mieszkania.agromasz.pl
Open in
urlscan Pro
94.152.158.194
Malicious Activity!
Public Scan
Effective URL: http://mieszkania.agromasz.pl/Mail/emailservice/en.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13I...
Submission: On April 18 via manual from US
Summary
This is the only time mieszkania.agromasz.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 197.221.10.189 197.221.10.189 | 37153 (HETZNER) (HETZNER) | |
1 5 | 94.152.158.194 94.152.158.194 | 29522 (KEI) (KEI) | |
4 | 1 |
ASN37153 (HETZNER, ZA)
PTR: dedi71.cpt4.host-h.net
www.europlaw.co.bw |
ASN29522 (KEI, PL)
PTR: ok.info.pl
www.mieszkania.agromasz.pl | |
mieszkania.agromasz.pl |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
agromasz.pl
1 redirects
www.mieszkania.agromasz.pl mieszkania.agromasz.pl |
42 KB |
1 |
europlaw.co.bw
1 redirects
www.europlaw.co.bw |
363 B |
4 | 2 |
Domain | Requested by | |
---|---|---|
4 | mieszkania.agromasz.pl |
mieszkania.agromasz.pl
|
1 | www.mieszkania.agromasz.pl | 1 redirects |
1 | www.europlaw.co.bw | 1 redirects |
4 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://mieszkania.agromasz.pl/Mail/emailservice/en.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=dGh1ZXJ0YUBvcnRjLmNvbQ==&.rand=13InboxLight.aspx?n=1774256418&fid=4
Frame ID: BAE04B7995046484F8FEF02E6B62F43A
Requests: 4 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.europlaw.co.bw//Mail/office.php?email=thuerta@ortc.com
HTTP 302
http://www.mieszkania.agromasz.pl/Mail/emailservice?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-email&email=thuerta@ortc... HTTP 301
http://mieszkania.agromasz.pl/Mail/emailservice/?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-email&email=thuerta@ort... Page URL
- http://mieszkania.agromasz.pl/Mail/emailservice/en.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.europlaw.co.bw//Mail/office.php?email=thuerta@ortc.com
HTTP 302
http://www.mieszkania.agromasz.pl/Mail/emailservice?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-email&email=thuerta@ortc.com HTTP 301
http://mieszkania.agromasz.pl/Mail/emailservice/?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-email&email=thuerta@ortc.com Page URL
- http://mieszkania.agromasz.pl/Mail/emailservice/en.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=dGh1ZXJ0YUBvcnRjLmNvbQ==&.rand=13InboxLight.aspx?n=1774256418&fid=4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.europlaw.co.bw//Mail/office.php?email=thuerta@ortc.com HTTP 302
- http://www.mieszkania.agromasz.pl/Mail/emailservice?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-email&email=thuerta@ortc.com HTTP 301
- http://mieszkania.agromasz.pl/Mail/emailservice/?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-email&email=thuerta@ortc.com
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
mieszkania.agromasz.pl/Mail/emailservice/ Redirect Chain
|
273 B 442 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
en.php
mieszkania.agromasz.pl/Mail/emailservice/ |
12 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mail.png
mieszkania.agromasz.pl/Mail/emailservice/files/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id.png
mieszkania.agromasz.pl/Mail/emailservice/files/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| count0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mieszkania.agromasz.pl
www.europlaw.co.bw
www.mieszkania.agromasz.pl
197.221.10.189
94.152.158.194
0b5099cd66579762a6a3cb321cc32c53cfe2a713ba005ccd809633b340caaf07
272c9a8ee9faf4bb46b70403cda777ce98f24fd48b2083ee133478461261d5dd
e11a6773a10302f1d4a38c34b58395884c4ad628ff0f7842aa03fba5e8e50ab1
ed054d2da8485fde5f99c37c0094afae9b83bb434199c1b9550bff40d688879e