![](/screenshots/622cc614-db9f-47e4-ada8-d780ce95daeb.png)
ulula.lupr.co.za
Open in
urlscan Pro
41.185.8.79
Malicious Activity!
Public Scan
Submission: On December 08 via manual from ZA — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 26th 2023. Valid for: 3 months.
This is the only time ulula.lupr.co.za was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nedbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 41.185.8.79 41.185.8.79 | 36943 (ZA-1-Grid) (ZA-1-Grid) | |
22 | 1 |
ASN36943 (ZA-1-Grid, ZA)
PTR: hostserv176.hostserv.co.za
ulula.lupr.co.za |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
lupr.co.za
ulula.lupr.co.za |
998 KB |
22 | 1 |
Domain | Requested by | |
---|---|---|
22 | ulula.lupr.co.za |
ulula.lupr.co.za
|
22 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ulula.lupr.co.za cPanel, Inc. Certification Authority |
2023-10-26 - 2024-01-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ulula.lupr.co.za/wp-admin/Letter_2023-11-06_4758_______.htm
Frame ID: 52C4324EADF66F033929550F5CCDDA2C
Requests: 22 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Letter_2023-11-06_4758_______.htm
ulula.lupr.co.za/wp-admin/ |
136 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
ulula.lupr.co.za/wp-admin/metaela/ |
173 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ulula.lupr.co.za/wp-admin/metaela/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KenaKahare.png
ulula.lupr.co.za/wp-admin/difoto/ |
73 KB 74 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-fast.svg
ulula.lupr.co.za/wp-admin/difonto/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-easy.svg
ulula.lupr.co.za/wp-admin/difonto/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-secure.svg
ulula.lupr.co.za/wp-admin/difonto/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entrust_site_seal_ssl.png
ulula.lupr.co.za/wp-admin/difoto/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GooglePlay.svg
ulula.lupr.co.za/wp-admin/difonto/ |
22 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppStoreBadge.svg
ulula.lupr.co.za/wp-admin/difonto/ |
12 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Icon.ef111dcaf7b1952d120f.svg
ulula.lupr.co.za/wp-admin/ |
79 KB 79 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location-blank-green.4b8e66bca4aac4a2aad6.svg
ulula.lupr.co.za/wp-admin/ |
49 KB 49 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
contact-blank-green.a180fba4b897921edd0b.svg
ulula.lupr.co.za/wp-admin/ |
49 KB 49 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Eye-Show.e1de9570f043be4db21c.svg
ulula.lupr.co.za/wp-admin/metaela/ |
79 KB 79 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PPP.cee7674f38c105ee0fb4.svg
ulula.lupr.co.za/wp-admin/ |
79 KB 79 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
contact-footer.ff0deb4d99b5c501e332.svg
ulula.lupr.co.za/wp-admin/ |
79 KB 79 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location-blank.e36d304f8628a21886d3.svg
ulula.lupr.co.za/wp-admin/ |
79 KB 79 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phoneicon.d20aa97e94487e70b840.svg
ulula.lupr.co.za/wp-admin/ |
49 KB 49 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tncs.04b64534a4bbcb7c2676.svg
ulula.lupr.co.za/wp-admin/ |
79 KB 79 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FontFont%20-%20MarkPro.12d6724a254d3be629fc.otf
ulula.lupr.co.za/wp-admin/difonto/ |
162 KB 65 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FontFont%20-%20MarkPro-Bold.476d44b0f6c8939bb885.otf
ulula.lupr.co.za/wp-admin/difonto/ |
162 KB 66 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FontFont%20-%20MarkPro-Medium.8531ae94f5ad973be8b7.otf
ulula.lupr.co.za/wp-admin/difonto/ |
158 KB 63 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nedbank (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery function| ajax_jsonp_call function| validatePassword function| untouched0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ulula.lupr.co.za
41.185.8.79
00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42
014d959cc00d76d3fa06c07ff444db5875a503d43c32434c98563e56e433ccab
0832da7a3fc301e12169be413a56c08256fc10ff06d837c602a0681a6b59351f
1054345e6e39061294e2f10627d3ad671c0b10882748cf63205850683bf781ad
10e79fdc950d97d8009cc7df167003e4fa68cb439c81ea9b5229c8d7f895eca5
203680b7945ca5c9f3697881f9af9c8ed160354675055d22fc34545910cd4d54
4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383
4d1bd1c26ed2585dd860bf3cfc6b77376c34a0c758f3ba9780cdbc7c2fde8cf8
54e78d62919fc3c90ac4cb592eb5d9c419b377094d563fad66729afc97f356fe
5d95d8aa86a9d5f4d305632093df05c4b73cb6cf936cf1f3d2210dcee9a4e3ea
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67b3a8abb9f9e92e76bf20ea822c2e7eab17ded9f329e93932757162e9d3b032
6900717ed1f3d33d86746806fcd7c752e02ef766f996e49e48c1cff1c5837785
8887a3e0dea10c649e723d160fcac04d7432910580a8c0f2726c0c27ef8ee9cc
979af22174e46123e6fb3c96d96360ba0ea7a5dbd00ae97ab1ebefae9c284d37
98abae8830ada4659fe72d966fbf8e96c3607a71283e45f0904214004c520f41
ad51841bf5cf5eb27ead0ae50f936f678eeb2d4e1be6035e83fce13b0e3b83bb
b35a2d5904979dbbff2a7b2455ce7b3bc048a3d51bda638c3af9b4d19bd31ba0
c7b8e76e369e4eb3e6e8d385b63ece5275782b42f4e44d0bca47ae222db2a73a
d304520079fc5d7b946015d5e96f4ffee25b633700edc7b3617bd63c6359d192
eaa561f9f8ef5b69bd39e15e332dc3700decacebf48e08b0640ad3a5d8711f65
ee214fda63de4a1786bb0b14585f02af8c09b1a6b2b45fd697fa80aa6a26cace