![](/screenshots/2ad7ed4d-0891-481c-bfa4-8b202f942bc4.png)
certifica-app-it.com
Open in
urlscan Pro
172.67.182.27
Malicious Activity!
Public Scan
Submission: On May 20 via api from US — Scanned from IT
Summary
TLS certificate: Issued by GTS CA 1P5 on May 17th 2024. Valid for: 3 months.
This is the only time certifica-app-it.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Credit Emiliano (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 172.67.182.27 172.67.182.27 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
certifica-app-it.com
1 redirects
certifica-app-it.com |
1 MB |
7 | 1 |
Domain | Requested by | |
---|---|---|
8 | certifica-app-it.com |
1 redirects
certifica-app-it.com
|
7 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
certifica-app-it.com GTS CA 1P5 |
2024-05-17 - 2024-08-15 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://certifica-app-it.com/cd/
Frame ID: BAE9655B44D5E743DCD9158121A10BC9
Requests: 5 HTTP requests in this frame
Frame:
https://certifica-app-it.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Frame ID: 488D96136AF75421AF946624981213D0
Requests: 2 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://certifica-app-it.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://certifica-app-it.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
certifica-app-it.com/cd/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
certifica-app-it.com/cd/ |
50 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-latest.min.js
certifica-app-it.com/cd/ |
84 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.jpg
certifica-app-it.com/cd/ |
55 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.png
certifica-app-it.com/cd/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
certifica-app-it.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/ Frame 488D Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
886b0ece2e244c51
certifica-app-it.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 488D |
0 611 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Credit Emiliano (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.certifica-app-it.com/ | Name: cf_clearance Value: XAPO4AY48fZehjSi894.rc32r6N4Vd1pjdb6xuwpnNM-1716194803-1.0.1.1-1OpQimoDEZKJ6bpQOpNGKl3uOr.Mh8jqg67IiTNdJ88ctdKpeo_.B6tzv3uNhXGaWJL4nGxMU6OHY62X72IskA |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
certifica-app-it.com
172.67.182.27
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
98a77f1895231fdcc6cd160f901177c46d8a71cad8e5bab7151dd0405dffa12e
c5a1476433838b179a72db85048c3e2e2d12002aa109c6ad727c9cd5d8f48eca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eddd55108d16e783b18738ecbd21b24489806ac392ef81ca6787006f4821973b
fbb920f3edef8696d0a7b7b89ba3d3f7cefab4b64f75c87693a3be8f00495b1e
ff45ebf1da30d44d8273b765ff0ee3aa9022b69d0d52ab9d6e9c9682051b5625