myrtle.com.pk
Open in
urlscan Pro
192.185.198.14
Malicious Activity!
Public Scan
Effective URL: https://myrtle.com.pk/meta/F004f19441/00951124a.php?web=succes&local=_&id=82061080
Submission: On October 09 via api from NL — Scanned from CH
Summary
TLS certificate: Issued by R3 on October 4th 2023. Valid for: 3 months.
This is the only time myrtle.com.pk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 217.160.133.98 217.160.133.98 | 8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS) | |
3 11 | 192.185.198.14 192.185.198.14 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
8 | 1 |
ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: s22944692.onlinehome-server.info
dezede.it |
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-198-14.unifiedlayer.com
myrtle.com.pk |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
myrtle.com.pk
3 redirects
myrtle.com.pk |
219 KB |
1 |
dezede.it
1 redirects
dezede.it |
134 B |
8 | 2 |
Domain | Requested by | |
---|---|---|
11 | myrtle.com.pk |
3 redirects
myrtle.com.pk
|
1 | dezede.it | 1 redirects |
8 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
myrtle.com.pk R3 |
2023-10-04 - 2024-01-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://myrtle.com.pk/meta/F004f19441/00951124a.php?web=succes&local=_&id=82061080
Frame ID: F3CBE1F88E616D008E6501D6B17ACD86
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
herzlich willkommenPage URL History Show full URLs
-
https://dezede.it/
HTTP 302
https://myrtle.com.pk/meta HTTP 301
https://myrtle.com.pk/meta/ HTTP 302
https://myrtle.com.pk/meta/F004f19441/index.php?valid=true&id=26621037 HTTP 302
https://myrtle.com.pk/meta/F004f19441/00951124a.php?web=succes&local=_&id=82061080 Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://dezede.it/
HTTP 302
https://myrtle.com.pk/meta HTTP 301
https://myrtle.com.pk/meta/ HTTP 302
https://myrtle.com.pk/meta/F004f19441/index.php?valid=true&id=26621037 HTTP 302
https://myrtle.com.pk/meta/F004f19441/00951124a.php?web=succes&local=_&id=82061080 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
00951124a.php
myrtle.com.pk/meta/F004f19441/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
myrtle.com.pk/meta/F004f19441/layout/css/ |
208 KB 82 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.js
myrtle.com.pk/meta/F004f19441/layout/js/ |
96 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lg.svg
myrtle.com.pk/meta/F004f19441/layout/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pak.png
myrtle.com.pk/meta/F004f19441/layout/img/ |
878 B 976 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ta3.svg
myrtle.com.pk/meta/F004f19441/layout/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub.jpg
myrtle.com.pk/meta/F004f19441/layout/img/ |
80 KB 80 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubr.gif
myrtle.com.pk/meta/F004f19441/layout/img/ |
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| preventBack object| Modernizr function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
myrtle.com.pk/ | Name: PHPSESSID Value: lh17tg8jj06fl9u9kd89q66g93 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dezede.it
myrtle.com.pk
192.185.198.14
217.160.133.98
38d38e7a9e31f364cf1238ed6efcad478b3d71b56a8070c7aeda136e7a09dfa6
4057023fcfa4360934b1a1409a74a40ffbc2bb7dacd2bcc6f69d66a9673f09e8
426150d6bdb661bc644900bf03c5d6346dff583ae2de6df9780daea72c84ff57
42794908246997d603888b2c2098941e0c3f9b7b0f719134365789189c7edac0
4f8f4fd45d94287ee659e98b6351916a02a5cbf388a53a31fa0219e06a7d03b0
aeed178a287002e32c4a7767dc24b3c732a812cdd42017835055e42db4d2eae1
b56dd0f5e443608e46b42696f86fe376190c1688f2586cf5345b0b43f2973a5c
fd6d79b881550d2aced201e506cbd7dfacafc19c16db81a655ad06f2835819c5