magyar-posta-hu.codeanyapp.com Open in urlscan Pro
45.55.112.74 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.truthsocial.com/link/112248543646199393
Effective URL:
https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php
Submission: On April 11 via manual (April 11th 2024, 10:25:39 am UTC) from HU — Scanned from DE

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 45.55.112.74, located in San Francisco, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is magyar-posta-hu.codeanyapp.com.
TLS certificate: Issued by R3 on January 17th 2024. Valid for: 3 months.

This is the only time magyar-posta-hu.codeanyapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Magyar Posta (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.64.151.125 172.64.151.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700::68... 2606:4700::6812:a3e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	210.211.111.86 210.211.111.86	38731 (VTDC-AS-V...) (VTDC-AS-VN Vietel - CHT Compamy Ltd)
1 8	45.55.112.74 45.55.112.74	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
7	2

1 172.64.151.125 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

links.truthsocial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a3e5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tempmail.adguard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.211.111.86 (Viet Nam) 1 redirects

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)
PTR: nethost-2311.inet.vn

ponyenglish.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.55.112.74 (San Francisco, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

magyar-posta-hu.codeanyapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	codeanyapp.com 1 redirects magyar-posta-hu.codeanyapp.com	90 KB
1	ponyenglish.com.vn 1 redirects ponyenglish.com.vn	311 B
1	adguard.com 1 redirects tempmail.adguard.com	147 B
1	truthsocial.com 1 redirects links.truthsocial.com — Cisco Umbrella Rank: 364817	1 KB
7	4

	Domain	Requested by
8	magyar-posta-hu.codeanyapp.com	1 redirects magyar-posta-hu.codeanyapp.com
1	ponyenglish.com.vn	1 redirects
1	tempmail.adguard.com	1 redirects
1	links.truthsocial.com	1 redirects
7	4

This site contains no links.

Subject Issuer	Validity	Valid
codeanyapp.com R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php
Frame ID: 53AA9A070F1AF459AEAD3855D80614FA
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Magyar Porta

Page URL History Show full URLs

https://links.truthsocial.com/link/112248543646199393 HTTP 301
https://tempmail.adguard.com/redirect?theme=light&url=https%3A%2F%2Fponyenglish.com.vn%2F HTTP 302
https://ponyenglish.com.vn/ HTTP 302
https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/ HTTP 302
https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

7
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

90 kB
Transfer

93 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.truthsocial.com/link/112248543646199393 HTTP 301
https://tempmail.adguard.com/redirect?theme=light&url=https%3A%2F%2Fponyenglish.com.vn%2F HTTP 302
https://ponyenglish.com.vn/ HTTP 302
https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/ HTTP 302
https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request verification.php Show response magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/ Redirect Chain https://links.truthsocial.com/link/112248543646199393 https://tempmail.adguard.com/redirect?theme=light&url=https%3A%2F%2Fponyenglish.com.vn%2F https://ponyenglish.com.vn/ https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/ https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php	4 KB 1 KB	189ms 189ms	Document text/html	45.55.112.74 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software openresty / Resource Hash `344ae5d31c655c594e182211e367cd48252afac1b2cdf702999e58897029a836` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-length 1412 content-type text/html; charset=UTF-8 date Thu, 11 Apr 2024 09:42:54 GMT server openresty vary Accept-Encoding Redirect headers content-length 0 content-type text/html; charset=UTF-8 date Thu, 11 Apr 2024 09:42:54 GMT location ./fr/verification.php server openresty
GET H2	200	styles.css magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/files/css/	3 KB 984 B	190ms 190ms	Stylesheet text/css	45.55.112.74 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/files/css/styles.css Requested by Host: magyar-posta-hu.codeanyapp.com URL: https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software openresty / Resource Hash `485d6e8194cf0b112de2c57d1d3eb3b1dfcc6e9d52d7d3df1f95318a30f42813` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 09:42:54 GMT content-encoding gzip last-modified Thu, 01 Dec 2022 04:05:30 GMT server openresty etag "a0f-5eebc54f29680-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 800
GET H2	200	magyar.png magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/files/imgs/	78 KB 78 KB	246ms 246ms	Image image/png	45.55.112.74 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/files/imgs/magyar.png Requested by Host: magyar-posta-hu.codeanyapp.com URL: https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software openresty / Resource Hash `f8eae132df5aa97eeeba968981cb2ff1cd6f78fa18a4ce96b4234834800c31f3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 09:42:54 GMT last-modified Wed, 30 Nov 2022 04:41:08 GMT server openresty accept-ranges bytes etag "136e5-5eea8b68a8100" content-length 79589 content-type image/png
GET H2	200	lang.png magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/files/imgs/	910 B 1 KB	190ms 190ms	Image image/png	45.55.112.74 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/files/imgs/lang.png Requested by Host: magyar-posta-hu.codeanyapp.com URL: https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software openresty / Resource Hash `595ebe8cf060239e1790495dcc0ade80fdf5f5da3c92276ab6efed4775aa0c2b` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 09:42:54 GMT last-modified Wed, 30 Nov 2022 04:42:42 GMT server openresty accept-ranges bytes etag "38e-5eea8bc24d480" content-length 910 content-type image/png
GET H2	200	package.svg magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/files/imgs/	1 KB 1 KB	677ms 676ms	Image image/svg+xml	45.55.112.74 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/files/imgs/package.svg Requested by Host: magyar-posta-hu.codeanyapp.com URL: https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software openresty / Resource Hash `28ce475d8ed3335319dd410f878fe7473e91f06b73d17a2e369a43c93f072982` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 09:42:55 GMT last-modified Wed, 30 Nov 2022 06:01:24 GMT server openresty accept-ranges bytes etag "47f-5eea9d598d500" content-length 1151 content-type image/svg+xml
GET H2	200	footer-logo.png magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/files/imgs/	6 KB 7 KB	675ms 675ms	Image image/png	45.55.112.74 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/files/imgs/footer-logo.png Requested by Host: magyar-posta-hu.codeanyapp.com URL: https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software openresty / Resource Hash `ff455199dd10ed879c2c2723a9ed4eea6694e1389361356af16aaabe0dc77290` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 09:42:55 GMT last-modified Thu, 01 Dec 2022 01:04:00 GMT server openresty accept-ranges bytes etag "1975-5eeb9cbda6000" content-length 6517 content-type image/png
GET DATA	200 OK	truncated /	266 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	404	favicon.ico magyar-posta-hu.codeanyapp.com/	306 B 395 B	188ms 188ms	Other text/html	45.55.112.74 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://magyar-posta-hu.codeanyapp.com/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software openresty / Resource Hash `f573b11d44eb61769316b295602a927ce6e9eae112170d32a15ddbe6950d7dcc` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://magyar-posta-hu.codeanyapp.com/app/HUNGARY-POST/fr/verification.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 09:42:55 GMT server openresty content-length 306 content-type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Magyar Posta (Transportation)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.truthsocial.com/	1970-01-20 19:47:12	Name: __cf_bm Value: 7Zi3OthQ6kCFyagL2JtlcTjyyhW9GdMqqF_s8MK_rd4-1712831130-1.0.1.1-jlUh.xVt9VnsM0B4SGGi9qLMbxYMprDtjXbdjItuPubHSHpWOf.1V5v4hhdhfm.slEKcmf9595B9P_7sQLhmqg
links.truthsocial.com/	1970-01-20 19:47:25	Name: __cflb Value: 0H28vTPqhjwKvpvovPVBEXtBS5ranf56a2Yc4NpA8SK
.truthsocial.com/	1969-12-31 23:59:59	Name: _cfuvid Value: tldh04s4cVeKQDQGq7HXvlOrBxBpuEQQyb9mX0PXlvg-1712831130600-0.0.1.1-604800000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://magyar-posta-hu.codeanyapp.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

links.truthsocial.com
magyar-posta-hu.codeanyapp.com
ponyenglish.com.vn
tempmail.adguard.com
172.64.151.125
210.211.111.86
2606:4700::6812:a3e5
45.55.112.74
28ce475d8ed3335319dd410f878fe7473e91f06b73d17a2e369a43c93f072982
344ae5d31c655c594e182211e367cd48252afac1b2cdf702999e58897029a836
485d6e8194cf0b112de2c57d1d3eb3b1dfcc6e9d52d7d3df1f95318a30f42813
595ebe8cf060239e1790495dcc0ade80fdf5f5da3c92276ab6efed4775aa0c2b
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
f573b11d44eb61769316b295602a927ce6e9eae112170d32a15ddbe6950d7dcc
f8eae132df5aa97eeeba968981cb2ff1cd6f78fa18a4ce96b4234834800c31f3
ff455199dd10ed879c2c2723a9ed4eea6694e1389361356af16aaabe0dc77290

magyar-posta-hu.codeanyapp.com Open in urlscan Pro 45.55.112.74 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

2 IPs

2 Countries

90 kBTransfer

93 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

magyar-posta-hu.codeanyapp.com Open in urlscan Pro
45.55.112.74 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

90 kB
Transfer

93 kB
Size

3
Cookies

7 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!