![](/screenshots/25f3b58d-10f7-4fd4-ad84-471f58908605.png)
bawag.it
Open in
urlscan Pro
104.21.54.92
Public Scan
Submission Tags: @phish_report
Submission: On September 13 via api from FI — Scanned from IT
Summary
TLS certificate: Issued by GTS CA 1P5 on August 22nd 2023. Valid for: 3 months.
This is the only time bawag.it was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 104.21.54.92 104.21.54.92 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 213.150.6.28 213.150.6.28 | 12895 (IT-AUSTRI...) (IT-AUSTRIA Vienna) | |
19 | 3 |
ASN12895 (IT-AUSTRIA Vienna, Austria, AT)
PTR: login.sparkasse.at
login.sparkasse.at |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
bawag.it
bawag.it |
209 KB |
2 |
sparkasse.at
login.sparkasse.at — Cisco Umbrella Rank: 976977 |
2 KB |
19 | 2 |
Domain | Requested by | |
---|---|---|
16 | bawag.it |
bawag.it
|
2 | login.sparkasse.at |
bawag.it
|
19 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.sparkasse.at |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bawag.it GTS CA 1P5 |
2023-08-22 - 2023-11-20 |
3 months | crt.sh |
login.sparkasse.at DigiCert EV RSA CA G2 |
2023-03-16 - 2024-03-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://bawag.it/george/
Frame ID: 69C3B8F2CF32AABCA72F172B3D2A138D
Requests: 20 HTTP requests in this frame
Screenshot
![](/screenshots/25f3b58d-10f7-4fd4-ad84-471f58908605.png)
Page Title
Erste Bank und Sparkassen LoginDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: hier
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Title: Datenschutz
Search URL Search Domain Scan URL
Title: Geschäftsbedingungen
Search URL Search Domain Scan URL
Title: Service & Kontakt
Search URL Search Domain Scan URL
Title: Sie nutzen s Identity-App und brauchen einen neuen Aktivierungscode?
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
bawag.it/george/ |
114 KB 40 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inter.css
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
5 KB 968 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-5.3.0-alpha2.min.css
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
226 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
31 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animation.css
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
1 KB 552 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gWqvRrszL2yz5NLdR4kW.js.indir
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
229 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
george-logo-bright-blue.svg
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
784 B 814 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
george-logo-white.svg
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
881 B 847 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EB-SPK_Logo_screen_white.svg
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap-5.3.0-alpha2.bundle.min.js.indir
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/ |
79 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Regular.woff2
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/Inter/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Bold.woff2
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/Inter/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-SemiBold.woff2
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/Inter/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Regular.woff
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/Inter/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Bold.woff
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/Inter/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-SemiBold.woff
bawag.it/george/Erste%20Bank%20und%20Sparkassen%20Login_files/Inter/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
JjVL1xJVDS
login.sparkasse.at/sts/ |
176 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
JjVL1xJVDS
login.sparkasse.at/sts/ |
60 B 992 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
JjVL1xJVDS
login.sparkasse.at/sts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.sparkasse.at
- URL
- https://login.sparkasse.at/sts/JjVL1xJVDS?sid=ONnw8GM49e2bBZDNLKcPiBcpwQnSnn4U&tc9g=zBLfX58F2CJcZEU0CIkqIEQ7ASvDK5Ra
Verdicts & Comments Add Verdict or Comment
37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| documentPictureInPicture function| keepalive function| setupKeepaliveInterval object| rootElement function| $ function| jQuery object| reWhiteSpace function| Utf8Encode function| htmlToJsConversion function| nbalert function| setFldFocus function| isWhiteSpace function| isEmpty function| doDisableSpecifiedForm function| doSubmitAndDisable function| jsxEncrypt function| encodeToHex object| STS object| STSSecAppSecondfactor function| setFocus function| displayError function| checkUser function| submitCredentials function| submitCancelLoginForm object| STSCookieBanner object| randomText function| showRandomText number| uidEvent object| bootstrap boolean| ajax_disabled object| webinject_config string| eventObf function| cls object| w number| currentDuration2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bawag.it/ | Name: 4G0qy9fDDI Value: ONnw8GM49e2bBZDNLKcPiBcpwQnSnn4U |
|
bawag.it/ | Name: NHIJACZdcO Value: zBLfX58F2CJcZEU0CIkqIEQ7ASvDK5Ra |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bawag.it
login.sparkasse.at
login.sparkasse.at
104.21.54.92
213.150.6.28
06680388a1f33bb726206df9b18bb1f71bcf24a78c1257e5295021dc4d8aa07d
121a448d5de23f73223cff87932917c92f8cff60e6f6760ff8d48da68a980898
2925a1337f2046c1196fd30e6f3c2ff0cc68f11bd156d633ea169f2cd5dcfa5e
43e9810f3a3de6101fb79a61c86f323f61ee166a728af5aa320d72b436d36eed
5541ecfd2f3cab7b43c73969a6186e7eacfa8d45951894b4d8aab823ffbd1722
651e0296848a69e05c63a35f4577fc948de8b96fd83c491e4d4e32e83baf5ac7
6b6aa6018aa6ea3ae4027e02236405fbfa0b9de70a9029165572ddbb2de1c7e1
72b972c92f8df61b1507ab62731266fc3f6a112aa05729a79caffac673da15d0
a0fec0084aae53a47fc01da23e111adffc897632020c3f019f414831c519f416
a4ac3dcc0f5d266db124352e763a84c86b38c0ac1a46214aba45dcd780d94fda
c874cf478442b3d931053c74be729d23dcc5cb904c9f8603bd85ce809f3ab248
d3b4dbb8df947d94b8759def398b9a2256472d74825df4dc2ed0c1eb2b1e149d
fcefa276f4f9af1acd48ef626f2c53be9990253a7498d22bae50689baa834af7