budinr.icu
Open in
urlscan Pro
43.134.24.226
Malicious Activity!
Public Scan
Effective URL: https://budinr.icu/qa/
Submission: On July 18 via api from US — Scanned from SG
Summary
TLS certificate: Issued by R11 on July 15th 2024. Valid for: 3 months.
This is the only time budinr.icu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Posten Norge (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 28 | 43.134.24.226 43.134.24.226 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
27 | 1 |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
budinr.icu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
budinr.icu
1 redirects
budinr.icu |
428 KB |
27 | 1 |
Domain | Requested by | |
---|---|---|
28 | budinr.icu |
1 redirects
budinr.icu
|
27 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.posten.no |
id.posten.no |
adressesok.posten.no |
www.postennorge.no |
www.bring.no |
Subject Issuer | Validity | Valid | |
---|---|---|---|
budinr.icu R11 |
2024-07-15 - 2024-10-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://budinr.icu/qa/
Frame ID: B981BD7AD101667B56A7DB2A70AF6891
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://budinr.icu/qa?lsz=atiq0jekrp//qa/qa//qa//qa/qa/qa//qa/qa/qa//qa//qa//qa//qa//qa//qa//qa...
HTTP 307
https://budinr.icu/qa?lsz=atiq0jekrp//qa/qa//qa//qa/qa/qa//qa/qa/qa//qa//qa//qa//qa//qa//qa//qa... HTTP 301
https://budinr.icu/qa/ Page URL
Detected technologies
Socket.io (JavaScript Frameworks) ExpandDetected patterns
- socket\.io.*\.js
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
36 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Min sideMin side
Search URL Search Domain Scan URL
Title: Finn oss på kartet
Search URL Search Domain Scan URL
Title: Posten-appen
Search URL Search Domain Scan URL
Title: Frimerker til samling
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://budinr.icu/qa?lsz=atiq0jekrp//qa/qa//qa//qa/qa/qa//qa/qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa/qa
HTTP 307
https://budinr.icu/qa?lsz=atiq0jekrp//qa/qa//qa//qa/qa/qa//qa/qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa/qa HTTP 301
https://budinr.icu/qa/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
budinr.icu/qa/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-2b607a54.js
budinr.icu/qa/assets/ |
492 KB 147 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f6170fbb8K8a8.css
budinr.icu/qa/assets/ |
952 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
86fb1c54Gtm45.js
budinr.icu/qa/assets/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
404e4081Gtm45.js
budinr.icu/qa/assets/ |
52 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
budinr.icu/ |
2 KB 2 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6c0c2ba6Gtm45.js
budinr.icu/qa/assets/ |
35 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
09bf01f8Gtm45.js
budinr.icu/qa/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d7d29c13Gtm45.js
budinr.icu/qa/assets/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
05a624e3Gtm45.js
budinr.icu/qa/assets/ |
268 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c27b6911Gtm45.js
budinr.icu/qa/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f79ade9a8K8a8.css
budinr.icu/qa/assets/ |
63 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a5cbd326Gtm45.js
budinr.icu/qa/assets/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4cd1ec688K8a8.css
budinr.icu/qa/assets/ |
323 B 650 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
MC4yODE3NjIxNDQ3MjMwNzI5
budinr.icu/api/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f015c267Gtm45.js
budinr.icu/qa/assets/ |
111 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
budinr.icu/socket.io/ |
118 B 339 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9330262fGtm45.js
budinr.icu/qa/assets/ |
113 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f4397ced8K8a8.css
budinr.icu/qa/assets/ |
400 B 727 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
budinr.icu/socket.io/ |
2 B 205 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
budinr.icu/socket.io/ |
32 B 252 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1b92491b8K8a8.woff2
budinr.icu/qa/assets/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
34ba719e8K8a8.woff2
budinr.icu/qa/assets/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
882f8e268K8a8.woff2
budinr.icu/qa/assets/ |
28 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
budinr.icu/socket.io/ |
58 B 278 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
budinr.icu/socket.io/ |
2 B 205 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
MC43MzE2MjY4NTgzNTE3MTg1
budinr.icu/api/ |
36 B 279 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Posten Norge (Transportation)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| IMask boolean| __vite_is_modern_browser boolean| __VUE__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
budinr.icu
43.134.24.226
1b92491bfcbb457aa48f6c9b6adf0f4a6be0fd6594634126b7788919bd3b734d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a450a6571e55ac331095260bddaa346cfceed542eea819e961a053f8f9df198
34ba719e7f615b8acccbbb7deff55e38e8d5a71234d7d459ddb816340b2cd970
3d41dd19eb7790b3b3b5b282e47ae75f9aa3b456df9a442b2ab23a84182c692d
4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64
50d9bf5a749723b4a7c0212b182c2fd1a688c85d1f0f0cdc18c5e0938a85afca
588315e332e64ef9e95cfb8710001251a3a03d1b846a2bd764ecdc24d244e061
58becf67b9ddbe9ae289c2c2b54cea624439e9530645518dba52b6f5e7cd0f18
5b0e1e22e63182f7a5b40dd06487af6bf7010f680798f6ef128f36aa0cd6fc7c
882f8e26a41744d760948be6d84613b5485f83a9ccaf16aa64401dfc2a99e5a7
920a9fe48c93a7f341142cc08d720a55cb333e561f0ded48799881c90b475501
9b33771f461a537e0f8675d3fc297c67e592cba811af36bf71f4a0297c4c104f
a289a064b7644e0f3e6a7a4bf0956d5430115aa84b9074abd3ba0d2d5df9212b
a938b7d5bc0bd023f608a2eea33fe7ba346b92bbafc5ded10363ea577707f6ed
af526ca8d12ef3d9d212b00a94ccb69d89742cb2c1fc547a991b53d304866c6e
d3f292e1e0313f78382e3b5b5300734fa37a8a98cc774b151e34d85b4bf2057b
dd2e56b9df9e747cdf5fd5004d116bfd8f9397f9ed271ea7625701f0b404146e
ddd3675ab5401d6880021a9fc960413f2aa9ae31aeaa40aa546f7fee2056a2f8
e47d150209ff0a7c7b0bc61990cc6b77e865b4b1584d84b2bdba97b137c0ffa1
e6797326dabcb03f5cdeeab1eb4da6c7bb8938440831f7932096408322c3abda
ef938fc71f2ec8f401bb73043ebe43242fe31b2e0ccf8849afb18a2d08f2812c
f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917
f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911
f79ade9aafe0d8cd39a9958ae3f77a578b38c8373211f15fac848b9e9331ac23
fbd70a79ec6210b8cda6e368824de44d4fcec0863463e683592a9b6fa82951a0