www.portale-clienti-wb.com
Open in
urlscan Pro
68.65.123.125
Malicious Activity!
Public Scan
Submission: On July 28 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 28th 2021. Valid for: a year.
This is the only time www.portale-clienti-wb.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banca Widiba (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 68.65.123.125 68.65.123.125 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 54.225.165.85 54.225.165.85 | 14618 (AMAZON-AES) (AMAZON-AES) | |
12 | 2 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server276-3.web-hosting.com
www.portale-clienti-wb.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-165-85.compute-1.amazonaws.com
api.ipify.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
portale-clienti-wb.com
www.portale-clienti-wb.com |
1 MB |
1 |
ipify.org
api.ipify.org |
265 B |
12 | 2 |
Domain | Requested by | |
---|---|---|
11 | www.portale-clienti-wb.com |
www.portale-clienti-wb.com
|
1 | api.ipify.org |
www.portale-clienti-wb.com
|
12 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
portale-clienti-wb.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-28 - 2022-07-28 |
a year | crt.sh |
*.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2021-01-19 - 2022-02-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.portale-clienti-wb.com/
Frame ID: 9A146890E878F4DD106F154E636CC470
Requests: 12 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.portale-clienti-wb.com/ |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.portale-clienti-wb.com/data/css/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
www.portale-clienti-wb.com/data/css/ |
1 KB 721 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner.css
www.portale-clienti-wb.com/data/css/ |
4 KB 645 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-latest.min.js
www.portale-clienti-wb.com/cdn/ |
94 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api.ipify.org/ |
22 B 265 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slider_3_1024.jpg
www.portale-clienti-wb.com/data/ |
959 KB 959 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_widiba.png
www.portale-clienti-wb.com/data/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WidibaIcons.woff2
www.portale-clienti-wb.com/data/css/font/ |
142 KB 142 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WidibaBook.woff2
www.portale-clienti-wb.com/data/css/font/ |
33 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WidibaMedium.woff2
www.portale-clienti-wb.com/data/css/font/ |
40 KB 41 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WidibaLight.woff2
www.portale-clienti-wb.com/data/css/font/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banca Widiba (Banking)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| getMobileOperatingSystem object| jQuery111107819327563018070 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.ipify.org
www.portale-clienti-wb.com
54.225.165.85
68.65.123.125
018647f6f9dd665e3ea65cf7a8547f4cee7203961164857671026d887780cb24
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
80681ee96bf9b8f5af311ebffa8cfdc56398c94e99ef73bacf1b4a9482a71f58
83fb8773d83e604b7dac8e20a3bd49023ff24f4d78440e4d7bafa3f031dde3a1
9f114ec5c1625c4807abdf52230476a42def908b9fad89d3cc3450fb580f5a1f
a295fbbaffb14822575e5ddd7b3eb8f1b5e1027d6630e7421a413eebee1b5646
a57f01ab5541bd32ac17e515c89539811c4ccc254180897b0bec4f97b1c07fe0
c99e43af1be3608025ebfc30d287e298d01ebea3ecfb05380155fc53b0626652
df75251542e1f20843bce2dd21bed722c3574dc8461d47927bcab82127c3017e
fb9e48da83476dac714f9e8f71c712013de932d93c732cc9c78868f738a1c0ed
fc5792b88d8f30c06de4586c415c408d9526cc026d8f85775d3a37afd220b5f3
fcda0e6429acf5f8a67b92b34e1ca4d95c0eb730b2458bf634456ac0396c36fb