urlscan.io logo urlscan.io
SecurityTrails logo

aletrestauracionyconservacion.com Open in urlscan Pro
154.44.190.9  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMU...
Submission: On April 17 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 24 HTTP transactions. The main IP is 154.44.190.9, located in United States and belongs to COGENT-174, US. The main domain is aletrestauracionyconservacion.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 17th 2021. Valid for: 3 months.
This is the only time aletrestauracionyconservacion.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Unicredit (Banking)

Domain & IP information

IP Address AS Autonomous System
4 154.44.190.9 174 (COGENT-174)
20 80.84.98.66 12428 (UNICREDIT...)
24 2
Domain Requested by
20 at-assets.ucgstatic.eu aletrestauracionyconservacion.com
at-assets.ucgstatic.eu
4 aletrestauracionyconservacion.com aletrestauracionyconservacion.com
24 2

This site contains links to these domains. Also see Links.

Domain
www.bankaustria.at
sicherheit.bankaustria.at
Subject Issuer Validity Valid
aletrestauracionyconservacion.com
cPanel, Inc. Certification Authority		 2021-02-17 -
2021-05-18		 3 months crt.sh
at-assets.ucgstatic.eu
Actalis Organization Validated Server CA G3		 2020-10-06 -
2021-10-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/
Frame ID: 67C62229408F27635366BA850E0AFA29
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8... Page URL
  2. https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1355 kB
Transfer

3213 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/ Page URL
  2. https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJ... 		69 B
496 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
154.44.190.9 , United States, ASN174 (COGENT-174, US),
Reverse DNS
webapp22.iberstation.com
Software
Apache / PHP/5.6.40
Resource Hash
66a9a04c8d01ae04c5f2ecb1ade87945cef58ba1fba3920a6489c3197839ee03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
aletrestauracionyconservacion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:16 GMT
Server
Apache
X-Powered-By
PHP/5.6.40
Cache-Control
max-age=1, private, must-revalidate
Expires
Sat, 17 Apr 2021 19:18:17 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Length
77
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Primary Request Cookie set /
aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJ... 		43 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
154.44.190.9 , United States, ASN174 (COGENT-174, US),
Reverse DNS
webapp22.iberstation.com
Software
Apache / PHP/5.6.40
Resource Hash
8766f53477388370b7819a2d48b34367fe729966b41f0d297f8c1254672ddf6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
aletrestauracionyconservacion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ready=gogo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?

Response headers

Date
Sat, 17 Apr 2021 19:18:16 GMT
Server
Apache
X-Powered-By
PHP/5.6.40
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0 max-age=1, private, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=b5335dd32689a8e1e6150f97c50ace3d; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Length
6780
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
head_at_login.js
at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/ 		1 MB
281 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/head_at_login.js
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
76640a7e083e1d5ccb55e15341b3f79a9ad6466c4e4c4eab3be0e3ead5ac3f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
ETag
"123748"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
application/x-javascript
VTS-H3
GP RM AS
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
X-XSS-Protection
1; mode=block
Expires
Mon, 17 May 2021 19:18:18 GMT
head_at_login.css
at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/ 		1 MB
343 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/head_at_login.css
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
c91d9e35863085bfd55bdf57a8fb44cf6c55dcfbedc259acab6bf1f1bc68a7e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
ETag
"12e346"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/css
VTS-H3
GP RM AS
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=22
X-XSS-Protection
1; mode=block
Expires
Mon, 17 May 2021 19:18:18 GMT
BAMofUC-logo-flat.svg
at-assets.ucgstatic.eu/content/dam/gimb/at/Common%20area/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://at-assets.ucgstatic.eu/content/dam/gimb/at/Common%20area/BAMofUC-logo-flat.svg
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
208b4feaf8e35d6c6cc15eb83133d392297a0723562bc07d584d17bbea505514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Last-Modified
Wed, 31 Mar 2021 09:21:29 GMT
ETag
"243b-5bed1a3d12cd3"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=73
Content-Length
9275
X-XSS-Protection
1; mode=block
login-common.min.160120181900.css
at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-LOGIN/at/css/ 		284 B
846 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-LOGIN/at/css/login-common.min.160120181900.css
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
f1f25ad9f8e560d4435186484b1f6a64984cfe527a7edc0ce221539cd08adb50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
ETag
"11c"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/css
VTS-H3
GP RM AS
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
226
X-XSS-Protection
1; mode=block
Expires
Mon, 17 May 2021 19:18:18 GMT
login.min.160120181900.css
at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-LOGIN/at/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-LOGIN/at/css/login.min.160120181900.css
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
52233e04b02bc65a0829b831984a21aa78be101de2d33e837435890c6239a952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
ETag
"279d"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/css
VTS-H3
GP RM AS
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
2458
X-XSS-Protection
1; mode=block
Expires
Mon, 17 May 2021 19:18:18 GMT
dkStep.min.160120181900.css
at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-LOGIN/at/css/dkLibs/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-LOGIN/at/css/dkLibs/dkStep.min.160120181900.css
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
1e3ee0e0a80fa4ee97e7dfc365a431d2f83ef471193e7460d76dd27357f9e55b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
ETag
"75b"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/css
VTS-H3
GP RM AS
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
539
X-XSS-Protection
1; mode=block
Expires
Mon, 17 May 2021 19:18:18 GMT
dkBase.min.160120181900.js
at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-LOGIN/at/js/dkLibs/ 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-LOGIN/at/js/dkLibs/dkBase.min.160120181900.js
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
d462f8651ada519cae1b742431ecc965f31b9e09e82f085cd370a5eaad59002b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
ETag
"18b21"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
application/x-javascript
VTS-H3
GP RM AS
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=21
Content-Length
27702
X-XSS-Protection
1; mode=block
Expires
Mon, 17 May 2021 19:18:18 GMT
login.js.faces
aletrestauracionyconservacion.com/EP5-PSA-LOGIN/javax.faces.resource/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aletrestauracionyconservacion.com/EP5-PSA-LOGIN/javax.faces.resource/js/login.js.faces?ln=multicountry&v=1.0
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
154.44.190.9 , United States, ASN174 (COGENT-174, US),
Reverse DNS
webapp22.iberstation.com
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
aletrestauracionyconservacion.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Cookie
PHPSESSID=b5335dd32689a8e1e6150f97c50ace3d
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:17 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
managelanguage.min.160120181900.css
at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-MANAGELANGUAGE/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-MANAGELANGUAGE/css/managelanguage.min.160120181900.css
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
a3dd9710fe95bc29d47926850d50692442a6843fb9458a4769794c799ef05a57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
ETag
"b68"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/css
VTS-H3
GP RM AS
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
843
X-XSS-Protection
1; mode=block
Expires
Mon, 17 May 2021 19:18:18 GMT
1548766786234.png
at-assets.ucgstatic.eu/content/gimb_at/de/login/login/_jcr_content/footer/img1.img.png/ 		642 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://at-assets.ucgstatic.eu/content/gimb_at/de/login/login/_jcr_content/footer/img1.img.png/1548766786234.png
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
f6a7fe1701c494d326f91474b7c2e5fb3df70e06f194fd0259a1ec2d596b3ab3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:18 GMT
ETag
"282"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
642
VTS-H2
FP FD FR
Expires
Mon, 17 May 2021 19:18:18 GMT
1548766786234.png
at-assets.ucgstatic.eu/content/gimb_at/de/login/login/_jcr_content/footer/img4.img.png/ 		618 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://at-assets.ucgstatic.eu/content/gimb_at/de/login/login/_jcr_content/footer/img4.img.png/1548766786234.png
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
2da0c47f226b01671a0d983f484796dba219e7954f0b6a54131961badf3f5fec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:18 GMT
ETag
"26a"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=20
Content-Length
618
VTS-H2
FP FD FR
Expires
Mon, 17 May 2021 19:18:18 GMT
1548766786234.png
at-assets.ucgstatic.eu/content/gimb_at/de/login/login/_jcr_content/footer/img5.img.png/ 		611 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://at-assets.ucgstatic.eu/content/gimb_at/de/login/login/_jcr_content/footer/img5.img.png/1548766786234.png
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
0199fe56946047083e3626f0cdd15895ffcbbdf8ff1babaaf088ce7059cc8a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:18 GMT
ETag
"263"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
611
VTS-H2
FP FD FR
Expires
Mon, 17 May 2021 19:18:18 GMT
sprite-common.png
at-assets.ucgstatic.eu/etc/designs/gimb/img/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/img/sprite-common.png
Requested by
Host: at-assets.ucgstatic.eu
URL: https://at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/head_at_login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
9ba28c18fb75f3a6fcee96df6421c475570a4161b0c59637b878d7b4520169c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/head_at_login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:19 GMT
ETag
"58ad"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
22701
VTS-H2
FP FD FR
Expires
Mon, 17 May 2021 19:18:19 GMT
IconWerk2-mono-v05.woff
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/IconWerk2-mono-v05.woff
Requested by
Host: at-assets.ucgstatic.eu
URL: https://at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/head_at_login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
18b1c0abd01d9dd86722431ca611b9e4aa23025948fa2c9a39efd20de667f2c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://aletrestauracionyconservacion.com
Referer
https://at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/head_at_login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
VTS-H4
GN LM
ETag
"3844"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
14404
X-XSS-Protection
1; mode=block
unicredit-regular.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/ 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-regular.otf
Requested by
Host: at-assets.ucgstatic.eu
URL: https://at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/head_at_login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
fb3eee259238bb8f097a10f92ad30df49fe02fa3889ee4ee64407514840383a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://aletrestauracionyconservacion.com
Referer
https://at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/head_at_login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
VTS-H4
GN LM
ETag
"186c0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
100032
X-XSS-Protection
1; mode=block
unicredit-medium.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/ 		114 KB
115 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-medium.otf
Requested by
Host: at-assets.ucgstatic.eu
URL: https://at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/head_at_login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
2ad850adfd4c44eca0fb84badbd18222af65c98d9086d5175b22d3b02f1fe67c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://aletrestauracionyconservacion.com
Referer
https://at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/head_at_login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
VTS-H4
GN LM
ETag
"1c9fc"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=62
Content-Length
117244
X-XSS-Protection
1; mode=block
login.js.faces
aletrestauracionyconservacion.com/EP5-PSA-LOGIN/javax.faces.resource/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aletrestauracionyconservacion.com/EP5-PSA-LOGIN/javax.faces.resource/js/login.js.faces?ln=multicountry&v=1.0
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
154.44.190.9 , United States, ASN174 (COGENT-174, US),
Reverse DNS
webapp22.iberstation.com
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
aletrestauracionyconservacion.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Cookie
PHPSESSID=b5335dd32689a8e1e6150f97c50ace3d
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:17 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
unicredit-light.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/ 		102 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-light.otf
Requested by
Host: at-assets.ucgstatic.eu
URL: https://at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/head_at_login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
d91ea6df371995153328efe12017133994e9e25881f620ee00942462251cfeaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://aletrestauracionyconservacion.com
Referer
https://at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/head_at_login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
VTS-H4
GN LM
ETag
"19930"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=25
Content-Length
104752
X-XSS-Protection
1; mode=block
ico-infologin.png
at-assets.ucgstatic.eu/etc/designs/gimb/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/img/ico-infologin.png
Requested by
Host: at-assets.ucgstatic.eu
URL: https://at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/head_at_login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
e41c557c2dcc8f98c3bb29c83a23b4cf79b4606e9fe6e692331e128ccecc51f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://at-assets.ucgstatic.eu/etc/designs/gimb/clientlibs/head_at_login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:19 GMT
ETag
"647"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
1607
VTS-H2
FP FD FR
Expires
Mon, 17 May 2021 19:18:19 GMT
sprite-lang-at.png
at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-MANAGELANGUAGE/css/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-MANAGELANGUAGE/css/img/sprite-lang-at.png
Requested by
Host: at-assets.ucgstatic.eu
URL: https://at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-MANAGELANGUAGE/css/managelanguage.min.160120181900.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
14fcf0f22a5e48daed3bf981ac816103c8c68bfbd16ab8bbd5c38352d702c4d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-MANAGELANGUAGE/css/managelanguage.min.160120181900.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:19 GMT
ETag
"834"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=72
Content-Length
2100
VTS-H2
FP FD FR
Expires
Mon, 17 May 2021 19:18:19 GMT
sprite-lang-en.png
at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-MANAGELANGUAGE/css/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-MANAGELANGUAGE/css/img/sprite-lang-en.png
Requested by
Host: at-assets.ucgstatic.eu
URL: https://at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-MANAGELANGUAGE/css/managelanguage.min.160120181900.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
e556970daffaaa792d747bc5a7ed2d7d256913abddc89c37ab259e786873e4af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://at-assets.ucgstatic.eu/etc/designs/gimb/functions/EP5-PSA-MANAGELANGUAGE/css/managelanguage.min.160120181900.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:19 GMT
ETag
"145a"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5210
VTS-H2
FP FD FR
Expires
Mon, 17 May 2021 19:18:19 GMT
1571928623060.png
at-assets.ucgstatic.eu/content/gimb_at/de/login/login/jcr:content/content_parsys/bordercontainer/wcm/verticalbanner/img.img.png/ 		312 KB
312 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://at-assets.ucgstatic.eu/content/gimb_at/de/login/login/jcr:content/content_parsys/bordercontainer/wcm/verticalbanner/img.img.png/1571928623060.png
Requested by
Host: aletrestauracionyconservacion.com
URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.84.98.66 Milan, Italy, ASN12428 (UNICREDIT-AS-MI-, IT),
Reverse DNS
Software
/
Resource Hash
73a32ffade982991a10b16ce7a404f2716993a80090c505736481d7c179e9e1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 19:18:19 GMT
ETag
"4de7a"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
319098
VTS-H2
FP FD FR
Expires
Mon, 17 May 2021 19:18:19 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Unicredit (Banking)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| PF object| PrimeFaces function| Class object| atmosphere object| jQuery112407843160584796496 function| goToPageWithLoader function| openModalWithLoader function| goToPageModalInjectWithLoaderCloseAppModal function| closeOverlayPopup function| closeOverlayPopupAndRedirect function| closeOverlayPopupAndRedirectOnEvent function| showOverlayPopup undefined| displayJSFAjaxLoadingDivTimeout function| displayJSFAjaxLoadingDiv function| timeoutShowDiv function| hideJSFAjaxLoadingDiv function| findNearestLoader function| findNearestLoaderFast function| smartFindParent function| listenGimbModalCloseEvent function| closeGimbModal function| dynaTraceGIMBSCA object| myfaces object| jsf function| updateLogin function| hidelanguagesportlet function| unhidelanguagesportlet

2 Cookies

Domain/Path Name / Value
aletrestauracionyconservacion.com/ Name: PHPSESSID
Value: b5335dd32689a8e1e6150f97c50ace3d
aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au Name: ready
Value: gogo

2 Console Messages

Source Level URL
Text
console-api log URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?(Line 283)
Message:
#LOGIN Prima di aggangiare evento on click
console-api log URL: https://aletrestauracionyconservacion.com/administrator/components/com_admin/helpers/html/info/CnWPpXvv2VP6EL6645V5sr8jqsSLm4mL4epHGFWdbMUaG94cmAVfp8MsbGUDcRFgYBkxeMWPcztWA7YBxYftAsdmhjFxQELeYyufwmM8uFdwCJQ9AcLDk9kFb462M87P/au/?(Line 287)
Message:
#LOGIN Dopo aver agganciato evento on click

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aletrestauracionyconservacion.com
at-assets.ucgstatic.eu
154.44.190.9
80.84.98.66
0199fe56946047083e3626f0cdd15895ffcbbdf8ff1babaaf088ce7059cc8a92
14fcf0f22a5e48daed3bf981ac816103c8c68bfbd16ab8bbd5c38352d702c4d9
18b1c0abd01d9dd86722431ca611b9e4aa23025948fa2c9a39efd20de667f2c6
1e3ee0e0a80fa4ee97e7dfc365a431d2f83ef471193e7460d76dd27357f9e55b
208b4feaf8e35d6c6cc15eb83133d392297a0723562bc07d584d17bbea505514
2ad850adfd4c44eca0fb84badbd18222af65c98d9086d5175b22d3b02f1fe67c
2da0c47f226b01671a0d983f484796dba219e7954f0b6a54131961badf3f5fec
52233e04b02bc65a0829b831984a21aa78be101de2d33e837435890c6239a952
66a9a04c8d01ae04c5f2ecb1ade87945cef58ba1fba3920a6489c3197839ee03
73a32ffade982991a10b16ce7a404f2716993a80090c505736481d7c179e9e1b
76640a7e083e1d5ccb55e15341b3f79a9ad6466c4e4c4eab3be0e3ead5ac3f5f
8766f53477388370b7819a2d48b34367fe729966b41f0d297f8c1254672ddf6a
9ba28c18fb75f3a6fcee96df6421c475570a4161b0c59637b878d7b4520169c3
a3dd9710fe95bc29d47926850d50692442a6843fb9458a4769794c799ef05a57
c91d9e35863085bfd55bdf57a8fb44cf6c55dcfbedc259acab6bf1f1bc68a7e4
d462f8651ada519cae1b742431ecc965f31b9e09e82f085cd370a5eaad59002b
d91ea6df371995153328efe12017133994e9e25881f620ee00942462251cfeaa
e41c557c2dcc8f98c3bb29c83a23b4cf79b4606e9fe6e692331e128ccecc51f6
e556970daffaaa792d747bc5a7ed2d7d256913abddc89c37ab259e786873e4af
f1f25ad9f8e560d4435186484b1f6a64984cfe527a7edc0ce221539cd08adb50
f6a7fe1701c494d326f91474b7c2e5fb3df70e06f194fd0259a1ec2d596b3ab3
fb3eee259238bb8f097a10f92ad30df49fe02fa3889ee4ee64407514840383a5