delivery.post-track.ch
Open in
urlscan Pro
217.148.3.185
Malicious Activity!
Public Scan
Effective URL: https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74
Submission: On November 05 via api from US — Scanned from CH
Summary
TLS certificate: Issued by R11 on September 27th 2024. Valid for: 3 months.
This is the only time delivery.post-track.ch was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Swiss Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 217.148.3.185 217.148.3.185 | 20988 (MTF-CLOUD) (MTF-CLOUD) | |
2 | 217.148.3.184 217.148.3.184 | 20988 (MTF-CLOUD) (MTF-CLOUD) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:17c8:0:1... 2a00:17c8:0:103::20a | 12511 (CH-POSTNE...) (CH-POSTNETZ Post CH AG) | |
31 | 5 |
ASN20988 (MTF-CLOUD, CH)
reporting.web-asbas.ch | |
reporting.asbas.ch |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
post-track.ch
delivery.post-track.ch |
2 MB |
2 |
post.ch
www.post.ch — Cisco Umbrella Rank: 549904 |
3 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412 |
33 KB |
1 |
asbas.ch
reporting.asbas.ch |
2 KB |
1 |
web-asbas.ch
reporting.web-asbas.ch |
2 KB |
0 |
advact.ch
Failed
phishingdashboard.advact.ch Failed |
|
31 | 6 |
Domain | Requested by | |
---|---|---|
17 | delivery.post-track.ch |
delivery.post-track.ch
|
2 | www.post.ch |
delivery.post-track.ch
|
1 | ajax.googleapis.com |
delivery.post-track.ch
|
1 | reporting.asbas.ch |
delivery.post-track.ch
|
1 | reporting.web-asbas.ch |
delivery.post-track.ch
|
0 | phishingdashboard.advact.ch Failed |
delivery.post-track.ch
|
31 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
delivery.post-track.ch R11 |
2024-09-27 - 2024-12-26 |
3 months | crt.sh |
reporting.web-asbas.ch R10 |
2024-09-08 - 2024-12-07 |
3 months | crt.sh |
reporting.asbas.ch R10 |
2024-09-08 - 2024-12-07 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-10-07 - 2024-12-30 |
3 months | crt.sh |
www.post.ch SwissSign RSA TLS OV ICA 2022 - 1 |
2024-01-10 - 2025-01-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74
Frame ID: F1D4D9866B277A08648601B8A04FFDE6
Requests: 31 HTTP requests in this frame
Screenshot
Page Title
Ereignisse Sendungen verfolgen - Die PostPage URL History Show full URLs
-
http://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74
HTTP 307
https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74
HTTP 307
https://delivery.post-track.ch/h/?p=3e2311ec-794c-4496-acb9-fa4074986e74 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://reporting.web-asbas.ch/log/?type=pageview&uuid=3e2311ec-794c-4496-acb9-fa4074986e74 HTTP 302
- https://phishingdashboard.advact.ch/awareness/de/sbb/posttracking/4/9tniaj93swz505kybycp/?p=3e2311ec-794c-4496-acb9-fa4074986e74
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
delivery.post-track.ch/h/ Redirect Chain
|
21 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.css
delivery.post-track.ch/resources/css/ |
27 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chosen.css
delivery.post-track.ch/resources/css/ |
14 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
magnific-popup.css
delivery.post-track.ch/resources/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trackAndTrace2f3a.css
delivery.post-track.ch/resources/css/ |
44 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asbas.js
reporting.web-asbas.ch/static/asbas/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asbas.js
reporting.asbas.ch/static/asbas/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
head-portal.min02cd.js
delivery.post-track.ch/resources/latest/js/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ |
91 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.min02cd.css
delivery.post-track.ch/resources/latest/css/ |
1 MB 1 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
post-logo-svg.svg
www.post.ch/-/media/framework/logos/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
filled_yellow.jpg
delivery.post-track.ch/resources/img/ |
71 B 628 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon0a3e.png
delivery.post-track.ch/resources/ |
555 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_arrow.jpg
delivery.post-track.ch/resources/img/timeline/ |
170 B 728 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon94eb.png
delivery.post-track.ch/resources/ |
536 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconb52e.png
delivery.post-track.ch/resources/ |
589 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.min02cd.js
delivery.post-track.ch/resources/latest/js/ |
716 KB 718 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
delivery.post-track.ch/resources/css/ |
42 B 597 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
phishingdashboard.advact.ch/awareness/de/sbb/posttracking/4/9tniaj93swz505kybycp/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
post-logo-svg.svg
www.post.ch/-/media/framework/logos/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
filled_yellow.jpg
delivery.post-track.ch/resources/img/ |
71 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_arrow.jpg
delivery.post-track.ch/resources/img/timeline/ |
170 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
2a004a53-ac5c-43b3-9eeb-9f74ae4c1609.woff
www.post.ch/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Posticon-Regular.woff
www.post.ch/assets/portal/latest/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff
www.post.ch/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff
www.post.ch/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
74d53f3b-1683-4d5a-a556-e13f6553cdf0.ttf
www.post.ch/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Posticon-Regular.ttf
www.post.ch/assets/portal/latest/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
076311f8-a01b-4389-a5eb-334a62e62d45.ttf
www.post.ch/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
6faffbf4-f8e8-4817-b24b-a390e166be7e.ttf
www.post.ch/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
delivery.post-track.ch/ |
548 B 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- phishingdashboard.advact.ch
- URL
- https://phishingdashboard.advact.ch/awareness/de/sbb/posttracking/4/9tniaj93swz505kybycp/?p=3e2311ec-794c-4496-acb9-fa4074986e74
- Domain
- www.post.ch
- URL
- https://www.post.ch/assets/fonts/2a004a53-ac5c-43b3-9eeb-9f74ae4c1609.woff
- Domain
- www.post.ch
- URL
- https://www.post.ch/assets/portal/latest/fonts/Posticon-Regular.woff?v=aaq2gb6i5t1v4vkgjqhhwnmfa07cqmop
- Domain
- www.post.ch
- URL
- https://www.post.ch/assets/fonts/3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff
- Domain
- www.post.ch
- URL
- https://www.post.ch/assets/fonts/9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff
- Domain
- www.post.ch
- URL
- https://www.post.ch/assets/fonts/74d53f3b-1683-4d5a-a556-e13f6553cdf0.ttf
- Domain
- www.post.ch
- URL
- https://www.post.ch/assets/portal/latest/fonts/Posticon-Regular.ttf?v=aaq2gb6i5t1v4vkgjqhhwnmfa07cqmop
- Domain
- www.post.ch
- URL
- https://www.post.ch/assets/fonts/076311f8-a01b-4389-a5eb-334a62e62d45.ttf
- Domain
- www.post.ch
- URL
- https://www.post.ch/assets/fonts/6faffbf4-f8e8-4817-b24b-a390e166be7e.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Swiss Post (Transportation)27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| asbas string| to_remove function| formsubmit function| webinfection function| formsubmitWithCallbackNotWorkingYet function| logSentCallback function| awarenessRedirect object| Unic object| html5 object| Modernizr function| yepnope function| jQuery function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| jqueryUnic function| underscoreUnic object| vertx function| purl function| Spinner function| EventEmitter object| eventie function| imagesLoaded boolean| mCustomScrollbar object| jQuery110206419085855214586 function| iFrameResize function| SockJS function| klpWidget1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
delivery.post-track.ch/ | Name: mailuuid Value: 3e2311ec-794c-4496-acb9-fa4074986e74 |
21 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=0 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
delivery.post-track.ch
phishingdashboard.advact.ch
reporting.asbas.ch
reporting.web-asbas.ch
www.post.ch
phishingdashboard.advact.ch
www.post.ch
217.148.3.184
217.148.3.185
2a00:1450:4001:809::200a
2a00:17c8:0:103::20a
0b0c74d102d5024cd12b7b411f40c3fc3f96ed28d0689db5816c04857a7a36fb
19806a5a0c876a81f50ba19eae03d8d182420f39798d16766acee0a314ab4f7b
26b2da0c6e6e997b02a30d3aed9c3091c0333219c845d83dd5420cff89d34202
61cbac5c5c25beb1d16b0d15c25133f4ef25efefe265b16b86f8cdab36d51c86
7e49969bb719d4ccb44bff9148db810c5eb0de56a36054b928f4ce442ca8a7c7
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
99caecb8475a08fc86c812cf804ddc904f6e6d3fd1591848a09f2413952f2a97
9eeb3028b3db631598b99bc816360d8bce42741a31468c7309223ba0a9b6b181
9f4148b3eb74ea45fe039370ebf008778728c5b31909bd3f786ad37d4e12ed53
9fc689a1bcffa72e6bafa1893eefc195b32a26a55e381071a2531f886bd8109c
bc784011a203cfa8d4d455d8ed496cd8447bd69d2e70e6f54ddac4f37be09a05
bf2911b44c7fa0b1734ab6f03b8cb46245cef7df3cdf8deb0c9a1ad8c6294b7b
c892e321d2b04067584a6627359be5b0c10bb78ddb137414594761896d479541
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
dce7adcf5f52a094246b1dc61e03cd5269daa66326f6eb7851bf6aa038e9aaba
fabce7ba364c56479069ac0f4aee0fff4a105b1190b21773f25dff680b1385e8
fbd489168ae612c6b66a27e30b546e56734462b028ad526efd7c6cf860483c7b
ffc54eedba5d8e2e3192c7d2bbf7845f09dd17da54f4043a4ef20981fd8d9adf