urlscan.io logo urlscan.io
SecurityTrails logo

thebarracudagroup.com Open in urlscan Pro
208.75.151.42  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://thebarracudagroup.com/wp-includes/images/smilies/account/Login.php
Submission: On October 27 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 208.75.151.42, located in Lansing, United States and belongs to LIQUID-WEB-INC - Liquid Web, L.L.C, US. The main domain is thebarracudagroup.com.
This is the only time thebarracudagroup.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alibaba (Online)

Domain & IP information

IP Address AS Autonomous System
1 208.75.151.42 32244 (LIQUID-WE...)
4 187.17.111.96 7162 (Universo ...)
6 3
Apex Domain
Subdomains		 Transfer
4 reabodonto.com.br
www.reabodonto.com.br Failed
391 KB
1 thebarracudagroup.com
thebarracudagroup.com
256 B
6 2
Domain Requested by
4 www.reabodonto.com.br www.reabodonto.com.br
1 thebarracudagroup.com
6 2

This site contains no links.

Subject Issuer Validity Valid

This page contains 2 frames:

Frame: http://www.reabodonto.com.br/xmlrpc/includes/account/login.alibaba.com.php
Frame ID: 14792.1
Requests: 2 HTTP requests in this frame

Frame: http://www.reabodonto.com.br/xmlrpc/includes/account/login.alibaba.com.php
Frame ID: 14823.1
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

6
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

392 kB
Transfer

397 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login.php
thebarracudagroup.com/wp-includes/images/smilies/account/ 		250 B
256 B 		Document
General
Check archive.org
Download Go to
Full URL
http://thebarracudagroup.com/wp-includes/images/smilies/account/Login.php
Protocol
HTTP/1.1
Server
208.75.151.42 Lansing, United States, ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US),
Reverse DNS
host.recruiterswebhosting.com
Software
Apache /
Resource Hash
d1a97f7f50f0fb5c524dbfad1e6cac23ef72dd55396bc5a565e1e19bf5075321

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
thebarracudagroup.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 10:50:59 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=150
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
login.alibaba.com.php
www.reabodonto.com.br/xmlrpc/includes/account/ 		0
0
login.alibaba.com.php
www.reabodonto.com.br/xmlrpc/includes/account/ Frame 1482 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.reabodonto.com.br/xmlrpc/includes/account/login.alibaba.com.php
Protocol
HTTP/1.1
Server
187.17.111.96 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
61b569b3849d5a15c32a2127a8aa1c0edaaa212dff2b5ade52494e2d5e697a61

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.reabodonto.com.br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://thebarracudagroup.com/wp-includes/images/smilies/account/Login.php
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://thebarracudagroup.com/wp-includes/images/smilies/account/Login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 10:51:00 GMT
Content-Encoding
gzip
Server
Apache
Connection
keep-alive
X-Cache-Status
BYPASS
Transfer-Encoding
chunked
Content-Type
text/html
img2.png
www.reabodonto.com.br/xmlrpc/includes/account/images/ Frame 1482 		327 KB
327 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.reabodonto.com.br/xmlrpc/includes/account/images/img2.png
Requested by
Host: www.reabodonto.com.br
URL: http://www.reabodonto.com.br/xmlrpc/includes/account/login.alibaba.com.php
Protocol
HTTP/1.1
Server
187.17.111.96 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
c3de8a20b257b3e3edadd946d59bbee31d90f6f84ed6e9619904669199c0461e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.reabodonto.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.reabodonto.com.br/xmlrpc/includes/account/login.alibaba.com.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.reabodonto.com.br/xmlrpc/includes/account/login.alibaba.com.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 10:51:00 GMT
Last-Modified
Thu, 26 Oct 2017 05:14:50 GMT
Server
Apache
ETag
"153133a-51d30-55c6c406dbd91"
X-Cache-Status
MISS
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
335152
img1.jpg
www.reabodonto.com.br/xmlrpc/includes/account/images/ Frame 1482 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.reabodonto.com.br/xmlrpc/includes/account/images/img1.jpg
Requested by
Host: www.reabodonto.com.br
URL: http://www.reabodonto.com.br/xmlrpc/includes/account/login.alibaba.com.php
Protocol
HTTP/1.1
Server
187.17.111.96 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
cc4547f107ae1d32573503ed37d0845f6c33433bcb2a6234ab51ad1928001d18

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.reabodonto.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.reabodonto.com.br/xmlrpc/includes/account/login.alibaba.com.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.reabodonto.com.br/xmlrpc/includes/account/login.alibaba.com.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 10:51:00 GMT
Last-Modified
Thu, 26 Oct 2017 05:14:59 GMT
Server
Apache
ETag
"153135e-f448-55c6c40f3842b"
X-Cache-Status
MISS
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
62536
img3.gif
www.reabodonto.com.br/xmlrpc/includes/account/images/ Frame 1482 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.reabodonto.com.br/xmlrpc/includes/account/images/img3.gif
Requested by
Host: www.reabodonto.com.br
URL: http://www.reabodonto.com.br/xmlrpc/includes/account/login.alibaba.com.php
Protocol
HTTP/1.1
Server
187.17.111.96 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
f789f6aa5304d63550e35f144eb65f131104ecb1e38cfacd51f7f63792579503

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.reabodonto.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.reabodonto.com.br/xmlrpc/includes/account/login.alibaba.com.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.reabodonto.com.br/xmlrpc/includes/account/login.alibaba.com.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 10:51:00 GMT
Last-Modified
Thu, 26 Oct 2017 05:14:40 GMT
Server
Apache
ETag
"1531321-564-55c6c3fd64751"
X-Cache-Status
MISS
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1380

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.reabodonto.com.br
URL
http://www.reabodonto.com.br/xmlrpc/includes/account/login.alibaba.com.php

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alibaba (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies