seleziona-filiale.from-wi.com
Open in
urlscan Pro
207.180.231.184
Malicious Activity!
Public Scan
Submission: On October 22 via manual from IT
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on October 15th 2020. Valid for: 3 months.
This is the only time seleziona-filiale.from-wi.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Poste Italiane (Online) BNP Paribas (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 207.180.231.184 207.180.231.184 | 51167 (CONTABO) (CONTABO) | |
1 | 62.241.12.21 62.241.12.21 | 15720 (Viale Europa) (Viale Europa) | |
1 | 193.203.234.203 193.203.234.203 | 20942 (ISP-ASN2) (ISP-ASN2) | |
1 | 2a02:26f0:170... 2a02:26f0:1700:1ad::4445 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 151.101.112.133 151.101.112.133 | 54113 (FASTLY) (FASTLY) | |
1 | 2a02:26f0:170... 2a02:26f0:1700:1a4::2a52 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
6 | 6 |
ASN51167 (CONTABO, DE)
PTR: vmi461014.contaboserver.net
seleziona-filiale.from-wi.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
bnpparibas.com
cdn-pays.bnpparibas.com |
19 KB |
1 |
githubusercontent.com
avatars1.githubusercontent.com |
13 KB |
1 |
bnl.it
bnl.it |
34 KB |
1 |
intesasanpaolo.com
group.intesasanpaolo.com |
7 KB |
1 |
poste.it
www.poste.it |
6 KB |
1 |
from-wi.com
seleziona-filiale.from-wi.com |
757 B |
6 | 6 |
Domain | Requested by | |
---|---|---|
1 | cdn-pays.bnpparibas.com |
seleziona-filiale.from-wi.com
|
1 | avatars1.githubusercontent.com |
seleziona-filiale.from-wi.com
|
1 | bnl.it |
seleziona-filiale.from-wi.com
|
1 | group.intesasanpaolo.com |
seleziona-filiale.from-wi.com
|
1 | www.poste.it |
seleziona-filiale.from-wi.com
|
1 | seleziona-filiale.from-wi.com | |
6 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
profilo-privato-cli.gets-it.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
seleziona-filiale.from-wi.com ZeroSSL RSA Domain Secure Site CA |
2020-10-15 - 2021-01-13 |
3 months | crt.sh |
www.poste.it GlobalSign Extended Validation CA - SHA256 - G3 |
2020-03-04 - 2021-03-05 |
a year | crt.sh |
www.group.intesasanpaolo.com Intesa Sanpaolo Organization Validation CA |
2020-07-03 - 2021-07-03 |
a year | crt.sh |
bnl01.bnpparibas.com DigiCert ECC Extended Validation Server CA |
2020-03-06 - 2021-10-23 |
2 years | crt.sh |
www.github.com DigiCert SHA2 High Assurance Server CA |
2020-05-06 - 2022-04-14 |
2 years | crt.sh |
bnp03s.bnpparibas.com DigiCert Secure Site ECC CA-1 |
2020-10-13 - 2021-08-19 |
10 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://seleziona-filiale.from-wi.com/sel/
Frame ID: 83D33F606B608B57C6B583FB97A249B9
Requests: 6 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
seleziona-filiale.from-wi.com/sel/ |
1 KB 757 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-poste-italiane.png
www.poste.it/risorse_dt/condivise/immagini/loghi/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.jpg
group.intesasanpaolo.com/content/dam/portalgroup/nuove-immagini/chi-siamo/09-Storia_Logo-Intesa-SanPaolo.jpg.transform/resize-425/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnl-logo.png
bnl.it/images/bnl/homepage-language/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
34343708
avatars1.githubusercontent.com/u/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-default.png
cdn-pays.bnpparibas.com/wp-content/themes/bnpparibasworld/assets/img/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Poste Italiane (Online) BNP Paribas (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
avatars1.githubusercontent.com
bnl.it
cdn-pays.bnpparibas.com
group.intesasanpaolo.com
seleziona-filiale.from-wi.com
www.poste.it
151.101.112.133
193.203.234.203
207.180.231.184
2a02:26f0:1700:1a4::2a52
2a02:26f0:1700:1ad::4445
62.241.12.21
166b1ccb97039394516e141b551229e667811cc75e7090e804c6ca20df96c4e3
37faf4fac9de99c2198064be4dbb77d407cd9c02c9e8838b05bc2c1092a5e07a
4b76e5a6a06f430c4c3c7a801632cf646f4fac8bbe919ff14938396abb08ae0f
ca7e077aacc81410ac1a627be8c30aeae00328fccd505ecfeb88396e40c96881
e50c4204469f6a59549d785c3da3b0f196edde016dd59fe968785b9f826593bc
fc38f2e0682c74f78a047155dd6023a71f3bc3ab187948f4863436626a38174d