![](/screenshots/750fe420-3558-46b3-9c03-51686acc6a23.png)
cavendishgroup.co.uk
Open in
urlscan Pro
104.37.183.1
Malicious Activity!
Public Scan
Effective URL: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/
Submission: On March 04 via manual from DE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on January 27th 2020. Valid for: 3 months.
This is the only time cavendishgroup.co.uk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banca Sella (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 209.88.90.11 209.88.90.11 | 37204 (TELONE) (TELONE) | |
13 | 104.37.183.1 104.37.183.1 | 23393 (NUCDN) (NUCDN) | |
13 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
cavendishgroup.co.uk
cavendishgroup.co.uk |
77 KB |
1 |
mines.gov.zw
1 redirects
www.mines.gov.zw |
317 B |
13 | 2 |
Domain | Requested by | |
---|---|---|
13 | cavendishgroup.co.uk |
cavendishgroup.co.uk
|
1 | www.mines.gov.zw | 1 redirects |
13 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cavendishgroup.co.uk Let's Encrypt Authority X3 |
2020-01-27 - 2020-04-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/
Frame ID: C29400AC3A2C43895895B200672A7A1E
Requests: 13 HTTP requests in this frame
Screenshot
![](/screenshots/750fe420-3558-46b3-9c03-51686acc6a23.png)
Page URL History Show full URLs
-
http://www.mines.gov.zw/sites/app/
HTTP 301
https://cavendishgroup.co.uk/app/MyApp/Soft-app/ Page URL
- https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.mines.gov.zw/sites/app/
HTTP 301
https://cavendishgroup.co.uk/app/MyApp/Soft-app/ Page URL
- https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.mines.gov.zw/sites/app/ HTTP 301
- https://cavendishgroup.co.uk/app/MyApp/Soft-app/
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
cavendishgroup.co.uk/app/MyApp/Soft-app/ Redirect Chain
|
61 B 348 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ |
16 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-oui.css
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ |
28 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
art.css
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Browser.css
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ |
3 KB 961 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BSEPAGAM.svg
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ |
3 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
language_it.svg
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ |
752 B 847 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_arrowhead_progressBar_finished.svg
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_arrowhead_progressBar_now.svg
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_arrowhead_progressBar_next.svg
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
space.gif
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ |
43 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_arrowhead_main.svg
cavendishgroup.co.uk/app/MyApp/images/ |
25 KB 25 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_arrowhead_back.svg
cavendishgroup.co.uk/app/MyApp/images/ |
25 KB 25 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banca Sella (Online)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cavendishgroup.co.uk
www.mines.gov.zw
104.37.183.1
209.88.90.11
0906538538374c933f0afe4429f0339292af66ce2e8934cf7cde4ec701bda24d
33654fff2b63b0920860cb456c8f09f74cabfd111d6488072c50c625a533bb46
377bbde16c41beb713154c2c290c5e4fad31dc9ecd5872ea863461143f1aa84b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55cc680096c147031170a3f5bc174ae7c721d8ec9c4a4495c1cff47ecd2fa9ab
72ff73ce57e732941a50dca7a5a73147ed36f13275c24fe8fb25493c4e663c85
78968380547ed62f00c1d115f573b73fd7c928bc3c418dbc2ea0934406edf912
80052e087c7689485037572a21818f76c1132d3f447b76e619a07bb6e77431d3
893899185a057e264b6b13635054edd3ae805c6abc2767a7ab79b361edc8f9c8
a03476acf4f2261bbfcde957a83c879ec54c92fe2439de9fc6298a7fadb53411
b7df3f607e2704502e16154beb52a35346a937ab5ccd276ccb288f0c5a7aad66
cd9d50c2ed2435774cb02b8f38f4292f40a3a54fb87a5a88b0819b6a1c1c6c32
df34d948e181eecbe4bd743c2b1f90a5bbbb8468c8d272f0f8c7abbe1b1ac361