urlscan.io logo urlscan.io
SecurityTrails logo

www.cistite-iuv.it Open in urlscan Pro
46.37.24.221  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rebrand.ly/432qykp
Effective URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6B...
Submission Tags: 7292205
Submission: On September 14 via api from NL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 26 HTTP transactions. The main IP is 46.37.24.221, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is www.cistite-iuv.it.
TLS certificate: Issued by R3 on September 4th 2021. Valid for: 3 months.
This is the only time www.cistite-iuv.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixa (Government)

Domain & IP information

IP Address AS Autonomous System
1 1 54.221.250.95 14618 (AMAZON-AES)
15 46.37.24.221 31034 (ARUBA-ASN)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
26 7
1    54.221.250.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-250-95.compute-1.amazonaws.com
rebrand.ly
15    46.37.24.221 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: srv06.koalacode.com
www.cistite-iuv.it
4    2a00:1450:4007:807::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4007:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
3    2a00:1450:4007:815::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4007:81a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
15 www.cistite-iuv.it www.cistite-iuv.it
4 fonts.googleapis.com www.cistite-iuv.it
3 fonts.gstatic.com fonts.googleapis.com
1 www.google-analytics.com www.googletagmanager.com
1 code.jquery.com www.cistite-iuv.it
1 www.googletagmanager.com www.cistite-iuv.it
1 rebrand.ly 1 redirects
0 aux01.contadorsite.com Failed www.cistite-iuv.it
26 8

This site contains no links.

Subject Issuer Validity Valid
cistite-iuv.it
R3		 2021-09-04 -
2021-12-03		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Frame ID: FD602FDB293D5DA5E5BCC195E34C6E74
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

I-.nt _er.net--_--:-Banking ::::....cAIXA

Page URL History Show full URLs

  1. https://rebrand.ly/432qykp HTTP 301
    https://www.cistite-iuv.it/w/ Page URL
  2. https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//Ptdbjg... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • jquery[.-]([\d.]*\d)[^/]*\.js

Page Statistics

26
Requests

96 %
HTTPS

71 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

390 kB
Transfer

769 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rebrand.ly/432qykp HTTP 301
    https://www.cistite-iuv.it/w/ Page URL
  2. https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N- Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://rebrand.ly/432qykp HTTP 301
  • https://www.cistite-iuv.it/w/

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.cistite-iuv.it/w/
Redirect Chain
  • https://rebrand.ly/432qykp
  • https://www.cistite-iuv.it/w/
914 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cistite-iuv.it/w/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx / PHP/7.3.25 PleskLin
Resource Hash
cc916b9469c436d841450c7a1fe737b04bb466df2922ba34433e80910f1e6dba

Request headers

:method
GET
:authority
www.cistite-iuv.it
:scheme
https
:path
/w/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 14 Sep 2021 22:49:21 GMT
content-type
text/html; charset=UTF-8
content-length
328
x-powered-by
PHP/7.3.25 PleskLin
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Cache-Control
no-cache, no-store
Date
Tue, 14 Sep 2021 22:49:15 GMT
Engine
Rebrandly.redirect, version 2.1
Expires
-1
Location
https://www.cistite-iuv.it/w/
Strict-Transport-Security
max-age=15552000
Content-Length
0
Connection
keep-alive
hitv4.php
aux01.contadorsite.com/ 		0
0
Primary Request passo1.php
www.cistite-iuv.it/w/site-seguro/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx / PHP/7.3.25 PleskLin
Resource Hash
c807ad254a21c8efde24ad6052aabd7095ce90626cef701e3d3a65d551fd5cdf

Request headers

:method
GET
:authority
www.cistite-iuv.it
:scheme
https
:path
/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.cistite-iuv.it/w/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/w/

Response headers

server
nginx
date
Tue, 14 Sep 2021 22:49:21 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.25 PleskLin
content-encoding
gzip
icon
fonts.googleapis.com/ 		569 B
438 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
683bec93229eb796c1f707ed5f88fc9706d3a1bc415f5c6abfd537918bf537b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 22:49:27 GMT
server
ESF
date
Tue, 14 Sep 2021 22:49:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 22:49:27 GMT
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad0143eabe9dd325f34d5120a12a19df28e63e0dae2c85fc0ab664be125e8da1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 21:08:29 GMT
server
ESF
date
Tue, 14 Sep 2021 22:49:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 22:49:27 GMT
style_login.css
www.cistite-iuv.it/w/site-seguro/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cistite-iuv.it/w/site-seguro/css/style_login.css
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx / PleskLin
Resource Hash
2b8ea5e6853a95f3e68b1ae996c958612046336c3ac8a3a89d0e5a0dfbfde010

Request headers

:path
/w/site-seguro/css/style_login.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.cistite-iuv.it
referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:22 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 17:04:00 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61379b80-1375"
vary
Accept-Encoding
content-type
text/css
jquery.min.js
www.cistite-iuv.it/w/site-seguro/Arquivos1/ 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cistite-iuv.it/w/site-seguro/Arquivos1/jquery.min.js
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx / PleskLin
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

:path
/w/site-seguro/Arquivos1/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.cistite-iuv.it
referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:22 GMT
content-encoding
gzip
last-modified
Sun, 08 Oct 2017 13:35:20 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"59da2998-14e4a"
vary
Accept-Encoding
content-type
text/javascript
jquery_mask.js
www.cistite-iuv.it/w/site-seguro/Arquivos1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cistite-iuv.it/w/site-seguro/Arquivos1/jquery_mask.js
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx / PleskLin
Resource Hash
7345baa61a620cacfb000c04a16e9491020c841ee0b60c4166b68c57af1bb688

Request headers

:path
/w/site-seguro/Arquivos1/jquery_mask.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.cistite-iuv.it
referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:22 GMT
content-encoding
gzip
last-modified
Sun, 08 Oct 2017 13:35:20 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"59da2998-2a49"
vary
Accept-Encoding
content-type
text/javascript
sweet1.js
www.cistite-iuv.it/w/site-seguro/js/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cistite-iuv.it/w/site-seguro/js/sweet1.js
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx / PleskLin
Resource Hash
ca95ea29c687a7db00b9b1938418a185b54f61910c7a3035ed8207607958313d

Request headers

:path
/w/site-seguro/js/sweet1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.cistite-iuv.it
referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:22 GMT
content-encoding
gzip
last-modified
Thu, 15 Aug 2019 23:42:40 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5d55edf0-f5cc"
vary
Accept-Encoding
content-type
text/javascript
home.js
www.cistite-iuv.it/w/site-seguro/Arquivos1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cistite-iuv.it/w/site-seguro/Arquivos1/home.js
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx / PleskLin
Resource Hash
94cc27d0ab1241a3d4fc6a1553587c078c00b00f88b3945338acdf7d2e89c45c

Request headers

:path
/w/site-seguro/Arquivos1/home.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.cistite-iuv.it
referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:22 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 18:14:58 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"60ec86a2-1e22"
vary
Accept-Encoding
content-type
text/javascript
jquery-3.2.1.min.js
www.cistite-iuv.it/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cistite-iuv.it/js/jquery-3.2.1.min.js
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx / PHP/7.3.25
Resource Hash

Request headers

:path
/js/jquery-3.2.1.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.cistite-iuv.it
referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:24 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.25
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://www.cistite-iuv.it/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
jquery.mask.min.js
www.cistite-iuv.it/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cistite-iuv.it/js/jquery.mask.min.js
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx / PHP/7.3.25
Resource Hash

Request headers

:path
/js/jquery.mask.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.cistite-iuv.it
referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:24 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.25
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://www.cistite-iuv.it/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
js
www.googletagmanager.com/gtag/ 		129 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CBB7VDGQDK
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec62851842a41d85c93ec8b1db4af10509585982aed2c861fec95418a0a3f21f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51670
x-xss-protection
0
expires
Tue, 14 Sep 2021 22:49:32 GMT
logo_caixa.png
www.cistite-iuv.it/w/site-seguro/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cistite-iuv.it/w/site-seguro/img/logo_caixa.png
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx / PleskLin
Resource Hash
1ed00d554c5423d4fa8c88bf8b8ec95554bbb787272ce36d22ff767b81422074

Request headers

:path
/w/site-seguro/img/logo_caixa.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.cistite-iuv.it
referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:28 GMT
last-modified
Wed, 30 Sep 2020 14:15:16 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f7492f4-1327"
content-type
image/png
accept-ranges
bytes
content-length
4903
form_icon.png
www.cistite-iuv.it/w/site-seguro/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cistite-iuv.it/w/site-seguro/img/form_icon.png
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx / PleskLin
Resource Hash
feb15b09aaee2b0b50dbd68a6d04037c7c5c3efb0e5ec23a243648fb1e5abaaf

Request headers

:path
/w/site-seguro/img/form_icon.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.cistite-iuv.it
referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:28 GMT
last-modified
Wed, 30 Sep 2020 14:15:16 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f7492f4-948"
content-type
image/png
accept-ranges
bytes
content-length
2376
pre_load.gif
www.cistite-iuv.it/w/site-seguro/img/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cistite-iuv.it/w/site-seguro/img/pre_load.gif
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx / PleskLin
Resource Hash
b28604c7e478ef48a7c1f3554e64d72aa69438a9ec15cea40e1cd661dc74f432

Request headers

:path
/w/site-seguro/img/pre_load.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.cistite-iuv.it
referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:28 GMT
last-modified
Wed, 30 Sep 2020 14:15:16 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f7492f4-8a91"
content-type
image/gif
accept-ranges
bytes
content-length
35473
jquery-1.10.1.js
code.jquery.com/ 		268 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.10.1.js
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ebaded49db62a60060caa2577f2a4ec1ff68726bc40861bc65d977abeb64fa7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:32 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:07 GMT
server
nginx
etag
"54499a47-42ea0"
vary
Accept-Encoding
x-hw
1631659772.dop006.ml1.t,1631659772.cds219.ml1.hn,1631659772.cds028.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
81112
css
fonts.googleapis.com/ 		1015 B
498 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:700
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/css/style_login.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb2328dfecce069cd6461be516080bc88f2236677453301a7a21ef35c29ab32d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 21:06:19 GMT
server
ESF
date
Tue, 14 Sep 2021 22:49:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 22:49:27 GMT
css
fonts.googleapis.com/ 		1015 B
498 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/css/style_login.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5088c618e38ccdf416a61febe45458baf8b4ef7024130b122c2405d5a1cdb25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 20:59:23 GMT
server
ESF
date
Tue, 14 Sep 2021 22:49:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 22:49:27 GMT
jquery-3.2.1.min.js
www.cistite-iuv.it/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cistite-iuv.it/js/jquery-3.2.1.min.js
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx /
Resource Hash

Request headers

:path
/js/jquery-3.2.1.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.cistite-iuv.it
referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:27 GMT
content-encoding
gzip
last-modified
Tue, 06 Aug 2019 19:01:25 GMT
server
nginx
etag
"76c15d2-3c0-58f77738552f4"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
552
jquery.mask.min.js
www.cistite-iuv.it/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cistite-iuv.it/js/jquery.mask.min.js
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx / PHP/7.3.25
Resource Hash

Request headers

:path
/js/jquery.mask.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.cistite-iuv.it
referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:28 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.25
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://www.cistite-iuv.it/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:815::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cistite-iuv.it
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:43:35 GMT
x-content-type-options
nosniff
age
97558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 19:43:35 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v102/ 		109 KB
109 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v102/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:815::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
606989890f9c25a98ddbe359c6a0fdb7643f88ed5e73ae283a46e7d768bc87cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cistite-iuv.it
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 20:51:32 GMT
x-content-type-options
nosniff
age
93481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111596
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 18:44:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 20:51:32 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:815::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cistite-iuv.it
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:09:56 GMT
x-content-type-options
nosniff
age
358777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Sep 2022 19:09:56 GMT
end.png
www.cistite-iuv.it/w/site-seguro/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cistite-iuv.it/w/site-seguro/img/end.png
Requested by
Host: www.cistite-iuv.it
URL: https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.37.24.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
srv06.koalacode.com
Software
nginx / PleskLin
Resource Hash
64a16175fd8bb9b3e969fd4c07ca02eca50ac2de2dddde64c4d6ed02ddada4c4

Request headers

:path
/w/site-seguro/img/end.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.cistite-iuv.it
referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cistite-iuv.it/w/site-seguro/passo1.php?nGnJ/6dVH9NdIcCtm/yfEtAeWq7DfY0QFFWTemH79lU//PtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:49:32 GMT
last-modified
Thu, 15 Aug 2019 23:42:40 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d55edf0-d9c"
content-type
image/png
accept-ranges
bytes
content-length
3484
collect
www.google-analytics.com/g/ 		0
370 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CBB7VDGQDK&gtm=2oe9d0&_p=1478775784&sr=1600x1200&ul=en-us&cid=314921518.1631659772&_s=1&dl=https%3A%2F%2Fwww.cistite-iuv.it%2Fw%2Fsite-seguro%2Fpasso1.php%3FnGnJ%2F6dVH9NdIcCtm%2FyfEtAeWq7DfY0QFFWTemH79lU%2F%2FPtdbjgvwiBtusFDGYvW5QSEm6BwAqJR8NUrnzbF9N-&dr=https%3A%2F%2Fwww.cistite-iuv.it%2Fw%2F&dt=I-.nt%20_er.net--_--%3A-Banking%20%3A%3A%3A%3A....cAIXA&sid=1631659772&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBB7VDGQDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:81a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cistite-iuv.it/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 22:49:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cistite-iuv.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aux01.contadorsite.com
URL
http://aux01.contadorsite.com/hitv4.php?digit=7seg&page=51522ae2a209b4bf9b5d41df2476c560&t=1507560471

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixa (Government)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| validacpf function| mask function| FormataDado function| check_lg function| check_phone function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady

2 Cookies

Domain/Path Name / Value
.cistite-iuv.it/ Name: _ga
Value: GA1.1.314921518.1631659772
.cistite-iuv.it/ Name: _ga_CBB7VDGQDK
Value: GS1.1.1631659772.1.0.1631659773.0

5 Console Messages

Source Level URL
Text
security error URL: https://www.cistite-iuv.it/w/
Message:
Mixed Content: The page at 'https://www.cistite-iuv.it/w/' was loaded over HTTPS, but requested an insecure script 'http://aux01.contadorsite.com/hitv4.php?digit=7seg&page=51522ae2a209b4bf9b5d41df2476c560&t=1507560471'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://www.cistite-iuv.it/js/jquery-3.2.1.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.cistite-iuv.it/js/jquery.mask.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.cistite-iuv.it/js/jquery-3.2.1.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.cistite-iuv.it/js/jquery.mask.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aux01.contadorsite.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
rebrand.ly
www.cistite-iuv.it
www.google-analytics.com
www.googletagmanager.com
aux01.contadorsite.com
2001:4de0:ac18::1:a:3b
2a00:1450:4007:807::200a
2a00:1450:4007:80e::2008
2a00:1450:4007:815::2003
2a00:1450:4007:81a::200e
46.37.24.221
54.221.250.95
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1ed00d554c5423d4fa8c88bf8b8ec95554bbb787272ce36d22ff767b81422074
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2b8ea5e6853a95f3e68b1ae996c958612046336c3ac8a3a89d0e5a0dfbfde010
606989890f9c25a98ddbe359c6a0fdb7643f88ed5e73ae283a46e7d768bc87cc
64a16175fd8bb9b3e969fd4c07ca02eca50ac2de2dddde64c4d6ed02ddada4c4
683bec93229eb796c1f707ed5f88fc9706d3a1bc415f5c6abfd537918bf537b4
7345baa61a620cacfb000c04a16e9491020c841ee0b60c4166b68c57af1bb688
94cc27d0ab1241a3d4fc6a1553587c078c00b00f88b3945338acdf7d2e89c45c
a5088c618e38ccdf416a61febe45458baf8b4ef7024130b122c2405d5a1cdb25
ad0143eabe9dd325f34d5120a12a19df28e63e0dae2c85fc0ab664be125e8da1
b28604c7e478ef48a7c1f3554e64d72aa69438a9ec15cea40e1cd661dc74f432
bb2328dfecce069cd6461be516080bc88f2236677453301a7a21ef35c29ab32d
c807ad254a21c8efde24ad6052aabd7095ce90626cef701e3d3a65d551fd5cdf
ca95ea29c687a7db00b9b1938418a185b54f61910c7a3035ed8207607958313d
cc916b9469c436d841450c7a1fe737b04bb466df2922ba34433e80910f1e6dba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebaded49db62a60060caa2577f2a4ec1ff68726bc40861bc65d977abeb64fa7d
ec62851842a41d85c93ec8b1db4af10509585982aed2c861fec95418a0a3f21f
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
feb15b09aaee2b0b50dbd68a6d04037c7c5c3efb0e5ec23a243648fb1e5abaaf