it-aggiornare.online
Open in
urlscan Pro
2a01:238:20a:202:1157::
Malicious Activity!
Public Scan
Effective URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Submission: On March 15 via automatic, source twitter_illegalFawn
Summary
This is the only time it-aggiornare.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Libero (Online)Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-37.dus51.r.cloudfront.net
i.plug.it |
ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag.mgr.consensu.org |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-158-139.eu-west-1.compute.amazonaws.com
secure-it.imrworldwide.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-33.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net | |
www.googletagservices.com |
ASN16509 (AMAZON-02, US)
nr1cqpzioaq2ik1500b9ymfrdcoqv1615818680.nuid.imrworldwide.com |
ASN15169 (GOOGLE, US)
b3b86867db61b5090f26e8265180658c.safeframe.googlesyndication.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net
ad.doubleclick.net |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
Domain | Requested by | |
---|---|---|
12 | dt.adsafeprotected.com | |
12 | i.plug.it |
it-aggiornare.online
i.plug.it |
5 | static.adsafeprotected.com |
pixel.adsafeprotected.com
it-aggiornare.online |
4 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
4 | pixel.adsafeprotected.com |
1 redirects
it-aggiornare.online
|
4 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
it-aggiornare.online tpc.googlesyndication.com |
4 | securepubads.g.doubleclick.net |
www.googletagservices.com
securepubads.g.doubleclick.net it-aggiornare.online |
4 | secure-it.imrworldwide.com |
1 redirects
it-aggiornare.online
|
3 | cdn-gl.imrworldwide.com |
it-aggiornare.online
cdn-gl.imrworldwide.com |
3 | www.googletagservices.com |
i.plug.it
securepubads.g.doubleclick.net |
2 | bcp.crwdcntrl.net |
1 redirects
it-aggiornare.online
|
2 | ad.doubleclick.net |
1 redirects
it-aggiornare.online
|
2 | sb.scorecardresearch.com |
1 redirects
it-aggiornare.online
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | it-aggiornare.online | 1 redirects |
1 | ad.crwdcntrl.net |
i.plug.it
|
1 | b3b86867db61b5090f26e8265180658c.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.de |
securepubads.g.doubleclick.net
|
1 | nr1cqpzioaq2ik1500b9ymfrdcoqv1615818680.nuid.imrworldwide.com |
it-aggiornare.online
|
1 | italiaonline01.wt-eu02.net |
it-aggiornare.online
|
1 | onetag.mgr.consensu.org |
i.plug.it
|
1 | fonts.googleapis.com |
i.plug.it
|
1 | ajax.googleapis.com |
it-aggiornare.online
|
68 | 24 |
This site contains links to these domains. Also see Links.
Domain |
---|
adclick.g.doubleclick.net |
www.libero.it |
aiuto.libero.it |
registrazione.libero.it |
siviaggia.it |
www.italiaonline.it |
info.libero.it |
privacy.italiaonline.it |
easy.libero.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.plug.it Sectigo RSA Domain Validation Secure Server CA |
2020-12-15 - 2022-01-15 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
onetag-sys.com R3 |
2021-02-10 - 2021-05-11 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-28 - 2022-02-01 |
a year | crt.sh |
*.wt-eu02.net Sectigo RSA Domain Validation Secure Server CA |
2020-12-28 - 2022-01-28 |
a year | crt.sh |
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1 |
2020-07-17 - 2021-06-02 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
*.nuid.imrworldwide.com Amazon |
2020-06-26 - 2021-07-26 |
a year | crt.sh |
*.google.de GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
fw.adsafeprotected.com Amazon |
2020-09-09 - 2021-10-09 |
a year | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2019-06-13 - 2021-06-28 |
2 years | crt.sh |
static.adsafeprotected.com Amazon |
2021-01-06 - 2022-02-04 |
a year | crt.sh |
dt.adsafeprotected.com Amazon |
2020-05-20 - 2021-06-20 |
a year | crt.sh |
This page contains 8 frames:
Primary Page:
http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Frame ID: 58FA1C1E8EBB1C412778781E4E7A5ED5
Requests: 53 HTTP requests in this frame
Frame:
http://i.plug.it/iplug/js/lib/iol/analytics/ads/adv/_ads.js?_t=1615818680465
Frame ID: 4B16B9586DD03E2B164E5725567A32E9
Requests: 1 HTTP requests in this frame
Frame:
http://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 163FEA5ABF9B1E620FA1FD3115F32478
Requests: 3 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP7erniwE68FyHzlWk0CwolOcA9Qvnrh6M2lmL76AxSa3dyDYPYAoATVvJFsOKnp3JERSOLsFLreVL3FW_YuMjSixyzzpHlU7Z7jC9_HLH4-5w-mlLybfTO_7HdlV7sXMVVDpEoP4wyVqDzlCP9AdNh9eNcM8gbNqfxmID3fWdqe-JQDz6EPpXki46jtSY0ThZur9fWtfKH0XEKF_JTP6P8tfHxYav4efuJ-2GFdIpUpM5-qhKkuQ1wWKl0QyemsXKwHIQOdzztGR4Vaj7nSAWoYfR3EQhxYC5-pbyptrDIB878gyRb0P3_AKPYrNvYSo-sMvmehX3Nv3oQBOJ19KeBPzJ&sai=AMfl-YTiEkD_DsKX1K5yq1yjDWtJfQX5eG94y8LuPO_ZYFvIL-mT8XNnjKR6hljyjc8jMiZXRRLgHAHlWhjAbDVy5za5bmU9aDlNgxjyJ2-qCkesKMfspuKMsBVUZ3NOtrnc&sig=Cg0ArKJSzEjjPIFFqxOsEAE&urlfix=1&adurl=
Frame ID: E6C2B9732A8FFAB0E465EE06E87A8C29
Requests: 6 HTTP requests in this frame
Frame:
http://pixel.adsafeprotected.com/jload?anId=926174&campId=1540x1024&pubId=19942847&chanId=21721897975&placementId=5637328012&pubCreative=138339485436&pubOrder=2828105473&cb=222202221&impId=&ias_adpath=%23adv_click
Frame ID: 3714F09C1B307ABC29B9D517BADDF3B7
Requests: 2 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 11C7625455028D5F1A025C349DC84E30
Requests: 2 HTTP requests in this frame
Frame:
https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 7CE5E56844A46B329ACAF6420B97D650
Requests: 1 HTTP requests in this frame
Frame:
http://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 8BAC564D80E0D0F50E1A9A6862A98DB1
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://it-aggiornare.online/
HTTP 302
http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag Page URL
Detected technologies
UNIX (Operating Systems) ExpandDetected patterns
- headers server /Unix/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: AIUTO
Search URL Search Domain Scan URL
Title: CREA ACCOUNT
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Chi siamo
Search URL Search Domain Scan URL
Title: Note legali
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Title: Libero Easy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://it-aggiornare.online/
HTTP 302
http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- http://secure-it.imrworldwide.com/cgi-bin/m?ci=libero-it&cg=0&si=http://login.libero.it/&seq=1615818680438 HTTP 301
- https://secure-it.imrworldwide.com/cgi-bin/m?ci=libero-it&cg=0&si=http://login.libero.it/&seq=1615818680438
- https://sb.scorecardresearch.com/b?c1=2&c2=33012141&ns__t=1615818680460&ns_c=UTF-8&c7=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&c8=Libero%20Mail%20-%20login HTTP 302
- https://sb.scorecardresearch.com/b2?c1=2&c2=33012141&ns__t=1615818680460&ns_c=UTF-8&c7=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&c8=Libero%20Mail%20-%20login&cs_ak_ss=1
- https://ad.doubleclick.net/ddm/trackimp/N7861.4024273ITALIAONLINE_IT_IPG/B25387695.295541511;dc_trk_aid=488829525;dc_trk_cid=145855082;ord=1196876838;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
- https://ad.doubleclick.net/ddm/trackimp/N7861.4024273ITALIAONLINE_IT_IPG/B25387695.295541511;dc_pre=CMH8_9PBsu8CFUDEuwgdbCAP7Q;dc_trk_aid=488829525;dc_trk_cid=145855082;ord=1196876838;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=
- https://bcp.crwdcntrl.net/5/c=6199/b=22177866 HTTP 302
- https://bcp.crwdcntrl.net/5/ct=y/c=6199/b=22177866
- https://pixel.adsafeprotected.com/rfw/st/594309/52702208/skeleton.js?adsafe_url=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&adsafe_type=abdq&adsafe_url=http%3A%2F%2Fit-aggiornare.online%2F&adsafe_type=f&adsafe_jsinfo=,id:4614e4c0-3ea3-b1d8-2f57-7889b829a6ad,c:6WCQ5U,sl:inView,em:false,fr:true,mn:app09ie,pt:1-5-15,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:a,cc:-10.-10.1600.1200,piv:99,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,nbld:0,fm:srJMw5f+1*.594309-52702208%7C11%7C12%7C131%7C14,idMap:1*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:185,oid:1c844edf-859b-11eb-9e7d-0ae761671616,v:19.8.171,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
- https://static.adsafeprotected.com/skeleton.js
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
emark.php
it-aggiornare.online/ Redirect Chain
|
22 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
i.plug.it/mail/login/2020/libero/css/ |
25 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ |
86 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
placeholders.min.js
i.plug.it/mail/login/2018/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
policy_cookieCMP.js
i.plug.it/common/tech_includes/lib/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp.min.js
i.plug.it/common/tech_includes/lib/ |
1 KB 887 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adv_library3_https.js
i.plug.it/banners/js/ |
22 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adv_lib_login_2step_v2.js
i.plug.it/banners/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-siviaggia.png
i.plug.it//mail/login/2018/libero/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracking_login-libero-it.min.js
i.plug.it/iplug/js/lib/iol/analytics/data/login-libero-it/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IOL.Analytics.Tracking.min.js
i.plug.it/iplug/js/lib/iol/analytics/engine/ |
32 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
6 KB 781 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp.js
onetag.mgr.consensu.org/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gpt.js
www.googletagservices.com/tag/js/ |
58 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
i.plug.it/mail/login/2020/libero/img/ |
5 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PB842EDC3-BDDA-4494-9CDE-8B0150370A55.js
cdn-gl.imrworldwide.com/conf/ |
28 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m
secure-it.imrworldwide.com/cgi-bin/ Redirect Chain
|
44 B 529 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wt
italiaonline01.wt-eu02.net/215973748390194/ |
43 B 833 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b2
sb.scorecardresearch.com/ Redirect Chain
|
0 399 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_ads.js
i.plug.it/iplug/js/lib/iol/analytics/ads/adv/ Frame 4B16 |
25 B 498 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2021030901.js
securepubads.g.doubleclick.net/gpt/ |
283 KB 100 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ |
176 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 163F |
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gn
secure-it.imrworldwide.com/cgi-bin/ Frame 163F |
44 B 529 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
nr1cqpzioaq2ik1500b9ymfrdcoqv1615818680.nuid.imrworldwide.com/ Frame 163F |
35 B 350 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 799 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 553 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ads
securepubads.g.doubleclick.net/gampad/ |
11 KB 6 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
b3b86867db61b5090f26e8265180658c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
view
securepubads.g.doubleclick.net/pcs/ Frame E6C2 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skeleton.js
pixel.adsafeprotected.com/rjss/st/594309/52702208/ |
46 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E6C2 |
112 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AdvContent20x20.png
i.plug.it/banners/img/ |
537 B 915 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
B25387695.295541511;dc_pre=CMH8_9PBsu8CFUDEuwgdbCAP7Q;dc_trk_aid=488829525;dc_trk_cid=145855082;ord=1196876838;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=
ad.doubleclick.net/ddm/trackimp/N7861.4024273ITALIAONLINE_IT_IPG/ Frame E6C2 Redirect Chain
|
42 B 515 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b=22177866
bcp.crwdcntrl.net/5/ct=y/c=6199/ Frame E6C2 Redirect Chain
|
49 B 803 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
211957956348817773
tpc.googlesyndication.com/simgad/ |
288 KB 289 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
73 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
8 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame E6C2 |
217 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jload
pixel.adsafeprotected.com/ Frame 3714 |
47 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 11C7 |
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
pagead2.googlesyndication.com/bg/ Frame 11C7 |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.gr.19.8.171.js
static.adsafeprotected.com/ |
179 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.gr.19.8.171.js
static.adsafeprotected.com/ Frame 3714 |
179 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
view
securepubads.g.doubleclick.net/pcs/ Frame E6C2 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 224 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skeleton.js
static.adsafeprotected.com/ Redirect Chain
|
17 B 240 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sca.17.5.1.js
static.adsafeprotected.com/ Frame 7CE5 |
82 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sca.17.5.1.js
static.adsafeprotected.com/ Frame 8BAC |
82 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mon
pixel.adsafeprotected.com/ |
43 B 305 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dt
dt.adsafeprotected.com/ |
43 B 304 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dt
dt.adsafeprotected.com/ |
43 B 304 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ |
43 B 216 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 23 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
callback=iol.dmp.getProfile
ad.crwdcntrl.net/5/c=6199/pe=y/ |
161 B 372 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dt
dt.adsafeprotected.com/ |
43 B 304 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dt
dt.adsafeprotected.com/ |
43 B 304 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dt
dt.adsafeprotected.com/ |
43 B 304 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gn
secure-it.imrworldwide.com/cgi-bin/ |
44 B 336 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dt
dt.adsafeprotected.com/ |
43 B 304 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dt
dt.adsafeprotected.com/ |
43 B 304 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Libero (Online)107 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| RrRrRrRr function| $ function| jQuery object| Placeholders object| iol function| __msgHandler function| __cmp function| __setConsent string| crtg_nid object| iol_adv_config number| adv_latency undefined| adv_fup boolean| adv_getfup_exist boolean| adv_new_getfup_exist undefined| adv_ts_now undefined| adv_ts_limit undefined| adv_ts_co number| adv_profile string| adv_cookie_domain string| adv_prof_cookie function| jiot_tgt function| iolAdjustMasthead object| IOLAdv object| googletag number| adv_pagewidth number| adv_pageheight string| adv_adunit1 string| adv_adunit2 string| adv_adunit3 string| adv_adunit4 object| adv_testnum object| adv_slots function| adv_getParameterByName function| adv_setCookie function| adv_getCookie number| t2 number| www boolean| isOff function| mt_cm function| mt_md function| mt_dn function| mt_de function| mt_mu boolean| wside function| Fingerprint function| letter_or_dot function| do_text_select function| Autocomplete object| arrValues function| checkparams function| showMpu function| get_editorial function| show_editorial object| nSdkInstancestatic number| rnd object| nielsenMetadata object| NOLBUNDLE string| iol_login_page_id object| iol_analytics_tracking_conf object| IOL object| iat object| ggeac object| google_js_reporting_queue function| _typeof object| ns object| paramsPassed object| stateObject string| BUILDVERSION object| stateEvents function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| adv_region string| adv_LIB_ADV_D object| adv_lauds_str object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| __IntegralASDiagnosticCall object| __IntegralASConfig function| mainScriptAppender object| __IASScope boolean| isDomless object| __IASOmidVerificationClient object| google_image_requests object| __IntegralASExec function| __IntegralASEventLoadHandler_4614e4c03ea3b1d82f577889b829a6ad1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
it-aggiornare.online/ | Name: PHPSESSID Value: p4kv0fbtua91uvgv76mdcsjbne |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.crwdcntrl.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
b3b86867db61b5090f26e8265180658c.safeframe.googlesyndication.com
bcp.crwdcntrl.net
cdn-gl.imrworldwide.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
i.plug.it
it-aggiornare.online
italiaonline01.wt-eu02.net
nr1cqpzioaq2ik1500b9ymfrdcoqv1615818680.nuid.imrworldwide.com
onetag.mgr.consensu.org
pagead2.googlesyndication.com
pixel.adsafeprotected.com
sb.scorecardresearch.com
secure-it.imrworldwide.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
tpc.googlesyndication.com
www.googletagservices.com
104.108.64.33
13.226.159.37
142.250.186.162
185.54.150.20
216.58.212.166
2600:9000:2182:8a00:1d:667e:2a40:93a1
2600:9000:2182:9200:2:42d9:3100:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:801::200a
2a00:1450:4001:803::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a01:238:20a:202:1157::
34.206.100.214
34.253.109.165
51.89.9.254
52.19.211.247
52.210.253.186
52.214.158.139
54.154.69.174
00be4a75e748a196d522a7353e1555308e1122ad1eda6218ce6092de72c5e340
03fbcda1b153bb9b94b9aca47499f9143275e55a99ba7a91a848d49f9e3ca87d
0718476f9aeec1cbd746c569d6768a28c021163de52ceb5c7d89005484f16b8e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09e63fb20d7667032db4289f4d2961a7ab6f7a1db54429ec15de44d2cb36ee38
0ba07e08d2ad0d4194d88c94c8392ae676dfef46671495ce15daf7b5cbc6d0fd
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3644b05a80a39d358a32738da463cafff406fd9f0309901692bf9ade61839ab8
3a24007e6749a9a4c471fe0db993ed48445f6ba22695a15f6379d58fdaee18f4
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
3b5bc6d26c769e37f841843c2a43bf668edb5144fe3e0800c846eb2990690773
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
51f6db1b46a265c22e6383ef24c9e7451e34feec809286a6ab221f4b61890c8d
54ea3b729d9ff4a499d3bf59b0497606ceb27b7100c60d74d28467224f3983f9
55137ab76eea957ac63037bfaf5fb94a5257f7624774b46ca8006cb941e81728
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
68c4d9331a88b41197ba5625c67eb73b18f2a961eb96f22372b4a1ef5da76ee1
68cfa5d1e626ad1796c8c8db8276c8196f7235100b9ae6f7380a4f8920bd994c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
748365fe534f00319188a55aea6bb4a10b9497c92b3053aa5d2ae93b63579993
76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749
7a7badbffce2cc0bcb768131a45fdc54d37f531721096d80e0285e875f259de8
8239d985179b5598a3b76db41bbd8842530e4e37e82665dc6449ed97b20c6227
984af48e7efc952d96c92943d3dc213bfc599182fac15dfb9409eaa655b38f34
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb4aef635e086d0038cae945d59214d1da5cec786b04c7cad9621a2f7e2582a1
bb631cb41d70ab6f8a07ab80b053676bca8589e7e1d835827f30e1bffbed91c5
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c474bd7069e315e89fc96778d70b8f1de3518413e2abee1b294871fdad6887d4
c8c998831c68de988f5ef84f6b4e64c3fd2bc9799cdaf419eca86094f207a150
ce1fc118ce58922807cd6223f6412463c48eb744bda33883bc900deb51d4cf93
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dc321f6f1ccd09a5946f7d33247cfbde5fce3989175adf883fd198ff91a8161e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f2e0e5d7b5b02f89ba769649c49b9589dcac727fa66f47a1517a469ec0e046
f3e3d5425770004b388a131cbd8193fd93bc5a5eae4523cb549d7f7655db0eca
fbcfdd7948d008668a2e6f0fbc0eec91979b0a1b6ef92091973127c0158abd80