muscleup.co.in
Open in
urlscan Pro
2a06:98c1:3121::3
Malicious Activity!
Public Scan
Submission: On September 20 via api from GB — Scanned from CH
Summary
TLS certificate: Issued by GTS CA 1P5 on September 14th 2023. Valid for: 3 months.
This is the only time muscleup.co.in was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Schweizerische Bundesbahnen (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 27 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 18.158.200.52 18.158.200.52 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 193.203.121.145 193.203.121.145 | 31004 (SBB-CFF-F...) (SBB-CFF-FFS Telecom SBB) | |
1 | 52.222.228.32 52.222.228.32 | 16509 (AMAZON-02) (AMAZON-02) | |
27 | 4 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-200-52.eu-central-1.compute.amazonaws.com
cdn.app.sbb.ch |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-228-32.fra56.r.cloudfront.net
logs1407.xiti.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
muscleup.co.in
3 redirects
muscleup.co.in |
340 KB |
1 |
xiti.com
logs1407.xiti.com — Cisco Umbrella Rank: 76637 |
307 B |
1 |
swisspass.ch
resources.swisspass.ch |
221 KB |
1 |
sbb.ch
cdn.app.sbb.ch — Cisco Umbrella Rank: 318790 |
14 KB |
27 | 4 |
Domain | Requested by | |
---|---|---|
27 | muscleup.co.in |
3 redirects
muscleup.co.in
|
1 | logs1407.xiti.com |
muscleup.co.in
|
1 | resources.swisspass.ch |
muscleup.co.in
|
1 | cdn.app.sbb.ch |
muscleup.co.in
|
27 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.swisspass.ch |
Subject Issuer | Validity | Valid | |
---|---|---|---|
muscleup.co.in GTS CA 1P5 |
2023-09-14 - 2023-12-13 |
3 months | crt.sh |
*.app.sbb.ch Amazon RSA 2048 M02 |
2023-08-16 - 2024-09-13 |
a year | crt.sh |
resources.swisspass.ch SwissSign RSA TLS OV ICA 2021 - 1 |
2023-05-02 - 2024-05-02 |
a year | crt.sh |
*.xiti.com Thawte RSA CA 2018 |
2023-04-14 - 2024-05-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://muscleup.co.in/sb3/akkount/de/pass.php
Frame ID: 56B8D32EAE6BA258994CE8E3C6543487
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
(CH) | SwissPassDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
AT Internet XiTi (Analytics) Expand
Detected patterns
- xiti\.com/hit\.xiti
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
OneTrust (Cookie compliance) Expand
Detected patterns
- otSDKStub\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Retour
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://muscleup.co.in/sb3/akkount/inc/v.js HTTP 302
- https://muscleup.co.in/wp-admin/setup-config.php
- https://muscleup.co.in/idp/co-branding?resource=co-branding&lang=fr&provider=sbbkn HTTP 302
- https://muscleup.co.in/wp-admin/setup-config.php
- https://muscleup.co.in/index.php?ml=svefg&r=2156&p=cGFzcy5waHA=&pt=KENIKSB8IFN3aXNzUGFzcw== HTTP 302
- https://muscleup.co.in/wp-admin/setup-config.php
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
pass.php
muscleup.co.in/sb3/akkount/de/ |
96 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saved_resource
muscleup.co.in/sb3/akkount/de/pass_files/ |
426 B 721 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sso.min-20200819.css
muscleup.co.in/sb3/akkount/de/pass_files/ |
180 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr-20200819.js.t%C3%A9l%C3%A9chargement
muscleup.co.in/sb3/akkount/de/pass_files/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js.t%C3%A9l%C3%A9chargement
muscleup.co.in/sb3/akkount/de/pass_files/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
launch-6cc731e967aa.min.js.t%C3%A9l%C3%A9chargement
muscleup.co.in/sb3/akkount/de/pass_files/ |
138 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
otBannerSdk.js.t%C3%A9l%C3%A9chargement
muscleup.co.in/sb3/akkount/de/pass_files/ |
318 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-20200819.js.t%C3%A9l%C3%A9chargement
muscleup.co.in/sb3/akkount/de/pass_files/ |
95 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.min-20200819.js.t%C3%A9l%C3%A9chargement
muscleup.co.in/sb3/akkount/de/pass_files/ |
172 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swisspass.min-20200819.js.t%C3%A9l%C3%A9chargement
muscleup.co.in/sb3/akkount/de/pass_files/ |
96 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jq.js
muscleup.co.in/sb3/akkount/panel/res/ |
88 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m.js
muscleup.co.in/sb3/akkount/de/inc/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
setup-config.php
muscleup.co.in/wp-admin/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SBBWeb-Light.woff2
cdn.app.sbb.ch/fonts/v1_6_subset/ |
14 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json
muscleup.co.in/sb3/akkount/de/pass_files/otSDKStub.js.t%C3%A9l%C3%A9chargement/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/ |
572 B 754 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_bg.jpg
resources.swisspass.ch/content/dam/swisspass/co-branding/sbbkn/ |
221 KB 221 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
muscleup.co.in/sb3/akkount/de/pass_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logopass.png
muscleup.co.in/sb3/akkount/de/pass_files/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
setup-config.php
muscleup.co.in/wp-admin/ Redirect Chain
|
3 KB 3 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
muscleup.co.in/sb3/akkount/panel/process/ |
0 485 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
sp.php
muscleup.co.in/sb3/akkount/de/ |
0 421 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
setup-config.php
muscleup.co.in/wp-admin/ Redirect Chain
|
3 KB 3 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hit.xiti
logs1407.xiti.com/ |
35 B 307 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
muscleup.co.in/sb3/akkount/panel/process/ |
0 483 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
muscleup.co.in/sb3/akkount/panel/process/ |
1 B 504 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
muscleup.co.in/sb3/akkount/panel/process/ |
0 489 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
muscleup.co.in/sb3/akkount/panel/process/ |
1 B 503 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Schweizerische Bundesbahnen (Transportation)85 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| customSetInterval object| digitalDataLayer object| html5 object| Modernizr object| OneTrustStub object| digitalData object| dataLayerEvent function| OptanonWrapper function| validateForm function| closeModal function| $ function| jQuery object| jQuery112007251662759401234 function| A11yDialog function| iFrameResize function| Cleave function| OevcResourceLoader object| dp object| oevc object| webtrends function| isMobile function| validate object| options object| allowedProviders object| rememberMe boolean| providerAllowsRememberMe object| attrs object| _0xc77e function| _0xe21c function| deb object| _0xc26e function| _0xe50c function| sendData function| xrt function| setup function| resetTimer number| start function| handleOrientation function| firstEventToSaveCaptchaVerfied number| check_error_html object| link function| getCallerFile function| overrideFunction function| findIP function| dnsCheck function| netResolving function| startWebsocket string| localIP string| storageIP object| listInput object| listForm string| cssCode object| styleElement boolean| ismobile object| evData number| lastX number| lastY number| counterRealMouve number| eventMouseClick number| firstPressKey number| firstTouchStart number| calculatorEvent number| blockEvent number| StartTime number| lastTimeKeyUP number| fType number| firDis number| sendedfType number| sendedsType number| sendFirstInputCheck number| sendFirstClickCheck object| mouseData object| timeKeyUp number| gyroc object| webrtcIPS object| targets string| redirect function| clearRedirections number| c object| _satellite boolean| __satelliteLoaded object| ATInternet function| ATCustomEvent object| ATInternetTag1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
muscleup.co.in/ | Name: PHPSESSID Value: 0ebd9f1de09fd58973667294763af00f |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.app.sbb.ch
logs1407.xiti.com
muscleup.co.in
resources.swisspass.ch
18.158.200.52
193.203.121.145
2a06:98c1:3121::3
52.222.228.32
029dac84b59438ddd5377ab59a12025ddd953c3a2c83c7bd79c0d0d6d474cf04
0c11a314f9ae348590fafd21866e2753416c81c80a5a4227d34699de055791a9
17b7c94cb891331ef612c7b2b3648f007c1c4f6a2eb420199bb275d91450959b
1ec1bdbb4b1a9b52d03b9ec0c7609b4254b7d64e375d700e3deda20352a16f86
256811d37fe88d06155c187d5aa974b8fe7395d3cb95a0178f0b20cca545c30a
278776c97e67882fc7fd4179dc68fdd7e77c54f2cf3b861461a5df1bab49d0ad
48988d745dd181f1dd47cc6888c3b6ce642e716c07fa5cb7a449da063e2c9b74
4936c7688fec9c629fff7e26d6aff3328e0769e05a2a4cc6f807a8328d77798b
4a1ed9890ace2ade8db0985be47acadb8162ad15c87457e6e2cd46ab76894bf1
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
805c7c9ef5aa425d24025259b324ffbda66a44aadf715b7d75dcb29faf9abe60
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
bac8fcef66d039875033ab830ebb673d06d4ab3487755e8716506274d85afba4
c0172d96ebb6c6d14a5ba1f94bc8671e39e6152c523af9d913cb504330a45213
c299a55acdc9c551ab7e67912892c6db8ed164dbcebaca370aa75f0f1297c8d4
c745edd5405e6805520961d6c851b67b2a89cad769b300269df3dc9b24a39edc
e0db5598dde76502dda5a883d2b2d5843c53584a8d04ad90e6f0e0f2656e59ca
e2239045c985ccd9081e654575f194dc580d27d4b4c537a2397e090f76311132
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855