac1d61da11c35f0
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
baa3e37b7cb949cffa48afde899c543fca4f3dab58f1f338935c80b53964a55a
be8bf51e97b8066bcf004785618cbf545c4dd6d383a1c3490e77ef64bb7a6f8d
c8b64511a8597d713810a56c7baeba21a04950030052f3e231235c9e3c0b98c8
cf68bfc0322a1c1b1bcf18aed542e1b4b414f684522f176814891cd90d9fc864
d26cdfa4e4c99bcd4d99047beff09a62f8e0c955654b7a4968acf1ebdc293cb8
dc12954ae8eba862b6281fd69436a64f45e55ff47f9d587e5391bbce61755a86
e09644c09a5f7c110e5c815f07b946c7bae88f7f7dbdf380cf4a670ae9550357
e859f0bbbf924a908ddd853c3f3b8736a81d323aaf5b19ccf03ebeb3ba166bbf
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e
f9dd4288dd2211672ed8d351a91c84830325a62844596e3f5d76fe090064abd0
fbbbf3cf89005ae24594626f6bbda6b07dedb60a1bddb69c498cff56ad73db70