www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com
Open in
urlscan Pro
35.242.251.130
Malicious Activity!
Public Scan
Submission: On August 12 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 12th 2021. Valid for: 3 months.
This is the only time www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Poste Italiane (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 35.242.251.130 35.242.251.130 | 15169 (GOOGLE) (GOOGLE) | |
17 | 34.96.106.200 34.96.106.200 | 15169 (GOOGLE) (GOOGLE) | |
8 | 3.89.173.226 3.89.173.226 | 14618 (AMAZON-AES) (AMAZON-AES) | |
6 25 | 51.81.109.178 51.81.109.178 | 16276 (OVH) (OVH) | |
1 | 62.241.13.24 62.241.13.24 | 15720 (Viale Europa) (Viale Europa) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:831::2003 | 15169 (GOOGLE) (GOOGLE) | |
52 | 8 |
ASN15169 (GOOGLE, US)
PTR: 130.251.242.35.bc.googleusercontent.com
www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com |
ASN15169 (GOOGLE, US)
PTR: 200.106.96.34.bc.googleusercontent.com
static.parastorage.com | |
siteassets.parastorage.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-173-226.compute-1.amazonaws.com
frog.wix.com |
ASN16276 (OVH, FR)
PTR: ns107368.ip-51-81-109.us
www.thesecretbookofwealth.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
thesecretbookofwealth.com
6 redirects
www.thesecretbookofwealth.com |
116 KB |
17 |
parastorage.com
static.parastorage.com siteassets.parastorage.com |
252 KB |
8 |
wix.com
frog.wix.com |
2 KB |
3 |
gstatic.com
fonts.gstatic.com |
44 KB |
3 |
securelogin-poste-it-jod-fcc-fcc-authentication-html.com
www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com |
79 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
poste.it
www.poste.it |
39 KB |
52 | 7 |
Domain | Requested by | |
---|---|---|
25 | www.thesecretbookofwealth.com |
6 redirects
static.parastorage.com
www.thesecretbookofwealth.com |
15 | static.parastorage.com |
www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com
static.parastorage.com |
8 | frog.wix.com |
www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com
static.parastorage.com |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com |
www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com
static.parastorage.com |
2 | siteassets.parastorage.com |
www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com
|
1 | fonts.googleapis.com |
www.thesecretbookofwealth.com
|
1 | www.poste.it |
www.thesecretbookofwealth.com
|
52 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
securelogin-poste-it-jod-fcc-fcc-authentication-html.com Sectigo RSA Domain Validation Secure Server CA |
2021-08-12 - 2021-11-10 |
3 months | crt.sh |
*.parastorage.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-08 - 2022-01-04 |
6 months | crt.sh |
*.wix.com Sectigo RSA Domain Validation Secure Server CA |
2021-05-05 - 2021-11-01 |
6 months | crt.sh |
thesecretbookofwealth.com cPanel, Inc. Certification Authority |
2021-07-14 - 2021-10-12 |
3 months | crt.sh |
www.poste.it GlobalSign Extended Validation CA - SHA256 - G3 |
2021-02-24 - 2022-03-28 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-07-12 - 2021-10-04 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-07-12 - 2021-10-04 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com/
Frame ID: E4CE156432273FF691D730408AF99875
Requests: 32 HTTP requests in this frame
Frame:
https://www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/pos/foo-autenticazione.php
Frame ID: C2F5B60CB6DED8A63891D24EE5ECAC93
Requests: 24 HTTP requests in this frame
Screenshot
Detected technologies
Wix (CMS) ExpandDetected patterns
- script /static\.parastorage\.com/i
- meta generator /Wix\.com Website Builder/i
React (JavaScript Frameworks) Expand
Detected patterns
- script /static\.parastorage\.com/i
- meta generator /Wix\.com Website Builder/i
Polyfill (JavaScript Libraries) Expand
Detected patterns
- script /\/polyfill\.min\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 27- https://www.thesecretbookofwealth.com/pos/servizio-postale HTTP 301
- https://www.thesecretbookofwealth.com/pos/servizio-postale/ HTTP 302
- https://www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55 HTTP 301
- https://www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/ HTTP 302
- https://www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/pos HTTP 301
- https://www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/pos/ HTTP 302
- https://www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/pos/foo-autenticazione.php
52 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com/ |
258 KB 72 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-features.37b0203a.bundle.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ |
168 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.58d7a24c.bundle.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ |
172 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lodash.min.js
static.parastorage.com/unpkg/lodash@4.17.21/ |
71 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react.production.min.js
static.parastorage.com/unpkg/react@16.13.1/umd/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
thunderbolt
siteassets.parastorage.com/pages/pages/ |
41 KB 7 KB |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
thunderbolt
siteassets.parastorage.com/pages/pages/ |
1 KB 1 KB |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteTags.bundle.min.js
static.parastorage.com/services/tag-manager-client/1.427.0/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bolt-performance
frog.wix.com/ |
0 285 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dynamicmodel
www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com/_api/v2/ |
13 KB 6 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bt
frog.wix.com/ |
0 284 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wix-perf-measure.bundle.min.js
static.parastorage.com/services/wix-perf-measure/1.531.0/ |
33 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
react-dom.production.min.js
static.parastorage.com/unpkg/react-dom@16.13.1/umd/ |
116 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
60be5c39-863e-40cb-9434-6ebafb62ab2b.woff
static.parastorage.com/services/third-party/fonts/Helvetica/Fonts/ |
41 KB 41 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bt
frog.wix.com/ |
0 284 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bolt-performance
frog.wix.com/ |
0 284 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
cdn_detect
static.parastorage.com/ |
11 B 41 B |
Fetch
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
34 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
82 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
90 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
page-features.3396a8de.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
reporter-api.8f326e66.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ |
28 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
50b51091-1f87-4874-8298-ca8b688aba5d
www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com/_api/tag-manager/api/v1/tags/sites/ |
838 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
rb_wixui.thunderbolt~bootstrap-classic.11043695.chunk.min.js
static.parastorage.com/services/editor-elements/dist/ |
41 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
rb_wixui.thunderbolt[SkipToContentButton].3fd8b9ab.bundle.min.js
static.parastorage.com/services/editor-elements/dist/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
rb_wixui.thunderbolt~bootstrap.499a92dc.chunk.min.js
static.parastorage.com/services/editor-elements/dist/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
rb_wixui.thunderbolt[HtmlComponent].344e7e88.bundle.min.js
static.parastorage.com/services/editor-elements/dist/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foo-autenticazione.php
www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/pos/ Frame C2F5 Redirect Chain
|
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bt
frog.wix.com/ |
0 284 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pa
frog.wix.com/ |
0 284 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bpm
frog.wix.com/ |
0 284 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bpm
frog.wix.com/ |
0 284 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/datas/ Frame C2F5 |
115 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/datas/ Frame C2F5 |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylebase.css
www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/datas/ Frame C2F5 |
17 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
www.poste.it/risorse_dt/condivise/javascript/ Frame C2F5 |
95 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cerc.js
www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/datas/ Frame C2F5 |
13 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/datas/ Frame C2F5 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base-responsive.css
www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/datas/ Frame C2F5 |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
step1.png
www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/datas/ Frame C2F5 |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
step2.png
www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/datas/ Frame C2F5 |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame C2F5 |
20 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/datas/ Frame C2F5 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
www.thesecretbookofwealth.com/risorse/condivise/stili/trasversali/ Frame C2F5 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spaces.css
www.thesecretbookofwealth.com/risorse/condivise/stili/trasversali/ Frame C2F5 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alignment.css
www.thesecretbookofwealth.com/risorse/condivise/stili/trasversali/ Frame C2F5 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
extra.css
www.thesecretbookofwealth.com/risorse/condivise/stili/trasversali/ Frame C2F5 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tool.css
www.thesecretbookofwealth.com/risorse/condivise/stili/trasversali/ Frame C2F5 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ Frame C2F5 |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ Frame C2F5 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ Frame C2F5 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.jpg
www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/datas/ Frame C2F5 |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-arrow-blue-right.png
www.thesecretbookofwealth.com/risorse/applicazioni/login/immagini/ Frame C2F5 |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-poste-italiane.png
www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/pos/risorse_dt/condivise/immagini/loghi/ Frame C2F5 |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner_giallo.gif
www.thesecretbookofwealth.com/pos/servizio-postale/37.120.209.2132021-08-12%2022:16:55/pos/risorse_dt/condivise/immagini/generiche/ Frame C2F5 |
33 KB 33 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Poste Italiane (Online)53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| initialTimestamps string| thunderboltTag string| thunderboltVersion object| webpackJsonp__wix_thunderbolt_app object| _registry_runtime object| fedops object| Sentry object| viewerModel object| fetchDynamicModel object| commonConfig object| externalsRegistry object| ReactDOM object| reactDOMReference object| React object| reactReference object| reactAndReactDOMLoaded object| ThunderboltElementsLoaded object| bi function| _addWindowMessageHandler boolean| bodyCacheable object| exclusionReason object| ssrInfo boolean| clientSideRender string| firstPageId object| wixPerformanceMeasurements object| wix-perf-measure object| fastdom object| __imageClientApi__ function| _ object| consentPolicyManager object| wixEmbedsAPI object| wixTagManager object| wixDevelopersAnalytics object| currentGlobal object| webpackJsonp__wix_editor_elements_library function| rb_wixui.thunderbolt_bootstrap-classic_lazy_factory object| rb_wixui.thunderbolt_bootstrap-classic object| rb_wixui.thunderbolt[SkipToContentButton] object| rb_wixui.thunderbolt[HtmlComponent] function| rb_wixui.thunderbolt_bootstrap_lazy_factory object| rb_wixui.thunderbolt_bootstrap4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com/ | Name: hs Value: -1051126749 |
|
.www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com/ | Name: XSRF-TOKEN Value: 1628806614|-zOOUUOzBCsa |
|
.www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com/ | Name: svSession Value: d93aa039e26914a5925202db889f6552c28048c328a222bed0f594963203b99677c21c7b6147ccf0bb48f3800c139b291e60994d53964e647acf431e4f798bcde722718f66e46bbd1e5d1cffc51d19ed4de42a04fb5e59eea910f5c42741531f3bcb610a268630c5de7e504184c442993eb642d2ec5c8b6bceb5149ceb42ff22d084eeb8159956fcb668cc168736a217 |
|
www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com/ | Name: ssr-caching Value: cache#desc=hit#varnish=hit#dc#desc=euw3 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=120 |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
frog.wix.com
siteassets.parastorage.com
static.parastorage.com
www.poste.it
www.securelogin-poste-it-jod-fcc-fcc-authentication-html.com
www.thesecretbookofwealth.com
2a00:1450:4001:829::200a
2a00:1450:4001:831::2003
3.89.173.226
34.96.106.200
35.242.251.130
51.81.109.178
62.241.13.24
074fffe73fd1ff2b0cda82a3664149226bce462649b69f973f52ba4db8212641
0c9c33bb5a28509425a32af12df67a7a8b93d1b108ff837e2f49db4d88bb846c
11e9e0b5fd5453b49e49b6d0b561c435553d26eb8d95fc11f9fc36f12597a86a
13bae504416b265dbe0e362a3db27d606a65c93f84ae46bc2152f9b3ffc2c063
20a09a5ee6e493db5e4f44ee2f25809cf77ce1f42d0466456dcfc1cf236128a6
2305bfa162ad4ac0b3e387b47e64503910c82342ab555ef4bf74d562d798e23c
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
40bee22f49e7c2a8ab7416df22b5275094c1df4f6f2e828a3305acdf844498c8
4795a1c2517089e4df569afd77c04e949139cf299c87f012b894fccf91df4594
494bb6991e741c8e37fccab186d840184068807b36189996752dfc4cd1d5314e
4b76e5a6a06f430c4c3c7a801632cf646f4fac8bbe919ff14938396abb08ae0f
50ad4a31758eb64034f919ee807237c096849b68ad59a02b7c8c2d0b5b9e3ab3
5680169d31ccf107cb72a47a5cb6d8d0990f628b7174cd9bf580852d599923e2
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66decaefe9c6a9734600c658186b87c489b2974490e797ea644833e214564b86
68ba39aae91e96c8a9775cd03e55d5e66f22f05bac5b127f58afec642dd71315
758adf341ab9895c8c07312077f3d8586ae1417150f8fb05398e8cf08d82cd20
79bd85e038d97820a420189a24499062f86fad1656336c12d014353df3a38085
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
819c0ae7aa7777195cd25dffa6ec2962ac54d55fa8ac3df75388738e328e61fd
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
9c09627b7a15884c76b7d2df6a35130f29fe5d3d99e67593e065f3c3472374e8
a055462e069ab37c3c269bf8b80c7c1aafa72b7d2f0b7699833f87558b06a0cc
a2c822593d56103441feb46e59b2c8b65a6bfd8af349ff9d93c21c580d2ba0b7
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a54b0cc3e7adf0c84956e793cbea63ef4b0ef3099d76d592c535354e06838241
a7746030f4a6d6012a5a1f3f11aa894b5ddfd95877f9790a520b32d7795ba583
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
aabe0a1289af95490826f7c9d04dcdb59736ec069a6c794a82e4f808c69ea70e
b7093d546453a81d45d34980a0c7bab7caf6a64ee2390b8aa1141f17fd82468b
bc5b7797e8a595e365c1385b0d47683d3a85f3533c58d499659b771c48ec6d25
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c75f0f465f72761d2e1042c8c8dfab6954725c5974aeb79c25368292a8ae7a2c
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c9486f126615859fc61ac84840a02b2efc920d287a71d99d708c74b2947750fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75bb6c423ca2e70e41672b52bd09fce882dffe8f133009d9cc37d849fba4666
ea638c8244c7a5cc50e617807b1fc35637430f976e8210ef3d560a5eb059e5f5
ee0e9f094fef6c441e46b19edf26f0ee28a0c5a7369d50afe660a5833a564389
f7ab5767711fdbb908f5eac77f922ed355bce39e960e42dfdcd64d86848cd0b2
ffb72efab42ba8945130d58618464462127ce7a73c5f7874f20695082b36ffd6