ceskas-posta.com
Open in
urlscan Pro
179.43.142.169
Malicious Activity!
Public Scan
Submission: On September 14 via manual from US — Scanned from CH
Summary
TLS certificate: Issued by R3 on September 14th 2023. Valid for: 3 months.
This is the only time ceskas-posta.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Czech Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 179.43.142.169 179.43.142.169 | 51852 (PLI-AS) (PLI-AS) | |
1 | 91.149.202.233 91.149.202.233 | 26383 (ASNET) (ASNET) | |
1 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
23 | 4 |
ASN51852 (PLI-AS, PA)
PTR: hostedby.privatelayer.com
ceskas-posta.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
ceskas-posta.com
ceskas-posta.com |
835 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1171 |
20 KB |
1 |
api-service2.com
ao02887332.api-service2.com |
344 B |
23 | 3 |
Domain | Requested by | |
---|---|---|
21 | ceskas-posta.com |
ceskas-posta.com
|
1 | maxcdn.bootstrapcdn.com |
ceskas-posta.com
|
1 | ao02887332.api-service2.com |
ceskas-posta.com
|
23 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.postaonline.cz |
www.ceskaposta.cz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ceskas-posta.com R3 |
2023-09-14 - 2023-12-13 |
3 months | crt.sh |
ao02887332.api-service2.com R3 |
2023-09-04 - 2023-12-03 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ceskas-posta.com/
Frame ID: 4A2AFF9C763CBBF2CE0AE6CEB579E1FC
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
česká poštaDetected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- <div class="[^"]*aem-Grid
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: EN
Search URL Search Domain Scan URL
Title: Česká pošta
Search URL Search Domain Scan URL
Title: Ochrana osobních údajů – GDPR
Search URL Search Domain Scan URL
Title: Kontakty
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ceskas-posta.com/ |
62 B 214 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cz.js
ceskas-posta.com/static/js/ |
2 KB 743 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
urlConfig.json
ceskas-posta.com/ResourceConfig/ |
679 B 835 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.js
ceskas-posta.com/static/js/ |
42 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ResourceRedConfig.js
ceskas-posta.com/static/js/ |
1 KB 884 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
ceskas-posta.com/static/image/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading_red.gif
ceskas-posta.com/static/image/ |
61 KB 61 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
token
ao02887332.api-service2.com/api/v2/ |
78 B 344 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-a1498110.js
ceskas-posta.com/static/jieke/assets/ |
950 KB 347 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-f1561a25.css
ceskas-posta.com/static/jieke/assets/ |
1 MB 145 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/ |
122 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-pack.js
ceskas-posta.com/static/jieke/header/js/ |
290 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.slicknav.min.js
ceskas-posta.com/static/jieke/header/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script_cs.js
ceskas-posta.com/static/jieke/header/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
ceskas-posta.com/static/jieke/header/ |
233 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logoCP.png
ceskas-posta.com/static/jieke/header/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer.css
ceskas-posta.com/static/jieke/footer/ |
174 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.js
ceskas-posta.com/static/ |
87 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button-ico-prihlasit-se.png
ceskas-posta.com/static/jieke/header/ |
264 B 469 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button-ico-registrovat.png
ceskas-posta.com/static/jieke/header/ |
386 B 591 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 2 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button-ico-prihlasit-se.png
ceskas-posta.com/static/jieke/footer/ |
264 B 469 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer.css
ceskas-posta.com/static/jieke/footer/ |
174 KB 38 KB |
Font
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button-ico-registrovat.png
ceskas-posta.com/static/jieke/footer/ |
386 B 591 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Czech Post (Transportation)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| url function| axios function| $ function| jQuery function| DP_jQuery_1694709847885 function| eraseCookie function| setCookie function| getCookie object| __vueuse_ssr_handlers__ boolean| __VUE__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ao02887332.api-service2.com
ceskas-posta.com
maxcdn.bootstrapcdn.com
179.43.142.169
2606:4700::6812:acf
91.149.202.233
0e30e88ab7613f4f46245138965d35494494dde6b8167b6a0b96f69b2bedaac0
1704357946b6b86b25f7ae7dcb1333f6d4d95936336122c1da11f0fba9e39793
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
19fe7f683a76db69bc89f8158c887901dec2dcc1d8c7200771ba117e7bf899af
26cab926c482e17b749cd8b752b4aca421daf587edb2c8f8979cc05d620ddf68
274f49413e4e9e8d824040c60f5d7173350159a3eb21545a5f95b09098190fee
55ed63c5a964b469381f9908802ef16a65bf26dab44112166d7e4579d09cfd09
6524892320bd09bdd201ec78758237911237790b27d3f7f5d544f9e276d95ce1
72cbb781f671ef2a32ab52bee7ad56351dbbed5ca9d842327209178b6a30a3bb
7bd77c5048e3e624a00ef31c578032baaed8514bd37212a7f9b62e8c2e1db0fb
96b65382c74cd6255d4628044c5394f2ef3f0662d7d72b10f1bceb50b6ee5455
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d
9d150080ca6ff55dbc232bc68f5dd74178f007a8412e30af08aa086d2c6cfe9e
9d1588fabe8e5adac82145713ea41ce805aec2b72f09f7595b11410bdf485d25
a665d0b7f827439252b46fa22d3fc462e0c56df5b2bf2a3224b44a79971f38ee
aef350173a8d3e7225c7984992a0934373a6ce2a24e62f8931d708cdc20ba996
ba7135d7150d3ba351be685b32196e633cfeec5ed9d046b4404916843d2af7b6
be4576d21e7999a56ada4c6c9b520dc0ed71ec6b4452825d9ea75eca9d966d38
f1561a25f278d84f162fcbfa40433acdb2fa7e991edaee0571bfff5b731e7417
fcad14a4b51c1b7825cf99338656d1a01e845a3531095251becb874cf6e101f9