www.portale-clienti-wb.com Open in urlscan Pro
68.65.123.125 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.portale-clienti-wb.com/
Submission: On July 28 via automatic, source certstream-suspicious (July 28th 2021, 4:53:13 pm UTC)

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 68.65.123.125, located in United States and belongs to NAMECHEAP-NET, US. The main domain is www.portale-clienti-wb.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 28th 2021. Valid for: a year.

This is the only time www.portale-clienti-wb.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banca Widiba (Banking)

Domain & IP information

	IP Address	AS Autonomous System
11	68.65.123.125 68.65.123.125	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	54.225.165.85 54.225.165.85	14618 (AMAZON-AES) (AMAZON-AES)
12	2

11 68.65.123.125 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server276-3.web-hosting.com

www.portale-clienti-wb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.225.165.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-165-85.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	portale-clienti-wb.com www.portale-clienti-wb.com	1 MB
1	ipify.org api.ipify.org	265 B
12	2

	Domain	Requested by
11	www.portale-clienti-wb.com	www.portale-clienti-wb.com
1	api.ipify.org	www.portale-clienti-wb.com
12	2

This site contains no links.

Subject Issuer	Validity	Valid
portale-clienti-wb.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-28` - `2022-07-28`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.portale-clienti-wb.com/
Frame ID: 9A146890E878F4DD106F154E636CC470
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1246 kB
Transfer

1323 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.portale-clienti-wb.com/	7 KB 2 KB	558ms 176ms	Document text/html	68.65.123.125 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.portale-clienti-wb.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.123.125 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server276-3.web-hosting.com Software LiteSpeed / Express Resource Hash `9f114ec5c1625c4807abdf52230476a42def908b9fad89d3cc3450fb580f5a1f` Request headers :method GET :authority www.portale-clienti-wb.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by Express content-type text/html; charset=utf-8 etag W/"1b98-b+zqIV8H2vpV+gPbxNRLBs3587o" content-length 1993 content-encoding br vary Accept-Encoding date Wed, 28 Jul 2021 16:52:51 GMT server LiteSpeed x-turbo-charged-by LiteSpeed
GET H2	200	style.css www.portale-clienti-wb.com/data/css/	11 KB 2 KB	174ms 173ms	Stylesheet text/css	68.65.123.125 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.portale-clienti-wb.com/data/css/style.css Requested by Host: www.portale-clienti-wb.com URL: https://www.portale-clienti-wb.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.123.125 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server276-3.web-hosting.com Software LiteSpeed / Resource Hash `018647f6f9dd665e3ea65cf7a8547f4cee7203961164857671026d887780cb24` Request headers :path /data/css/style.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.portale-clienti-wb.com referer https://www.portale-clienti-wb.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.portale-clienti-wb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 16:52:51 GMT content-encoding br last-modified Wed, 28 Jul 2021 16:48:41 GMT server LiteSpeed vary Accept-Encoding content-type text/css x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 2265
GET H2	200	reset.css www.portale-clienti-wb.com/data/css/	1 KB 721 B	174ms 173ms	Stylesheet text/css	68.65.123.125 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.portale-clienti-wb.com/data/css/reset.css Requested by Host: www.portale-clienti-wb.com URL: https://www.portale-clienti-wb.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.123.125 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server276-3.web-hosting.com Software LiteSpeed / Resource Hash `80681ee96bf9b8f5af311ebffa8cfdc56398c94e99ef73bacf1b4a9482a71f58` Request headers :path /data/css/reset.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.portale-clienti-wb.com referer https://www.portale-clienti-wb.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.portale-clienti-wb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 16:52:51 GMT content-encoding br last-modified Wed, 28 Jul 2021 16:48:38 GMT server LiteSpeed vary Accept-Encoding content-type text/css x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 547
GET H2	200	spinner.css www.portale-clienti-wb.com/data/css/	4 KB 645 B	174ms 174ms	Stylesheet text/css	68.65.123.125 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.portale-clienti-wb.com/data/css/spinner.css Requested by Host: www.portale-clienti-wb.com URL: https://www.portale-clienti-wb.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.123.125 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server276-3.web-hosting.com Software LiteSpeed / Resource Hash `c99e43af1be3608025ebfc30d287e298d01ebea3ecfb05380155fc53b0626652` Request headers :path /data/css/spinner.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.portale-clienti-wb.com referer https://www.portale-clienti-wb.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.portale-clienti-wb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 16:52:51 GMT content-encoding br last-modified Wed, 28 Jul 2021 16:48:40 GMT server LiteSpeed vary Accept-Encoding content-type text/css x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 471
GET H2	200	jquery-latest.min.js Show response www.portale-clienti-wb.com/cdn/	94 KB 32 KB	175ms 174ms	Script application/javascript	68.65.123.125 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.portale-clienti-wb.com/cdn/jquery-latest.min.js Requested by Host: www.portale-clienti-wb.com URL: https://www.portale-clienti-wb.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.123.125 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server276-3.web-hosting.com Software LiteSpeed / Resource Hash `540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441` Request headers :path /cdn/jquery-latest.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority www.portale-clienti-wb.com referer https://www.portale-clienti-wb.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.portale-clienti-wb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 16:52:51 GMT content-encoding br last-modified Wed, 28 Jul 2021 16:46:46 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 32294
GET H/1.1	200 OK	/ Show response api.ipify.org/	22 B 265 B	519ms 170ms	XHR application/json	54.225.165.85 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: www.portale-clienti-wb.com URL: https://www.portale-clienti-wb.com/cdn/jquery-latest.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.225.165.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-225-165-85.compute-1.amazonaws.com Software Cowboy / Resource Hash `a57f01ab5541bd32ac17e515c89539811c4ccc254180897b0bec4f97b1c07fe0` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://www.portale-clienti-wb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 28 Jul 2021 16:52:52 GMT Via 1.1 vegur Server Cowboy Vary Origin Content-Type application/json Access-Control-Allow-Origin https://www.portale-clienti-wb.com Connection keep-alive Content-Length 22
GET H2	200	slider_3_1024.jpg www.portale-clienti-wb.com/data/	959 KB 959 KB	176ms 175ms	Image image/jpeg	68.65.123.125 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.portale-clienti-wb.com/data/slider_3_1024.jpg Requested by Host: www.portale-clienti-wb.com URL: https://www.portale-clienti-wb.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.123.125 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server276-3.web-hosting.com Software LiteSpeed / Resource Hash `83fb8773d83e604b7dac8e20a3bd49023ff24f4d78440e4d7bafa3f031dde3a1` Request headers :path /data/slider_3_1024.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority www.portale-clienti-wb.com referer https://www.portale-clienti-wb.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.portale-clienti-wb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 16:52:52 GMT last-modified Wed, 28 Jul 2021 16:48:06 GMT x-turbo-charged-by LiteSpeed server LiteSpeed accept-ranges bytes content-length 981743 content-type image/jpeg
GET H2	200	logo_widiba.png www.portale-clienti-wb.com/data/	6 KB 6 KB	174ms 174ms	Image image/png	68.65.123.125 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.portale-clienti-wb.com/data/logo_widiba.png Requested by Host: www.portale-clienti-wb.com URL: https://www.portale-clienti-wb.com/data/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.123.125 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server276-3.web-hosting.com Software LiteSpeed / Resource Hash `df75251542e1f20843bce2dd21bed722c3574dc8461d47927bcab82127c3017e` Request headers :path /data/logo_widiba.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority www.portale-clienti-wb.com referer https://www.portale-clienti-wb.com/data/css/style.css :scheme https sec-fetch-site same-origin :method GET Referer https://www.portale-clienti-wb.com/data/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 16:52:52 GMT last-modified Wed, 28 Jul 2021 16:47:12 GMT x-turbo-charged-by LiteSpeed server LiteSpeed accept-ranges bytes content-length 5866 content-type image/png
GET H2	200	WidibaIcons.woff2 www.portale-clienti-wb.com/data/css/font/	142 KB 142 KB	650ms 648ms	Font font/woff2	68.65.123.125 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.portale-clienti-wb.com/data/css/font/WidibaIcons.woff2 Requested by Host: www.portale-clienti-wb.com URL: https://www.portale-clienti-wb.com/data/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.123.125 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server276-3.web-hosting.com Software LiteSpeed / Resource Hash `fcda0e6429acf5f8a67b92b34e1ca4d95c0eb730b2458bf634456ac0396c36fb` Request headers :path /data/css/font/WidibaIcons.woff2 pragma no-cache origin https://www.portale-clienti-wb.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority www.portale-clienti-wb.com referer https://www.portale-clienti-wb.com/data/css/style.css :scheme https sec-fetch-site same-origin :method GET Origin https://www.portale-clienti-wb.com Referer https://www.portale-clienti-wb.com/data/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 16:52:52 GMT last-modified Wed, 28 Jul 2021 16:48:48 GMT x-turbo-charged-by LiteSpeed server LiteSpeed accept-ranges bytes content-length 145016 content-type font/woff2
GET H2	200	WidibaBook.woff2 www.portale-clienti-wb.com/data/css/font/	33 KB 33 KB	798ms 797ms	Font font/woff2	68.65.123.125 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.portale-clienti-wb.com/data/css/font/WidibaBook.woff2 Requested by Host: www.portale-clienti-wb.com URL: https://www.portale-clienti-wb.com/data/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.123.125 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server276-3.web-hosting.com Software LiteSpeed / Resource Hash `a295fbbaffb14822575e5ddd7b3eb8f1b5e1027d6630e7421a413eebee1b5646` Request headers :path /data/css/font/WidibaBook.woff2 pragma no-cache origin https://www.portale-clienti-wb.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority www.portale-clienti-wb.com referer https://www.portale-clienti-wb.com/data/css/style.css :scheme https sec-fetch-site same-origin :method GET Origin https://www.portale-clienti-wb.com Referer https://www.portale-clienti-wb.com/data/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 16:52:52 GMT last-modified Wed, 28 Jul 2021 16:49:17 GMT x-turbo-charged-by LiteSpeed server LiteSpeed accept-ranges bytes content-length 33980 content-type font/woff2
GET H2	200	WidibaMedium.woff2 www.portale-clienti-wb.com/data/css/font/	40 KB 41 KB	799ms 799ms	Font font/woff2	68.65.123.125 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.portale-clienti-wb.com/data/css/font/WidibaMedium.woff2 Requested by Host: www.portale-clienti-wb.com URL: https://www.portale-clienti-wb.com/data/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.123.125 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server276-3.web-hosting.com Software LiteSpeed / Resource Hash `fc5792b88d8f30c06de4586c415c408d9526cc026d8f85775d3a37afd220b5f3` Request headers :path /data/css/font/WidibaMedium.woff2 pragma no-cache origin https://www.portale-clienti-wb.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority www.portale-clienti-wb.com referer https://www.portale-clienti-wb.com/data/css/style.css :scheme https sec-fetch-site same-origin :method GET Origin https://www.portale-clienti-wb.com Referer https://www.portale-clienti-wb.com/data/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 16:52:52 GMT last-modified Wed, 28 Jul 2021 16:48:51 GMT x-turbo-charged-by LiteSpeed server LiteSpeed accept-ranges bytes content-length 41440 content-type font/woff2
GET H2	200	WidibaLight.woff2 www.portale-clienti-wb.com/data/css/font/	27 KB 27 KB	804ms 804ms	Font font/woff2	68.65.123.125 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.portale-clienti-wb.com/data/css/font/WidibaLight.woff2 Requested by Host: www.portale-clienti-wb.com URL: https://www.portale-clienti-wb.com/data/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.123.125 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server276-3.web-hosting.com Software LiteSpeed / Resource Hash `fb9e48da83476dac714f9e8f71c712013de932d93c732cc9c78868f738a1c0ed` Request headers :path /data/css/font/WidibaLight.woff2 pragma no-cache origin https://www.portale-clienti-wb.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority www.portale-clienti-wb.com referer https://www.portale-clienti-wb.com/data/css/style.css :scheme https sec-fetch-site same-origin :method GET Origin https://www.portale-clienti-wb.com Referer https://www.portale-clienti-wb.com/data/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 16:52:52 GMT last-modified Wed, 28 Jul 2021 16:48:49 GMT x-turbo-charged-by LiteSpeed server LiteSpeed accept-ranges bytes content-length 27664 content-type font/woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banca Widiba (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
www.portale-clienti-wb.com
54.225.165.85
68.65.123.125
018647f6f9dd665e3ea65cf7a8547f4cee7203961164857671026d887780cb24
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
80681ee96bf9b8f5af311ebffa8cfdc56398c94e99ef73bacf1b4a9482a71f58
83fb8773d83e604b7dac8e20a3bd49023ff24f4d78440e4d7bafa3f031dde3a1
9f114ec5c1625c4807abdf52230476a42def908b9fad89d3cc3450fb580f5a1f
a295fbbaffb14822575e5ddd7b3eb8f1b5e1027d6630e7421a413eebee1b5646
a57f01ab5541bd32ac17e515c89539811c4ccc254180897b0bec4f97b1c07fe0
c99e43af1be3608025ebfc30d287e298d01ebea3ecfb05380155fc53b0626652
df75251542e1f20843bce2dd21bed722c3574dc8461d47927bcab82127c3017e
fb9e48da83476dac714f9e8f71c712013de932d93c732cc9c78868f738a1c0ed
fc5792b88d8f30c06de4586c415c408d9526cc026d8f85775d3a37afd220b5f3
fcda0e6429acf5f8a67b92b34e1ca4d95c0eb730b2458bf634456ac0396c36fb

www.portale-clienti-wb.com Open in urlscan Pro 68.65.123.125 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1246 kBTransfer

1323 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

0 Cookies

Indicators

www.portale-clienti-wb.com Open in urlscan Pro
68.65.123.125 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1246 kB
Transfer

1323 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!