email.magyarposta.hu.37-143-10-76.cprapid.com
Open in
urlscan Pro
37.143.10.76
Malicious Activity!
Public Scan
Effective URL: https://email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/
Submission: On April 21 via manual from HU — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 20th 2023. Valid for: 3 months.
This is the only time email.magyarposta.hu.37-143-10-76.cprapid.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Magyar Posta (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 34.224.77.95 34.224.77.95 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 2a01:e0c:1:15... 2a01:e0c:1:1599::29 | 12322 (PROXAD) (PROXAD) | |
1 1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
15 | 37.143.10.76 37.143.10.76 | 210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC) | |
15 | 1 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-77-95.compute-1.amazonaws.com
email-01.moengage.com |
ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: hosted-by.ihc.ru
email.magyarposta.hu.37-143-10-76.cprapid.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
cprapid.com
email.magyarposta.hu.37-143-10-76.cprapid.com |
338 KB |
1 |
utraker.com
1 redirects
utraker.com — Cisco Umbrella Rank: 529496 |
998 B |
1 |
free.fr
1 redirects
s.free.fr |
205 B |
1 |
moengage.com
1 redirects
email-01.moengage.com — Cisco Umbrella Rank: 139447 |
336 B |
15 | 4 |
Domain | Requested by | |
---|---|---|
15 | email.magyarposta.hu.37-143-10-76.cprapid.com |
email.magyarposta.hu.37-143-10-76.cprapid.com
|
1 | utraker.com | 1 redirects |
1 | s.free.fr | 1 redirects |
1 | email-01.moengage.com | 1 redirects |
15 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
email.magyarposta.hu.37-143-10-76.cprapid.com cPanel, Inc. Certification Authority |
2023-04-20 - 2023-07-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/
Frame ID: 2551DDC24D09F0FE23CA7CD5A24E8561
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Magyar Posta Zrt. - NyitóPage URL History Show full URLs
-
https://email-01.moengage.com/v1/emailclick?em=lindamine16%40gmail.com&user_id=%40%24xy%2A%40%21h%C3%9F%03...
HTTP 302
https://s.free.fr/8vxu5jyh HTTP 301
http://utraker.com/DAJ6W HTTP 301
https://email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/ Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://email-01.moengage.com/v1/emailclick?em=lindamine16%40gmail.com&user_id=%40%24xy%2A%40%21h%C3%9F%03%C2%90%C2%9B%C3%AB%C3%9A%C3%98%C3%B2%C2%B9%C3%B3%05En%7D%17%C2%8E%C3%8F4%C2%93%C2%89%C3%98b%C2%98%1D%C3%9A%13%C2%BA%C2%94%0B%C3%91IZ&d=%40%24xy%2A%40%21ho%15Tz%C2%88%C3%9B%C2%A4%C3%A1%C2%9A%C3%A4%1A3%3E%5D-%C2%AD&cid=%40%24xy%2A%40%21h%2F%C3%AF.%C2%ACH%5D%7C%C2%AErB%C2%BA%C2%9E%C2%84_%21%C2%BD%3Ct%C2%8D%C3%A8%C3%A4TZ%C2%B7%C2%A2A%C2%A8%3B%C3%91%07%5E%C3%AF%5B%C3%8F%C3%A3X%C3%B6%1B+%C2%85V%C2%99%C2%90E%C2%9C9%C2%91%C3%85%01%C2%89%C2%A0%12_%03%C3%A9%16%C2%A9%C3%B9r%C2%87%C3%801%C2%8E%C3%A2%C2%93Q%0Eb%C2%83%C3%AF%C2%B7%C2%B2%C3%A46JP%C3%A6%C2%85%C3%8F%40%C3%B2P%C2%83%C2%B3&ut=l&moeclickid=643d07278baad406b95a7b15_F_T_EM_AB_0_P_0_TIME_2023-04-17+08%3A45%3A55.063339_L_0ecli8&rlink=https://s.free.fr/8vxu5jyh
HTTP 302
https://s.free.fr/8vxu5jyh HTTP 301
http://utraker.com/DAJ6W HTTP 301
https://email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/ Redirect Chain
|
41 KB 42 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/ |
30 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Untitled1.css
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/js/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/js/ |
27 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.12.4.min.js
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/js/ |
95 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.inputmask.min.js
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
highmob.png
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xx.png
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/images/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
collie.jfif
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xxx.png
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
x.png
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/images/ |
379 B 702 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s.png
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/images/ |
218 B 541 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
basmob.png
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/images/ |
34 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
baspc.png
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/images/ |
48 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
email.magyarposta.hu.37-143-10-76.cprapid.com/osstad/api/js/ |
27 KB 27 KB |
Image
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Magyar Posta (Transportation)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
utraker.com/ | Name: PHPSESSID Value: t5mgu8slkv055q40p5p506doq4 |
|
utraker.com/ | Name: short_DAJ6W Value: 1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
email-01.moengage.com
email.magyarposta.hu.37-143-10-76.cprapid.com
s.free.fr
utraker.com
2a01:e0c:1:1599::29
2a06:98c1:3120::3
34.224.77.95
37.143.10.76
0fb41ab8877699782e17566fafad17e01b8d04b840db658583cb0d3b9508fff4
29af2e0b8a8af19a81f246c1cc29ea11da8aa6eb421fff94038764ff90439857
2c9eafdd8ca759fdb000f2f515b0daf01efb20a3c12e1ed3fd17adc6597f57fc
3a5b8544a55ecbdf060aac85bb177af1a40b398193086197ccf77b5d1bb9371a
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
4aee46fd06311704d292eb39a9a6863a278383bef851467df3d8d3d694dd800b
55ced6992c1f562d5fdc32caaae1fb66a74aa11f23bb3a78a6a28436ff69d100
6aba95aab17d28ab1ddc4c8af369d653a5bf67b19b08e7c386622b40a6fa72e4
6c7ba24b4704001e76f8d581dd48a5c56324e69eb6f74af0c3e9cbd7233e467c
b2b3fde37ccd6c8dab0d32b5802880e44023365b42c2bcf2853af9ebfe9bd1ad
be789ea65bfa401248217d54258c9ce1208db12f06517d4122b57572e4d330f0
d3ef7fd1790155f337f8f18f38ce37229665aca17836f5914227079e152e6ce9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fafbf7a0a7f4d2da968c90db88a517187dd54b3d06f3767ce873b79407f76b9a