![](/screenshots/a0db229e-a529-4f17-b037-a4bb4303de0c.png)
psd2cert.one
Open in
urlscan Pro
2a02:2350:5:102:8073:8fc0:bf42:5cca
Malicious Activity!
Public Scan
Submission: On July 11 via automatic, source phishtank — Scanned from DK
Summary
TLS certificate: Issued by R3 on July 1st 2022. Valid for: 3 months.
This is the only time psd2cert.one was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banca Intesa Sanpaolo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 2a02:2350:5:1... 2a02:2350:5:102:8073:8fc0:bf42:5cca | 51468 (ONECOM) (ONECOM) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::200a | 15169 (GOOGLE) (GOOGLE) | |
11 | 193.203.234.216 193.203.234.216 | 20942 (ISP-ASN2) (ISP-ASN2) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00:281::4445 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2606:4700:310... 2606:4700:3108::ac42:285e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
24 | 6 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
intesasanpaolo.com
www.intesasanpaolo.com — Cisco Umbrella Rank: 321618 |
52 KB |
9 |
psd2cert.one
psd2cert.one |
137 KB |
1 |
gstatic.com
fonts.gstatic.com |
17 KB |
1 |
iconfinder.com
cdn0.iconfinder.com — Cisco Umbrella Rank: 84832 |
4 KB |
1 |
bnl.it
banking.bnl.it |
12 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71 |
1 KB |
24 | 6 |
Domain | Requested by | |
---|---|---|
11 | www.intesasanpaolo.com |
psd2cert.one
|
9 | psd2cert.one |
psd2cert.one
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdn0.iconfinder.com |
psd2cert.one
|
1 | banking.bnl.it |
psd2cert.one
|
1 | fonts.googleapis.com |
psd2cert.one
|
24 | 6 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.psd2cert.one R3 |
2022-07-01 - 2022-09-29 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
www.intesasanpaolo.com GlobalSign Extended Validation CA - SHA256 - G3 |
2022-03-06 - 2023-04-07 |
a year | crt.sh |
bnl01.bnpparibas.com DigiCert SHA2 Extended Validation Server CA |
2021-09-24 - 2022-09-23 |
a year | crt.sh |
*.iconfinder.com E1 |
2022-06-15 - 2022-09-13 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://psd2cert.one/bnl/
Frame ID: 663680BE678E50C8F99422B804673ED3
Requests: 24 HTTP requests in this frame
Screenshot
![](/screenshots/a0db229e-a529-4f17-b037-a4bb4303de0c.png)
Page Title
Sicurezza -BNLDetected technologies
Detected patterns
- /etc/designs/
![](/vendor/wappa/icons/Stimulus.png)
Detected patterns
- <[^>]+data-controller
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
21 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: DOVE TROVO IL NUMERO CLIENTE ?
Search URL Search Domain Scan URL
Title: DOVE TROVO IL PIN ?
Search URL Search Domain Scan URL
Title: Domande Frequenti
Search URL Search Domain Scan URL
Title: ABF
Search URL Search Domain Scan URL
Title: ACF
Search URL Search Domain Scan URL
Title: IVASS
Search URL Search Domain Scan URL
Title: ODR
Search URL Search Domain Scan URL
Title: CHI SIAMO
Search URL Search Domain Scan URL
Title: INVESTOR RELATIONS
Search URL Search Domain Scan URL
Title: GOVERNANCE
Search URL Search Domain Scan URL
Title: SOSTENIBILITÀ
Search URL Search Domain Scan URL
Title: SOCIALE
Search URL Search Domain Scan URL
Title: RESEARCH
Search URL Search Domain Scan URL
Title: NEWSROOM
Search URL Search Domain Scan URL
Title: CAREERS
Search URL Search Domain Scan URL
Title: SITO PRIVATE
Search URL Search Domain Scan URL
Title: COMPARACONTI
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Cookie policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
psd2cert.one/bnl/ |
91 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-all.css
psd2cert.one/bnl/files/ |
757 KB 96 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-smartbanner.css
psd2cert.one/bnl/files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ArchIbPublicStyle.css
psd2cert.one/bnl/files/ |
43 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flag_eng.png
www.intesasanpaolo.com/content/dam/vetrina/design/ico/ |
1 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnl_logo_transparent.png
banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-parla-con-noi.png
www.intesasanpaolo.com/etc/designs/vetrina/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Error-512.png
cdn0.iconfinder.com/data/icons/shift-free/32/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrows.png
www.intesasanpaolo.com/content/dam/vetrina/design/ico/ |
528 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
acc-hide.png
www.intesasanpaolo.com/etc/designs/vetrina/images/ |
1 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
acc-show.png
www.intesasanpaolo.com/etc/designs/vetrina/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
acc-hide-mobile.png
www.intesasanpaolo.com/etc/designs/vetrina/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
acc-show-mobile.png
www.intesasanpaolo.com/etc/designs/vetrina/images/ |
2 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trasparenza.png
www.intesasanpaolo.com/content/dam/vetrina/design/loghi/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_compara_conti.png
www.intesasanpaolo.com/content/dam/vetrina/design/loghi/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-footer.png
www.intesasanpaolo.com/content/dam/vetrina/design/loghi/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
close-cookie.png
www.intesasanpaolo.com/etc/designs/vetrina/images/ |
313 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_app.js
psd2cert.one/ib/public/login/js/arch/services/1.0.0/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_app.js
psd2cert.one/ib/public/vetrina/arch/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_app.js
psd2cert.one/ib/public/guestarea/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ |
16 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprites.png
psd2cert.one/bnl/files/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkfooter-active.png
psd2cert.one/bnl/files/clientlib-site/css/images/ |
196 B 196 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banca Intesa Sanpaolo (Banking)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| url undefined| message string| currentApp string| currentEnv0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
banking.bnl.it
cdn0.iconfinder.com
fonts.googleapis.com
fonts.gstatic.com
psd2cert.one
www.intesasanpaolo.com
193.203.234.216
2606:4700:3108::ac42:285e
2a00:1450:4001:80f::200a
2a00:1450:4001:82a::2003
2a02:2350:5:102:8073:8fc0:bf42:5cca
2a02:26f0:6c00:281::4445
09c850d89f41e9c808d6bd12871bcfc7e6f7d76cd1f7f959a5d79ffb800f8de2
0a9148f6e2717336ff367ab00ec1d5eaa172a0a6be1404dd324c28d77804c8cf
10ca81e1589cc3b4b1d18a25ee6acf121970effa02449deb4beb17a880af41fd
131b7831882f008a6762129052d5bd357d120e7fa610779bc8d9a09e7f5869c3
173f71531eaa3fefa888c0c92cfac551e7b27007029ab36a127e5f3232510b8a
1aec5219cdcd75f87dfe65e36a8d4b860ac03b5573e6c9a2739b119e5defe63e
1cf0effd6271f97b6c5564ed6dbfac16ab92c38feedcfc7eecd6c33fbce5efa5
3428070ba9de1802698ea29826428628eab543de85c20e50e076e1a316606790
354a16c92816350830076c1f625525d9460ff1269cb3b8766592540d5ad28ba8
366de85e50aa042f34ef304b5195d06a87dcc81107e0a5ac87d997d35d95b275
4f37e40f466d79806853f3758a33da54b5df0794d81a070973e9d5d1ae4636a3
55475f690303f28766cea7ae2214bca689adb1d19426a636ae5f812d30ed88aa
7621b7efdd066ad06e4ab99786b72c02f9d126e63bfa911cee193b1071fa1ccd
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
9e5f7acbc049c135bfae2d725aa23aeced8e05320aadf2629ca8fa11f5dafb14
ae3d9363f4fa0d03b76c14877276d6c10b8e2e98e7bfcfc5f96ddffef5215288
b110ce49bffb0222598f6961ea5601def38eed3ea38b14609330317735d8d11e
b9cf5ac56dd524668e1156759674215a9224dcaec961914e0e36c2c0efcb9bc0
d18dfca40d83a20a5bb0b627de61ae659248c1c39953b44e5cf5da7fed4f6685
f6980057249f4e1fc3dae211dba4e6fb2193e4f641a8e253f8513c323b7ec4ab