psd2cert.one Open in urlscan Pro
2a02:2350:5:102:8073:8fc0:bf42:5cca  Malicious Activity! Public Scan

21 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response psd2cert.one/bnl/	91 KB 13 KB	212ms 100ms	Document text/html	2a02:2350:5:102:8073:8fc0:bf42:5cca ONECOM
General Check archive.org Show headers Download Go to Full URL https://psd2cert.one/bnl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:2350:5:102:8073:8fc0:bf42:5cca , Denmark, ASN51468 (ONECOM, DK), Reverse DNS Software Apache / Resource Hash 1cf0effd6271f97b6c5564ed6dbfac16ab92c38feedcfc7eecd6c33fbce5efa5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language da-DK,da;q=0.9 Response headers accept-ranges bytes age 2455 content-encoding gzip content-length 13532 content-type text/html date Mon, 11 Jul 2022 07:33:29 GMT etag "16bee-5e2bb4cba1742-gzip" last-modified Fri, 01 Jul 2022 09:49:17 GMT server Apache vary Accept-Encoding via 1.1 varnish (Varnish/7.1) x-varnish 797320564 775201522
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	229ms 76ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 55475f690303f28766cea7ae2214bca689adb1d19426a636ae5f812d30ed88aa Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 11 Jul 2022 06:59:04 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 11 Jul 2022 08:14:24 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Jul 2022 08:14:24 GMT
GET H2	200	clientlib-all.css psd2cert.one/bnl/files/	757 KB 96 KB	56ms 54ms	Stylesheet text/css	2a02:2350:5:102:8073:8fc0:bf42:5cca ONECOM
General Check archive.org Show headers Download Go to Full URL https://psd2cert.one/bnl/files/clientlib-all.css Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:2350:5:102:8073:8fc0:bf42:5cca , Denmark, ASN51468 (ONECOM, DK), Reverse DNS Software Apache / Resource Hash b110ce49bffb0222598f6961ea5601def38eed3ea38b14609330317735d8d11e Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/bnl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:34:35 GMT content-encoding gzip last-modified Fri, 01 Jul 2022 09:49:42 GMT server Apache age 2389 etag "bd505-5e2bb4e3bdd31-gzip" vary Accept-Encoding x-varnish 797320565 781983899 via 1.1 varnish (Varnish/7.1) accept-ranges bytes content-type text/css content-length 97621
GET H2	200	clientlib-smartbanner.css psd2cert.one/bnl/files/	3 KB 1 KB	171ms 169ms	Stylesheet text/css	2a02:2350:5:102:8073:8fc0:bf42:5cca ONECOM
General Check archive.org Show headers Download Go to Full URL https://psd2cert.one/bnl/files/clientlib-smartbanner.css Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:2350:5:102:8073:8fc0:bf42:5cca , Denmark, ASN51468 (ONECOM, DK), Reverse DNS Software Apache / Resource Hash ae3d9363f4fa0d03b76c14877276d6c10b8e2e98e7bfcfc5f96ddffef5215288 Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/bnl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:34:35 GMT content-encoding gzip last-modified Fri, 01 Jul 2022 09:49:45 GMT server Apache age 2389 etag "c8b-5e2bb4e5ef555-gzip" vary Accept-Encoding content-type text/css via 1.1 varnish (Varnish/7.1) x-varnish 797320566 805375718 accept-ranges bytes content-length 1084
GET H2	200	ArchIbPublicStyle.css psd2cert.one/bnl/files/	43 KB 17 KB	176ms 175ms	Stylesheet text/css	2a02:2350:5:102:8073:8fc0:bf42:5cca ONECOM
General Check archive.org Show headers Download Go to Full URL https://psd2cert.one/bnl/files/ArchIbPublicStyle.css Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:2350:5:102:8073:8fc0:bf42:5cca , Denmark, ASN51468 (ONECOM, DK), Reverse DNS Software Apache / Resource Hash 131b7831882f008a6762129052d5bd357d120e7fa610779bc8d9a09e7f5869c3 Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/bnl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:34:35 GMT content-encoding gzip last-modified Fri, 01 Jul 2022 09:49:28 GMT server Apache age 2389 etag "ab28-5e2bb4d663985-gzip" vary Accept-Encoding content-type text/css via 1.1 varnish (Varnish/7.1) x-varnish 797320567 823690418 accept-ranges bytes content-length 17011
GET H/1.1	200 OK	flag_eng.png www.intesasanpaolo.com/content/dam/vetrina/design/ico/	1 KB 3 KB	473ms 92ms	Image image/png	193.203.234.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/content/dam/vetrina/design/ico/flag_eng.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.203.234.216 Milan, Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS Software / Resource Hash b9cf5ac56dd524668e1156759674215a9224dcaec961914e0e36c2c0efcb9bc0 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 08:14:25 GMT X-Frame-Options SAMEORIGIN ETag "5de" Strict-Transport-Security max-age=16070400; includeSubDomains Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png Access-Control-Max-Age 86400 Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 1502 Keep-Alive timeout=2, max=100 Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba
GET H/1.1	200 OK	bnl_logo_transparent.png banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/	11 KB 12 KB	313ms 87ms	Image image/png	2a02:26f0:6c00:281::4445 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/bnl_logo_transparent.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:281::4445 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 4f37e40f466d79806853f3758a33da54b5df0794d81a070973e9d5d1ae4636a3 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 08:14:25 GMT Vary Host,Accept-Encoding Last-Modified Thu, 24 Feb 2022 16:03:02 GMT x-frame-options SAMEORIGIN ETag "2d9a-5d8c5b77bbf09" Strict-Transport-Security max-age=15768000 p3p CP="NON CUR OTPi OUR NOR UNI" Connection keep-alive Accept-Ranges bytes Content-Type image/png Content-Length 11674
GET H/1.1	200 OK	ico-parla-con-noi.png www.intesasanpaolo.com/etc/designs/vetrina/images/	2 KB 3 KB	474ms 94ms	Image image/png	193.203.234.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/etc/designs/vetrina/images/ico-parla-con-noi.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.203.234.216 Milan, Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS Software / Resource Hash 9e5f7acbc049c135bfae2d725aa23aeced8e05320aadf2629ca8fa11f5dafb14 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 08:14:25 GMT X-Frame-Options SAMEORIGIN ETag "785" Strict-Transport-Security max-age=16070400; includeSubDomains Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png Access-Control-Max-Age 86400 Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 1925 Keep-Alive timeout=2, max=100 Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba
GET H2	200	Error-512.png cdn0.iconfinder.com/data/icons/shift-free/32/	4 KB 4 KB	175ms 71ms	Image image/webp	2606:4700:3108::ac42:285e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.iconfinder.com/data/icons/shift-free/32/Error-512.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:285e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d18dfca40d83a20a5bb0b627de61ae659248c1c39953b44e5cf5da7fed4f6685 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 08:14:25 GMT via 1.1 vegur x-content-type-options nosniff cf-cache-status HIT age 309701 cf-polished origFmt=png, origSize=12160 content-disposition inline; filename="Error-512.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3916 x-request-id cd6463dd-237b-4cf9-8180-cafd6575ffbd expires Tue, 11 Jul 2023 08:14:25 GMT last-modified Thu, 07 Jul 2022 17:33:57 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type image/webp access-control-allow-origin * vary Accept cache-control public, max-age=31536000 accept-ranges bytes cf-ray 729015de9f519b94-FRA cf-bgj imgq:100,h2pri
GET H/1.1	200 OK	arrows.png www.intesasanpaolo.com/content/dam/vetrina/design/ico/	528 B 2 KB	473ms 93ms	Image image/png	193.203.234.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/content/dam/vetrina/design/ico/arrows.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.203.234.216 Milan, Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS Software / Resource Hash 354a16c92816350830076c1f625525d9460ff1269cb3b8766592540d5ad28ba8 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 08:14:25 GMT X-Frame-Options SAMEORIGIN ETag "210" Strict-Transport-Security max-age=16070400; includeSubDomains Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png Access-Control-Max-Age 86400 Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 528 Keep-Alive timeout=2, max=100 Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba
GET H/1.1	200 OK	acc-hide.png www.intesasanpaolo.com/etc/designs/vetrina/images/	1 KB 3 KB	513ms 134ms	Image image/png	193.203.234.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/etc/designs/vetrina/images/acc-hide.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.203.234.216 Milan, Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS Software / Resource Hash 366de85e50aa042f34ef304b5195d06a87dcc81107e0a5ac87d997d35d95b275 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 08:14:25 GMT X-Frame-Options SAMEORIGIN ETag "557" Strict-Transport-Security max-age=16070400; includeSubDomains Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png Access-Control-Max-Age 86400 Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 1367 Keep-Alive timeout=2, max=100 Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba
GET H/1.1	200 OK	acc-show.png www.intesasanpaolo.com/etc/designs/vetrina/images/	1 KB 2 KB	480ms 101ms	Image image/png	193.203.234.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/etc/designs/vetrina/images/acc-show.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.203.234.216 Milan, Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS Software / Resource Hash 7621b7efdd066ad06e4ab99786b72c02f9d126e63bfa911cee193b1071fa1ccd Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 08:14:25 GMT X-Frame-Options SAMEORIGIN ETag "402" Strict-Transport-Security max-age=16070400; includeSubDomains Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png Access-Control-Max-Age 86400 Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 1026 Keep-Alive timeout=2, max=100 Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba
GET H/1.1	200 OK	acc-hide-mobile.png www.intesasanpaolo.com/etc/designs/vetrina/images/	3 KB 4 KB	516ms 137ms	Image image/png	193.203.234.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/etc/designs/vetrina/images/acc-hide-mobile.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.203.234.216 Milan, Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS Software / Resource Hash 173f71531eaa3fefa888c0c92cfac551e7b27007029ab36a127e5f3232510b8a Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 08:14:25 GMT X-Frame-Options SAMEORIGIN ETag "c8e" Strict-Transport-Security max-age=16070400; includeSubDomains Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png Access-Control-Max-Age 86400 Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 3214 Keep-Alive timeout=2, max=100 Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba
GET H/1.1	200 OK	acc-show-mobile.png www.intesasanpaolo.com/etc/designs/vetrina/images/	2 KB 4 KB	68ms 67ms	Image image/png	193.203.234.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/etc/designs/vetrina/images/acc-show-mobile.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.203.234.216 Milan, Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS Software / Resource Hash 1aec5219cdcd75f87dfe65e36a8d4b860ac03b5573e6c9a2739b119e5defe63e Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 08:14:25 GMT X-Frame-Options SAMEORIGIN ETag "9e9" Strict-Transport-Security max-age=16070400; includeSubDomains Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png Access-Control-Max-Age 86400 Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 2537 Keep-Alive timeout=2, max=100 Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba
GET H/1.1	200 OK	trasparenza.png www.intesasanpaolo.com/content/dam/vetrina/design/loghi/	5 KB 6 KB	65ms 65ms	Image image/png	193.203.234.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/content/dam/vetrina/design/loghi/trasparenza.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.203.234.216 Milan, Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS Software / Resource Hash 09c850d89f41e9c808d6bd12871bcfc7e6f7d76cd1f7f959a5d79ffb800f8de2 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 08:14:25 GMT X-Frame-Options SAMEORIGIN ETag "133f" Strict-Transport-Security max-age=16070400; includeSubDomains Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png Access-Control-Max-Age 86400 Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 4927 Keep-Alive timeout=2, max=100 Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba
GET H/1.1	200 OK	logo_compara_conti.png www.intesasanpaolo.com/content/dam/vetrina/design/loghi/	9 KB 10 KB	71ms 71ms	Image image/png	193.203.234.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/content/dam/vetrina/design/loghi/logo_compara_conti.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.203.234.216 Milan, Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS Software / Resource Hash f6980057249f4e1fc3dae211dba4e6fb2193e4f641a8e253f8513c323b7ec4ab Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 08:14:25 GMT X-Frame-Options SAMEORIGIN ETag "244f" Strict-Transport-Security max-age=16070400; includeSubDomains Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png Access-Control-Max-Age 86400 Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 9295 Keep-Alive timeout=2, max=100 Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba
GET H/1.1	200 OK	logo-footer.png www.intesasanpaolo.com/content/dam/vetrina/design/loghi/	11 KB 12 KB	70ms 69ms	Image image/png	193.203.234.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/content/dam/vetrina/design/loghi/logo-footer.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.203.234.216 Milan, Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS Software / Resource Hash 10ca81e1589cc3b4b1d18a25ee6acf121970effa02449deb4beb17a880af41fd Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 08:14:25 GMT X-Frame-Options SAMEORIGIN ETag "2c84" Strict-Transport-Security max-age=16070400; includeSubDomains Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png Access-Control-Max-Age 86400 Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 11396 Keep-Alive timeout=2, max=100 Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba
GET H/1.1	200 OK	close-cookie.png www.intesasanpaolo.com/etc/designs/vetrina/images/	313 B 2 KB	75ms 74ms	Image image/png	193.203.234.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/etc/designs/vetrina/images/close-cookie.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.203.234.216 Milan, Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS Software / Resource Hash 3428070ba9de1802698ea29826428628eab543de85c20e50e076e1a316606790 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 08:14:25 GMT X-Frame-Options SAMEORIGIN ETag "139" Strict-Transport-Security max-age=16070400; includeSubDomains Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png Access-Control-Max-Age 86400 Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 313 Keep-Alive timeout=2, max=100 Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba
GET H2	404	main_app.js psd2cert.one/ib/public/login/js/arch/services/1.0.0/	0 0	53ms 50ms	Script text/html	2a02:2350:5:102:8073:8fc0:bf42:5cca ONECOM
General Check archive.org Show headers Download Go to Full URL https://psd2cert.one/ib/public/login/js/arch/services/1.0.0/main_app.js Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:2350:5:102:8073:8fc0:bf42:5cca , Denmark, ASN51468 (ONECOM, DK), Reverse DNS Software Apache / Resource Hash Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/bnl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 08:13:57 GMT via 1.1 varnish (Varnish/7.1) server Apache age 27 content-type text/html; charset=iso-8859-1 content-length 196 x-varnish 797320568 808884093
GET H2	404	main_app.js psd2cert.one/ib/public/vetrina/arch/	0 0	51ms 50ms	Script text/html	2a02:2350:5:102:8073:8fc0:bf42:5cca ONECOM
General Check archive.org Show headers Download Go to Full URL https://psd2cert.one/ib/public/vetrina/arch/main_app.js Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:2350:5:102:8073:8fc0:bf42:5cca , Denmark, ASN51468 (ONECOM, DK), Reverse DNS Software Apache / Resource Hash Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/bnl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 08:13:57 GMT via 1.1 varnish (Varnish/7.1) server Apache age 27 content-type text/html; charset=iso-8859-1 content-length 196 x-varnish 797320569 839450965
GET H2	404	main_app.js psd2cert.one/ib/public/guestarea/	0 0	52ms 48ms	Script text/html	2a02:2350:5:102:8073:8fc0:bf42:5cca ONECOM
General Check archive.org Show headers Download Go to Full URL https://psd2cert.one/ib/public/guestarea/main_app.js Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:2350:5:102:8073:8fc0:bf42:5cca , Denmark, ASN51468 (ONECOM, DK), Reverse DNS Software Apache / Resource Hash Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/bnl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 08:13:57 GMT via 1.1 varnish (Varnish/7.1) server Apache age 27 content-type text/html; charset=iso-8859-1 content-length 196 x-varnish 797320570 732160557
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 fonts.gstatic.com/s/opensans/v29/	16 KB 17 KB	222ms 66ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://psd2cert.one accept-language da-DK,da;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 11:57:13 GMT x-content-type-options nosniff age 591432 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16720 x-xss-protection 0 last-modified Wed, 11 May 2022 19:25:13 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Jul 2023 11:57:13 GMT
GET H2	200	sprites.png psd2cert.one/bnl/files/	10 KB 10 KB	49ms 49ms	Image image/png	2a02:2350:5:102:8073:8fc0:bf42:5cca ONECOM
General Check archive.org Show headers Download Go to Show image Full URL https://psd2cert.one/bnl/files/sprites.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/files/clientlib-all.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:2350:5:102:8073:8fc0:bf42:5cca , Denmark, ASN51468 (ONECOM, DK), Reverse DNS Software Apache / Resource Hash 0a9148f6e2717336ff367ab00ec1d5eaa172a0a6be1404dd324c28d77804c8cf Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/bnl/files/clientlib-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:34:36 GMT via 1.1 varnish (Varnish/7.1) last-modified Fri, 01 Jul 2022 09:49:48 GMT server Apache age 2388 etag "2605-5e2bb4e96d63c" x-varnish 797320571 822379041 accept-ranges bytes content-type image/png content-length 9733
GET H2	404	linkfooter-active.png psd2cert.one/bnl/files/clientlib-site/css/images/	196 B 196 B	48ms 48ms	Image text/html	2a02:2350:5:102:8073:8fc0:bf42:5cca ONECOM
General Check archive.org Show headers Download Go to Show image Full URL https://psd2cert.one/bnl/files/clientlib-site/css/images/linkfooter-active.png Requested by Host: psd2cert.one URL: https://psd2cert.one/bnl/files/clientlib-all.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:2350:5:102:8073:8fc0:bf42:5cca , Denmark, ASN51468 (ONECOM, DK), Reverse DNS Software Apache / Resource Hash 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 Request headers accept-language da-DK,da;q=0.9 Referer https://psd2cert.one/bnl/files/clientlib-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 08:13:17 GMT via 1.1 varnish (Varnish/7.1) server Apache age 67 content-type text/html; charset=iso-8859-1 content-length 196 x-varnish 797320572 835553684

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banca Intesa Sanpaolo (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| url undefined| message string| currentApp string| currentEnv

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://psd2cert.one/ib/public/login/js/arch/services/1.0.0/main_app.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://psd2cert.one/ib/public/vetrina/arch/main_app.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://psd2cert.one/ib/public/guestarea/main_app.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://psd2cert.one/bnl/files/clientlib-site/css/images/linkfooter-active.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banking.bnl.it
cdn0.iconfinder.com
fonts.googleapis.com
fonts.gstatic.com
psd2cert.one
www.intesasanpaolo.com
193.203.234.216
2606:4700:3108::ac42:285e
2a00:1450:4001:80f::200a
2a00:1450:4001:82a::2003
2a02:2350:5:102:8073:8fc0:bf42:5cca
2a02:26f0:6c00:281::4445
09c850d89f41e9c808d6bd12871bcfc7e6f7d76cd1f7f959a5d79ffb800f8de2
0a9148f6e2717336ff367ab00ec1d5eaa172a0a6be1404dd324c28d77804c8cf
10ca81e1589cc3b4b1d18a25ee6acf121970effa02449deb4beb17a880af41fd
131b7831882f008a6762129052d5bd357d120e7fa610779bc8d9a09e7f5869c3
173f71531eaa3fefa888c0c92cfac551e7b27007029ab36a127e5f3232510b8a
1aec5219cdcd75f87dfe65e36a8d4b860ac03b5573e6c9a2739b119e5defe63e
1cf0effd6271f97b6c5564ed6dbfac16ab92c38feedcfc7eecd6c33fbce5efa5
3428070ba9de1802698ea29826428628eab543de85c20e50e076e1a316606790
354a16c92816350830076c1f625525d9460ff1269cb3b8766592540d5ad28ba8
366de85e50aa042f34ef304b5195d06a87dcc81107e0a5ac87d997d35d95b275
4f37e40f466d79806853f3758a33da54b5df0794d81a070973e9d5d1ae4636a3
55475f690303f28766cea7ae2214bca689adb1d19426a636ae5f812d30ed88aa
7621b7efdd066ad06e4ab99786b72c02f9d126e63bfa911cee193b1071fa1ccd
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
9e5f7acbc049c135bfae2d725aa23aeced8e05320aadf2629ca8fa11f5dafb14
ae3d9363f4fa0d03b76c14877276d6c10b8e2e98e7bfcfc5f96ddffef5215288
b110ce49bffb0222598f6961ea5601def38eed3ea38b14609330317735d8d11e
b9cf5ac56dd524668e1156759674215a9224dcaec961914e0e36c2c0efcb9bc0
d18dfca40d83a20a5bb0b627de61ae659248c1c39953b44e5cf5da7fed4f6685
f6980057249f4e1fc3dae211dba4e6fb2193e4f641a8e253f8513c323b7ec4ab