acdetucuman.ar
Open in
urlscan Pro
104.21.85.21
Malicious Activity!
Public Scan
Effective URL: https://acdetucuman.ar/-/it/
Submission: On January 20 via manual from IT — Scanned from IT
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 15th 2024. Valid for: a year.
This is the only time acdetucuman.ar was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Mooney (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
16 | 104.21.85.21 104.21.85.21 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.250.185.74 142.250.185.74 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.185.138 142.250.185.138 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.126.37.138 104.126.37.138 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 142.250.181.228 142.250.181.228 | 15169 (GOOGLE) (GOOGLE) | |
4 | 142.250.185.163 142.250.185.163 | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.227.219.66 13.227.219.66 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 142.250.186.102 142.250.186.102 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.186.34 142.250.186.34 | 15169 (GOOGLE) (GOOGLE) | |
29 | 10 |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
ajax.googleapis.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-138.deploy.static.akamaitechnologies.com
www.mooney.it |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net
www.google.com |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
www.gstatic.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-66.ams54.r.cloudfront.net
vf.r3f.technology |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
9965807.fls.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
adservice.google.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
acdetucuman.ar
acdetucuman.ar |
228 KB |
4 |
gstatic.com
www.gstatic.com |
|
3 |
google.com
www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 98 |
55 KB |
2 |
doubleclick.net
1 redirects
9965807.fls.doubleclick.net — Cisco Umbrella Rank: 150230 |
1 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369 |
35 KB |
1 |
r3f.technology
vf.r3f.technology — Cisco Umbrella Rank: 140349 |
1 KB |
1 |
mooney.it
www.mooney.it |
|
1 |
cinellu-pavimenti.it
1 redirects
cinellu-pavimenti.it |
565 B |
29 | 8 |
Domain | Requested by | |
---|---|---|
16 | acdetucuman.ar |
acdetucuman.ar
|
4 | www.gstatic.com |
www.google.com
|
2 | 9965807.fls.doubleclick.net |
1 redirects
vf.r3f.technology
|
2 | www.google.com |
acdetucuman.ar
|
1 | adservice.google.com |
9965807.fls.doubleclick.net
|
1 | vf.r3f.technology |
acdetucuman.ar
|
1 | www.mooney.it |
acdetucuman.ar
|
1 | ajax.googleapis.com |
acdetucuman.ar
|
1 | fonts.googleapis.com |
acdetucuman.ar
|
1 | cinellu-pavimenti.it | 1 redirects |
29 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
acdetucuman.ar Cloudflare Inc ECC CA-3 |
2024-01-15 - 2024-12-31 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
*.mooney.it DigiCert TLS RSA SHA256 2020 CA1 |
2023-10-06 - 2024-10-05 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
*.r3f.technology Amazon RSA 2048 M01 |
2023-02-27 - 2024-03-26 |
a year | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://acdetucuman.ar/-/it/
Frame ID: 6450B78CA5A6EA2E1C8AA2E6523AF976
Requests: 20 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcaMfIcAAAAAIlRBtF27zhGV1ETLRrsE-jfWUoA&co=aHR0cHM6Ly93d3cubW9vbmV5Lml0OjQ0Mw..&hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=mhwrr3rrs1si
Frame ID: 5097072B399254D9163095A34F13C385
Requests: 3 HTTP requests in this frame
Frame:
https://vf.r3f.technology/vf/sync/tags/360?_rnd=0.5197239169524861
Frame ID: 7DC3852169CDAACF9D5AB8FE67B62DF5
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcaMfIcAAAAAIlRBtF27zhGV1ETLRrsE-jfWUoA&co=aHR0cDovL2xvY2FsaG9zdDo4MA..&hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=zbe9rmk541p7
Frame ID: 6498DF71EB78045721C2E22A9BCA7157
Requests: 3 HTTP requests in this frame
Frame:
https://9965807.fls.doubleclick.net/activityi;dc_pre=CJ-7zdyk7IMDFUroGAIdS6YMdQ;src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3705426134524.6074
Frame ID: 3CAAD005614A639F05B0FF8B5D4606A5
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CJ-7zdyk7IMDFUroGAIdS6YMdQ;src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3705426134524.6074;~oref=https://vf.r3f.technology/
Frame ID: 20A492666CB193CB55DC7FF11D251A7D
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Mooney: pagamenti digitali, carte prepagate e ricarichePage URL History Show full URLs
-
https://cinellu-pavimenti.it/img/my/
HTTP 302
https://acdetucuman.ar/-/it/ Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Norme sulla Privacy
Search URL Search Domain Scan URL
Title: Termini di Servizio
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://cinellu-pavimenti.it/img/my/
HTTP 302
https://acdetucuman.ar/-/it/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- https://9965807.fls.doubleclick.net/activityi;src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3705426134524.6074 HTTP 302
- https://9965807.fls.doubleclick.net/activityi;dc_pre=CJ-7zdyk7IMDFUroGAIdS6YMdQ;src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3705426134524.6074
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
acdetucuman.ar/-/it/ Redirect Chain
|
1 MB 111 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 1016 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hexor.css
acdetucuman.ar/-/it/online/static/css/ |
22 B 343 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.5c7391ec.css
acdetucuman.ar/-/it/online/static/css/ |
96 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6997.5ced27b7.chunk.css
acdetucuman.ar/-/it/online/static/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6605.d44505ed.chunk.css
acdetucuman.ar/-/it/online/static/css/ |
2 KB 919 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6652.e40499ab.chunk.css
acdetucuman.ar/-/it/online/static/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7920.7311176f.chunk.css
acdetucuman.ar/-/it/online/static/css/ |
1 KB 767 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7d4b4983
www.mooney.it/akam/13/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-mooney.1330f350147445f5103b36dac80a6726.svg
acdetucuman.ar/-/it/online/static/media/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
acdetucuman.ar/-/it/online/static/media/ |
78 KB 79 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chatbot.svg
acdetucuman.ar/-/it/online/static/media/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scrollButton.372d5008fb0996706305047d7e23d56d.svg
acdetucuman.ar/-/it/online/static/media/ |
1012 B 687 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l1fcgMB
acdetucuman.ar/4Yi8jKIzxAPQ/5D/skjFK6tPQF/maXaJr2w3m3u/IllgMkk7BQ/YCQNR/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gotham-Book_Web.7fa96aa06775160ee646.woff2
acdetucuman.ar/online/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gotham-Medium_Web.1ddab6f832b5d19ddd8f.woff2
acdetucuman.ar/online/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gotham-Bold_Web.d23d96aefe768329255e.woff2
acdetucuman.ar/online/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.svg
acdetucuman.ar/-/it/online/static/media/ |
41 KB 13 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 5097 |
44 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 5097 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 5097 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Icona_bandagialla_6b15670097.png
www.mooney.it/cms/uploads/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
360
vf.r3f.technology/vf/sync/tags/ Frame 7DC3 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 6498 |
43 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ Frame 6498 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ Frame 6498 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CJ-7zdyk7IMDFUroGAIdS6YMdQ;src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D...
9965807.fls.doubleclick.net/ Frame 3CAA Redirect Chain
|
558 B 475 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
adservice.google.com/ddm/fls/i/dc_pre=CJ-7zdyk7IMDFUroGAIdS6YMdQ;src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%... Frame 20A4 |
194 B 440 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.mooney.it
- URL
- https://www.mooney.it/cms/uploads/Icona_bandagialla_6b15670097.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Mooney (Banking)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| $ function| jQuery string| bazadebezolkohpepadr function| returnCommentSymbol number| savedChPos string| returnedSuggestion boolean| suggestionsStatus string| docLang boolean| suggestionDisplayed boolean| isReturningSuggestion function| acceptTab function| acceptSuggestion function| displayGrey function| updateSuggestionStatus function| formatCode function| insert2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
cinellu-pavimenti.it/ | Name: PHPSESSID Value: 29da39400e128e961eda4bf84c91dd9d |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
9965807.fls.doubleclick.net
acdetucuman.ar
adservice.google.com
ajax.googleapis.com
cinellu-pavimenti.it
fonts.googleapis.com
vf.r3f.technology
www.google.com
www.gstatic.com
www.mooney.it
www.mooney.it
104.126.37.138
104.21.85.21
13.227.219.66
142.250.181.228
142.250.185.138
142.250.185.163
142.250.185.74
142.250.186.102
142.250.186.34
188.114.96.3
0152d582aea6fa64bb59344afa3c201c7ce6f9b35e7cec344c563372c96920df
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0f49babcca9043162829e5d7608c3257c664a0703176a987d927e01c23b384ba
2acfd81b5ab163772c03cd0373fc0d27b575fea95a2b822ff6daef341cec5627
49616c860ff4ad5bed99b66a2b1295e7ef5213d5d5cf76ad2560d2f1daa06635
4fcc513b06e45151361a8cb33ebb25190e0e9b856baff5695e990ca7ef0c4068
5069db4b51cf82b9e55291450042af9d92b07c38d7f1916fb72e6d9af4a5d776
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
adc1e14040795364708e14493e84f13ae66cd548787c74d76598a0337e5701e8
af39e03d49f710d2214307b099bb009dd0f02ff0903b323bcc745a33c9b97320
b459618345707f77daa135e9335dad32f7b156a61b8e6d04d4c2bfa51c0fd8d6
b9fb969fd5732dc7ea1ff1e4ecee6275084807905e9786b112939869c66b6abd
c7220ba5e59b395d54f109a2946e75f0a6c3be197e0a7f5674498b83884a487b
d8d2bfec518f0151c52b4960d218c899ce73cf5362914e456acfb35bbf183aa4
e228f2c86a7fc67be196d6f2267552d6323879cfae14fd089488accacbb4aadf
eec41bc5eec1174ecc30aa31f74e1ffe11a59a161ee1e68acfd92e69024a8b24
f11ca59ba317f35acc5ab591c1e23c2ea36b88108ebbe42a50111e39b69ae74a
f81c3a121fbe553815a50efcf020581b66318e0be51359bcd85e53331ba8ed26
f98def90793be9f6ecc7fab1fe10d87dc9a546981467acc3a4fff71876e74579