81.19.140.6
Open in
urlscan Pro
81.19.140.6
Malicious Activity!
Public Scan
Submission: On August 21 via manual from AT — Scanned from AT
Summary
TLS certificate: Issued by on February 20th 2024. Valid for: 15 years.
This is the only time 81.19.140.6 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bitpanda (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 81.19.140.6 81.19.140.6 | 215540 (GCS-AS) (GCS-AS) | |
1 | 142.250.185.99 142.250.185.99 | 15169 (GOOGLE) (GOOGLE) | |
19 | 3 |
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
gstatic.com
fonts.gstatic.com |
48 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
19 | 2 |
Domain | Requested by | |
---|---|---|
1 | fonts.gstatic.com |
81.19.140.6
|
0 | 81.19.140.6 Failed |
81.19.140.6
|
19 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
b-itpanda.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
CloudFlare Origin Certificate |
2024-02-20 - 2039-02-16 |
15 years | crt.sh |
*.gstatic.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://81.19.140.6:8443/
Frame ID: E715BE29928D13B6B8CE2DFB76DBCD23
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
VerifizierungDetected technologies
AngularJS (JavaScript Frameworks) ExpandDetected patterns
- \bangular.{0,32}\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Hilfe
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
81.19.140.6/ |
11 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
81.19.140.6/assets/browser_components/jquery/dist/ |
85 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ua-parser.min.js
81.19.140.6/assets/browser_components/ua-parser-js/dist/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
81.19.140.6/assets/browser_components/font-awesome/css/ |
30 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.js
81.19.140.6/assets/core/ |
39 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
socket.js
81.19.140.6/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular.min.js
81.19.140.6/assets/browser_components/angular/ |
165 KB 165 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.css
81.19.140.6/assets/core/ |
3 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css.css
81.19.140.6/form/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.css
81.19.140.6/Verifizierung-bitpanda_files/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
81.19.140.6/Verifizierung-bitpanda_files/ |
63 KB 63 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qr-code.svg
81.19.140.6/Verifizierung-bitpanda_files/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js.downloaden
81.19.140.6/Verifizierung-bitpanda_files/ |
85 KB 85 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.inputmask.bundle.js.downloaden
81.19.140.6/Verifizierung-bitpanda_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css.css
81.19.140.6/form/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner-bg.png
81.19.140.6/images/ |
159 B 159 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v18/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
newloader.gif
81.19.140.6/form/ |
157 B 157 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
28 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
81.19.140.6/ |
4 KB 4 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 81.19.140.6
- URL
- https://81.19.140.6:8443/form/css.css
- Domain
- 81.19.140.6
- URL
- https://81.19.140.6:8443/form/css.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bitpanda (Financial)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| UAParser function| dataInput function| confirmData function| onDocumentReady function| EventEmitter function| onSocketOpen function| onSocketClose function| onMessageReceive function| onRedirect object| angular1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
81.19.140.6/ | Name: sessionId Value: b1bd7968d068ad10e530d214d2c97050 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
81.19.140.6
fonts.gstatic.com
81.19.140.6
142.250.185.99
81.19.140.6
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
13abac9e72f605d92627fae844d42a949f7df14443caa8455fe314515d8c28bf
143494d7750dd36e86b9963a62b0c652a8832afbf98586528931d1a2a0bef8b9
223a176e2e948a1b3f848be7ed64113f04d59397697a28c922aa152a24909810
353dda8bb59848b424d82f7bdb689aa55048eb0773640f0af62c3d09db23d7f2
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
4293e92270ef74bfc3c783fef764d958f563433da79cf9006c640a9558c562d7
489457bd142e708c03236d71f4aee3739fa5d7ecf6d6c9db2a61417b0ce0aadd
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
865ba36862d813c715679a69516c637064326e93a3fddeea8553dbe7847040aa
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
d6f784676efa25d4b27cdeeca3ade2e90fd6a491b89317fe86622e39facb293a
e901a0cd041d1b8ae6b68a07bda7d40647765f34ade82ae9dbde9f18562933ed
ea48eab1c42c86f75fd19dffbd44a27cfdff8c22fdabb8fc0473ab28fa3e3e08
fb751c374e96a4cc65cb56436be28880648e027eb33f7a46f30f866262c57e23