swiss-parcel-delivery.info

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 154.216.17.102, located in Hong Kong, Hong Kong and belongs to NETRESEARCH, GB. The main domain is swiss-parcel-delivery.info.
TLS certificate: Issued by Plesk on June 15th 2024. Valid for: a year.

This is the only time swiss-parcel-delivery.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Swiss Post (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 7	154.216.17.102 154.216.17.102		215240 (NETRESEARCH) (NETRESEARCH)
6	1

7 154.216.17.102 (Hong Kong, Hong Kong) 1 redirects

ASN215240 (NETRESEARCH, GB)

swiss-parcel-delivery.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	swiss-parcel-delivery.info 1 redirects swiss-parcel-delivery.info	37 KB
6	1

	Domain	Requested by
7	swiss-parcel-delivery.info	1 redirects swiss-parcel-delivery.info
6	1

This site contains no links.

Subject Issuer	Validity	Valid
Plesk Plesk	`2024-06-15` - `2025-06-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://swiss-parcel-delivery.info/post/lang.php
Frame ID: 5CAC3299D57DFF41C3791FA3E7F6ACAB
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://swiss-parcel-delivery.info/ HTTP 307
https://swiss-parcel-delivery.info/ HTTP 302
https://swiss-parcel-delivery.info/post/lang.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

6
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

37 kB
Transfer

37 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://swiss-parcel-delivery.info/ HTTP 307
https://swiss-parcel-delivery.info/ HTTP 302
https://swiss-parcel-delivery.info/post/lang.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request lang.php Show response swiss-parcel-delivery.info/post/ Redirect Chain http://swiss-parcel-delivery.info/ https://swiss-parcel-delivery.info/ https://swiss-parcel-delivery.info/post/lang.php	826 B 495 B	74ms 71ms	Document text/html	154.216.17.102 NETRESEARCH
General Check archive.org Show headers Download Go to Full URL https://swiss-parcel-delivery.info/post/lang.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.17.102 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH, GB), Reverse DNS Software nginx / PHP/8.3.12 PleskLin Resource Hash `5df1db5fc4256da6051b6fbc99c7c63ea28a9d6fdae415a3d18f1391c003fec0` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers content-encoding br content-type text/html; charset=UTF-8 date Thu, 10 Oct 2024 00:26:44 GMT server nginx x-powered-by PHP/8.3.12 PleskLin Redirect headers cache-control no-store, no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 10 Oct 2024 00:26:44 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location post/lang.php pragma no-cache server nginx x-powered-by PHP/8.3.12 PleskLin
GET H2	200	logo.svg swiss-parcel-delivery.info/post/res/	2 KB 2 KB	129ms 128ms	Image image/svg+xml	154.216.17.102 NETRESEARCH
General Check archive.org Show headers Download Go to Show image Full URL https://swiss-parcel-delivery.info/post/res/logo.svg Requested by Host: swiss-parcel-delivery.info URL: https://swiss-parcel-delivery.info/post/lang.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.17.102 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH, GB), Reverse DNS Software nginx / PleskLin Resource Hash `9f5ae3f644595dc6c5aa69ae618a108102bb62e1a38a50b89fd7af1b8ffe5eae` Request headers User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Referer https://swiss-parcel-delivery.info/post/lang.php Response headers etag "6707093e-7ac" accept-ranges bytes content-length 1964 date Thu, 10 Oct 2024 00:26:44 GMT content-type image/svg+xml last-modified Wed, 09 Oct 2024 22:52:46 GMT server nginx x-powered-by PleskLin
GET H2	200	en.jpg swiss-parcel-delivery.info/post/res/	31 KB 31 KB	128ms 128ms	Image image/jpeg	154.216.17.102 NETRESEARCH
General Check archive.org Show headers Download Go to Show image Full URL https://swiss-parcel-delivery.info/post/res/en.jpg Requested by Host: swiss-parcel-delivery.info URL: https://swiss-parcel-delivery.info/post/lang.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.17.102 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH, GB), Reverse DNS Software nginx / PleskLin Resource Hash `e765992e854f7894a15f9cfbc1f3157b5baecdbe9c1c1ca5cd0bf8d0f7d8fe24` Request headers User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Referer https://swiss-parcel-delivery.info/post/lang.php Response headers etag "6707093c-7abc" accept-ranges bytes content-length 31420 date Thu, 10 Oct 2024 00:26:44 GMT content-type image/jpeg last-modified Wed, 09 Oct 2024 22:52:44 GMT server nginx x-powered-by PleskLin
GET H2	200	fr.png swiss-parcel-delivery.info/post/res/	2 KB 2 KB	110ms 110ms	Image image/png	154.216.17.102 NETRESEARCH
General Check archive.org Show headers Download Go to Show image Full URL https://swiss-parcel-delivery.info/post/res/fr.png Requested by Host: swiss-parcel-delivery.info URL: https://swiss-parcel-delivery.info/post/lang.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.17.102 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH, GB), Reverse DNS Software nginx / PleskLin Resource Hash `0e9c0b8d2b99277018371d9e04e823c863d04674f79c75892f7a39dc1fb5913f` Request headers User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Referer https://swiss-parcel-delivery.info/post/lang.php Response headers etag "6707093c-6fa" accept-ranges bytes content-length 1786 date Thu, 10 Oct 2024 00:26:44 GMT content-type image/png last-modified Wed, 09 Oct 2024 22:52:44 GMT server nginx x-powered-by PleskLin
GET H2	200	de.png swiss-parcel-delivery.info/post/res/	955 B 1 KB	110ms 110ms	Image image/png	154.216.17.102 NETRESEARCH
General Check archive.org Show headers Download Go to Show image Full URL https://swiss-parcel-delivery.info/post/res/de.png Requested by Host: swiss-parcel-delivery.info URL: https://swiss-parcel-delivery.info/post/lang.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.17.102 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH, GB), Reverse DNS Software nginx / PleskLin Resource Hash `bb15ebf850d6aa2f85b89449f7c738d4d4c0e0be964c261e16dfba7d0cd01778` Request headers User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Referer https://swiss-parcel-delivery.info/post/lang.php Response headers etag "3bb-624131c8223b6" x-accel-version 0.01 accept-ranges bytes content-length 955 date Thu, 10 Oct 2024 00:26:44 GMT content-type image/png last-modified Wed, 09 Oct 2024 22:52:41 GMT server nginx x-powered-by PleskLin
GET H2	404	favicon.ico swiss-parcel-delivery.info/	808 B 501 B	71ms 71ms	Other text/html	154.216.17.102 NETRESEARCH
General Check archive.org Show headers Download Go to Full URL https://swiss-parcel-delivery.info/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.17.102 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH, GB), Reverse DNS Software nginx / Resource Hash `b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187` Request headers User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Referer https://swiss-parcel-delivery.info/post/lang.php Response headers content-encoding br date Thu, 10 Oct 2024 00:26:44 GMT etag W/"328-6240fbe44fcb2" content-type text/html last-modified Wed, 09 Oct 2024 18:51:35 GMT server nginx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swiss Post (Transportation)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			swiss-parcel-delivery.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2qttep8775m8dfkh54r9fr0mog

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://swiss-parcel-delivery.info/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

swiss-parcel-delivery.info
154.216.17.102
0e9c0b8d2b99277018371d9e04e823c863d04674f79c75892f7a39dc1fb5913f
5df1db5fc4256da6051b6fbc99c7c63ea28a9d6fdae415a3d18f1391c003fec0
9f5ae3f644595dc6c5aa69ae618a108102bb62e1a38a50b89fd7af1b8ffe5eae
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bb15ebf850d6aa2f85b89449f7c738d4d4c0e0be964c261e16dfba7d0cd01778
e765992e854f7894a15f9cfbc1f3157b5baecdbe9c1c1ca5cd0bf8d0f7d8fe24

swiss-parcel-delivery.info Open in urlscan Pro 154.216.17.102 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

37 kBTransfer

37 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

swiss-parcel-delivery.info Open in urlscan Pro
154.216.17.102 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

37 kB
Transfer

37 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!