postnord-dk.icu
Open in
urlscan Pro
172.67.208.143
Malicious Activity!
Public Scan
Effective URL: https://postnord-dk.icu/DSGzt9/
Submission: On August 22 via automatic, source phishtank — Scanned from US
Summary
TLS certificate: Issued by WE1 on August 20th 2024. Valid for: 3 months.
This is the only time postnord-dk.icu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PostNord AB (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 67.199.248.11 67.199.248.11 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 29 | 172.67.208.143 172.67.208.143 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
28 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
postnord-dk.icu
1 redirects
postnord-dk.icu |
390 KB |
1 |
bit.ly
1 redirects
bit.ly — Cisco Umbrella Rank: 6373 |
410 B |
28 | 2 |
Domain | Requested by | |
---|---|---|
29 | postnord-dk.icu |
1 redirects
postnord-dk.icu
|
1 | bit.ly | 1 redirects |
28 | 2 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
postnord-dk.icu WE1 |
2024-08-20 - 2024-11-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://postnord-dk.icu/DSGzt9/
Frame ID: 175DFD535E6C0847073C1B461A27629E
Requests: 28 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://bit.ly/4cE2PyV
HTTP 301
http://postnord-dk.icu/DSGzt9 HTTP 307
https://postnord-dk.icu/DSGzt9 HTTP 301
https://postnord-dk.icu/DSGzt9/ Page URL
Detected technologies
Socket.io (JavaScript Frameworks) ExpandDetected patterns
- socket\.io.*\.js
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
36 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Brug appen
Search URL Search Domain Scan URL
Title: Brug appen
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Kundeportalen
Search URL Search Domain Scan URL
Title: Netbutik
Search URL Search Domain Scan URL
Title: Gods Online
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Find Pakkeboks eller posthus
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bit.ly/4cE2PyV
HTTP 301
http://postnord-dk.icu/DSGzt9 HTTP 307
https://postnord-dk.icu/DSGzt9 HTTP 301
https://postnord-dk.icu/DSGzt9/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
postnord-dk.icu/DSGzt9/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index-6a5a1645.js
postnord-dk.icu/DSGzt9/assets/ |
493 KB 146 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f6170fbbbRia6.css
postnord-dk.icu/DSGzt9/assets/ |
952 B 948 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
06974353ZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
786e03d7ZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
52 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
postnord-dk.icu/ |
632 B 1 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
70f23461ZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
34 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
09bf01f8ZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7de68cc5ZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ae452234ZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
117 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c27b6911ZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dba37626bRia6.css
postnord-dk.icu/DSGzt9/assets/ |
84 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5ce5fa4eZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4cd1ec68bRia6.css
postnord-dk.icu/DSGzt9/assets/ |
323 B 683 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
MC45NDMxMjIyMjc0OTEwMTQz
postnord-dk.icu/api/ |
536 B 903 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b1baedebZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
111 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
postnord-dk.icu/socket.io/ |
118 B 532 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c2deb89eZPpWM.js
postnord-dk.icu/DSGzt9/assets/ |
112 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f4397cedbRia6.css
postnord-dk.icu/DSGzt9/assets/ |
400 B 749 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
postnord-dk.icu/socket.io/ |
2 B 416 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
postnord-dk.icu/socket.io/ |
32 B 441 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
postnord-dk.icu/socket.io/ |
58 B 485 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
postnord-dk.icu/socket.io/ |
2 B 423 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
93914d45bRia6.woff2
postnord-dk.icu/DSGzt9/assets/ |
25 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7e113240bRia6.woff2
postnord-dk.icu/DSGzt9/assets/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6f78aac6bRia6.woff2
postnord-dk.icu/DSGzt9/assets/ |
27 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
postnord-dk.icu/socket.io/ |
98 B 524 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
MC44NzU0NjQwNDUzODczNTg2
postnord-dk.icu/api/ |
36 B 472 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PostNord AB (Transportation)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| IMask boolean| __vite_is_modern_browser boolean| __VUE__1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bit.ly/ | Name: _bit Value: o7m4re-b06354991ca2a9b32d-00C |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.ly
postnord-dk.icu
172.67.208.143
67.199.248.11
07234ca93fb035767eeb60b66e4b8d2a5756d0cc1841edbb5e857d57af773daf
0dd309d6c971ab65c12ff410b469084b87516e4f720e04f2e698b46beea27dc7
229aabb3db33d604462e3d8a48ac853182dbffb8bc8b7c0229c0cfce12f254e2
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
384fdcbea655d9079e93167e77715afc8a0b36b8b9e508edbb527a47bb44dc72
43aac3f836f900f13718f562faba12662eb02249bb21672ad34101b1b37b2ef5
44194c17318edb717e421551162d503fb967445cc74a74262de58010a3071496
4b1a58eae69c38b656fcc5be6e4a650ead6c3029597b2ee2a4d4cc942e9dd6a5
4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64
4df0f2c47bb198638c9aec41f71c53b3ad26ee716f1a5de7230afef818ce26dc
665736004b357b099cc6db0c016168641d8f9130bd300a7efd1927669658f119
684a6807a52e8934ec1adbd04c57efbfcba0f9b724cd0d895d5897e6e83da36c
6f78aac65f196e103c049969af692b75300c6ee41ece2df98293918edceca448
7e113240915eaee7a6b2ac0f50df00b852c409f6e9ec94067081dd24be92f214
914cd9fdbc172d3edcf9a61f563cd296fd276d4d33e29c4e293937e9bd9760c7
9229bc150b7631494ae964c0185067f6d40d62dbba088ddf93026c0179062d50
93914d4538d1d68f086a4650fcaa932e8597caa2c86072650a44e9e7589955ff
a2a653cf4790d5d88c3a8e2f1c43bae69676073d2eeb233893b19b0b7dd27a19
a3481b83b5a989d47d6073b17f5991dd96c6fc1659348cdf19d0223c2ad774d5
b1166fb0052605d6c229087e475ce0715585dad7eb40d2170252e1a350c8ee0c
bf2e92ac5fdfde49ccd3f829353e9b48bd0e4b32b5657ac6f3919d4b72b5243b
bfe487694adff1d4111e60cfd762873a9e29a06ce112877b50d8928beb334659
c1af1739f3a56f2af919ec4b5893a2cf27130c992c4cac8346e2238fb635025e
dba376269356c632a5a02c82da180a4b3370002aac4c5c715d9f91bb01f6e04e
e82a18843adf1adcd57a350581835af847537e5cdecf35519f0b2a742547fe3b
f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917
f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911