posta-romana.dgsraf.com Open in urlscan Pro
38.60.211.192  Malicious Activity! Public Scan

URL: https://posta-romana.dgsraf.com/
Submission: On May 05 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 38.60.211.192, located in Frankfurt am Main, Germany and belongs to KAOPU-HK Kaopu Cloud HK Limited, HK. The main domain is posta-romana.dgsraf.com.
TLS certificate: Issued by R3 on May 5th 2023. Valid for: 3 months.
This is the only time posta-romana.dgsraf.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Poșta Română (Transportation)

Domain & IP information

IP Address AS Autonomous System
10 38.60.211.192 138915 (KAOPU-HK ...)
10 2
Apex Domain
Subdomains
Transfer
10 dgsraf.com
posta-romana.dgsraf.com
223 KB
10 1
Domain Requested by
10 posta-romana.dgsraf.com posta-romana.dgsraf.com
10 1

This site contains no links.

Subject Issuer Validity Valid
posta-romana.dgsraf.com
R3
2023-05-05 -
2023-08-03
3 months crt.sh

This page contains 1 frames:

Primary Page: https://posta-romana.dgsraf.com/
Frame ID: 126975DCCE57D4CE565555F503CF450B
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

Poșta Română

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

223 kB
Transfer

224 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
posta-romana.dgsraf.com/
486 B
650 B
Document
General
Full URL
https://posta-romana.dgsraf.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.60.211.192 Frankfurt am Main, Germany, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
/
Resource Hash
56bba3e3ada771b76474fede9a519ebfeab7e1db3fb35d0345e434b9faf6d9a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
486
Content-Type
text/html; charset=utf-8
Date
Fri, 05 May 2023 03:41:25 GMT
Keep-Alive
timeout=5
index-ab6948da.js
posta-romana.dgsraf.com/assets/
90 KB
91 KB
Script
General
Full URL
https://posta-romana.dgsraf.com/assets/index-ab6948da.js
Requested by
Host: posta-romana.dgsraf.com
URL: https://posta-romana.dgsraf.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.60.211.192 Frankfurt am Main, Germany, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
/
Resource Hash
6f04aa5aedf88e190eb8a7338254cf0fe8ed12e79bfb5201298902325cebaf7e

Request headers

Referer
https://posta-romana.dgsraf.com/
Origin
https://posta-romana.dgsraf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:41:25 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
92669
Content-Type
application/javascript; charset=utf-8
index-4f1a677e.css
posta-romana.dgsraf.com/assets/
8 KB
8 KB
Stylesheet
General
Full URL
https://posta-romana.dgsraf.com/assets/index-4f1a677e.css
Requested by
Host: posta-romana.dgsraf.com
URL: https://posta-romana.dgsraf.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.60.211.192 Frankfurt am Main, Germany, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
/
Resource Hash
4f1a677e55fb6e5437594c8fb6574cc6b9d9cb8ed5a6ee1160ea9a90e0352208

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posta-romana.dgsraf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:41:25 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
7719
Content-Type
text/css; charset=utf-8
id
posta-romana.dgsraf.com/nb/
8 B
177 B
XHR
General
Full URL
https://posta-romana.dgsraf.com/nb/id?id=null
Requested by
Host: posta-romana.dgsraf.com
URL: https://posta-romana.dgsraf.com/assets/index-ab6948da.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.60.211.192 Frankfurt am Main, Germany, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
/
Resource Hash
037c9214eef74cc3887f3a4f085b4e17d76280dafd273b0ee160c09c4ba1cfd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posta-romana.dgsraf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:41:25 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
8
Content-Type
application/json; charset=utf-8
header-4e0c8e2d.png
posta-romana.dgsraf.com/assets/
10 KB
10 KB
Image
General
Full URL
https://posta-romana.dgsraf.com/assets/header-4e0c8e2d.png
Requested by
Host: posta-romana.dgsraf.com
URL: https://posta-romana.dgsraf.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.60.211.192 Frankfurt am Main, Germany, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
/
Resource Hash
4e0c8e2d0c18f19ef3a1163b6512b6850c2bb996a384c56d8e2da313ee04e4f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posta-romana.dgsraf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:41:25 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
10113
Content-Type
image/png; charset=utf-8
footer-c5076ce6.png
posta-romana.dgsraf.com/assets/
93 KB
93 KB
Image
General
Full URL
https://posta-romana.dgsraf.com/assets/footer-c5076ce6.png
Requested by
Host: posta-romana.dgsraf.com
URL: https://posta-romana.dgsraf.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.60.211.192 Frankfurt am Main, Germany, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
/
Resource Hash
c5076ce68fc63751ee9cc393f179dc17d3a6b8fc58748c30efc5e20b22259c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posta-romana.dgsraf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:41:25 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
95344
Content-Type
image/png; charset=utf-8
field
posta-romana.dgsraf.com/nb/
21 B
204 B
XHR
General
Full URL
https://posta-romana.dgsraf.com/nb/field?key=position&val=%E7%AC%AC%E4%B8%80%E9%A1%B5&id=null
Requested by
Host: posta-romana.dgsraf.com
URL: https://posta-romana.dgsraf.com/assets/index-ab6948da.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.60.211.192 Frankfurt am Main, Germany, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
/
Resource Hash
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posta-romana.dgsraf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:41:25 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
21
Content-Type
text/plain; charset=utf-8
fix1-eaf55024.png
posta-romana.dgsraf.com/assets/
7 KB
7 KB
Image
General
Full URL
https://posta-romana.dgsraf.com/assets/fix1-eaf55024.png
Requested by
Host: posta-romana.dgsraf.com
URL: https://posta-romana.dgsraf.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.60.211.192 Frankfurt am Main, Germany, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
/
Resource Hash
eaf550246768d4d9bdc4a1fb9005bbdd0b3983a0eae2879299d7eaf2500584b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posta-romana.dgsraf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:41:25 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
7137
Content-Type
image/png; charset=utf-8
fix2-4c41cf7e.png
posta-romana.dgsraf.com/assets/
13 KB
14 KB
Image
General
Full URL
https://posta-romana.dgsraf.com/assets/fix2-4c41cf7e.png
Requested by
Host: posta-romana.dgsraf.com
URL: https://posta-romana.dgsraf.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.60.211.192 Frankfurt am Main, Germany, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
/
Resource Hash
4c41cf7e89d4a1c09838e34552cc68ff96a385f0d18651f005bae9f66de1f7e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posta-romana.dgsraf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:41:25 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
13669
Content-Type
image/png; charset=utf-8
truncated
/
610 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
878361b4c6b6201210eefd58b18e2ce1fc694eb6187b736a50bce9aeb2f0b3da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
640 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3a3d4df831110f04f77895fa2f781436b164c733277aaf6796743c6006d920f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
622 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34d0da4f3785dd820d889d209f46e2dcdb7eec98bad6d1083d594dc978fdd401

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
606 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f8d4e83d48d4c4c078f7fa0d8695975f1767a6231ea56d1aec5288e064ee84b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
field
posta-romana.dgsraf.com/nb/
2 B
165 B
XHR
General
Full URL
https://posta-romana.dgsraf.com/nb/field?key=position&val=%E7%AC%AC%E4%B8%80%E9%A1%B5&id=1
Requested by
Host: posta-romana.dgsraf.com
URL: https://posta-romana.dgsraf.com/assets/index-ab6948da.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.60.211.192 Frankfurt am Main, Germany, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posta-romana.dgsraf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:41:26 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
2
Content-Type
text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Poșta Română (Transportation)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless boolean| __VUE__

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://posta-romana.dgsraf.com/nb/field?key=position&val=%E7%AC%AC%E4%B8%80%E9%A1%B5&id=null
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)