accessobapr.com
Open in
urlscan Pro
81.88.53.112
Malicious Activity!
Public Scan
Submission Tags: @ecarlesi threat #phishing Search All
Submission: On September 12 via api from CA — Scanned from IT
Summary
TLS certificate: Issued by R3 on September 12th 2023. Valid for: 3 months.
This is the only time accessobapr.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banca Agricola Popolare di Ragusa (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 81.88.53.112 81.88.53.112 | 39729 (REGISTER-AS) (REGISTER-AS) | |
1 | 193.41.84.72 193.41.84.72 | 15981 (CSEBO-NET) (CSEBO-NET) | |
2 | 18.66.192.58 18.66.192.58 | 16509 (AMAZON-02) (AMAZON-02) | |
10 | 3 |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-58.muc50.r.cloudfront.net
www.bapr.it |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
accessobapr.com
accessobapr.com |
639 KB |
2 |
bapr.it
www.bapr.it |
791 KB |
1 |
banking4you.it
www.banking4you.it |
|
10 | 3 |
Domain | Requested by | |
---|---|---|
7 | accessobapr.com |
accessobapr.com
|
2 | www.bapr.it |
accessobapr.com
|
1 | www.banking4you.it |
accessobapr.com
|
10 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
un-pac-e-vinci.eurizoncapital.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.accessobapr.com R3 |
2023-09-12 - 2023-12-11 |
3 months | crt.sh |
www.banking4you.it DigiCert EV RSA CA G2 |
2023-04-04 - 2024-04-30 |
a year | crt.sh |
www.bapr.it Amazon RSA 2048 M02 |
2022-12-27 - 2024-01-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://accessobapr.com/
Frame ID: D2E5D2F01D4BB08A2FEE3D0AD7DFD2BB
Requests: 10 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: SCOPRI DI PIU'
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
accessobapr.com/ |
91 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.efb08ee55d4716b9f06f.css
accessobapr.com/index_files/ |
519 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
public-light-theme-header-logo.png
accessobapr.com/index_files/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.banking4you.it/apps/pib2/05036brand0/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginBannerMobile1.png
www.bapr.it/wp-content/uploads/ |
609 KB 610 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LoginBannerMobile2.jpg
www.bapr.it/wp-content/uploads/ |
180 KB 181 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
public-light-theme-footer-logo.png
accessobapr.com/index_files/assets/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lato-Bold.89b618086a797a8be0f4.woff
accessobapr.com/index_files/ |
302 KB 274 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconfont.970f44aa80e156c05b48.woff2
accessobapr.com/index_files/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lato-Regular.1d2ca94dfba6f8d87cfd.woff
accessobapr.com/index_files/ |
302 KB 273 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banca Agricola Popolare di Ragusa (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
accessobapr.com/ | Name: COOKIE_KEY Value: 169451592255 |
|
www.bapr.it/ | Name: AWSALBCORS Value: 4seesNy0l/meAumBqjYNZCU5+5wMCeOzeNixJvqZuDansiReKbqV9pMhDPUbcL4kOx5VTKOBVcNQr1J/zithRgJRJk1lXGFpxmwR8Yht9pmAoF9vDw1mxCGU4zAH |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accessobapr.com
www.banking4you.it
www.bapr.it
18.66.192.58
193.41.84.72
81.88.53.112
0e56b17d142eb366c8007031d14e34da48c70b4a9d9a0ca492e696a7bae45e1e
28116eebaac6133dc16346af3de0098d9839b392d9b458990c0e073090ca071d
5b9025dda4d7688e3311b0c17eddc501133b807def33effaef6593843cf5416e
5efe3da3b1aff21ceff1298af1969b612d4a302cefc60a620716ba152e6dfb9c
803d05351ebda6c556fcc4cd2087b1ef16c3fbbc0d6f4e494157fc7a770142be
adb3ba0cb6989aa9fc95c21251db80165a6a28bcd7bb8ff1e023af2f9aa203b6
b57910820c90d33dc14ce84621329d8a37c08786a858308478d7851b682defbd
dafc8e4428f8839c71b2aed2e0c16fc1202b07f8722b02af5cf525cb79648d76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fec3e742b0e58731a919c2957f8845f2c2de64e3cfe6e99d82d91c4132e661d0