nexi-verifica-servizio-nexipay.highersitedev.com Open in urlscan Pro
173.231.222.126 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/
Submission: On October 05 via manual (October 5th 2020, 7:31:25 am UTC) from IT

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 173.231.222.126, located in Los Angeles, United States and belongs to INMOTI-1, US. The main domain is nexi-verifica-servizio-nexipay.highersitedev.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 2nd 2020. Valid for: 3 months.

This is the only time nexi-verifica-servizio-nexipay.highersitedev.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nexi (Banking)

Domain & IP information

	IP Address		AS Autonomous System
15	173.231.222.126 173.231.222.126		54641 (INMOTI-1) (INMOTI-1)
15	1

15 173.231.222.126 (Los Angeles, United States)

ASN54641 (INMOTI-1, US)
PTR: vps48845.servconfig.com

nexi-verifica-servizio-nexipay.highersitedev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	highersitedev.com nexi-verifica-servizio-nexipay.highersitedev.com	2 MB
15	1

	Domain	Requested by
15	nexi-verifica-servizio-nexipay.highersitedev.com	nexi-verifica-servizio-nexipay.highersitedev.com
15	1

This site contains no links.

Subject Issuer	Validity	Valid
nexi-verifica-servizio-nexipay.highersitedev.com cPanel, Inc. Certification Authority	`2020-10-02` - `2020-12-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/
Frame ID: FD6F5FB765C7070FC538EC41AD922641
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2320 kB
Transfer

2315 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/ 355 KB
356 KB 3136ms
2636ms Document
text/html 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

bf39562ef205e097b862e2a4d497c65c502df2b07ef0c0cdafca6aacb431f97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: nexi-verifica-servizio-nexipay.highersitedev.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:04 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK clientlib-node-style.css
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/css/ 555 KB
555 KB 137ms
137ms Stylesheet
text/css 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/css/clientlib-node-style.css

Requested by

Host: nexi-verifica-servizio-nexipay.highersitedev.com
URL: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

b0e6eb3384c56d76fd219c9ecf11037dedd5e68742dda797f3ca7e47f62a205a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Mar 2020 08:55:34 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 568227
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK loghi-logo--light-double.svg
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/ 1 KB
2 KB 350ms
139ms Image
image/svg+xml 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/loghi-logo--light-double.svg

Requested by

Host: nexi-verifica-servizio-nexipay.highersitedev.com
URL: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

c37a1253313f01ecf7b8d5ac83025a8059d161d955ecbe5254c99d4edf6989fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Mar 2020 08:55:52 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1476
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icons-app_store.svg
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/ 15 KB
16 KB 395ms
140ms Image
image/svg+xml 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/icons-app_store.svg

Requested by

Host: nexi-verifica-servizio-nexipay.highersitedev.com
URL: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

5e3c6b5c51b5fbf7691fa5d0adbcd05be694548d5f03aee7d59d7a8b092b5d27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Mar 2020 08:55:52 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15816
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icons-google_play.svg
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/ 25 KB
25 KB 393ms
136ms Image
image/svg+xml 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/icons-google_play.svg

Requested by

Host: nexi-verifica-servizio-nexipay.highersitedev.com
URL: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

ed313341bbd73a61ddacf268f494c9f85cb84e46f8954bde8a5260e21174f340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Mar 2020 08:55:52 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 25343
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK nexi-it-style.css
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/css/ 18 KB
18 KB 396ms
138ms Stylesheet
text/css 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/css/nexi-it-style.css

Requested by

Host: nexi-verifica-servizio-nexipay.highersitedev.com
URL: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

da8f1e05131e5d66162cb55a41649268c58aa6c1acac46b996fcacfc99916edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Mar 2020 08:55:42 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 18388
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK svg-icon-close.svg
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/ 2 KB
2 KB 186ms
139ms Image
image/svg+xml 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/svg-icon-close.svg

Requested by

Host: nexi-verifica-servizio-nexipay.highersitedev.com
URL: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

f1926ee7a205ed96afdd1b8a74d845d21a64dadb6ef76e672558e5b84b58274c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Mar 2020 08:55:54 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1576
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK svg-icon-phone.svg
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/ 4 KB
4 KB 140ms
138ms Image
image/svg+xml 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/svg-icon-phone.svg

Requested by

Host: nexi-verifica-servizio-nexipay.highersitedev.com
URL: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

7e6f9ccce4ea514b53fb258d72b5682c74d1e81ef9148d3c406fbd03cfd56919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Mar 2020 08:55:54 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4016
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK svg-icon-close-white.svg
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/ 2 KB
2 KB 135ms
134ms Image
image/svg+xml 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/svg-icon-close-white.svg

Requested by

Host: nexi-verifica-servizio-nexipay.highersitedev.com
URL: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

32cde70fcb4ed6949904cec5ef9065adce2196b3e8216bb5874019a9efe96edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Mar 2020 08:55:54 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1591
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK svg-icon-phone-warning-white.svg
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/ 4 KB
4 KB 141ms
140ms Image
image/svg+xml 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/svg-icon-phone-warning-white.svg

Requested by

Host: nexi-verifica-servizio-nexipay.highersitedev.com
URL: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

c8e1f312e86564f3d293bb04806f55d4296cc3342321655bb738d7d61eeeef22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Mar 2020 08:55:56 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3881
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK svg-ico-down-blue.svg
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/ 898 B
1 KB 135ms
134ms Image
image/svg+xml 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/svg-ico-down-blue.svg

Requested by

Host: nexi-verifica-servizio-nexipay.highersitedev.com
URL: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

d5ded7a91066c885b90252eb9849575a6c2f2e9c87d8748c496af886b731d3f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Mar 2020 08:55:56 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 898
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK placeholder_login_portale_privati.png
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/ 1 MB
1 MB 138ms
136ms Image
image/png 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/images/placeholder_login_portale_privati.png

Requested by

Host: nexi-verifica-servizio-nexipay.highersitedev.com
URL: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

861a4758d8d84ee664daa9cebfccf9aa3ab671f213484cb1f5e9ce586670a89b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Mar 2020 12:37:26 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1291583
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fonts-karbon-regular-webfont.woff
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/fonts/ 24 KB
24 KB 135ms
134ms Font
font/woff 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/fonts/fonts-karbon-regular-webfont.woff

Requested by

Host: nexi-verifica-servizio-nexipay.highersitedev.com
URL: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/css/clientlib-node-style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

ade827343407a2a81168acb91cabc1ed7d83de7010966dd1b7f06f4e0344b9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://nexi-verifica-servizio-nexipay.highersitedev.com
Referer: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/css/clientlib-node-style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Mar 2020 08:55:18 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 24308
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fonts-karbon-medium-webfont.woff
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/fonts/ 24 KB
25 KB 138ms
138ms Font
font/woff 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/fonts/fonts-karbon-medium-webfont.woff

Requested by

Host: nexi-verifica-servizio-nexipay.highersitedev.com
URL: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/css/clientlib-node-style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

4061275193aa1a5245941f7768b307219fc0f86f44dc1cf4d293168b93a72259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://nexi-verifica-servizio-nexipay.highersitedev.com
Referer: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/css/clientlib-node-style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Mar 2020 08:55:16 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 24956
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fonts-karbon-semibold-webfont.woff
nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/fonts/ 24 KB
25 KB 135ms
135ms Font
font/woff 173.231.222.126
INMOTI-1

General

Check archive.org

Show headers Download Go to

Full URL

https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/fonts/fonts-karbon-semibold-webfont.woff

Requested by

Host: nexi-verifica-servizio-nexipay.highersitedev.com
URL: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/css/clientlib-node-style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.231.222.126 Los Angeles, United States, ASN54641 (INMOTI-1, US),

Reverse DNS

vps48845.servconfig.com

Software

Apache /

Resource Hash

0696904b24ea3bdaf9ee857ded71391ccd44d40b84334571a5c5e71f93b4a0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://nexi-verifica-servizio-nexipay.highersitedev.com
Referer: https://nexi-verifica-servizio-nexipay.highersitedev.com/Dichiarazione/Verifica/css/clientlib-node-style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 05 Oct 2020 07:31:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Mar 2020 08:55:22 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 25032
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nexi (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nexi-verifica-servizio-nexipay.highersitedev.com
173.231.222.126
0696904b24ea3bdaf9ee857ded71391ccd44d40b84334571a5c5e71f93b4a0c6
32cde70fcb4ed6949904cec5ef9065adce2196b3e8216bb5874019a9efe96edd
4061275193aa1a5245941f7768b307219fc0f86f44dc1cf4d293168b93a72259
5e3c6b5c51b5fbf7691fa5d0adbcd05be694548d5f03aee7d59d7a8b092b5d27
7e6f9ccce4ea514b53fb258d72b5682c74d1e81ef9148d3c406fbd03cfd56919
861a4758d8d84ee664daa9cebfccf9aa3ab671f213484cb1f5e9ce586670a89b
ade827343407a2a81168acb91cabc1ed7d83de7010966dd1b7f06f4e0344b9e6
b0e6eb3384c56d76fd219c9ecf11037dedd5e68742dda797f3ca7e47f62a205a
bf39562ef205e097b862e2a4d497c65c502df2b07ef0c0cdafca6aacb431f97b
c37a1253313f01ecf7b8d5ac83025a8059d161d955ecbe5254c99d4edf6989fc
c8e1f312e86564f3d293bb04806f55d4296cc3342321655bb738d7d61eeeef22
d5ded7a91066c885b90252eb9849575a6c2f2e9c87d8748c496af886b731d3f8
da8f1e05131e5d66162cb55a41649268c58aa6c1acac46b996fcacfc99916edb
ed313341bbd73a61ddacf268f494c9f85cb84e46f8954bde8a5260e21174f340
f1926ee7a205ed96afdd1b8a74d845d21a64dadb6ef76e672558e5b84b58274c

nexi-verifica-servizio-nexipay.highersitedev.com Open in urlscan Pro 173.231.222.126 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

2320 kBTransfer

2315 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

nexi-verifica-servizio-nexipay.highersitedev.com Open in urlscan Pro
173.231.222.126 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2320 kB
Transfer

2315 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!