wwwbapr.online
Open in
urlscan Pro
217.160.0.227
Malicious Activity!
Public Scan
Submission: On September 12 via api from US — Scanned from IT
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on September 12th 2023. Valid for: a year.
This is the only time wwwbapr.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banca Agricola Popolare di Ragusa (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 217.160.0.227 217.160.0.227 | 8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS) | |
1 | 193.41.84.72 193.41.84.72 | 15981 (CSEBO-NET) (CSEBO-NET) | |
2 | 18.66.192.58 18.66.192.58 | 16509 (AMAZON-02) (AMAZON-02) | |
10 | 3 |
ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: 217-160-0-227.elastic-ssl.ui-r.com
wwwbapr.online |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-58.muc50.r.cloudfront.net
www.bapr.it |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
wwwbapr.online
wwwbapr.online |
1 MB |
2 |
bapr.it
www.bapr.it |
791 KB |
1 |
banking4you.it
www.banking4you.it |
|
10 | 3 |
Domain | Requested by | |
---|---|---|
7 | wwwbapr.online |
wwwbapr.online
|
2 | www.bapr.it |
wwwbapr.online
|
1 | www.banking4you.it |
wwwbapr.online
|
10 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
un-pac-e-vinci.eurizoncapital.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.wwwbapr.online Encryption Everywhere DV TLS CA - G2 |
2023-09-12 - 2024-09-11 |
a year | crt.sh |
www.banking4you.it DigiCert EV RSA CA G2 |
2023-04-04 - 2024-04-30 |
a year | crt.sh |
www.bapr.it Amazon RSA 2048 M02 |
2022-12-27 - 2024-01-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://wwwbapr.online/
Frame ID: 1F889D83605C773A6BDA9506C9F59CE4
Requests: 10 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: SCOPRI DI PIU'
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
wwwbapr.online/ |
91 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.efb08ee55d4716b9f06f.css
wwwbapr.online/index_files/ |
519 KB 519 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
public-light-theme-header-logo.png
wwwbapr.online/index_files/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.banking4you.it/apps/pib2/05036brand0/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginBannerMobile1.png
www.bapr.it/wp-content/uploads/ |
609 KB 610 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LoginBannerMobile2.jpg
www.bapr.it/wp-content/uploads/ |
180 KB 181 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
public-light-theme-footer-logo.png
wwwbapr.online/index_files/assets/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lato-Bold.89b618086a797a8be0f4.woff
wwwbapr.online/index_files/ |
302 KB 303 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconfont.970f44aa80e156c05b48.woff2
wwwbapr.online/index_files/ |
18 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lato-Regular.1d2ca94dfba6f8d87cfd.woff
wwwbapr.online/index_files/ |
302 KB 302 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banca Agricola Popolare di Ragusa (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wwwbapr.online/ | Name: COOKIE_KEY Value: 169452210337 |
|
www.bapr.it/ | Name: AWSALBCORS Value: J5oRwR2At4DBX/FqMAFRlkc/6/lLyv8A48FReAbRrHoXUvCgpvoTRGsiEzW11r7fioFxe8O1K9XkOPworUDjyTuHS1ywvO/84Kio/70om6SZYqfNRuCUgq1FSndt |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.banking4you.it
www.bapr.it
wwwbapr.online
18.66.192.58
193.41.84.72
217.160.0.227
0e56b17d142eb366c8007031d14e34da48c70b4a9d9a0ca492e696a7bae45e1e
28116eebaac6133dc16346af3de0098d9839b392d9b458990c0e073090ca071d
5b9025dda4d7688e3311b0c17eddc501133b807def33effaef6593843cf5416e
5efe3da3b1aff21ceff1298af1969b612d4a302cefc60a620716ba152e6dfb9c
adb3ba0cb6989aa9fc95c21251db80165a6a28bcd7bb8ff1e023af2f9aa203b6
b57910820c90d33dc14ce84621329d8a37c08786a858308478d7851b682defbd
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dafc8e4428f8839c71b2aed2e0c16fc1202b07f8722b02af5cf525cb79648d76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fec3e742b0e58731a919c2957f8845f2c2de64e3cfe6e99d82d91c4132e661d0