www.nexi-accountcliente.it
Open in
urlscan Pro
89.46.107.26
Malicious Activity!
Public Scan
Effective URL: https://www.nexi-accountcliente.it/servizio/
Submission: On June 03 via manual from IT
Summary
TLS certificate: Issued by Actalis Domain Validation Server CA G2 on June 1st 2020. Valid for: a year.
This is the only time www.nexi-accountcliente.it was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nexi (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 134.209.181.152 134.209.181.152 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 11 | 89.46.107.26 89.46.107.26 | 31034 (ARUBA-ASN) (ARUBA-ASN) | |
2 | 151.99.162.64 151.99.162.64 | 3269 (ASN-IBSNAZ) (ASN-IBSNAZ) | |
13 | 3 |
ASN31034 (ARUBA-ASN, IT)
PTR: webx1223.aruba.it
nexi-accountcliente.it | |
www.nexi-accountcliente.it |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
nexi-accountcliente.it
1 redirects
nexi-accountcliente.it www.nexi-accountcliente.it |
138 KB |
2 |
nexi.it
nexi.it www.nexi.it |
1 MB |
13 | 2 |
Domain | Requested by | |
---|---|---|
10 | www.nexi-accountcliente.it |
www.nexi-accountcliente.it
|
1 | www.nexi.it |
www.nexi-accountcliente.it
|
1 | nexi.it |
www.nexi-accountcliente.it
|
1 | nexi-accountcliente.it | 1 redirects |
13 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.nexi-accountcliente.it Actalis Domain Validation Server CA G2 |
2020-06-01 - 2021-06-01 |
a year | crt.sh |
www.nexi.it GlobalSign RSA OV SSL CA 2018 |
2019-12-18 - 2020-06-24 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.nexi-accountcliente.it/servizio/
Frame ID: FE70647E7C75ED30643C461AB676F594
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://134.209.181.152/index1.php Page URL
-
https://nexi-accountcliente.it/servizio/
HTTP 301
https://www.nexi-accountcliente.it/servizio/ Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Ubuntu (Operating Systems) Expand
Detected patterns
- headers server /Ubuntu/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://134.209.181.152/index1.php Page URL
-
https://nexi-accountcliente.it/servizio/
HTTP 301
https://www.nexi-accountcliente.it/servizio/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
index1.php
134.209.181.152/ |
122 B 381 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.nexi-accountcliente.it/servizio/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
nexi.it/etc/designs/nexi/clientlib-node/ |
555 KB 103 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.nexi-accountcliente.it/servizio/LogNexi_files/ |
220 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eva1.css
www.nexi-accountcliente.it/servizio/LogNexi_files/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo--light-double.svg
www.nexi-accountcliente.it/servizio/LogNexi_files/ |
1 KB 979 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app_store.svg
www.nexi-accountcliente.it/servizio/LogNexi_files/ |
15 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google_play.svg
www.nexi-accountcliente.it/servizio/LogNexi_files/ |
25 KB 19 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-blocked.svg
www.nexi-accountcliente.it/servizio/LogNexi_files/ |
196 B 196 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
placeholder_login_portale_privati.png
www.nexi.it//content/dam/nexi/new-login-2019/img/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
karbon-medium-webfont.woff
www.nexi-accountcliente.it/servizio/LogNexi_files/fonts/ |
24 KB 25 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
karbon-regular-webfont.woff
www.nexi-accountcliente.it/servizio/LogNexi_files/fonts/ |
24 KB 24 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
karbon-semibold-webfont.woff
www.nexi-accountcliente.it/servizio/LogNexi_files/fonts/ |
24 KB 25 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nexi (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
nexi-accountcliente.it
nexi.it
www.nexi-accountcliente.it
www.nexi.it
134.209.181.152
151.99.162.64
89.46.107.26
0696904b24ea3bdaf9ee857ded71391ccd44d40b84334571a5c5e71f93b4a0c6
131f0c09495af402c878938ec20d55682580642bcbde1d56c6442603760d5a53
1b09ba179e71a03e07515234958e24211d657d38eee4aa0b74e604c05d6afc3d
4061275193aa1a5245941f7768b307219fc0f86f44dc1cf4d293168b93a72259
54466dfe7a775e83a59173a3dddd4f3b4389018346c98d1cb6b73638d0c89a8f
5e3c6b5c51b5fbf7691fa5d0adbcd05be694548d5f03aee7d59d7a8b092b5d27
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
861a4758d8d84ee664daa9cebfccf9aa3ab671f213484cb1f5e9ce586670a89b
ade827343407a2a81168acb91cabc1ed7d83de7010966dd1b7f06f4e0344b9e6
b417489f23cc7df7637f54c6d41aeaf2798b2e795471ee65c5805285d18fc1d8
bdc6006dabb8772de35790d1279b248e9ee16b6d11b23f8700042f9425d28d9e
c37a1253313f01ecf7b8d5ac83025a8059d161d955ecbe5254c99d4edf6989fc
ed313341bbd73a61ddacf268f494c9f85cb84e46f8954bde8a5260e21174f340