thebarterexperts.top
Open in
urlscan Pro
93.157.63.172
Malicious Activity!
Public Scan
Submission: On March 09 via automatic, source openphish — Scanned from DE
Summary
This is the only time thebarterexperts.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PKO Bank Polski (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 93.157.63.172 93.157.63.172 | 43350 (NFORCE) (NFORCE) | |
1 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 193.109.225.100 193.109.225.100 | 21344 (INTELIGO) (INTELIGO) | |
7 | 5 |
ASN43350 (NFORCE, NL)
PTR: starrywolf.weedcheap4you.com
thebarterexperts.top |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
thebarterexperts.top
thebarterexperts.top |
713 KB |
1 |
pkobp.pl
www.pkobp.pl — Cisco Umbrella Rank: 219206 |
50 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 251 |
30 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194 |
68 KB |
7 | 4 |
Domain | Requested by | |
---|---|---|
4 | thebarterexperts.top |
thebarterexperts.top
|
1 | www.pkobp.pl |
thebarterexperts.top
|
1 | ajax.googleapis.com |
thebarterexperts.top
|
1 | cdnjs.cloudflare.com |
thebarterexperts.top
|
7 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
pkobp.pl Certum Extended Validation CA SHA2 |
2022-01-31 - 2023-01-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://thebarterexperts.top/IKO/
Frame ID: 05EBA9DD955F1337FB4026DEBD6AA753
Requests: 8 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
thebarterexperts.top/IKO/ |
618 KB 619 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ |
274 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
416x416_72VTFII_208_208.png
www.pkobp.pl/media_files/CiCCh/iPKO/ |
50 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PKOBankPolski-Regular.woff
thebarterexperts.top/IKO/gfx/ |
31 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PKOBankPolski-Light.woff
thebarterexperts.top/IKO/gfx/ |
32 KB 32 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PKOBankPolski-Bold.woff
thebarterexperts.top/IKO/gfx/ |
31 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PKO Bank Polski (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery function| IsEmpty10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
thebarterexperts.top
www.pkobp.pl
193.109.225.100
2606:4700::6810:125e
2a00:1450:4001:828::200a
93.157.63.172
08e8695cc1177aba498bb4f0e97d406ab707ea76594495a0835708a120cf46ea
29ece7b2e689f637d125e4049a960fd9d5a5a71ead05cb4a89660221bd671038
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a3c82e7f180a04686064c7f6a267a930682882f3c26b1ae9ce478d5419b546c
c29f44920da6534d908b7d6c1039089df4f5c6007aac0d57c2f851958ea06d97
cc44059f1adba7ca3a61f64b0a5e3647cb5f97c5dd569d5a3b64d7e42cd8d630
efe9aa5ae8e5d8418f7ba7dc090e0515b14ade0ba157ce94ddbead8e6571e8b1