restrizionicomunicazione.com
Open in
urlscan Pro
198.54.116.135
Malicious Activity!
Public Scan
Effective URL: https://restrizionicomunicazione.com/
Submission: On August 11 via manual from IT — Scanned from IT
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 11th 2022. Valid for: a year.
This is the only time restrizionicomunicazione.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Raiffeisen Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 13 | 198.54.116.135 198.54.116.135 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
12 | 1 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com
restrizionicomunicazione.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
restrizionicomunicazione.com
1 redirects
restrizionicomunicazione.com |
204 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
13 | restrizionicomunicazione.com |
1 redirects
restrizionicomunicazione.com
|
12 | 1 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
restrizionicomunicazione.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-11 - 2023-08-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://restrizionicomunicazione.com/
Frame ID: 2C47BA1126D507BAF295AD7EFAF48D4E
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
LoginPage URL History Show full URLs
-
http://restrizionicomunicazione.com/
HTTP 301
https://restrizionicomunicazione.com/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: Login
Search URL Search Domain Scan URL
Title: Registrazione
Search URL Search Domain Scan URL
Title: Aiuto
Search URL Search Domain Scan URL
Title: Utente Interno
Search URL Search Domain Scan URL
Title: note sulla sicurezza
Search URL Search Domain Scan URL
Title: Dimenticato l'utente, cosa bisogna fare?
Search URL Search Domain Scan URL
Title: Nuova pagina di login, come accedere?
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Trasparenza
Search URL Search Domain Scan URL
Title: Raiffeisen Information Service SCRL
Search URL Search Domain Scan URL
Title: Raiffeisen Servizi Assicurativi
Search URL Search Domain Scan URL
Title: Konverto
Search URL Search Domain Scan URL
Title: Raiffeisen Notizie
Search URL Search Domain Scan URL
Title: Raiffeisen Magazine
Search URL Search Domain Scan URL
Title: Raiffeisen InvestmentClub
Search URL Search Domain Scan URL
Title: Raiffeisen Fondo Pensione Aperto
Search URL Search Domain Scan URL
Title: Raiffeisen Fondo Salute
Search URL Search Domain Scan URL
Title: Abitare in Alto Adige
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://restrizionicomunicazione.com/
HTTP 301
https://restrizionicomunicazione.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
restrizionicomunicazione.com/ Redirect Chain
|
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
restrizionicomunicazione.com/index_files/ |
118 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ie10-viewport-bug-workaround.css
restrizionicomunicazione.com/index_files/ |
433 B 442 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
raiffeisen.css
restrizionicomunicazione.com/index_files/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js.download
restrizionicomunicazione.com/index_files/ |
1 KB 1 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header_it.png
restrizionicomunicazione.com/index_files/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-v1.png
restrizionicomunicazione.com/index_files/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Attenzione.png
restrizionicomunicazione.com/index_files/ |
728 B 928 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launcher.png
restrizionicomunicazione.com/index_files/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js.download
restrizionicomunicazione.com/index_files/ |
95 KB 95 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js.download
restrizionicomunicazione.com/index_files/ |
36 KB 36 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ie10-viewport-bug-workaround.js.download
restrizionicomunicazione.com/index_files/ |
641 B 801 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Raiffeisen Bank (Banking)21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| detectIE function| fakePlaceholder function| get_cookie_language function| set_cookie function| changeLanguage function| getOsBrowser function| linkToDemoServer function| $ function| jQuery object| jQuery112408137612017019402 function| checkLoginButton undefined| counterBack function| startProgressbar1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
restrizionicomunicazione.com/ | Name: COOKIE_KEY Value: 166022507962 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
restrizionicomunicazione.com
198.54.116.135
17ec74c69eb8c08a5c82d7126fa307525806b2b9f06cda918c5f750428c40d40
1b273ecffd76fb2ce7a2d91494da4d01a50a3b8d3f01b7c16909b28cc265b2fe
1bafdab8b52b01321ef8f27b7d2c91c81b6061828a46077e5aa321e9094b3b18
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
aff47e2a1652d7814fcffb12e0a3ca3d95ef5e5e76f439a887db8b0ed41cdadc
b9bb985a3ac1db40d68d82cbf588fb77c09aa23fa5132914e3729bd011f86106
be6ce7c9b074a51357f3756330743372ca23794a0f800255a26ec39c510e5d5e
d577808103c000306bca98527c26362961c1dc7942b3531636badcee12f3f040
e1df7b52bea25c1b627cf0fd7da42e0c76d37136986da7cb23ca3074af20bb0c
f663fd5d5698e04a8e56de60c13c54abcb6943adcb21c3d5e80866d0eda0604d
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c