it.77-91-78-129.cprapid.com Open in urlscan Pro
77.91.78.129 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://it.77-91-78-129.cprapid.com/portale/
Submission: On February 16 via automatic, source phishtank (February 16th 2023, 11:45:13 pm UTC) — Scanned from DE

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 26 HTTP transactions. The main IP is 77.91.78.129, located in Helsinki, Finland and belongs to AEZA-AS, RU. The main domain is it.77-91-78-129.cprapid.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 27th 2023. Valid for: 3 months.

This is the only time it.77-91-78-129.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Poste Italiane (Online)

Domain & IP information

	IP Address		AS Autonomous System
26	77.91.78.129 77.91.78.129		210644 (AEZA-AS) (AEZA-AS)
26	1

26 77.91.78.129 (Helsinki, Finland)

ASN210644 (AEZA-AS, RU)
PTR: try-pest.aeza.network

it.77-91-78-129.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	cprapid.com it.77-91-78-129.cprapid.com	781 KB
26	1

	Domain	Requested by
26	it.77-91-78-129.cprapid.com	it.77-91-78-129.cprapid.com
26	1

This site contains no links.

Subject Issuer	Validity	Valid
it.77-91-78-129.cprapid.com cPanel, Inc. Certification Authority	`2023-01-27` - `2023-04-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://it.77-91-78-129.cprapid.com/portale/
Frame ID: 95BD8AD6BAA6A7A40D0A5CDE57615C9C
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Poste

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

781 kB
Transfer

775 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response it.77-91-78-129.cprapid.com/portale/	22 KB 22 KB	279ms 73ms	Document text/html	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `4901fe4e7133ea3f3f9ace9cdf67606e02ee79a1912e7c00f87bda7dc5754212` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Thu, 16 Feb 2023 23:45:08 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	bootstrap.min.css it.77-91-78-129.cprapid.com/portale/css/	119 KB 120 KB	47ms 30ms	Stylesheet text/css	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/bootstrap.min.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `8b922a249c9f81562d99eee24407bf38c7feac74a10dfe712292c0b032144dfa` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 122291
GET H/1.1	200 OK	base.css it.77-91-78-129.cprapid.com/portale/css/	371 B 612 B	89ms 30ms	Stylesheet text/css	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/base.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `22e9deb3c6783ddb9e7b4a3c55c6ecb43c8a507af17b20a897560933bfc868dd` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 371
GET H/1.1	200 OK	megamenu-pi.css it.77-91-78-129.cprapid.com/portale/css/	26 KB 26 KB	90ms 31ms	Stylesheet text/css	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/megamenu-pi.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `eba3a9e033961c3c7da8860e0e446e771c71c7dfa7513e140f08441a31e352e6` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 26732
GET H/1.1	200 OK	jquery.min.js Show response it.77-91-78-129.cprapid.com/portale/css/	95 KB 95 KB	167ms 30ms	Script application/javascript	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/jquery.min.js Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 97163
GET H/1.1	200 OK	vex.combined.js Show response it.77-91-78-129.cprapid.com/portale/css/	49 KB 49 KB	197ms 30ms	Script application/javascript	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/vex.combined.js Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `2d228c7db872def11bebce9c4eae484c690db51310f43a1c0e7940027dbdd69d` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 50360
GET H/1.1	200 OK	vex.css it.77-91-78-129.cprapid.com/portale/css/	2 KB 2 KB	90ms 31ms	Stylesheet text/css	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/vex.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `fde68bc921bfacf0a8c23316c92b664cf1ad694efd34a8aaa1d814d97fcf27f8` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2286
GET H/1.1	200 OK	vex-theme-default.css it.77-91-78-129.cprapid.com/portale/css/	7 KB 7 KB	92ms 31ms	Stylesheet text/css	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/vex-theme-default.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `93c94da755c23b3b6001fa5888fd7e958c2a63cdb2957ae5f99e45d7be85b1c4` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7322
GET H/1.1	200 OK	vex-theme-os.css it.77-91-78-129.cprapid.com/portale/css/	7 KB 7 KB	95ms 32ms	Stylesheet text/css	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/vex-theme-os.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `52651a8e503058723e76000a1b9a6d303d52a7d277753d2b93cd6589df505a45` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7184
GET H/1.1	200 OK	vex-theme-plain.css it.77-91-78-129.cprapid.com/portale/css/	6 KB 6 KB	129ms 30ms	Stylesheet text/css	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/vex-theme-plain.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `4c179ad9f6becc92e05f0aafc83324d960c196264a20663586939fc7e8c665b5` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 5788
GET H/1.1	200 OK	vex-theme-flat-attack.css it.77-91-78-129.cprapid.com/portale/css/	15 KB 15 KB	176ms 76ms	Stylesheet text/css	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/vex-theme-flat-attack.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `53ea4f0f384079ab87ab0298be34aa83911cf1e78ae4a454f792dda5197d2b0b` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 15479
GET H/1.1	200 OK	vex-theme-wireframe.css it.77-91-78-129.cprapid.com/portale/css/	6 KB 6 KB	130ms 30ms	Stylesheet text/css	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/vex-theme-wireframe.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `d9654bf8b7b4a9d33b266a79d9b6d9d8110f8f8f0951b3c9774ea1246040cfa0` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 6113
GET H/1.1	200 OK	logo-poste-italiane.png it.77-91-78-129.cprapid.com/portale/css/	6 KB 6 KB	31ms 30ms	Image image/png	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://it.77-91-78-129.cprapid.com/portale/css/logo-poste-italiane.png Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `3bf948c3dee39529d992d412cb336b7cb2057631915a0a6114375e6c5e5dd251` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 5737
GET H/1.1	200 OK	spinner_giallo.gif it.77-91-78-129.cprapid.com/portale/css/	33 KB 33 KB	31ms 30ms	Image image/gif	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://it.77-91-78-129.cprapid.com/portale/css/spinner_giallo.gif Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `ea638c8244c7a5cc50e617807b1fc35637430f976e8210ef3d560a5eb059e5f5` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 33869
GET H/1.1	200 OK	logo-poste-italiane-medium.png it.77-91-78-129.cprapid.com/portale/css/	6 KB 6 KB	32ms 32ms	Image image/png	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://it.77-91-78-129.cprapid.com/portale/css/logo-poste-italiane-medium.png Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `3bf948c3dee39529d992d412cb336b7cb2057631915a0a6114375e6c5e5dd251` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 5737
GET H/1.1	200 OK	empty-profile.png it.77-91-78-129.cprapid.com/portale/css/	14 KB 14 KB	30ms 30ms	Image image/png	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://it.77-91-78-129.cprapid.com/portale/css/empty-profile.png Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `c51a195594d462642c54d42035f153f23048a30abf538e91b119e7dd35e929dd` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 13979
GET H/1.1	200 OK	typography.css it.77-91-78-129.cprapid.com/portale/css/	5 KB 5 KB	41ms 29ms	Stylesheet text/css	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/typography.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/css/base.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `867e8e154140f607aeff52b8269a5736156905a484c71d514df54b5d16569aa8` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/css/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 5124
GET H/1.1	200 OK	fonts.css it.77-91-78-129.cprapid.com/portale/css/	3 KB 4 KB	43ms 29ms	Stylesheet text/css	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/fonts.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/css/base.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `75e72dc2cd106a9d4b7b1553ab494642a3140a62bbfe94a75953e91a6c4e7085` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/css/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 3569
GET H/1.1	200 OK	spaces.css it.77-91-78-129.cprapid.com/portale/css/	29 KB 29 KB	84ms 61ms	Stylesheet text/css	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/spaces.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/css/base.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `9fb634a5bbfbee4fc2503595fa18a98142ca8cf0bb29984d065edfeef0006bdd` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/css/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 29954
GET H/1.1	404 Not Found	alignment.css it.77-91-78-129.cprapid.com/portale/css/	0 0	86ms 48ms	Stylesheet text/html	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/alignment.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/css/base.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/css/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	extra.css it.77-91-78-129.cprapid.com/portale/css/	5 KB 5 KB	69ms 30ms	Stylesheet text/css	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/extra.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/css/base.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `aa8ac66ddf4aae6766e4f31c46bf6afc43fc83f807e1c181b2e9be18e78b0ed1` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/css/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 4992
GET H/1.1	200 OK	base-element.css it.77-91-78-129.cprapid.com/portale/css/	206 KB 206 KB	67ms 30ms	Stylesheet text/css	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/base-element.css Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/css/base.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `c44abf62faf4b9c9f12ffb70c209d73d88fff413374b60d58374ccefcca34f84` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/css/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 210758
GET H/1.1	200 OK	Texta-Regular.woff it.77-91-78-129.cprapid.com/portale/css/css/	39 KB 40 KB	31ms 30ms	Font font/woff	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/css/Texta-Regular.woff Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/css/fonts.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `ec14a0be40ca7c2085058395e27b35acae6b8c0d66e4d9d65d2e3c1b5d23efeb` Request headers Referer https://it.77-91-78-129.cprapid.com/portale/css/fonts.css Origin https://it.77-91-78-129.cprapid.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 40366
GET H/1.1	200 OK	Texta-Book.woff it.77-91-78-129.cprapid.com/portale/css/css/	32 KB 32 KB	30ms 30ms	Font font/woff	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/css/Texta-Book.woff Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/css/fonts.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `0fa4aee030662ed700dc5cb2e13e52b85fb1254a195d9ab0a1a10d79e645c8f8` Request headers Referer https://it.77-91-78-129.cprapid.com/portale/css/fonts.css Origin https://it.77-91-78-129.cprapid.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 32412
GET H/1.1	200 OK	Texta-Medium.woff it.77-91-78-129.cprapid.com/portale/css/css/	42 KB 42 KB	31ms 30ms	Font font/woff	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://it.77-91-78-129.cprapid.com/portale/css/css/Texta-Medium.woff Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/css/fonts.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `c9ec1880670e2c45729106c55f29fc40cd0a089f3ae54a560d369d151bb9f4fe` Request headers Referer https://it.77-91-78-129.cprapid.com/portale/css/fonts.css Origin https://it.77-91-78-129.cprapid.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 42625
GET H/1.1	200 OK	eye.png it.77-91-78-129.cprapid.com/portale/css/	645 B 886 B	36ms 36ms	Image image/png	77.91.78.129 AEZA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://it.77-91-78-129.cprapid.com/portale/css/eye.png Requested by Host: it.77-91-78-129.cprapid.com URL: https://it.77-91-78-129.cprapid.com/portale/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.91.78.129 Helsinki, Finland, ASN210644 (AEZA-AS, RU), Reverse DNS try-pest.aeza.network Software Apache / Resource Hash `5931ba755c44c364f074f95a904536fb4076da4e44c811a1934c5fff735c39c4` Request headers accept-language de-DE,de;q=0.9 Referer https://it.77-91-78-129.cprapid.com/portale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Thu, 16 Feb 2023 23:45:09 GMT Last-Modified Fri, 09 Sep 2022 09:04:50 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 645

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Poste Italiane (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			it.77-91-78-129.cprapid.com/portale	1970-01-20 19:19:11	Name: COOKIE_KEY Value: 16765911081

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://it.77-91-78-129.cprapid.com/portale/css/alignment.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

it.77-91-78-129.cprapid.com
77.91.78.129
0fa4aee030662ed700dc5cb2e13e52b85fb1254a195d9ab0a1a10d79e645c8f8
22e9deb3c6783ddb9e7b4a3c55c6ecb43c8a507af17b20a897560933bfc868dd
2d228c7db872def11bebce9c4eae484c690db51310f43a1c0e7940027dbdd69d
3bf948c3dee39529d992d412cb336b7cb2057631915a0a6114375e6c5e5dd251
4901fe4e7133ea3f3f9ace9cdf67606e02ee79a1912e7c00f87bda7dc5754212
4c179ad9f6becc92e05f0aafc83324d960c196264a20663586939fc7e8c665b5
52651a8e503058723e76000a1b9a6d303d52a7d277753d2b93cd6589df505a45
53ea4f0f384079ab87ab0298be34aa83911cf1e78ae4a454f792dda5197d2b0b
5931ba755c44c364f074f95a904536fb4076da4e44c811a1934c5fff735c39c4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
75e72dc2cd106a9d4b7b1553ab494642a3140a62bbfe94a75953e91a6c4e7085
867e8e154140f607aeff52b8269a5736156905a484c71d514df54b5d16569aa8
8b922a249c9f81562d99eee24407bf38c7feac74a10dfe712292c0b032144dfa
93c94da755c23b3b6001fa5888fd7e958c2a63cdb2957ae5f99e45d7be85b1c4
9fb634a5bbfbee4fc2503595fa18a98142ca8cf0bb29984d065edfeef0006bdd
aa8ac66ddf4aae6766e4f31c46bf6afc43fc83f807e1c181b2e9be18e78b0ed1
c44abf62faf4b9c9f12ffb70c209d73d88fff413374b60d58374ccefcca34f84
c51a195594d462642c54d42035f153f23048a30abf538e91b119e7dd35e929dd
c9ec1880670e2c45729106c55f29fc40cd0a089f3ae54a560d369d151bb9f4fe
d9654bf8b7b4a9d33b266a79d9b6d9d8110f8f8f0951b3c9774ea1246040cfa0
ea638c8244c7a5cc50e617807b1fc35637430f976e8210ef3d560a5eb059e5f5
eba3a9e033961c3c7da8860e0e446e771c71c7dfa7513e140f08441a31e352e6
ec14a0be40ca7c2085058395e27b35acae6b8c0d66e4d9d65d2e3c1b5d23efeb
fde68bc921bfacf0a8c23316c92b664cf1ad694efd34a8aaa1d814d97fcf27f8

it.77-91-78-129.cprapid.com Open in urlscan Pro 77.91.78.129 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

781 kBTransfer

775 kBSize

1 Cookies

0 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

it.77-91-78-129.cprapid.com Open in urlscan Pro
77.91.78.129 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

781 kB
Transfer

775 kB
Size

1
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!