urlscan.io logo urlscan.io
SecurityTrails logo

bwiagpsk.com Open in urlscan Pro
159.65.12.227  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bwiagpsk.com/
Effective URL: https://bwiagpsk.com/InternetBanking7835?371314525
Submission: On July 04 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 159.65.12.227, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is bwiagpsk.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 2nd 2019. Valid for: 3 months.
This is the only time bwiagpsk.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BAWAG P.S.K. (Banking)

Domain & IP information

IP Address AS Autonomous System
1 2 159.65.12.227 14061 (DIGITALOC...)
1 2
Apex Domain
Subdomains		 Transfer
2 bwiagpsk.com
bwiagpsk.com
214 KB
1 1
Domain Requested by
2 bwiagpsk.com 1 redirects
1 1

This site contains links to these domains. Also see Links.

Domain
www.bawagpsk.com
ebanking.bawagpsk.com
demo-ebanking.bawagpsk.com
Subject Issuer Validity Valid
bwiagpsk.com
Let's Encrypt Authority X3		 2019-07-02 -
2019-09-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bwiagpsk.com/InternetBanking7835?371314525
Frame ID: EFB889A552A4DB0FA253B12946AC92FD
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bwiagpsk.com/ HTTP 302
    https://bwiagpsk.com/InternetBanking7835?371314525 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

214 kB
Transfer

592 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bwiagpsk.com/ HTTP 302
    https://bwiagpsk.com/InternetBanking7835?371314525 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set InternetBanking7835
bwiagpsk.com/
Redirect Chain
  • https://bwiagpsk.com/
  • https://bwiagpsk.com/InternetBanking7835?371314525
348 KB
214 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bwiagpsk.com/InternetBanking7835?371314525
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.65.12.227 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
web.de
Software
nginx /
Resource Hash
a088a700d52956100a29b3ea1d031f5507738b6526cd8c9122765ae48f765484

Request headers

Host
bwiagpsk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Thu, 04 Jul 2019 05:04:39 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Set-Cookie
PHPSESSID=pvkd8hhvji4h4gf67md6k096h5; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 04 Jul 2019 05:04:39 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=60
Location
InternetBanking7835?371314525
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ff7504c16daf2d34a784b611556b922f7adcc5f5eae1b58c41d81c827742b5c

Request headers

Referer
https://bwiagpsk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4d8e679d4b360282d5b9c0e578e2f30fd6939df399bfc0d1c80504e1b67b2be

Request headers

Referer
https://bwiagpsk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf61215ca4a5c69c1225fc2e5e70ab84a498a4c6ba3c7b48c3a16a6f5f34f650

Request headers

Referer
https://bwiagpsk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4deb3dd818172554ec3a7f0d4883dbe5b0d21cd33982c33c7ae1483b49d7982

Request headers

Referer
https://bwiagpsk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2154cb7ff608980de400c7c4101f315c4b02066ff61efe86810f769bc235e867

Request headers

Referer
https://bwiagpsk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		214 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03ef20287cdd93208b33b70a7ec135d04e89340cb741dd337364512269f097b9

Request headers

Referer
https://bwiagpsk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd0a334ed68480714349b7b248abae9311919b27291fcd7589d8c754cf572bb7

Request headers

Referer
https://bwiagpsk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e011026f31943494769a0c29bcc2482ef11ffaaf34029da3bf1ebec9427aa767

Request headers

Referer
https://bwiagpsk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23293f3c3e0c25475403d731ab9764c240256c6956c26adcb5a7995221c4a082

Request headers

Referer
https://bwiagpsk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
acbfecd34d006963ec250ff9af21cdc4f939af72785b2481c5cd07ab64d0277e

Request headers

Referer
https://bwiagpsk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4552da35c2b04619df857822c5249854e21211984aecd0c443b810b5d93028f8

Request headers

Referer
https://bwiagpsk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07d4a6c87dea5b48ca1dc0c6d35cb99674f088884b53954f7310d85cf26c1963

Request headers

Referer
https://bwiagpsk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BAWAG P.S.K. (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Domain/Path Name / Value
bwiagpsk.com/ Name: PHPSESSID
Value: pvkd8hhvji4h4gf67md6k096h5