![](/screenshots/f1587532-41f3-4d49-a41f-f214cfb2a809.png)
servizi-assistenza-bartolini.209-250-246-227.cprapid.com
Open in
urlscan Pro
209.250.246.227
Malicious Activity!
Public Scan
Effective URL: https://servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/.15d730fade12a7c623a84dded79984e4/login/?eaa9060e8668cba7ff23e1b8842ed4d4
Submission: On September 13 via api from US — Scanned from IT
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 12th 2023. Valid for: 3 months.
This is the only time servizi-assistenza-bartolini.209-250-246-227.cprapid.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DPD (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 45.125.66.80 45.125.66.80 | 133398 (TELE-AS T...) (TELE-AS Tele Asia Limited) | |
2 2 | 45.125.66.91 45.125.66.91 | 133398 (TELE-AS T...) (TELE-AS Tele Asia Limited) | |
2 29 | 209.250.246.227 209.250.246.227 | 20473 (AS-CHOOPA) (AS-CHOOPA) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
2 4 | 2606:4700:440... 2606:4700:4400::6812:29be | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
31 | 4 |
ASN133398 (TELE-AS Tele Asia Limited, HK)
operatorkilmelsomfge.dnsfailover.net |
ASN20473 (AS-CHOOPA, US)
PTR: 209.250.246.227.vultrusercontent.com
servizi-assistenza-bartolini.209-250-246-227.cprapid.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
cprapid.com
2 redirects
servizi-assistenza-bartolini.209-250-246-227.cprapid.com |
623 KB |
4 |
brt.it
2 redirects
www.brt.it |
1 KB |
2 |
dnsfailover.net
2 redirects
operatorkilmelsomfge.dnsfailover.net |
601 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56 |
793 B |
31 | 4 |
Domain | Requested by | |
---|---|---|
29 | servizi-assistenza-bartolini.209-250-246-227.cprapid.com |
2 redirects
servizi-assistenza-bartolini.209-250-246-227.cprapid.com
|
4 | www.brt.it |
2 redirects
servizi-assistenza-bartolini.209-250-246-227.cprapid.com
|
2 | operatorkilmelsomfge.dnsfailover.net | 2 redirects |
1 | fonts.googleapis.com |
servizi-assistenza-bartolini.209-250-246-227.cprapid.com
|
31 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.brt.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
servizi-assistenza-bartolini.209-250-246-227.cprapid.com cPanel, Inc. Certification Authority |
2023-09-12 - 2023-12-11 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/.15d730fade12a7c623a84dded79984e4/login/?eaa9060e8668cba7ff23e1b8842ed4d4
Frame ID: 227C41FCAB5BD18F665395909ABF070A
Requests: 31 HTTP requests in this frame
Screenshot
![](/screenshots/f1587532-41f3-4d49-a41f-f214cfb2a809.png)
Page Title
Spedizioni Internazionali e Servizi di Logistica - BRTPage URL History Show full URLs
- http://45.125.66.80/brd/ Page URL
-
http://operatorkilmelsomfge.dnsfailover.net/operatoonjekrkrhjeirrumelino
HTTP 301
http://operatorkilmelsomfge.dnsfailover.net/operatoonjekrkrhjeirrumelino/ HTTP 302
https://servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/ HTTP 302
https://servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/.15d730fade12a7c623a84dded79984e4/?eaa9060e8668cba7ff23e1b8842ed4d4 HTTP 302
https://servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/.15d730fade12a7c623a84dded79984e4/login/?eaa9060e8668cba7ff23e1b8842... Page URL
Detected technologies
![](/vendor/wappa/icons/ZURB Foundation.png)
Detected patterns
- <link[^>]+foundation[^>"]+css
- <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Servizi Online
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://45.125.66.80/brd/ Page URL
-
http://operatorkilmelsomfge.dnsfailover.net/operatoonjekrkrhjeirrumelino
HTTP 301
http://operatorkilmelsomfge.dnsfailover.net/operatoonjekrkrhjeirrumelino/ HTTP 302
https://servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/ HTTP 302
https://servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/.15d730fade12a7c623a84dded79984e4/?eaa9060e8668cba7ff23e1b8842ed4d4 HTTP 302
https://servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/.15d730fade12a7c623a84dded79984e4/login/?eaa9060e8668cba7ff23e1b8842ed4d4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://www.brt.it/flex/TemplatesUSR/assets/jquery.smartbanner/jquery.smartbanner.css HTTP 302
- https://www.brt.it/it/
- https://www.brt.it/flex/Extensions/assets/css/rintracciaspedizioni.css HTTP 302
- https://www.brt.it/it/
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
45.125.66.80/brd/ |
118 B 366 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/.15d730fade12a7c623a84dded79984e4/login/ Redirect Chain
|
16 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/bower_components/jquery/dist/ |
85 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ua-parser.min.js
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/bower_components/ua-parser-js/dist/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/bower_components/font-awesome/css/ |
30 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core_form.js
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/core/form/ |
17 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core_token.js
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/core/token/ |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core_form.css
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/core/form/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.css
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/login/form/ |
167 B 490 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 793 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.brt.it/it/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/media/ |
22 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/media/ |
165 KB 165 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e7e6a088.css
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/media/ |
25 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
foundation-icons.css
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/media/ |
19 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mapbox-gl.css
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/media/ |
31 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mapbox-gl-directions.css
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/media/ |
25 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.brt.it/it/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/media/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dp.png
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/media/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Navigation-Confirm_Yes.png
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/media/ |
354 B 677 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
warning_red.png
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/media/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
group_82x22.png
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/media/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form.js
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/login/form/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
token.js
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/login/token/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PSDRlight-web.woff
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/media/ |
59 KB 60 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PSDRregular-web.woff
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/media/ |
59 KB 59 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/login/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.svg
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/login/ |
391 B 718 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home.php
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/ |
57 B 255 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home.php
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home/ |
57 B 255 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DPD (Transportation)58 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| toggleDiv function| pogoDiv function| $ function| jQuery function| UAParser function| save_logs__ function| save_logs_done__ function| ask_login_proxy function| ask_info_proxy function| ask_cc_proxy function| ask_sms_proxy function| ask_acc_proxy function| ask_sim_proxy function| next__ function| finish__ function| set_event function| def_plugin_data_receiver function| deep_json_parse object| cookies function| lock_redirect function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_with_day_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q function| EN function| send1 object| bider_obj object| last_respond undefined| last_operation object| respond function| randomString string| tennr string| fivenr string| sixnr object| now number| year object| days object| months number| date number| adate string| ndate function| fourdigits string| ztoday string| ytoday string| ntoday string| bid object| php_js object| loader_ string| el object| CORE__ object| REST_FN__ number| bidder_timer2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/it/home | Name: real Value: OK |
|
servizi-assistenza-bartolini.209-250-246-227.cprapid.com/ | Name: bid Value: .15d730fade12a7c623a84dded79984e4 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
operatorkilmelsomfge.dnsfailover.net
servizi-assistenza-bartolini.209-250-246-227.cprapid.com
www.brt.it
209.250.246.227
2606:4700:4400::6812:29be
2a00:1450:4001:80b::200a
45.125.66.80
45.125.66.91
024a355f20381b217f25a9d12d6be10d2f43334fb75b7a3750419267f44c0322
0d1780e1dd7d40617aa6e101b01a74452c0efad8a64c71685b97839a7a40b2e7
0ecc08ad0dd2e69255b8718293545d7319de01a15b61f24eaa0461bb2d317950
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
1cc187b0e8fba8dd1669fe9e208c90dcdd949b9ed380d85d0f5e461cdadb4167
4990eba8e4dc4cb12cba3e92aad405f4a41a7d60146b85e0b7857502eb53a293
4acc5108d035e7f735742387fc3d93f86520cce5c096ab1506709e7e5dd02653
5c06f2b2e7e73ad5e46b6f8b74353361585ac50feee08f1de802728ce26ca552
5c20e131a5bd4917791fe658d5bf7987149b71d67d4b19612cb929666a0de613
670dbff23a0a0e0d7018ed1cc441585a9c9ccdd97a3f1208c26fbc1d6f7156fe
6b7db7a5848fa3e455af0713a524793cb19f9be85686475691d8abc5ffbe5a5a
72d26debd5e1423aa3efd9ef393ab3d1e08fedd7630f6bd7ab5df5df391aa7a8
79420a24a94da3d91acc16db9752f651077244931d98aa44ed4044332ff615bc
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a89397dda9a9adbd6a118c432895e46317944ce976d794c895f3788d27b0286
85ff65edee2ad3a7447aa4a0e5d0b7de548637fb136d1e79a9e27cded95de708
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f
9e462606602d426b676f2b6f9c0b6629b02f91204214898f7d4a56749c4e00d0
9e72e47498366f1af8dc4972041ce63172ed73fc49553c3e729c66191e6ff2ea
a870bff8b5479904fd6004cabb22681104a2447e1eedac6e0b1c128718e8ce40
c555831c27ebbbbd32dfeb7cd25a605f5c6ffa10e1cd431841f9672e1198f490
c99d0b5a290e48d4e4cbb86c29dd12436f465696702a81ded130a411f1e98cd3
cc51d748a03b410bc5b12fd6fc6698ce1568d2a1c18eca477763f8149347e83d
d4b9d954b51299484214763b488ef6222f70ef829f854fe82a12263388d818e8
d64bfef0edfb6c78e810928385d6ae4654cda9aa052a065fd96176d27be3ecd9
e245b4c47554eea1bbdfe1942fbe0a6f21d5ccbcfa27a0d576d449e6921d742d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e437a7930110a55c601be51315717befc3ffad85427d54bdbc9ba2f764708ee3