digitalitau.com Open in urlscan Pro
195.231.8.19 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://digitalitau.com/GRIPNET/web/control.php#48967330681015944796768949281777264642
Effective URL:
https://digitalitau.com/GRIPNET/web/control.php
Submission: On February 27 via automatic, source phishtank (February 27th 2020, 2:31:10 am UTC)

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 195.231.8.19, located in Arezzo, Italy and belongs to ARUBA-CLOUD, IT. The main domain is digitalitau.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 26th 2020. Valid for: 3 months.

This is the only time digitalitau.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3 15	195.231.8.19 195.231.8.19	202242 (ARUBA-CLOUD) (ARUBA-CLOUD)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
15	3

15 195.231.8.19 (Arezzo, Italy) 3 redirects

ASN202242 (ARUBA-CLOUD, IT)
PTR: host19-8-231-195.serverdedicati.aruba.it

digitalitau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	digitalitau.com 3 redirects digitalitau.com	987 KB
2	gstatic.com fonts.gstatic.com	18 KB
1	googleapis.com fonts.googleapis.com	963 B
15	3

	Domain	Requested by
15	digitalitau.com	3 redirects digitalitau.com
2	fonts.gstatic.com	digitalitau.com
1	fonts.googleapis.com	digitalitau.com
15	3

This site contains no links.

Subject Issuer	Validity	Valid
digitalitau.com Let's Encrypt Authority X3	`2020-02-26` - `2020-05-26`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://digitalitau.com/GRIPNET/web/control.php
Frame ID: CE294C6D9DC9BBB4D9AC281CDAFCD84D
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://digitalitau.com/GRIPNET/web/control.php HTTP 301
https://digitalitau.com/GRIPNET/web/control.php HTTP 302
https://digitalitau.com/GRIPNET/index.php HTTP 302
https://digitalitau.com/GRIPNET/web/control.php Page URL

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1005 kB
Transfer

1092 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://digitalitau.com/GRIPNET/web/control.php HTTP 301
https://digitalitau.com/GRIPNET/web/control.php HTTP 302
https://digitalitau.com/GRIPNET/index.php HTTP 302
https://digitalitau.com/GRIPNET/web/control.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request control.php Show response
digitalitau.com/GRIPNET/web/
Redirect Chain

http://digitalitau.com/GRIPNET/web/control.php
https://digitalitau.com/GRIPNET/web/control.php
https://digitalitau.com/GRIPNET/index.php
https://digitalitau.com/GRIPNET/web/control.php

3 KB
2 KB

60ms
60ms

Document
text/html

195.231.8.19
ARUBA-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://digitalitau.com/GRIPNET/web/control.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.231.8.19 Arezzo, Italy, ASN202242 (ARUBA-CLOUD, IT),
Reverse DNS: host19-8-231-195.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 95bb60e2970ffb7f18bc1b751ecc14bf25a8689bf3e462cbe813ec262a379559

Request headers

Host: digitalitau.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PHPSESSID=5gdaspula2gekvrlbg1ifvq917
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Feb 2020 02:30:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1222
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 27 Feb 2020 02:30:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: web/control.php
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 13 KB
963 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap

Requested by

Host: digitalitau.com
URL: https://digitalitau.com/GRIPNET/web/control.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43383d39136a4e1ef4cbf15278efb0851a430b3f60d3986e6cbbee547e30ab68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://digitalitau.com/GRIPNET/web/control.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Feb 2020 02:30:51 GMT
server: ESF
date: Thu, 27 Feb 2020 02:30:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Feb 2020 02:30:51 GMT

GET
H/1.1 200
OK web.css
digitalitau.com/GRIPNET/_styles/ 14 KB
3 KB 60ms
59ms Stylesheet
text/css 195.231.8.19
ARUBA-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://digitalitau.com/GRIPNET/_styles/web.css
Requested by: Host: digitalitau.com
URL: https://digitalitau.com/GRIPNET/web/control.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.231.8.19 Arezzo, Italy, ASN202242 (ARUBA-CLOUD, IT),
Reverse DNS: host19-8-231-195.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 9eb801d2532b0ceb135a4fe7f200e73659cc1e3fc821fafb2fa3941840d96eaf

Request headers

Referer: https://digitalitau.com/GRIPNET/web/control.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 27 Feb 2020 02:30:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Dec 2019 15:13:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3855-598f65f12d600-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3159

GET
H/1.1 200
OK jquery.min.js Show response
digitalitau.com/GRIPNET/_jscripts/ 86 KB
30 KB 125ms
64ms Script
application/javascript 195.231.8.19
ARUBA-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://digitalitau.com/GRIPNET/_jscripts/jquery.min.js
Requested by: Host: digitalitau.com
URL: https://digitalitau.com/GRIPNET/web/control.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.231.8.19 Arezzo, Italy, ASN202242 (ARUBA-CLOUD, IT),
Reverse DNS: host19-8-231-195.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://digitalitau.com/GRIPNET/web/control.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 27 Feb 2020 02:30:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Dec 2019 15:13:21 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "15851-598f65ea80640-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 30677

GET
H/1.1 200
OK jquery.mask.js Show response
digitalitau.com/GRIPNET/_jscripts/ 6 KB
3 KB 176ms
59ms Script
application/javascript 195.231.8.19
ARUBA-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://digitalitau.com/GRIPNET/_jscripts/jquery.mask.js
Requested by: Host: digitalitau.com
URL: https://digitalitau.com/GRIPNET/web/control.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.231.8.19 Arezzo, Italy, ASN202242 (ARUBA-CLOUD, IT),
Reverse DNS: host19-8-231-195.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 3b775d6e0b0f5cff98aca4daaa7f27a7c3678f39d1f5186776bb14b63cc2f625

Request headers

Referer: https://digitalitau.com/GRIPNET/web/control.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 27 Feb 2020 02:30:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Dec 2019 15:13:21 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "18ae-598f65ea80640-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2669

GET
H/1.1 200
OK all.js Show response
digitalitau.com/GRIPNET/_jscripts/ 8 KB
2 KB 178ms
59ms Script
application/javascript 195.231.8.19
ARUBA-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://digitalitau.com/GRIPNET/_jscripts/all.js
Requested by: Host: digitalitau.com
URL: https://digitalitau.com/GRIPNET/web/control.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.231.8.19 Arezzo, Italy, ASN202242 (ARUBA-CLOUD, IT),
Reverse DNS: host19-8-231-195.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 841988d8991b439ecb9ca46cfb0e909876a92c36d1f43894f00b5d2f788225b9

Request headers

Referer: https://digitalitau.com/GRIPNET/web/control.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 27 Feb 2020 02:30:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Dec 2019 15:13:20 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1f2a-598f65e98c400-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2094

GET
H/1.1 200
OK id_logo.png
digitalitau.com/GRIPNET/_images/web/ 8 KB
9 KB 178ms
59ms Image
image/png 195.231.8.19
ARUBA-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://digitalitau.com/GRIPNET/_images/web/id_logo.png
Requested by: Host: digitalitau.com
URL: https://digitalitau.com/GRIPNET/web/control.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.231.8.19 Arezzo, Italy, ASN202242 (ARUBA-CLOUD, IT),
Reverse DNS: host19-8-231-195.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ec449b90a12df224ff679dcc26fe6a075b8bee6575b7891ea55b96c5869d828c

Request headers

Referer: https://digitalitau.com/GRIPNET/web/control.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 02:30:51 GMT
Last-Modified: Thu, 05 Dec 2019 15:14:25 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "20f0-598f662789640"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8432

GET
H/1.1 200
OK solucoes.png
digitalitau.com/GRIPNET/_images/web/ 337 KB
337 KB 181ms
60ms Image
image/png 195.231.8.19
ARUBA-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://digitalitau.com/GRIPNET/_images/web/solucoes.png
Requested by: Host: digitalitau.com
URL: https://digitalitau.com/GRIPNET/web/control.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.231.8.19 Arezzo, Italy, ASN202242 (ARUBA-CLOUD, IT),
Reverse DNS: host19-8-231-195.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 35c2f9f3e78b3f73eff7608281c1a1f98eec0678312b2225e718dc5be993c2ea

Request headers

Referer: https://digitalitau.com/GRIPNET/web/control.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 02:30:51 GMT
Last-Modified: Thu, 05 Dec 2019 15:14:35 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "5445c-598f663112cc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 345180

GET
H/1.1 200
OK paypal.png
digitalitau.com/GRIPNET/_images/web/ 238 KB
238 KB 59ms
59ms Image
image/png 195.231.8.19
ARUBA-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://digitalitau.com/GRIPNET/_images/web/paypal.png
Requested by: Host: digitalitau.com
URL: https://digitalitau.com/GRIPNET/web/control.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.231.8.19 Arezzo, Italy, ASN202242 (ARUBA-CLOUD, IT),
Reverse DNS: host19-8-231-195.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a562f36a272b4efb734f15f0add2e3d028f0a1daf2356a2f4f7826e2fbf487f6

Request headers

Referer: https://digitalitau.com/GRIPNET/web/control.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 02:30:51 GMT
Last-Modified: Thu, 05 Dec 2019 15:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3b68b-598f662e36600"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 243339

GET
H/1.1 200
OK maquininha.png
digitalitau.com/GRIPNET/_images/web/ 160 KB
160 KB 59ms
59ms Image
image/png 195.231.8.19
ARUBA-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://digitalitau.com/GRIPNET/_images/web/maquininha.png
Requested by: Host: digitalitau.com
URL: https://digitalitau.com/GRIPNET/web/control.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.231.8.19 Arezzo, Italy, ASN202242 (ARUBA-CLOUD, IT),
Reverse DNS: host19-8-231-195.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 564f0ee188d4cbe59c7226f956cd8d6831812f2ded418fa5c4fe5e5de17aa5af

Request headers

Referer: https://digitalitau.com/GRIPNET/web/control.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 02:30:51 GMT
Last-Modified: Thu, 05 Dec 2019 15:14:27 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "27e56-598f662971ac0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 163414

GET
H/1.1 200
OK footer.png
digitalitau.com/GRIPNET/_images/web/ 45 KB
46 KB 58ms
58ms Image
image/png 195.231.8.19
ARUBA-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://digitalitau.com/GRIPNET/_images/web/footer.png
Requested by: Host: digitalitau.com
URL: https://digitalitau.com/GRIPNET/web/control.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.231.8.19 Arezzo, Italy, ASN202242 (ARUBA-CLOUD, IT),
Reverse DNS: host19-8-231-195.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 83b217f97cec45fd882b598d55ad1809f9c5e330d8a9c42e7f1e50c67ddc2294

Request headers

Referer: https://digitalitau.com/GRIPNET/web/control.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 02:30:51 GMT
Last-Modified: Thu, 05 Dec 2019 15:14:24 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "b5c8-598f662695400"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 46536

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: digitalitau.com
URL: https://digitalitau.com/GRIPNET/web/control.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
Origin: https://digitalitau.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 02:11:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 2420334
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Fri, 29 Jan 2021 02:11:57 GMT

GET
H/1.1 200
OK id_submit.png
digitalitau.com/GRIPNET/_images/web/ 955 B
1 KB 59ms
59ms Image
image/png 195.231.8.19
ARUBA-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://digitalitau.com/GRIPNET/_images/web/id_submit.png
Requested by: Host: digitalitau.com
URL: https://digitalitau.com/GRIPNET/web/control.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.231.8.19 Arezzo, Italy, ASN202242 (ARUBA-CLOUD, IT),
Reverse DNS: host19-8-231-195.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ccef7da394c01924be9de81861942cec4c156a31ae6fd6152860322b6c195a89

Request headers

Referer: https://digitalitau.com/GRIPNET/_styles/web.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 02:30:51 GMT
Last-Modified: Thu, 05 Dec 2019 15:14:26 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3bb-598f66287d880"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 955

GET
H/1.1 200
OK banner.jpg
digitalitau.com/GRIPNET/_images/web/ 154 KB
155 KB 63ms
63ms Image
image/jpeg 195.231.8.19
ARUBA-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://digitalitau.com/GRIPNET/_images/web/banner.jpg
Requested by: Host: digitalitau.com
URL: https://digitalitau.com/GRIPNET/web/control.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.231.8.19 Arezzo, Italy, ASN202242 (ARUBA-CLOUD, IT),
Reverse DNS: host19-8-231-195.serverdedicati.aruba.it
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4a9874201488947a5d518d44a8ae1e9d2cc7083267f6750eb77f247ef8b0c81a

Request headers

Referer: https://digitalitau.com/GRIPNET/_styles/web.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 02:30:51 GMT
Last-Modified: Thu, 05 Dec 2019 15:14:21 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "26977-598f6623b8d40"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 158071

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: digitalitau.com
URL: https://digitalitau.com/GRIPNET/web/control.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
Origin: https://digitalitau.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 04:10:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 2326829
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9180
x-xss-protection: 0
expires: Sat, 30 Jan 2021 04:10:22 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			digitalitau.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5gdaspula2gekvrlbg1ifvq917

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

digitalitau.com
fonts.googleapis.com
fonts.gstatic.com
195.231.8.19
2a00:1450:4001:809::2003
2a00:1450:4001:81d::200a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
35c2f9f3e78b3f73eff7608281c1a1f98eec0678312b2225e718dc5be993c2ea
3b775d6e0b0f5cff98aca4daaa7f27a7c3678f39d1f5186776bb14b63cc2f625
43383d39136a4e1ef4cbf15278efb0851a430b3f60d3986e6cbbee547e30ab68
4a9874201488947a5d518d44a8ae1e9d2cc7083267f6750eb77f247ef8b0c81a
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
564f0ee188d4cbe59c7226f956cd8d6831812f2ded418fa5c4fe5e5de17aa5af
83b217f97cec45fd882b598d55ad1809f9c5e330d8a9c42e7f1e50c67ddc2294
841988d8991b439ecb9ca46cfb0e909876a92c36d1f43894f00b5d2f788225b9
95bb60e2970ffb7f18bc1b751ecc14bf25a8689bf3e462cbe813ec262a379559
9eb801d2532b0ceb135a4fe7f200e73659cc1e3fc821fafb2fa3941840d96eaf
a562f36a272b4efb734f15f0add2e3d028f0a1daf2356a2f4f7826e2fbf487f6
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
ccef7da394c01924be9de81861942cec4c156a31ae6fd6152860322b6c195a89
ec449b90a12df224ff679dcc26fe6a075b8bee6575b7891ea55b96c5869d828c

digitalitau.com Open in urlscan Pro 195.231.8.19 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

15 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

1005 kBTransfer

1092 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

24 JavaScript Global Variables

1 Cookies

Indicators

digitalitau.com Open in urlscan Pro
195.231.8.19 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1005 kB
Transfer

1092 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!