festivalmadiba.com
Open in
urlscan Pro
209.159.155.172
Malicious Activity!
Public Scan
Submission: On August 11 via manual from IT
Summary
This is the only time festivalmadiba.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nexi (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 209.159.155.172 209.159.155.172 | 19318 (IS-AS-1) (IS-AS-1) | |
13 | 151.99.162.64 151.99.162.64 | 3269 (ASN-IBSNAZ) (ASN-IBSNAZ) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 4 | 2a00:1450:400... 2a00:1450:4001:816::200e | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 2a00:1450:400... 2a00:1450:400c:c00::9a | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:800::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81a::2003 | 15169 (GOOGLE) (GOOGLE) | |
30 | 7 |
ASN19318 (IS-AS-1, US)
PTR: globexcam.com
festivalmadiba.com |
ASN3269 (ASN-IBSNAZ, IT)
PTR: host-151-99-162-64.business.telecomitalia.it
nexi.it | |
www.nexi.it |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
nexi.it
nexi.it www.nexi.it privati.nexi.it Failed |
2 MB |
5 |
festivalmadiba.com
festivalmadiba.com |
138 KB |
4 |
google-analytics.com
2 redirects
www.google-analytics.com |
20 KB |
2 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
253 B |
1 |
google.de
www.google.de |
106 B |
1 |
google.com
1 redirects
www.google.com |
170 B |
1 |
googletagmanager.com
www.googletagmanager.com |
71 KB |
30 | 7 |
Domain | Requested by | |
---|---|---|
7 | nexi.it |
festivalmadiba.com
|
6 | www.nexi.it |
festivalmadiba.com
|
5 | festivalmadiba.com |
festivalmadiba.com
nexi.it |
4 | www.google-analytics.com |
2 redirects
www.googletagmanager.com
www.google-analytics.com |
2 | stats.g.doubleclick.net |
1 redirects
festivalmadiba.com
|
1 | www.google.de |
festivalmadiba.com
|
1 | www.google.com | 1 redirects |
1 | www.googletagmanager.com |
festivalmadiba.com
|
0 | privati.nexi.it Failed |
festivalmadiba.com
|
30 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
apps.apple.com |
play.google.com |
privati.nexi.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.nexi.it GlobalSign RSA OV SSL CA 2018 |
2020-06-08 - 2021-07-25 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://festivalmadiba.com/-/manage/
Frame ID: 3214DD1B30D1C6E0A05A4807100D305E
Requests: 30 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: REGISTRATI
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 21- https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1958358707&t=pageview&_s=1&dl=http%3A%2F%2Ffestivalmadiba.com%2F-%2Fmanage%2F&ul=en-us&de=UTF-8&dt=Area%20Personale&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAL~&jid=860130203&gjid=1301105172&cid=712609947.1597131082&tid=UA-3681719-9&_gid=80907654.1597131082&_r=1>m=2wg871P76R79S&z=219682351 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3681719-9&cid=712609947.1597131082&jid=860130203&_gid=80907654.1597131082&gjid=1301105172&_v=j83&z=219682351
- https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1958358707&t=event&ni=0&_s=1&dl=http%3A%2F%2Ffestivalmadiba.com%2F-%2Fmanage%2F&ul=en-us&de=UTF-8&dt=Area%20Personale&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Login&ea=login%20message&el=Area%20Personale&_u=aGDAAEAL~&jid=2085923588&gjid=746999098&cid=712609947.1597131082&tid=UA-3681719-1&_gid=80907654.1597131082&_r=1>m=2wg871P76R79S&cd25=not-set&z=2136002614 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3681719-1&cid=712609947.1597131082&jid=2085923588&_gid=80907654.1597131082&gjid=746999098&_v=j83&z=2136002614 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3681719-1&cid=712609947.1597131082&jid=2085923588&_v=j83&z=2136002614 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3681719-1&cid=712609947.1597131082&jid=2085923588&_v=j83&z=2136002614&slf_rd=1&random=1027819385
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
festivalmadiba.com/-/manage/ |
767 KB 113 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
nexi.it/etc/designs/nexi/clientlib-node/ |
555 KB 103 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.4.1.min.js
nexi.it/etc/designs/icbpi-common/libs/ |
165 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo--light-double.svg
nexi.it/content/dam/nexi/new-login-2019/loghi/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app_store.svg
nexi.it/content/dam/nexi/new-login-2019/icons/ |
15 KB 16 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google_play.svg
nexi.it/content/dam/nexi/new-login-2019/icons/ |
25 KB 25 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
389 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-close.svg
www.nexi.it/content/dam/nexi/img/icone/svg/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-phone.svg
www.nexi.it/content/dam/nexi/img/icone/svg/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-close-white.svg
www.nexi.it/content/dam/nexi/img/icone/svg/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-phone-warning-white.svg
www.nexi.it/content/dam/nexi/img/icone/svg/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-down-blue.svg
www.nexi.it/content/dam/nexi/img/icone/svg/ |
898 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-blocked.svg
www.nexi.it/content/dam/nexi/img/icone/svg/ |
935 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.js
nexi.it/etc/designs/nexi/clientlib-node/ |
534 KB 206 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
content.ckscript.js
festivalmadiba.com/cookieservice/nexi-it/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
festivalmadiba.com/cookieservice/nexi-it/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
placeholder_login_portale_privati.png
festivalmadiba.com/content/dam/nexi/new-login-2019/img/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
karbon-regular-webfont.woff
nexi.it/etc/designs/nexi/clientlib-node/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
karbon-medium-webfont.woff
nexi.it/etc/designs/nexi/clientlib-node/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
karbon-semibold-webfont.woff
nexi.it/etc/designs/nexi/clientlib-node/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
it.navs.json
festivalmadiba.com/content/nexi/ |
59 KB 15 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
placeholder_login_portale_privati.png
nexi.it/content/dam/nexi/new-login-2019/img/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
KarbonApp-Regular.ttf
nexi.it/etc/designs/nexi/clientlib-node/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
KarbonApp-Medium.ttf
nexi.it/etc/designs/nexi/clientlib-node/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
KarbonApp-Semibold.ttf
nexi.it/etc/designs/nexi/clientlib-node/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
card-holder-name
privati.nexi.it/api/services/login/auth/prelogin/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- nexi.it
- URL
- https://nexi.it/etc/designs/nexi/clientlib-node/fonts/karbon-regular-webfont.woff
- Domain
- nexi.it
- URL
- https://nexi.it/etc/designs/nexi/clientlib-node/fonts/karbon-medium-webfont.woff
- Domain
- nexi.it
- URL
- https://nexi.it/etc/designs/nexi/clientlib-node/fonts/karbon-semibold-webfont.woff
- Domain
- nexi.it
- URL
- https://nexi.it/etc/designs/nexi/clientlib-node/fonts/KarbonApp-Regular.ttf
- Domain
- nexi.it
- URL
- https://nexi.it/etc/designs/nexi/clientlib-node/fonts/KarbonApp-Medium.ttf
- Domain
- nexi.it
- URL
- https://nexi.it/etc/designs/nexi/clientlib-node/fonts/KarbonApp-Semibold.ttf
- Domain
- privati.nexi.it
- URL
- https://privati.nexi.it/api/services/login/auth/prelogin/card-holder-name
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nexi (Banking)27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| dataLayer function| $ function| jQuery boolean| wcmmode_disabled object| htmlBoxFunctionsArray object| resources function| webpackJsonp object| __core-js_shared__ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| Swiper object| sessionStores object| Modernizr object| picturefillCFG function| picturefill object| browser boolean| cancellable function| getNavs function| scrollToElement function| onYouTubeIframeAPIReady function| gRecaptchaCallBack function| gRecaptchaExpiredCallBack1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
festivalmadiba.com/ | Name: PHPSESSID Value: e1ea51a351ee056a122a5108a04b9239 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
festivalmadiba.com
nexi.it
privati.nexi.it
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.nexi.it
nexi.it
privati.nexi.it
151.99.162.64
209.159.155.172
2a00:1450:4001:800::2004
2a00:1450:4001:816::200e
2a00:1450:4001:81a::2003
2a00:1450:4001:821::2008
2a00:1450:400c:c00::9a
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0782db734196502aadc1290a8c2a53281336318542ffcec1fcea983e38ab1385
1e16f326687e127fd80ced420d9aa0834f4447ce02509722546b533e4f4c4d94
32cde70fcb4ed6949904cec5ef9065adce2196b3e8216bb5874019a9efe96edd
54466dfe7a775e83a59173a3dddd4f3b4389018346c98d1cb6b73638d0c89a8f
5e3c6b5c51b5fbf7691fa5d0adbcd05be694548d5f03aee7d59d7a8b092b5d27
76c3bae7e3ae1a522de1e1a72c4d2160fed837c1a7310e198135214e2c525e8d
7b840ef79576fad09d9212a81a4441ca420f86cad933786c5bb3eba71963b1f4
7e6f9ccce4ea514b53fb258d72b5682c74d1e81ef9148d3c406fbd03cfd56919
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861a4758d8d84ee664daa9cebfccf9aa3ab671f213484cb1f5e9ce586670a89b
8a04f884f0e2ecc9ea64b9375045b94b1e1fb277ca45f7c2efb6297e2fe2682d
92751c1749c593c1ad2a7b61ff640b0dbb1a4c32db1981a523e5432cc35a029f
c37a1253313f01ecf7b8d5ac83025a8059d161d955ecbe5254c99d4edf6989fc
c8e1f312e86564f3d293bb04806f55d4296cc3342321655bb738d7d61eeeef22
d5ded7a91066c885b90252eb9849575a6c2f2e9c87d8748c496af886b731d3f8
eb909a585066e35d8d4f9a107206853501dd64a0eead1172909ba58ec8594b3a
ed313341bbd73a61ddacf268f494c9f85cb84e46f8954bde8a5260e21174f340
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1926ee7a205ed96afdd1b8a74d845d21a64dadb6ef76e672558e5b84b58274c
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955