login.parintinsparasurdover.online
Open in
urlscan Pro
148.72.144.180
Malicious Activity!
Public Scan
Submission: On March 15 via manual from IT — Scanned from IT
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 2nd 2022. Valid for: 3 months.
This is the only time login.parintinsparasurdover.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Agos Ducato (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 148.72.144.180 148.72.144.180 | 30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC) | |
3 | 2 |
ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: york.intelsrv.net
login.parintinsparasurdover.online |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
parintinsparasurdover.online
login.parintinsparasurdover.online |
770 KB |
3 | 1 |
Domain | Requested by | |
---|---|---|
3 | login.parintinsparasurdover.online |
login.parintinsparasurdover.online
|
3 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
areaclienti.agosweb.it |
www.agoscorporate.it |
doc.agosducato.it |
www.onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.login.parintinsparasurdover.online cPanel, Inc. Certification Authority |
2022-03-02 - 2022-05-31 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://login.parintinsparasurdover.online/login.html
Frame ID: 061DF8E79515FE0C231B01A8AAD082F7
Requests: 7 HTTP requests in this frame
Frame:
https://login.parintinsparasurdover.online/Portale%20Clienti%20Agos_files/saved_resource.html
Frame ID: 51950B348DC3CF23E0C059DDFFD6B59A
Requests: 1 HTTP requests in this frame
Frame:
https://login.parintinsparasurdover.online/Portale%20Clienti%20Agos_files/saved_resource(1).html
Frame ID: AF507A4A5715F249407E1009662078D3
Requests: 1 HTTP requests in this frame
7 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Registrati ora
Search URL Search Domain Scan URL
Title: Privacy-GDPR
Search URL Search Domain Scan URL
Title: Sicurezza
Search URL Search Domain Scan URL
Title: Cookie policy
Search URL Search Domain Scan URL
Title: trattamento dei miei dati personali
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.html
login.parintinsparasurdover.online/ |
768 KB 768 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
23 KB 23 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource.html
login.parintinsparasurdover.online/Portale%20Clienti%20Agos_files/ Frame 5195 |
688 B 864 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(1).html
login.parintinsparasurdover.online/Portale%20Clienti%20Agos_files/ Frame AF50 |
688 B 864 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Agos Ducato (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| savepage_ShadowLoader0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.parintinsparasurdover.online
148.72.144.180
1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2
46ae526afdb75c93347bb522b905a7a0ca481a9d813ee9d2550e8cfc32c69cc5
5cf3cf18c5f9b0b38aa22c8682d16201debc0d0ea3c92545a0712ba584aa44af
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
7e6207a3283baac127cf49ee0810a4c10ae7bad31e4fd0feff1ebeca5c801327
aac3d03363b5d44a6e5a6c4712243839c131c3f91903deb8a49e69f5d5074c55
cac962e2528b5b1d2d0d1356c93c6f00983f2a4279ccdc0ccd866e8bba9fabf1
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e