kipro.in Open in urlscan Pro
107.180.12.39 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kipro.in/pket/
Effective URL:
http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78
Submission Tags: 7390762
Submission: On December 20 via api (December 20th 2021, 5:49:09 pm UTC) from US — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 107.180.12.39, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is kipro.in.

This is the only time kipro.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

	IP Address		AS Autonomous System
2 10	107.180.12.39 107.180.12.39		26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
8	1

10 107.180.12.39 (Ashburn, United States) 2 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-12-39.ip.secureserver.net

kipro.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	kipro.in 2 redirects kipro.in	236 KB
8	1

	Domain	Requested by
10	kipro.in	2 redirects kipro.in
8	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78
Frame ID: 3E10AD65FD38F22B5C5385AC93BAC49B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paiement requis pour colis N° 73880641BE

Page URL History Show full URLs

http://kipro.in/pket/ HTTP 302
http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/?6b6970726f2e696e HTTP 302
http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

235 kB
Transfer

459 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kipro.in/pket/ HTTP 302
http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/?6b6970726f2e696e HTTP 302
http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request colis.php Show response kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/ Redirect Chain http://kipro.in/pket/ http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/?6b6970726f2e696e http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78	5 KB 2 KB	119ms 119ms	Document text/html	107.180.12.39 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 Protocol HTTP/1.1 Server 107.180.12.39 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-12-39.ip.secureserver.net Software Apache / PHP/7.2.34 Resource Hash `c20b333ad7aa02ad2a138215316faae99030ec5a1fb63cfaa777b5c39fb03bd2` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Mon, 20 Dec 2021 17:49:04 GMT Server Apache X-Powered-By PHP/7.2.34 Vary Accept-Encoding,User-Agent Content-Encoding gzip Content-Length 1395 Keep-Alive timeout=5 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Redirect headers Date Mon, 20 Dec 2021 17:49:04 GMT Server Apache X-Powered-By PHP/7.2.34 Location colis.php?id=91.199.118.78 Vary User-Agent Content-Length 0 Keep-Alive timeout=5 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	index.css kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/	10 KB 2 KB	107ms 107ms	Stylesheet text/css	107.180.12.39 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/index.css Requested by Host: kipro.in URL: http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 Protocol HTTP/1.1 Server 107.180.12.39 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-12-39.ip.secureserver.net Software Apache / Resource Hash `8f03b19bf8e534205094da64eb566c50991644fa7dbac5acf4b001948e8b0fd1` Request headers Accept-Language de-DE,de;q=0.9 Referer http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 17:49:04 GMT Content-Encoding gzip Last-Modified Sun, 05 Apr 2020 12:31:12 GMT Server Apache ETag "96443e9-2945-5a28a53670400-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1234
GET H/1.1	200 OK	jquery.js Show response kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/	276 KB 80 KB	215ms 209ms	Script application/javascript	107.180.12.39 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/jquery.js Requested by Host: kipro.in URL: http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 Protocol HTTP/1.1 Server 107.180.12.39 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-12-39.ip.secureserver.net Software Apache / Resource Hash `4f5e849f11b1f3d348b4f504b570ab268f89e735079d46330a80f4df498b96be` Request headers Accept-Language de-DE,de;q=0.9 Referer http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 17:49:04 GMT Content-Encoding gzip Last-Modified Fri, 13 Dec 2019 00:44:38 GMT Server Apache ETag "96443eb-4516c-5998b2a9d2980-gzip" Vary Accept-Encoding,User-Agent Upgrade h2,h2c Transfer-Encoding chunked Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type application/javascript Keep-Alive timeout=5
GET H/1.1	200 OK	jquery.maskedinput.js Show response kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/	10 KB 3 KB	193ms 188ms	Script application/javascript	107.180.12.39 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/jquery.maskedinput.js Requested by Host: kipro.in URL: http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 Protocol HTTP/1.1 Server 107.180.12.39 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-12-39.ip.secureserver.net Software Apache / Resource Hash `c75ef4ed711014b31fe4cc01e7b96ee7723d2fe8b77c7158f45a885f1a15d4ad` Request headers Accept-Language de-DE,de;q=0.9 Referer http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 17:49:04 GMT Content-Encoding gzip Last-Modified Fri, 13 Dec 2019 00:44:34 GMT Server Apache ETag "96443ec-28ba-5998b2a602080-gzip" Vary Accept-Encoding,User-Agent Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type application/javascript Keep-Alive timeout=5 Content-Length 2630
GET H/1.1	200 OK	v.svg kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/	3 KB 2 KB	191ms 191ms	Image image/svg+xml	107.180.12.39 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/v.svg Requested by Host: kipro.in URL: http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 Protocol HTTP/1.1 Server 107.180.12.39 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-12-39.ip.secureserver.net Software Apache / Resource Hash `621d71c44b8d4c88ffb30fa6fc91414eed9a2a04f64a7f78ef8d327ee22559ea` Request headers Accept-Language de-DE,de;q=0.9 Referer http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 17:49:04 GMT Content-Encoding gzip Last-Modified Sun, 05 Apr 2020 12:29:32 GMT Server Apache ETag "96443f3-ab5-5a28a4d712300-gzip" Vary Accept-Encoding,User-Agent Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1344
GET H/1.1	200 OK	m.svg kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/	12 KB 5 KB	141ms 141ms	Image image/svg+xml	107.180.12.39 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/m.svg Requested by Host: kipro.in URL: http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 Protocol HTTP/1.1 Server 107.180.12.39 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-12-39.ip.secureserver.net Software Apache / Resource Hash `beadbdcf0b75b8324c545052ef813c51c3f835cd6a03b9e07725bc4456a18b26` Request headers Accept-Language de-DE,de;q=0.9 Referer http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 17:49:04 GMT Content-Encoding gzip Last-Modified Sun, 05 Apr 2020 12:29:32 GMT Server Apache ETag "96443ed-317d-5a28a4d712300-gzip" Vary Accept-Encoding,User-Agent Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 4595
GET H/1.1	200 OK	csc.png kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/	849 B 1 KB	131ms 131ms	Image image/png	107.180.12.39 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/csc.png Requested by Host: kipro.in URL: http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 Protocol HTTP/1.1 Server 107.180.12.39 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-12-39.ip.secureserver.net Software Apache / Resource Hash `65647f984e67ba00b2ee540d351f7fa717fbae95485d89e43d46aaf02d89d63a` Request headers Accept-Language de-DE,de;q=0.9 Referer http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/colis.php?id=91.199.118.78 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 17:49:04 GMT Last-Modified Sun, 05 Apr 2020 12:29:30 GMT Server Apache ETag "96443e2-351-5a28a4d529e80" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 849
GET H/1.1	200 OK	index.jpg kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/	141 KB 141 KB	213ms 203ms	Image image/jpeg	107.180.12.39 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/index.jpg Requested by Host: kipro.in URL: http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/index.css Protocol HTTP/1.1 Server 107.180.12.39 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-12-39.ip.secureserver.net Software Apache / Resource Hash `4707b8ed77814d0432ff91ceebf0c9587f8889fc7035cd094ef8131b27337909` Request headers Accept-Language de-DE,de;q=0.9 Referer http://kipro.in/pket/6d3934480b23c0ca3d164cf19fa11946/b/index.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 17:49:05 GMT Last-Modified Sun, 05 Apr 2020 12:29:32 GMT Server Apache ETag "96443ea-2348d-5a28a4d712300" Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=5 Content-Length 144525

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| isNumberKey

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kipro.in
107.180.12.39
4707b8ed77814d0432ff91ceebf0c9587f8889fc7035cd094ef8131b27337909
4f5e849f11b1f3d348b4f504b570ab268f89e735079d46330a80f4df498b96be
621d71c44b8d4c88ffb30fa6fc91414eed9a2a04f64a7f78ef8d327ee22559ea
65647f984e67ba00b2ee540d351f7fa717fbae95485d89e43d46aaf02d89d63a
8f03b19bf8e534205094da64eb566c50991644fa7dbac5acf4b001948e8b0fd1
beadbdcf0b75b8324c545052ef813c51c3f835cd6a03b9e07725bc4456a18b26
c20b333ad7aa02ad2a138215316faae99030ec5a1fb63cfaa777b5c39fb03bd2
c75ef4ed711014b31fe4cc01e7b96ee7723d2fe8b77c7158f45a885f1a15d4ad

kipro.in Open in urlscan Pro 107.180.12.39 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

235 kBTransfer

459 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

kipro.in Open in urlscan Pro
107.180.12.39 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

235 kB
Transfer

459 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!