urlscan.io logo urlscan.io
SecurityTrails logo

certifica-app-it.com Open in urlscan Pro
172.67.182.27  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://certifica-app-it.com/cd/
Submission: On May 20 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 172.67.182.27, located in United States and belongs to CLOUDFLARENET, US. The main domain is certifica-app-it.com.
TLS certificate: Issued by GTS CA 1P5 on May 17th 2024. Valid for: 3 months.
This is the only time certifica-app-it.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Credit Emiliano (Banking)

Domain & IP information

IP Address AS Autonomous System
1 8 172.67.182.27 13335 (CLOUDFLAR...)
7 1
Apex Domain
Subdomains		 Transfer
8 certifica-app-it.com
certifica-app-it.com
1 MB
7 1
Domain Requested by
8 certifica-app-it.com 1 redirects certifica-app-it.com
7 1

This site contains no links.

Subject Issuer Validity Valid
certifica-app-it.com
GTS CA 1P5		 2024-05-17 -
2024-08-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://certifica-app-it.com/cd/
Frame ID: BAE9655B44D5E743DCD9158121A10BC9
Requests: 5 HTTP requests in this frame

Frame: https://certifica-app-it.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Frame ID: 488D96136AF75421AF946624981213D0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1300 kB
Transfer

1356 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://certifica-app-it.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://certifica-app-it.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
certifica-app-it.com/cd/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://certifica-app-it.com/cd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbb920f3edef8696d0a7b7b89ba3d3f7cefab4b64f75c87693a3be8f00495b1e

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
886b0ece2e244c51-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 20 May 2024 08:46:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lf7593lDVNRVFCrGsBU4PrVz0%2BaEptGUtjtIZaxWXEsTyGNa9b512%2BmcEbXVH6t4XJSSBRmwJQCOJEvRki1lEPeZC9HwTKL6KNTTtIxmtpj%2BFtbQoyEt%2FJd0mQqLrMWhWECinCHbMg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
logo.png
certifica-app-it.com/cd/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certifica-app-it.com/cd/logo.png
Requested by
Host: certifica-app-it.com
URL: https://certifica-app-it.com/cd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a1476433838b179a72db85048c3e2e2d12002aa109c6ad727c9cd5d8f48eca

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://certifica-app-it.com/cd/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 08:46:43 GMT
cf-cache-status
HIT
last-modified
Thu, 26 Jan 2023 12:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4372
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Af293xBbwqLDiL6CY63uEiketcPrx0wHKQw3c7D5bd5hPjInraaofBrypNG3OE%2Bw%2FzlvvzYr76LUSGbgVpyc9NG%2FRJRJVVYDZbDDzH8VF0GVxF%2FbgtWk9buWnCSc43kFdJswni5ObQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
886b0eceffb54c51-MXP
alt-svc
h3=":443"; ma=86400
content-length
51535
jquery-latest.min.js
certifica-app-it.com/cd/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certifica-app-it.com/cd/jquery-latest.min.js
Requested by
Host: certifica-app-it.com
URL: https://certifica-app-it.com/cd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://certifica-app-it.com/cd/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 08:46:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Feb 2022 17:46:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4372
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kG2J7lWb7n0cLdSVjKCdnrxXU9ZeNVQdYSxiFnqCLo5kxaHjFvUpsx9NBuk%2BGFYNvT1eICE9PKI%2BtuxwWARM3DTuI%2FULgnuWKU3dl6DNAIxx66uhC9hCLoj70gpdKWGMQWEduu0BYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
886b0eceffbb4c51-MXP
alt-svc
h3=":443"; ma=86400
logo.jpg
certifica-app-it.com/cd/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certifica-app-it.com/cd/logo.jpg
Requested by
Host: certifica-app-it.com
URL: https://certifica-app-it.com/cd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff45ebf1da30d44d8273b765ff0ee3aa9022b69d0d52ab9d6e9c9682051b5625

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://certifica-app-it.com/cd/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 08:46:43 GMT
cf-cache-status
HIT
last-modified
Thu, 26 Jan 2023 12:52:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4372
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=il5vsAzcZAkgw3ndTkyul3HM3mZwEhz1LoMHE3XAFTTinpQT5ROdJLtiAiDAjq5KfvrTIvx4YhXteVmprCx%2BaSF1G0vTI4ktTbVqa%2B64qqgR1nUZJ%2BTpNWWC2SeBXw6TFdkJc4W0xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
886b0ecf68704c51-MXP
alt-svc
h3=":443"; ma=86400
content-length
56111
app.png
certifica-app-it.com/cd/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certifica-app-it.com/cd/app.png
Requested by
Host: certifica-app-it.com
URL: https://certifica-app-it.com/cd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eddd55108d16e783b18738ecbd21b24489806ac392ef81ca6787006f4821973b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://certifica-app-it.com/cd/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 08:46:43 GMT
cf-cache-status
HIT
last-modified
Thu, 26 Jan 2023 12:46:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4372
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPp1Ba8bq9dAFkeAx%2BvWYqgw8MuSphPZhS5bggLWdcYRHPK85dbuv4eIUc3UR1VFFO%2BBed8%2FfEyFqhJRIrutYVKwC8fowu14yLlNL1qdbYH8gMO5AL2g2y0tY%2FFpcm9YC7FR3YfH6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
886b0ecf68734c51-MXP
alt-svc
h3=":443"; ma=86400
content-length
1183978
main.js
certifica-app-it.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/ Frame 488D
Redirect Chain
  • https://certifica-app-it.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://certifica-app-it.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certifica-app-it.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Protocol
H3
Server
172.67.182.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98a77f1895231fdcc6cd160f901177c46d8a71cad8e5bab7151dd0405dffa12e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 20 May 2024 08:46:43 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFcADtL9tYTgL4KLJCt97wOtsRO8RgRuWv6WDEM%2Fzr94VFIFyRGMvy7YOXrAD43b8%2FA6DDBYigAubGPJabQDazFF%2F9MO35YYsNFePo%2BWOi18iQs6mfXJ3ZqRd5VmYc38yFV10%2B13LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
886b0ed19c164c51-MXP
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 20 May 2024 08:46:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vpKk190FmsDbubeB6KYfUZHMmIoC9YkaQM1k8LwEFOls03NPfaIil%2FoyH17NT%2BOsl5Wwze4Wld2Plr8tJbHfG75LZDmxzBTuaX8RIiWXZ7%2BzOUcgudyahYNUKw016HMpI%2Bh0EojLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
cache-control
max-age=300, public
cf-ray
886b0ed009954c51-MXP
alt-svc
h3=":443"; ma=86400
content-length
0
886b0ece2e244c51
certifica-app-it.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 488D 		0
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://certifica-app-it.com/cdn-cgi/challenge-platform/h/b/jsd/r/886b0ece2e244c51
Requested by
Host: certifica-app-it.com
URL: https://certifica-app-it.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 May 2024 08:46:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XPt%2Bi%2FgmxROckIQdBzYCa9xPTB0oPpZ6XpIvVgeYvZGGRA%2ByZF%2Bd8ygDHO%2BQeCUK%2FdL3KvFcsYN%2FaVwJuTvBUNNnp8OXH0qX3McvNdgtqtu1CLnGOygqAfHrjprFNzoGIqnBkLWHww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
886b0ed26d0d4c51-MXP
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Credit Emiliano (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
.certifica-app-it.com/ Name: cf_clearance
Value: XAPO4AY48fZehjSi894.rc32r6N4Vd1pjdb6xuwpnNM-1716194803-1.0.1.1-1OpQimoDEZKJ6bpQOpNGKl3uOr.Mh8jqg67IiTNdJ88ctdKpeo_.B6tzv3uNhXGaWJL4nGxMU6OHY62X72IskA