185.198.117.126
Open in
urlscan Pro
185.198.117.126
Malicious Activity!
Public Scan
Effective URL: https://185.198.117.126/it
Submission: On February 10 via api from BY — Scanned from IT
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on August 4th 2023. Valid for: a year.
This is the only time 185.198.117.126 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nexi (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 23 | 185.198.117.126 185.198.117.126 | 35051 (NEXI-AS) (NEXI-AS) | |
1 | 151.101.64.114 151.101.64.114 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:811::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:82a::2004 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2600:9000:225... 2600:9000:2251:3a00:5:b7cc:d3c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700:10:... 2606:4700:10::ac43:b9b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2a00:1450:400... 2a00:1450:4001:80f::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.51.248.234 52.51.248.234 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::2003 | 15169 (GOOGLE) (GOOGLE) | |
5 | 54.86.11.143 54.86.11.143 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2002 | 15169 (GOOGLE) (GOOGLE) | |
43 | 14 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
sdk.privacy-center.org |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-248-234.eu-west-1.compute.amazonaws.com
apps.mypurecloud.ie |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-11-143.compute-1.amazonaws.com
apps.mypurecloud.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
mypurecloud.com
apps.mypurecloud.com — Cisco Umbrella Rank: 9622 |
189 KB |
5 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
434 KB |
2 |
privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4363 |
89 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
3 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
210 KB |
1 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 |
455 B |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2173 |
254 B |
1 |
mypurecloud.ie
apps.mypurecloud.ie — Cisco Umbrella Rank: 82096 |
7 KB |
1 |
acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 3852 |
90 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 366 |
31 KB |
1 |
evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 3689 |
42 KB |
43 | 11 |
Domain | Requested by | |
---|---|---|
5 | apps.mypurecloud.com |
apps.mypurecloud.ie
|
4 | www.gstatic.com |
www.google.com
www.gstatic.com |
2 | sdk.privacy-center.org |
185.198.117.126
sdk.privacy-center.org |
2 | www.google.com |
185.198.117.126
www.gstatic.com |
2 | www.googletagmanager.com |
185.198.117.126
www.googletagmanager.com |
1 | pagead2.googlesyndication.com |
www.googletagmanager.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | fonts.gstatic.com |
www.google.com
|
1 | apps.mypurecloud.ie |
185.198.117.126
|
1 | acsbapp.com |
185.198.117.126
|
1 | ajax.googleapis.com |
185.198.117.126
|
1 | cdn.evgnet.com |
185.198.117.126
|
43 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
ecommerce.nexi.it |
www.nexi.it |
it-it.facebook.com |
www.youtube.com |
twitter.com |
it.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.nexi.it GlobalSign RSA OV SSL CA 2018 |
2023-08-04 - 2024-08-21 |
a year | crt.sh |
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-06 - 2024-03-04 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.privacy-center.org Amazon RSA 2048 M02 |
2023-03-25 - 2024-04-22 |
a year | crt.sh |
acsbapp.com GTS CA 1P5 |
2023-12-26 - 2024-03-25 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
mypurecloud.ie Amazon RSA 2048 M01 |
2023-08-20 - 2024-09-16 |
a year | crt.sh |
mypurecloud.com Amazon RSA 2048 M03 |
2023-08-19 - 2024-09-15 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://185.198.117.126/it
Frame ID: FF9443C01E6987CBE29F0DB95CF76CA0
Requests: 39 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=it&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=f6eixvqhlhq2
Frame ID: F5BF63496AE15DAEB7E242F885F3BEFC
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Nexi, l’innovazione dei pagamenti digitali in ItaliaPage URL History Show full URLs
-
http://185.198.117.126/
HTTP 301
https://185.198.117.126/ HTTP 302
https://185.198.117.126/it Page URL
Detected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- /etc\.clientlibs/
Didomi (Cookie compliance) Expand
Detected patterns
- sdk\.privacy-center\.org/.*/loader\.js
Genesys Cloud (Marketing automation) Expand
Detected patterns
- apps\.mypurecloud\.\w+/widgets/([\d.]+)
- apps\.mypurecloud\.\w+
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: Scopri di più
Search URL Search Domain Scan URL
Title: acquista
Search URL Search Domain Scan URL
Title: attiva xpay easy
Search URL Search Domain Scan URL
Title: acquista
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://185.198.117.126/
HTTP 301
https://185.198.117.126/ HTTP 302
https://185.198.117.126/it Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
43 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
it
185.198.117.126/ Redirect Chain
|
133 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
evergage.min.js
cdn.evgnet.com/beacon/nexipayments/engage/scripts/ |
144 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-site.css
185.198.117.126/etc.clientlibs/nexinew/clientlibs/ |
286 KB 79 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-chatbot.css
185.198.117.126/etc.clientlibs/nexinew/clientlibs/ |
147 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nexi-logo-white.svg
185.198.117.126/content/dam/nexinew/icone/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nexi-logo-dark.svg
185.198.117.126/content/dam/nexinew/icone/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
412 KB 119 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hero-homepage-XPayEasy-new-d.webp
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ |
110 KB 111 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hero-homepage-smartPOS-MP-d.webp
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ |
77 KB 78 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hero-homepage-softPOS-d.webp
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ |
124 KB 125 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-help.svg
185.198.117.126/content/dam/nexinew/icone/ |
9 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-site.js
185.198.117.126/etc.clientlibs/nexinew/clientlibs/ |
839 KB 841 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
185.198.117.126/g78f9/in/dce15b9dafd272dd100ebb35c1e1c6b8/2/ |
0 829 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
64 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
acsbapp.com/apps/app/dist/js/ |
297 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KarbonAppMedium.woff2
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ |
39 KB 40 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nexinew.ttf
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/nexinew/ |
21 KB 22 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KarbonApp.woff2
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ |
40 KB 41 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KarbonAppSemibold.woff2
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ |
39 KB 40 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__it.js
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ |
491 KB 197 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.e3e7ce89cf2fb797c42d1d1f851022dda69413d8.js
sdk.privacy-center.org/sdk/e3e7ce89cf2fb797c42d1d1f851022dda69413d8/modern/ |
342 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
270 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame F5BF |
7 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame F5BF |
55 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__it.js
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame F5BF |
491 KB 196 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cxbus.min.js
apps.mypurecloud.ie/widgets/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
it.help.json
185.198.117.126/content/nexinew/ |
2 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
box-homepage-smartPOS-t.jpg
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ |
38 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
box_hp_glossy.webp
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ |
10 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
box-micropagamenti-homepage-t.jpg
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ |
115 KB 117 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F5BF |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F5BF |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chat.conf.js
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot/resources/ |
6 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widgets-core.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ |
374 KB 113 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
landing
pagead2.googlesyndication.com/pagead/ |
42 B 455 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets-it.i18n.json
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot/resources/ |
21 KB 22 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webchat.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ |
120 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
richmediabridge.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ |
77 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webchatservice.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ |
649 B 1013 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webchatservicelegacy.mod.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ |
63 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nexi (Banking)72 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| dataLayer object| nexinew object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| eventLinkId object| evgr function| sendMessageToEvergageLauncher number| evergageBeaconParseTimeStart object| SalesforceInteractions number| evergageBeaconParseTimeEnd function| render function| $ function| jQuery boolean| gdprAppliesGlobally object| chatUtilities object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| didomiCountry string| didomiRegion object| didomiGeoRegulations object| didomiEventListeners object| didomiOnReady object| nodeList function| onYouTubeIframeAPIReady object| webpackChunkaccess_widget object| pure_JSON object| pure_CSS function| pure_URL function| pure_fetch function| pure_Set function| pure_Map object| AJS object| acsbJS object| AccessiBe object| acsb object| accessWidget object| webpackChunkDidomi object| Didomi function| __tcfapi object| DidomiSanitizing object| didomiState object| recaptcha object| closure_lm_141378 object| regeneratorRuntime object| picturefillCFG function| picturefill function| clearImmediate function| setImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| thePicker object| deviceBreakpoints function| webpackHotUpdate object| CXBus object| _genesys object| _gt object| gaGlobal function| widgetsJsonpFunction function| pure_addEventListener function| pure_removeEventListener5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
185.198.117.126/ | Name: TS0168694d Value: 01d37309fc48ef694881b4ea52a1326cd54ba564c869e6faf25b259e1daf78d23500b92b35e9d899abb1f5f3f0d477649b3771b7ef |
|
185.198.117.126/ | Name: _sfid_f19e Value: {%22anonymousId%22:%2297d4a6552c8e22f8%22} |
|
185.198.117.126/ | Name: _evga_bdf8 Value: {%22uuid%22:%2297d4a6552c8e22f8%22} |
|
185.198.117.126/ | Name: _ga Value: GA1.1.1438434264.1707537910 |
|
185.198.117.126/ | Name: _ga_2EQBRC1CMY Value: GS1.1.1707537909.1.0.1707537911.0.0.0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acsbapp.com
ajax.googleapis.com
apps.mypurecloud.com
apps.mypurecloud.ie
cdn.evgnet.com
fonts.gstatic.com
pagead2.googlesyndication.com
region1.google-analytics.com
sdk.privacy-center.org
www.google.com
www.googletagmanager.com
www.gstatic.com
151.101.64.114
185.198.117.126
2001:4860:4802:32::36
2600:9000:2251:3a00:5:b7cc:d3c0:93a1
2606:4700:10::ac43:b9b
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
52.51.248.234
54.86.11.143
00c92827f3c8ea120c3458bf77302e3163d3d2b2592af2de8e646594a1d2d14a
150fd1546211f131573249933ccba2a53c936ef81e73aabffbc01e7d92ff38b1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d8e59eee7e5802676f18a54841c174f8c1ed5ae94d5d522c221e7364c065897
277d580f0cd80ebd1c02fd14e1112aee45d6c3f1deb38dbfd0e8bef970f56c2f
2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337
3144b710d0730bdf9ab50eefcf6b10e1f01e508c64fc7fcf00dc5ab10cd12bc2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b
4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08
525ffea0234afc7e31ca14912e889ef7d13a4c2b741db7e737a1244bbd9c0b73
53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323
549b311eefd2b2b223406c9dc24bb05bbef70069a9e37e2de12dfb0900bb7d8b
681834065104f982c30d1423fdf02c1a084fa738c48d1eba546b7f9f40630597
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7868fcedcf56c4b7b929da3bb3738c2476aaa349498103b7ac308c3724f2efb8
7e4bd1bfb0e844f06b8dd49f472969dc4d52987a747493f44055170ecd4218aa
82e7bfb3324083cdd6eb00e57daf5476a8df6e67f00769d4298232cdef598c9e
83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda
86c7f7cec2aad8e305dcf57def1edef4fb53829c04ec098562ec010b189994d6
87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9
96f9d4c21570a8d3a0653888fa5672bc7bda8765cb91297cce3655637ac7abdd
98366494099531830eeb14c92bc8ac1c439dd4fcdeb4d29d037c3711a52e7b65
9f0f857a31f056484b7a7a6486f84a2b8bc7fd551e825e968d2527f1bd28677c
a279c1dd76488b2d880ddf93ee71bf430afc1b737faf66bd092e7dbc57e2e03c
a82b5532e47a5ee41f5300a9870e0c058c76bdd98a7c343d3c307a5afb60a47d
ab87a73113c2e5c71a723edd0af7e1a42f8e05a888f7f333c248f5b587075233
b16d7014a313258b9097e2413e5e5ffc9cb8369b266d1861c35ff3c8a6d08a3c
b1d3cc8c6f4fe05539093356807b5b210b1c5fe33af5e2b14bb6c3eaaa8e505a
bf703935cea0dfddb6566e1928d29b5bbcb4a396f47147e65b5d536535e10d36
c52f0da6b43677aa6cfa23782d214af14e0d854972a321b610a5d783ad7804d1
c6effbed30ae0b7219fd6e4a1b6a55755673ef6ee43ce88ad8c9154e51418c41
c961ee1957a985227f4b0d79e53ea20f39081a340c14d8f25d25f37619d7c87f
d05b19db324ae8ce48fdda064c33ba463f3bcdd20117552b4e9a019e89fdd63d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea147e60bf34df7de032a09ea45e161df087ea3c265931880a3cb7d3025f2f03
ec38a7e65969ef0b1b4e200c9da6432906fd95aca5813ad64b71c0ade5c97eea
ee7ec12edfe6e8890809d003fa214bbbf2b1d2ef7f6b6126936d0dbb0b56cd8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f088650e838facc2134a418e8b0a1f1e4ec30a593ab24c56d91a7281ff7df1c4
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fba15097c263db75abe48e8a19dd939fefca68d0f4c248e6d0bc9c1f420924ce