urikiq.tk
Open in
urlscan Pro
185.174.174.220
Malicious Activity!
Public Scan
Submission: On November 22 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 31st 2022. Valid for: 3 months.
This is the only time urikiq.tk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Libero (Online)Domain & IP information
ASN21100 (ITLDC-NL, UA)
PTR: 185.174.174.220.cp6nl.hyperhost.ua
urikiq.tk |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
fonts.gstatic.com | |
www.gstatic.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-65-0.eu-west-1.compute.amazonaws.com
secure-it.imrworldwide.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net
sb.scorecardresearch.com |
ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-92.fra60.r.cloudfront.net
i.plug.it |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-92-250.eu-west-1.compute.amazonaws.com
ad.crwdcntrl.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
39 |
urikiq.tk
urikiq.tk |
443 KB |
3 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
34 KB |
3 |
libero.it
geoisp.libero.it — Cisco Umbrella Rank: 964377 |
2 KB |
2 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 |
87 KB |
2 |
imrworldwide.com
secure-it.imrworldwide.com — Cisco Umbrella Rank: 45779 cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2328 |
4 KB |
1 |
crwdcntrl.net
ad.crwdcntrl.net — Cisco Umbrella Rank: 6391 |
|
1 |
virgilio.it
geoisp.virgilio.it — Cisco Umbrella Rank: 988420 |
792 B |
1 |
google.com
adservice.google.com — Cisco Umbrella Rank: 72 |
549 B |
1 |
google.it
adservice.google.it — Cisco Umbrella Rank: 45398 |
792 B |
1 |
plug.it
i.plug.it — Cisco Umbrella Rank: 236991 |
396 B |
1 |
scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 146 |
191 B |
1 |
wt-eu02.net
italiaonline01.wt-eu02.net — Cisco Umbrella Rank: 188585 |
901 B |
1 |
googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136 |
|
1 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185 |
27 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 |
1 KB |
67 | 15 |
Domain | Requested by | |
---|---|---|
39 | urikiq.tk |
urikiq.tk
|
3 | geoisp.libero.it |
urikiq.tk
|
2 | securepubads.g.doubleclick.net |
urikiq.tk
www.googletagservices.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | ad.crwdcntrl.net |
urikiq.tk
|
1 | geoisp.virgilio.it |
urikiq.tk
|
1 | adservice.google.com |
urikiq.tk
|
1 | adservice.google.it |
urikiq.tk
|
1 | i.plug.it |
urikiq.tk
|
1 | cdn-gl.imrworldwide.com |
urikiq.tk
|
1 | www.gstatic.com |
urikiq.tk
|
1 | sb.scorecardresearch.com |
urikiq.tk
|
1 | italiaonline01.wt-eu02.net |
urikiq.tk
|
1 | secure-it.imrworldwide.com |
urikiq.tk
|
1 | tpc.googlesyndication.com |
urikiq.tk
|
1 | www.googletagservices.com |
urikiq.tk
|
1 | fonts.googleapis.com |
urikiq.tk
|
67 | 17 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.libero.it |
aiuto.libero.it |
registrazione.libero.it |
quifinanza.it |
www.italiaonline.it |
info.libero.it |
privacy.italiaonline.it |
easy.libero.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
webmail.urikiq.tk R3 |
2022-10-31 - 2023-01-29 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
*.libero.it Sectigo RSA Organization Validation Secure Server CA |
2022-09-06 - 2023-10-07 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-04 - 2023-02-03 |
a year | crt.sh |
*.wt-eu02.net Sectigo RSA Domain Validation Secure Server CA |
2022-01-17 - 2023-01-27 |
a year | crt.sh |
*.scorecardresearch.com Amazon |
2022-01-29 - 2023-02-27 |
a year | crt.sh |
*.plug.it Sectigo RSA Domain Validation Secure Server CA |
2021-12-15 - 2023-01-15 |
a year | crt.sh |
*.google.it GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
*.virgilio.it Sectigo RSA Organization Validation Secure Server CA |
2022-07-13 - 2023-08-13 |
a year | crt.sh |
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2022-05-01 - 2023-06-02 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
https://urikiq.tk/ret/ip/libero-file-chi/libero-file/login.html
Frame ID: 9B3662FBF6E9C3B6D9D240ACE0804198
Requests: 47 HTTP requests in this frame
Frame:
https://urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/saved_resource.html
Frame ID: 6A49E0DD0D61A502457CE23D09267A5B
Requests: 16 HTTP requests in this frame
Frame:
https://urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/saved_resource(1).html
Frame ID: 3F9153B00EBB27AC6E1EFE5A35A68702
Requests: 2 HTTP requests in this frame
Frame:
https://urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ls.html
Frame ID: FD882A49337A0CAF9BD2EDC571E1C5E2
Requests: 1 HTTP requests in this frame
Frame:
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: A7F8D923361180F19F87DDF98C4A58CE
Requests: 1 HTTP requests in this frame
Frame:
https://i.plug.it/iplug/js/lib/iol/analytics/ads/adv/_ads.js?_t=1669090216672
Frame ID: DC9A6081A7F94A90DFC195010B598FD3
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Libero Mail - loginDetected technologies
DoubleClick Ad Exchange (AdX) (Advertising Networks) ExpandDetected patterns
- tpc\.googlesyndication\.com/safeframe
DoubleClick for Publishers (DFP) (Advertising Networks) Expand
Detected patterns
- googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: AIUTO
Search URL Search Domain Scan URL
Title: CREA ACCOUNT
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Bonus sociale, nuova proroga per lo sconto in bolletta
Search URL Search Domain Scan URL
Title: Soldi
Search URL Search Domain Scan URL
Title: Usa-Cina, si riaccende la tensione: Trump pensa a nuovi dazi
Search URL Search Domain Scan URL
Title: Ue e aiuti di Stato, alla Germania la fetta più grossa
Search URL Search Domain Scan URL
Title: Sommerso, illegalità , scalate: ecco i rischi post pandemia
Search URL Search Domain Scan URL
Title: Chi siamo
Search URL Search Domain Scan URL
Title: Note legali
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Title: Libero Easy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
67 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.html
urikiq.tk/ret/ip/libero-file-chi/libero-file/ |
33 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp4ads-host-v0.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nlsSDK600.bundle.min.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
164 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PB842EDC3-BDDA-4494-9CDE-8B0150370A55.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
27 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
43 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
placeholders.min.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adv_library3_https.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
61 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iolobj-geo.php
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
0 177 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adv_lib_login_2step_v2.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translateelement.css
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iolobj-rc-write.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
780 B 475 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f.txt
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
109 B 325 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f(1).txt
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
109 B 325 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020042703.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
238 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-quifinanza.png
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bollette-energia.jpg
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trump_1217.jpg
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
merkel-schauble_1217.jpg
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
euro-bonus-1.jpg
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
44 B 250 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracking_login-libero-it.min.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
3 KB 844 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IOL.Analytics.Tracking.min.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
32 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_24dp.png
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
825 B 1013 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
callback=iol.dmp.getProfile
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
83 B 311 B |
Script
application/vnd.tcpdump.pcap |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iolobj-rc-read.js
geoisp.libero.it/ioladv/ |
798 B 748 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
78 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saved_resource.html
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
52 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-quifinanza.jpg
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
135 KB 136 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
5 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
divisorio.png
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m
secure-it.imrworldwide.com/cgi-bin/ |
44 B 597 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wt
italiaonline01.wt-eu02.net/215973748390194/ |
43 B 901 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
sb.scorecardresearch.com/ |
0 191 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saved_resource(1).html
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 3F91 |
745 B 682 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls.html
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame FD88 |
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame A7F8 |
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ads.js
i.plug.it/iplug/js/lib/iol/analytics/ads/adv/ Frame DC9A |
25 B 396 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ads.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 3F91 |
25 B 221 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.it/adsid/ |
107 B 792 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 549 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020042703.js
securepubads.g.doubleclick.net/gpt/ |
238 KB 86 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
amp4ads-v0.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
amp4ads-v0.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
amp-ad-exit-0.1.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
amp-analytics-0.1.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
amp-fit-text-0.1.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
amp-form-0.1.js
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css(1)
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
downsize_200k_v1
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
16 KB 16 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
downsize_200k_v1(1)
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
12 KB 12 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adview
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
0 187 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
0 187 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
it.png
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/ Frame 6A49 |
295 B 483 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
31 B 669 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 6A49 |
213 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iolobj-geo.php
geoisp.libero.it/ioladv/ |
0 388 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iolobj-rc-write.js
geoisp.virgilio.it/ioladv/ |
780 B 792 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iolobj-rc-write.js
geoisp.libero.it/ioladv/ |
778 B 843 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
callback=iol.dmp.getProfile
ad.crwdcntrl.net/5/c=6199/pe=y/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- urikiq.tk
- URL
- https://urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/amp4ads-v0.js
- Domain
- urikiq.tk
- URL
- https://urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/amp4ads-v0.js
- Domain
- urikiq.tk
- URL
- https://urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/amp-ad-exit-0.1.js
- Domain
- urikiq.tk
- URL
- https://urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/amp-analytics-0.1.js
- Domain
- urikiq.tk
- URL
- https://urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/amp-fit-text-0.1.js
- Domain
- urikiq.tk
- URL
- https://urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/amp-form-0.1.js
- Domain
- urikiq.tk
- URL
- https://urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/css
- Domain
- urikiq.tk
- URL
- https://urikiq.tk/ret/ip/libero-file-chi/libero-file/RET_URL/css(1)
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Libero (Online)88 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| ampInaboxPendingMessages function| _typeof object| NOLBUNDLE object| ns object| paramsPassed object| stateObject string| BUILDVERSION object| stateEvents function| $ function| jQuery object| Placeholders string| crtg_nid object| iol_adv_config number| adv_latency object| adv_fup boolean| adv_getfup_exist boolean| adv_new_getfup_exist number| adv_ts_now number| adv_ts_limit number| adv_ts_co number| adv_profile string| adv_prof_cookie function| jiot_tgt object| iol function| iolAdjustMasthead object| IOLOBJ object| UTL function| getFup string| hostName object| IOLAdv object| googletag number| adv_pagewidth number| adv_pageheight string| adv_adunit1 string| adv_adunit2 string| adv_adunit3 string| adv_adunit4 object| adv_testnum object| adv_slots function| adv_getParameterByName function| adv_setCookie function| adv_getCookie string| key function| Fingerprint function| letter_or_dot function| do_text_select function| Autocomplete object| arrValues function| checkparams function| showMpu function| get_editorial function| show_editorial undefined| nSdkInstancestatic undefined| rnd undefined| nielsenMetadata string| iol_login_page_id object| iol_analytics_tracking_conf object| IOL object| iat object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState boolean| google_plmetrics object| google_js_reporting_queue function| processGoogleToken number| google_srt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| adv_region string| adv_LIB_ADV_D object| adv_lauds_str object| google_tag_data object| dt4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
italiaonline01.wt-eu02.net/215973748390194 | Name: wteid_215973748390194 Value: 4166909021600594418 |
|
italiaonline01.wt-eu02.net/215973748390194 | Name: wtsid_215973748390194 Value: 1 |
|
italiaonline01.wt-eu02.net/ | Name: wt_nbg_Q3 Value: !bsLNpQPKeodyuHfpjGYh4zwSUbWZoEmeuDYC8bRgJjE++HmVUCrd8ABWFmHTf0yloDszv33pB8O99g== |
|
.urikiq.tk/ | Name: fup_sess Value: gcrl=0|gic=0|gip=0|gis=0|lic=0|lip=0|lir=0|sfe=0|spr=0|sse=0|g4=0|exp=0|ts=0|dm=0|id=0|tsi=0|ext=7d7b |
14 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.crwdcntrl.net
adservice.google.com
adservice.google.it
cdn-gl.imrworldwide.com
fonts.googleapis.com
fonts.gstatic.com
geoisp.libero.it
geoisp.virgilio.it
i.plug.it
italiaonline01.wt-eu02.net
sb.scorecardresearch.com
secure-it.imrworldwide.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
urikiq.tk
www.googletagservices.com
www.gstatic.com
urikiq.tk
13.32.121.37
13.32.99.92
185.174.174.220
185.54.150.20
213.209.30.12
213.209.30.13
2600:9000:2240:8e00:2:42d9:3100:93a1
2a00:1450:4001:800::2001
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
52.18.65.0
52.49.92.250
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0718476f9aeec1cbd746c569d6768a28c021163de52ceb5c7d89005484f16b8e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09e63fb20d7667032db4289f4d2961a7ab6f7a1db54429ec15de44d2cb36ee38
0b81261159442100ce43124ee50d7e5d6c38ff4f920ab49529e53e037359cd07
0c815b93cf68fc9a234ec06fc29143fb1f7ee2c5147ee9b1ae96bc27aa86fe67
1318bb19d5c043f91eccf38cf61259a381a11d67dc7e82c710640b3d737668f0
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
217e158d901d47ec94b28466038af75971a2dae08911376421decb0003c131ba
227c693ced65c27d662fe5af78c2327e595efcac359b2f98db34a31e529458ae
22bdb541ccc27fa09ef0c8fbfaa10af8b74389833f8d4c793ae0c67113852abe
239537ff30411d0ce5f1abf7618fed9bdcc53a9e42b6939b6ab7f44d1e4c3cb6
2f3c35573e458ee67c3bf48f9a36739e5a9e9fb6f00fbb6d94a6f976405e74bc
38cb477c74252deb0c2b28ec418c40931fc4b7af7aa4c709d23de2e9669f8cf3
39a3257252a3c0d4c9e71ab27f53fbe417c2ef5d239f95c8324ac80ea0956cae
478d8454ef8538957447fcd3cee65aaa8ad99312dde1f668b5a5edbba3d62a4a
4c74bec793cc176f171cbb519ab9927380038f7069aacaa914d97a4b1036c966
4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e0ce1ecb037a40493dca6b0f837e3d6d9f626a961f655cbe88c52da726940f6
5345c5d5b7d091e17fdf259bc784006747af659e9d36c986955b0fe00ac94451
54ea3b729d9ff4a499d3bf59b0497606ceb27b7100c60d74d28467224f3983f9
5b412a04ee9192021dee4e44825091ba9aba90c25d74fd408c4e1ec6cb96f417
5c73361cf0d42bc7a27dc2d2d719bf7a67d19b36348319e4b3ab8b4eb4942d08
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
7fa57658b48982d12122a10667edae7fe767d680cdd765d33d99ae601f37b0f0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
89d281be2d8967fc0d0384fc39c6822c9a86e5241dd5402eeb8041aaa05980da
8a70926e2c3072a83a7e02bb3295dff12a38f09861612c6f56330b4c6a0f421c
a402c060c0bbf42c1e71e7c8f5e2014e07f6e5cfa864e9b9b210ec055cdcfd6c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ad0c1aa72c81f8f2496b8ca6ee3ef556841d7b6cdd4d1b82a283c4acea7408b6
ae2323fd1e7a18bca17755b2e4e1888f40b02ba7b43e325579bbddcd38a4c134
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20af253f695d7d71bf3f07542018a7c3eae0df7f7896109f30c9943a47a19d7
b3f392efe66c1876a969859568d987ca446d619599def829eaa42733861708e6
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
bb631cb41d70ab6f8a07ab80b053676bca8589e7e1d835827f30e1bffbed91c5
bd001d99ff7ee1fa2d4e75fcc8b1b1f15ebfff759a33fbac6164c76596a5b9e8
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c7c5866bd803a7e09f3290be34496f42fe89547cf203367f25a1a5e8cf633ed2
d1db6076a2a74744fd67f947dec7be38235e7aa5a63ef45a1b6beeefb38f38cd
dbe14e84c72c10e3e0f617106c96939258781c82b14089edddd472579f7bfacd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72563537754aafd3bb45b495360d16020dc6978b117211d5eb965d4dbdd0021
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615