sblocco-webb.com
Open in
urlscan Pro
198.54.126.78
Malicious Activity!
Public Scan
Effective URL: https://sblocco-webb.com/login.html
Submission: On January 23 via manual from FR
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 22nd 2020. Valid for: a year.
This is the only time sblocco-webb.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Unicredit (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 67.199.248.10 67.199.248.10 | 396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD) | |
16 | 198.54.126.78 198.54.126.78 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
16 | 1 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server33-4.web-hosting.com
sblocco-webb.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
sblocco-webb.com
sblocco-webb.com |
512 KB |
1 |
bit.ly
1 redirects
bit.ly |
339 B |
16 | 2 |
Domain | Requested by | |
---|---|---|
16 | sblocco-webb.com |
sblocco-webb.com
|
1 | bit.ly | 1 redirects |
16 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.unicredit.it |
www.consob.it |
www.unicreditsubitocasa.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sblocco-webb.com Sectigo RSA Domain Validation Secure Server CA |
2020-01-22 - 2021-01-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sblocco-webb.com/login.html
Frame ID: 740AA3A5F4B3DBB9F314FD49E025B6B7
Requests: 16 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://bit.ly/unicredit-info
HTTP 301
https://sblocco-webb.com/ Page URL
- https://sblocco-webb.com/login.html Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
21 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Dati societari
Search URL Search Domain Scan URL
Title: Sicurezza
Search URL Search Domain Scan URL
Title: Reclami ricorsi e conciliazione
Search URL Search Domain Scan URL
Title: Arbitro per le controversie finanziarie
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Informativa Cookies
Search URL Search Domain Scan URL
Title: Normativa MiFID
Search URL Search Domain Scan URL
Title: Obbligazioni
Search URL Search Domain Scan URL
Title: OPV
Search URL Search Domain Scan URL
Title: Certificates
Search URL Search Domain Scan URL
Title: Manifestazioni a premio
Search URL Search Domain Scan URL
Title: Rapporti dormienti
Search URL Search Domain Scan URL
Title: SEPA
Search URL Search Domain Scan URL
Title: Operazioni di cartolarizzazione
Search URL Search Domain Scan URL
Title: Certificazione Qualità Tesoreria Enti
Search URL Search Domain Scan URL
Title: Relazione con i fornitori
Search URL Search Domain Scan URL
Title: Dizionario Finanziario
Search URL Search Domain Scan URL
Title: Disclaimer
Search URL Search Domain Scan URL
Title: UniCredit Subito Casa (Società di Intermediazione Immobiliare del Gruppo UniCredit)
Search URL Search Domain Scan URL
Title: PSD2 - Open Banking
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bit.ly/unicredit-info
HTTP 301
https://sblocco-webb.com/ Page URL
- https://sblocco-webb.com/login.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://bit.ly/unicredit-info HTTP 301
- https://sblocco-webb.com/
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
sblocco-webb.com/ Redirect Chain
|
1 KB 782 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.132f4c617d.css
sblocco-webb.com/UniCredit%20-%20Mobile%20Banking_files/ |
2 MB 207 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-splash-msite.png
sblocco-webb.com/UniCredit%20-%20Mobile%20Banking_files/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login.html
sblocco-webb.com/ |
151 KB 38 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
sblocco-webb.com/UniCredit%20-%20Mobile%20Banking_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.132f4c617d.css
sblocco-webb.com/UniCredit%20-%20Mobile%20Banking_files/ |
2 MB 207 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MST-icon-etc01.gif
sblocco-webb.com/UniCredit%20-%20Mobile%20Banking_files/ |
799 B 911 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.png
sblocco-webb.com/UniCredit%20-%20Mobile%20Banking_files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo-UniCredit.png
sblocco-webb.com/UniCredit%20-%20Mobile%20Banking_files/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
locator.png
sblocco-webb.com/UniCredit%20-%20Mobile%20Banking_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
info-trasparenza.jpg
sblocco-webb.com/UniCredit%20-%20Mobile%20Banking_files/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-splash-msite.png
sblocco-webb.com/UniCredit%20-%20Mobile%20Banking_files/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniCredit-Regular.otf
sblocco-webb.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow_turquoise.png
sblocco-webb.com/UniCredit%20-%20Mobile%20Banking_files/icon/ |
1000 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniCredit-Medium.otf
sblocco-webb.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniCredit-Light.otf
sblocco-webb.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Unicredit (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| validateForm0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.ly
sblocco-webb.com
198.54.126.78
67.199.248.10
6953f2685dc754d4e2489826d52fbf36a5c8d0aa18fb8c23be70dc2ba5e71402
825ff7e698273277b498ff7a2ccdfd6c2db7712e0f6904a30e4d944e5adbb611
86927cafa657ae14a28bdca63befb837251fc4ce67683aa19fdccf4d1bfeef3b
acedfa55247532bd2d44deaa7fc9ee8de4afa838758cb1abce144707ec771cec
af26ef2f72c8c735e6f99ec967867a812f49057557bb325c37d9d0ff824428d9
cc862369fccd0ad9b2d1a00ed5161d4dfdb68b68d7efe64457878ffeb0839bf0
e5e54a35d766175433038df15b64634a12df581319952409d890cf5015eac036
e7faf8846bf946e0e50aad55d3f2c5cb097497b19b7185f69d51a9d6ad421231
ee937dcede34527a7158666d9ddcd10ea8f23558b285a6b8ca1b0ff6e01c1473
ffc696f1923f58bc5a2398ad58f1195b5cf4d2e36c64faae4b26c2e08611afdb