app-dati.com
Open in
urlscan Pro
192.64.117.66
Malicious Activity!
Public Scan
Submission: On April 27 via manual from AT
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 20th 2021. Valid for: a year.
This is the only time app-dati.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Unicredit (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 9 | 192.64.117.66 192.64.117.66 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
8 | 2 |
ASN22612 (NAMECHEAP-NET, US)
PTR: business133-1.web-hosting.com
app-dati.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
app-dati.com
1 redirects
app-dati.com |
367 KB |
8 | 1 |
Domain | Requested by | |
---|---|---|
9 | app-dati.com |
1 redirects
app-dati.com
|
8 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
online.unicreditcorporate.it |
www.unicredit.it |
www.unicreditgroup.eu |
Subject Issuer | Validity | Valid | |
---|---|---|---|
app-dati.com Sectigo RSA Domain Validation Secure Server CA |
2021-04-20 - 2022-04-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://app-dati.com/info/
Frame ID: 67502D74B45F1E35ABDF265FED276F28
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://app-dati.com/info
HTTP 301
https://app-dati.com/info/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Supporto
Search URL Search Domain Scan URL
Title: Servizio Clienti
Search URL Search Domain Scan URL
Title: Sicurezza UniCredit
Search URL Search Domain Scan URL
Title: clicca qui.
Search URL Search Domain Scan URL
Title: Dati Societari
Search URL Search Domain Scan URL
Title: Informativa Cookies
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://app-dati.com/info
HTTP 301
https://app-dati.com/info/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
app-dati.com/info/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
app-dati.com/info/files/ |
157 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.min.css
app-dati.com/info/files/ |
2 KB 920 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.min.css
app-dati.com/info/files/ |
27 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QGP-icon01.gif
app-dati.com/info/files/ |
64 B 367 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_site.png
app-dati.com/info/files/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footlogo.png
app-dati.com/info/files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.jpg
app-dati.com/info/files/ |
313 KB 314 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Unicredit (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app-dati.com
192.64.117.66
422b411841681bd62096dd81c265aa095ff1ef0d8ce8351e79f40b1fbfa86f27
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
7bdb73b1bd70403c529624bd931cb01fcec4f2c67dfd2f89d651fd41b2c59451
8803f76a61748912d85e9c014bfeec0cf52643c752c8d2a5beeed30505b797aa
b4cd1eac3907f8f6f01806353e0278df787557b2e108368f94fa5071d5d68f2f
bb8b45aeb63186e6a241dc3fb764a336aea75f560b7f5f4d806765abcc3badbe
d69cbc552cfe8de4931deb191dd349a881ff4448ed3251571e0bacd0257519b1
d942a159fb9f5b2c353ebeae4f4bdec4517ca5de7c29f8fe93a2a0e0a2ce955e
e78dc3a4608bed63b38b440dd6d95aed069aa4bdc7cef12da133368acf5eebec