all4you.icbpi.it
Open in
urlscan Pro
193.41.178.224
Malicious Activity!
Public Scan
URL:
https://all4you.icbpi.it/
Submission: On January 12 via api from US — Scanned from US
Submission: On January 12 via api from US — Scanned from US
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 14 HTTP transactions.
The main IP is 193.41.178.224, located in
Italy and
belongs to EQUENSWORLDLINE Via Zurigo, 3, IT.
The main domain is all4you.icbpi.it.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 7th 2022. Valid for: a year.
This is the only time all4you.icbpi.it was scanned on urlscan.io!
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 7th 2022. Valid for: a year.
This is the only time all4you.icbpi.it was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nexi (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 14 | 193.41.178.224 193.41.178.224 | 16177 (EQUENSWOR...) (EQUENSWORLDLINE Via Zurigo) | |
| 14 | 1 |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 14 |
icbpi.it
all4you.icbpi.it |
393 KB |
| 14 | 1 |
| Domain | Requested by | |
|---|---|---|
| 14 | all4you.icbpi.it |
all4you.icbpi.it
|
| 14 | 1 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.nexi.it |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| all4you.icbpi.it DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-07 - 2023-04-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://all4you.icbpi.it/
Frame ID: 73374CA453A051451C3F83B5B700961E
Requests: 14 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.nexi.it/accedi.html
Title: Cambia portale
Title: Cambia portale
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
all4you.icbpi.it/ |
10 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
open-sans.css
all4you.icbpi.it/index_files/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.css
all4you.icbpi.it/index_files/ |
119 KB 119 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap-responsive.css
all4you.icbpi.it/index_files/ |
21 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootmetro.css
all4you.icbpi.it/index_files/ |
46 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
xportal-main.css
all4you.icbpi.it/index_files/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
card.css
all4you.icbpi.it/index_files/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo--light-double.svg
all4you.icbpi.it/index_files/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logoAll4You.png
all4you.icbpi.it/index_files/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logoNexi.png
all4you.icbpi.it/index_files/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logoBFFBank.png
all4you.icbpi.it/index_files/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OpenSans-Light.woff2
all4you.icbpi.it/index_files/fonts/Light/ |
45 KB 45 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OpenSans-Bold.woff2
all4you.icbpi.it/index_files/fonts/Bold/ |
46 KB 46 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OpenSans-Regular.woff2
all4you.icbpi.it/index_files/fonts/Regular/ |
46 KB 46 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nexi (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=0; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
all4you.icbpi.it
193.41.178.224
05d2d0b000c2c963197652ef46e485bb81cfd44b7328eb2c47be1282bf2f9264
0a083904b5d5f836df791832a93dfa0bfae0014b5d769776b35a46c965a1ce66
211b1af59714094c51649043b7b7e265b0335ac490e29e794cd8151565a97c9e
4af8fbd3af12af0e1c41b265a739c7638c6998c903259edac6eb85fdbdd8f162
502cd2b071f102d549b4d6863d923e4231450ca971bfdd60b2489d8163399553
511490e450cd7908ef84437bcf3e1679fb4382af2acbfc756a96ff4245fee928
5c1f54ca8eef30134b982ad229a441645d3f83f0d77f6f215006f5d0db404154
641aab96e6fa55ea450c988e4bf023a2223c9768c97605551b7c75e3c4af024e
7234b8f074dc2090ddf0d24a53007503d2b686f53dc2e9de1565d8784101cfde
a94e3a311ef7f130c84122ec85ca029a17dbebc7c476be161b35a1fa2114639a
aa8e206914e0f0e8c6a7a3bc339c8e6a3b3bf0e096e64c01f224cd0ec2ebf338
adc76089f29e47c5c60078f4eca1b4ca61fe85ceb808c8d8b27719cbf3922e19
c37a1253313f01ecf7b8d5ac83025a8059d161d955ecbe5254c99d4edf6989fc
c80f499ce98ff2254e8bffcfa18aaded62a4cd9bec320ba2943b431f753e317c