posta-romana.dgsraf.com
Open in
urlscan Pro
38.60.211.192
Malicious Activity!
Public Scan
Submission: On May 05 via manual from RO — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 5th 2023. Valid for: 3 months.
This is the only time posta-romana.dgsraf.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Poșta Română (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 38.60.211.192 38.60.211.192 | 138915 (KAOPU-HK ...) (KAOPU-HK Kaopu Cloud HK Limited) | |
10 | 2 |
ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK)
posta-romana.dgsraf.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
dgsraf.com
posta-romana.dgsraf.com |
223 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
10 | posta-romana.dgsraf.com |
posta-romana.dgsraf.com
|
10 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
posta-romana.dgsraf.com R3 |
2023-05-05 - 2023-08-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://posta-romana.dgsraf.com/
Frame ID: 95F540B12206B83A80070FCE4F0E8685
Requests: 14 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
posta-romana.dgsraf.com/ |
486 B 650 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-ab6948da.js
posta-romana.dgsraf.com/assets/ |
90 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-4f1a677e.css
posta-romana.dgsraf.com/assets/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
posta-romana.dgsraf.com/nb/ |
10 B 180 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-4e0c8e2d.png
posta-romana.dgsraf.com/assets/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-c5076ce6.png
posta-romana.dgsraf.com/assets/ |
93 KB 93 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
field
posta-romana.dgsraf.com/nb/ |
21 B 204 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fix1-eaf55024.png
posta-romana.dgsraf.com/assets/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fix2-4c41cf7e.png
posta-romana.dgsraf.com/assets/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
610 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
640 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
622 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
606 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
field
posta-romana.dgsraf.com/nb/ |
2 B 165 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Poșta Română (Transportation)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless boolean| __VUE__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
posta-romana.dgsraf.com
38.60.211.192
1f8d4e83d48d4c4c078f7fa0d8695975f1767a6231ea56d1aec5288e064ee84b
34d0da4f3785dd820d889d209f46e2dcdb7eec98bad6d1083d594dc978fdd401
4c41cf7e89d4a1c09838e34552cc68ff96a385f0d18651f005bae9f66de1f7e7
4e0c8e2d0c18f19ef3a1163b6512b6850c2bb996a384c56d8e2da313ee04e4f2
4f1a677e55fb6e5437594c8fb6574cc6b9d9cb8ed5a6ee1160ea9a90e0352208
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56bba3e3ada771b76474fede9a519ebfeab7e1db3fb35d0345e434b9faf6d9a8
6f04aa5aedf88e190eb8a7338254cf0fe8ed12e79bfb5201298902325cebaf7e
878361b4c6b6201210eefd58b18e2ce1fc694eb6187b736a50bce9aeb2f0b3da
a82108aed1058699ed0c55ec62b523dec57396eb89f11509e3b3cdf6131e2ae6
c5076ce68fc63751ee9cc393f179dc17d3a6b8fc58748c30efc5e20b22259c15
d3a3d4df831110f04f77895fa2f781436b164c733277aaf6796743c6006d920f
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
eaf550246768d4d9bdc4a1fb9005bbdd0b3983a0eae2879299d7eaf2500584b4