budinr.icu
Open in
urlscan Pro
43.134.24.226
Malicious Activity!
Public Scan
Effective URL: https://budinr.icu/qa/
Submission: On July 18 via api from US — Scanned from SG
Summary
TLS certificate: Issued by R11 on July 15th 2024. Valid for: 3 months.
This is the only time budinr.icu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Posten Norge (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 28 | 43.134.24.226 43.134.24.226 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
27 | 1 |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
budinr.icu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
budinr.icu
1 redirects
budinr.icu |
428 KB |
27 | 1 |
Domain | Requested by | |
---|---|---|
28 | budinr.icu |
1 redirects
budinr.icu
|
27 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.posten.no |
id.posten.no |
adressesok.posten.no |
www.postennorge.no |
www.bring.no |
Subject Issuer | Validity | Valid | |
---|---|---|---|
budinr.icu R11 |
2024-07-15 - 2024-10-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://budinr.icu/qa/
Frame ID: E7B811FE0BFE6FCF3C83BA7CF640541E
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://budinr.icu/qa?lsz=atiq0jekrp//qa/qa//qa//qa/qa/qa//qa/qa/qa//qa//qa//qa//qa//qa//qa//qa...
HTTP 307
https://budinr.icu/qa?lsz=atiq0jekrp//qa/qa//qa//qa/qa/qa//qa/qa/qa//qa//qa//qa//qa//qa//qa//qa... HTTP 301
https://budinr.icu/qa/ Page URL
Detected technologies
Socket.io (JavaScript Frameworks) ExpandDetected patterns
- socket\.io.*\.js
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
36 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Min sideMin side
Search URL Search Domain Scan URL
Title: Finn oss på kartet
Search URL Search Domain Scan URL
Title: Posten-appen
Search URL Search Domain Scan URL
Title: Frimerker til samling
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://budinr.icu/qa?lsz=atiq0jekrp//qa/qa//qa//qa/qa/qa//qa/qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa//qa/qa//qa//qa//qa//qa/qa//qa//qa/qa//qa//qa//qa//qa//qa/
HTTP 307
https://budinr.icu/qa?lsz=atiq0jekrp//qa/qa//qa//qa/qa/qa//qa/qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa//qa/qa//qa//qa//qa//qa/qa//qa//qa/qa//qa//qa//qa//qa//qa/ HTTP 301
https://budinr.icu/qa/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
budinr.icu/qa/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-2b607a54.js
budinr.icu/qa/assets/ |
492 KB 147 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f6170fbb8K8a8.css
budinr.icu/qa/assets/ |
952 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
86fb1c54Gtm45.js
budinr.icu/qa/assets/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
404e4081Gtm45.js
budinr.icu/qa/assets/ |
52 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
budinr.icu/ |
2 KB 2 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6c0c2ba6Gtm45.js
budinr.icu/qa/assets/ |
35 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
09bf01f8Gtm45.js
budinr.icu/qa/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d7d29c13Gtm45.js
budinr.icu/qa/assets/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
05a624e3Gtm45.js
budinr.icu/qa/assets/ |
268 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c27b6911Gtm45.js
budinr.icu/qa/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f79ade9a8K8a8.css
budinr.icu/qa/assets/ |
63 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a5cbd326Gtm45.js
budinr.icu/qa/assets/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4cd1ec688K8a8.css
budinr.icu/qa/assets/ |
323 B 650 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
MC4wODkxODEwNzExNDg0MTMzNA==
budinr.icu/api/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f015c267Gtm45.js
budinr.icu/qa/assets/ |
111 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
budinr.icu/socket.io/ |
118 B 339 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9330262fGtm45.js
budinr.icu/qa/assets/ |
113 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f4397ced8K8a8.css
budinr.icu/qa/assets/ |
400 B 727 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
budinr.icu/socket.io/ |
2 B 205 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
budinr.icu/socket.io/ |
32 B 252 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
budinr.icu/socket.io/ |
58 B 278 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
budinr.icu/socket.io/ |
2 B 205 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1b92491b8K8a8.woff2
budinr.icu/qa/assets/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
34ba719e8K8a8.woff2
budinr.icu/qa/assets/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
882f8e268K8a8.woff2
budinr.icu/qa/assets/ |
28 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
MC4xMzg3NDc3MjU3MjAzNzE5Nw==
budinr.icu/api/ |
36 B 279 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Posten Norge (Transportation)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| IMask boolean| __vite_is_modern_browser boolean| __VUE__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
budinr.icu
43.134.24.226
017d404f4b017a3c0b0885d195e9ea4c1bd60854cb16207c4d3b6e1c8ed6ef8d
1b92491bfcbb457aa48f6c9b6adf0f4a6be0fd6594634126b7788919bd3b734d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a450a6571e55ac331095260bddaa346cfceed542eea819e961a053f8f9df198
34ba719e7f615b8acccbbb7deff55e38e8d5a71234d7d459ddb816340b2cd970
376125d6fd5e00bbf564d6003b39271237f30bff1de0ba448e5269b7c53e8e4a
3d41dd19eb7790b3b3b5b282e47ae75f9aa3b456df9a442b2ab23a84182c692d
4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64
588315e332e64ef9e95cfb8710001251a3a03d1b846a2bd764ecdc24d244e061
58becf67b9ddbe9ae289c2c2b54cea624439e9530645518dba52b6f5e7cd0f18
5a1d963287f0ad3eddc55156e2c787effecfea43b183ef3f20b825230434977a
5b0e1e22e63182f7a5b40dd06487af6bf7010f680798f6ef128f36aa0cd6fc7c
6d3dd977e645fe5a8d4b88996ed7204e8b9f42dd9fc3f6df4d3e7278b1ab5cc2
6d99aa658ddf11eb835be7c6fdeb4865b23cc861b215ee18036ac8ae04ee9ed0
882f8e26a41744d760948be6d84613b5485f83a9ccaf16aa64401dfc2a99e5a7
920a9fe48c93a7f341142cc08d720a55cb333e561f0ded48799881c90b475501
9b33771f461a537e0f8675d3fc297c67e592cba811af36bf71f4a0297c4c104f
d3f292e1e0313f78382e3b5b5300734fa37a8a98cc774b151e34d85b4bf2057b
ddd3675ab5401d6880021a9fc960413f2aa9ae31aeaa40aa546f7fee2056a2f8
e47d150209ff0a7c7b0bc61990cc6b77e865b4b1584d84b2bdba97b137c0ffa1
e6797326dabcb03f5cdeeab1eb4da6c7bb8938440831f7932096408322c3abda
ef938fc71f2ec8f401bb73043ebe43242fe31b2e0ccf8849afb18a2d08f2812c
f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917
f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911
f79ade9aafe0d8cd39a9958ae3f77a578b38c8373211f15fac848b9e9331ac23
fbd70a79ec6210b8cda6e368824de44d4fcec0863463e683592a9b6fa82951a0