orientalactu.com Open in urlscan Pro
207.174.214.207  Malicious Activity! Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request accedi.html Show response orientalactu.com/portale.bancaitalia.nexi/	37 KB 8 KB	561ms 177ms	Document text/html	207.174.214.207 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 207.174.214.207 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software Apache / Resource Hash d68c2e80c4ea20111acbc59aea49be2864dd19ffd3563fb390d31e65a76b5c2b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Fri, 29 Oct 2021 05:50:36 GMT server Apache content-type text/html content-length 8020 last-modified Wed, 27 Oct 2021 13:13:40 GMT accept-ranges bytes vary Accept-Encoding content-encoding gzip x-server-cache false
GET H/1.1	200 OK	styles.f96b5068c64b3c8ce413.css servizionline.bancaditalia.it/	233 KB 233 KB	154ms 45ms	Stylesheet text/css	85.159.192.145 ASN-BANCADITALIA
General Check archive.org Show headers Download Go to Full URL https://servizionline.bancaditalia.it/styles.f96b5068c64b3c8ce413.css Requested by Host: orientalactu.com URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 85.159.192.145 , Italy, ASN34759 (ASN-BANCADITALIA, IT), Reverse DNS servizionline.bancaditalia.it Software / Resource Hash 9561897c1d9d7f0489092e647704fd3f864ba937b20e22f0d18e0479ca97bc6d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options no-sniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 05:50:36 GMT X-Content-Type-Options no-sniff Last-Modified Tue, 06 Jul 2021 05:34:20 GMT X-FRAME-OPTIONS SAMEORIGIN Content-Type text/css Connection Keep-Alive Strict-Transport-Security max-age=31536000; includeSubDomains Accept-Ranges bytes Keep-Alive timeout=15, max=300 Content-Length 238274 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	logoBI.png servizionline.bancaditalia.it/assets/images/	9 KB 10 KB	163ms 54ms	Image image/png	85.159.192.145 ASN-BANCADITALIA
General Check archive.org Show headers Download Go to Show image Full URL https://servizionline.bancaditalia.it/assets/images/logoBI.png Requested by Host: orientalactu.com URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 85.159.192.145 , Italy, ASN34759 (ASN-BANCADITALIA, IT), Reverse DNS servizionline.bancaditalia.it Software / Resource Hash a6c8c3cc7887002a50911309fd6a949238707bdf7b7076756e64c0ea9bc064a8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options no-sniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 05:50:36 GMT X-Content-Type-Options no-sniff Last-Modified Tue, 06 Jul 2021 05:34:20 GMT X-FRAME-OPTIONS SAMEORIGIN Content-Type image/png Connection Keep-Alive Strict-Transport-Security max-age=31536000; includeSubDomains Accept-Ranges bytes Keep-Alive timeout=15, max=300 Content-Length 9332 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	01-logo-SO-colore.svg servizionline.bancaditalia.it/assets/images/	4 KB 5 KB	162ms 49ms	Image image/svg+xml	85.159.192.145 ASN-BANCADITALIA
General Check archive.org Show headers Download Go to Show image Full URL https://servizionline.bancaditalia.it/assets/images/01-logo-SO-colore.svg Requested by Host: orientalactu.com URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 85.159.192.145 , Italy, ASN34759 (ASN-BANCADITALIA, IT), Reverse DNS servizionline.bancaditalia.it Software / Resource Hash cfab57b71c1fa68bc7a5f9c766053a2eeeee5a5f0bd89fc2712a43aa5931c6b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options no-sniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 05:50:36 GMT X-Content-Type-Options no-sniff Last-Modified Tue, 06 Jul 2021 05:34:20 GMT X-FRAME-OPTIONS SAMEORIGIN Content-Type image/svg+xml Connection Keep-Alive Strict-Transport-Security max-age=31536000; includeSubDomains Accept-Ranges bytes Keep-Alive timeout=15, max=300 Content-Length 4189 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	icoMenu4b.png servizionline.bancaditalia.it/assets/images/	7 KB 7 KB	172ms 56ms	Image image/png	85.159.192.145 ASN-BANCADITALIA
General Check archive.org Show headers Download Go to Show image Full URL https://servizionline.bancaditalia.it/assets/images/icoMenu4b.png Requested by Host: orientalactu.com URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 85.159.192.145 , Italy, ASN34759 (ASN-BANCADITALIA, IT), Reverse DNS servizionline.bancaditalia.it Software / Resource Hash df7eae06601cde3566aeb708e4baddeebf9f90c0e44a46e23d19d4ed88116141 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options no-sniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 05:50:36 GMT X-Content-Type-Options no-sniff Last-Modified Tue, 06 Jul 2021 05:34:20 GMT X-FRAME-OPTIONS SAMEORIGIN Content-Type image/png Connection Keep-Alive Strict-Transport-Security max-age=31536000; includeSubDomains Accept-Ranges bytes Keep-Alive timeout=15, max=300 Content-Length 6800 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	numeroVerde.png servizionline.bancaditalia.it/assets/images/	12 KB 13 KB	185ms 68ms	Image image/png	85.159.192.145 ASN-BANCADITALIA
General Check archive.org Show headers Download Go to Show image Full URL https://servizionline.bancaditalia.it/assets/images/numeroVerde.png Requested by Host: orientalactu.com URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 85.159.192.145 , Italy, ASN34759 (ASN-BANCADITALIA, IT), Reverse DNS servizionline.bancaditalia.it Software / Resource Hash 88a168b5a9697328b8d90351186e71bb281827c39c24a68e2d9c5de727c187f3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options no-sniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 05:50:36 GMT X-Content-Type-Options no-sniff Last-Modified Tue, 06 Jul 2021 05:34:20 GMT X-FRAME-OPTIONS SAMEORIGIN Content-Type image/png Connection Keep-Alive Strict-Transport-Security max-age=31536000; includeSubDomains Accept-Ranges bytes Keep-Alive timeout=15, max=300 Content-Length 12541 X-XSS-Protection 1; mode=block
GET H2	200	jquery-latest.min.js Show response code.jquery.com/	94 KB 33 KB	59ms 20ms	Script application/javascript	2001:4de0:ac18::1:a:2a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-latest.min.js Requested by Host: orientalactu.com URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:50:36 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-1762a" vary Accept-Encoding x-hw 1635486636.dop011.ml1.t,1635486636.cds206.ml1.hn,1635486636.cds209.ml1.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 33202
GET H2	200	d.js Show response waust.at/	13 KB 7 KB	83ms 30ms	Script application/x-javascript	2606:4700:20::ac43:4739 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://waust.at/d.js Requested by Host: orientalactu.com URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:50:36 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3386 last-modified Mon, 03 May 2021 17:48:32 GMT server cloudflare etag W/"60903770-3444" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ff7v2gun15gQ1brD7M29LvhggxB7xnzUwdhzIBaUxNMyLK%2B%2Bp7FHnMcIZQiuaRyBF2D5bqLYedZy8sBJUb6utPKt5UEaQMyBvo0Jg0VTiEtwIIUgQGcqQLEUcO002AsWf5V9he9J"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * cache-control max-age=86400 cf-ray 6a5a20958f85e907-MXP expires Sat, 30 Oct 2021 04:54:09 GMT
GET H/1.1	200 OK	BG_01.7b875ce73c7491bfb260.jpg servizionline.bancaditalia.it/	330 KB 331 KB	36ms 36ms	Image image/jpeg	85.159.192.145 ASN-BANCADITALIA
General Check archive.org Show headers Download Go to Show image Full URL https://servizionline.bancaditalia.it/BG_01.7b875ce73c7491bfb260.jpg Requested by Host: servizionline.bancaditalia.it URL: https://servizionline.bancaditalia.it/styles.f96b5068c64b3c8ce413.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 85.159.192.145 , Italy, ASN34759 (ASN-BANCADITALIA, IT), Reverse DNS servizionline.bancaditalia.it Software / Resource Hash ff7de9ce3627680f079794d02df36687edc8fe5eb48b56833ac52de1fb420a69 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options no-sniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://servizionline.bancaditalia.it/styles.f96b5068c64b3c8ce413.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 05:50:36 GMT X-Content-Type-Options no-sniff Last-Modified Tue, 06 Jul 2021 05:34:20 GMT X-FRAME-OPTIONS SAMEORIGIN Content-Type image/jpeg Connection Keep-Alive Strict-Transport-Security max-age=31536000; includeSubDomains Accept-Ranges bytes Keep-Alive timeout=15, max=299 Content-Length 338367 X-XSS-Protection 1; mode=block
GET		titillium-web-v4-latin-600.99d941431f3f55fd46ad.woff2 servizionline.bancaditalia.it/	0 0
GET		titillium-web-v4-latin-regular.b4375f78b37bdba3323f.woff2 servizionline.bancaditalia.it/	0 0
GET		titillium-web-v4-latin-700.7694e06a64d08c6d3564.woff2 servizionline.bancaditalia.it/	0 0
GET		titillium-web-v4-latin-300.6c3f043c89f623f06e37.woff2 servizionline.bancaditalia.it/	0 0
GET H/1.1	200 OK	/ Show response t.dtscout.com/i/	2 KB 3 KB	301ms 96ms	Script application/javascript	158.69.139.238 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/i/?l=https%3A%2F%2Forientalactu.com%2Fportale.bancaitalia.nexi%2Faccedi.html&j= Requested by Host: waust.at URL: https://waust.at/d.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip238.ip-158-69-139.net Software nginx/1.14.0 (Ubuntu) / Resource Hash 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 05:50:36 GMT X-T 0.506 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Connection close X-S mtl2 Expires Fri, 29 Oct 2021 05:50:35 GMT
GET H2	200	/ Show response whos.amung.us/pingjs/	28 B 142 B	356ms 119ms	Script text/javascript	67.202.114.212 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://whos.amung.us/pingjs/?k=gjs5ie67b5&t=Banca%20D%27Italia%20-%20Alert%20Sicurezza&c=d&x=https%3A%2F%2Forientalactu.com%2Fportale.bancaitalia.nexi%2Faccedi.html&y=&a=0&v=27&r=2625 Requested by Host: waust.at URL: https://waust.at/d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.202.114.212 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS amung.us Software / Resource Hash bf39e1e8a7ac9c4b027a8038e4647070a2ae9d29b3634ef9527ab1b0e8f8ab46 Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:50:36 GMT content-encoding gzip content-type text/javascript;charset=UTF-8
GET		titillium-web-v4-latin-regular.18f37b8fccf3e295c232.woff servizionline.bancaditalia.it/	0 0
GET		titillium-web-v4-latin-600.b060eb46ce914bb63b25.woff servizionline.bancaditalia.it/	0 0
GET		titillium-web-v4-latin-700.fdb183c419fdb62f5300.woff servizionline.bancaditalia.it/	0 0
GET		titillium-web-v4-latin-300.0763f869c3cadee6d22d.woff servizionline.bancaditalia.it/	0 0
GET		titillium-web-v4-latin-regular.7e91f8ef73b5f3865005.ttf servizionline.bancaditalia.it/	0 0
GET		titillium-web-v4-latin-700.f97db0decff4d838f37a.ttf servizionline.bancaditalia.it/	0 0
GET		titillium-web-v4-latin-300.833b63057599d1fdd3a3.ttf servizionline.bancaditalia.it/	0 0
GET		titillium-web-v4-latin-600.365c44da87cfb66a8ec0.ttf servizionline.bancaditalia.it/	0 0
GET H/1.1	200 OK	/ Show response t.dtscout.com/pv/	50 B 318 B	298ms 102ms	Script application/javascript	158.69.139.238 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=orientalactu.com&_ss=1qc7fcbcsn&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=hh9j&_cb=_dtspv.c Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Forientalactu.com%2Fportale.bancaitalia.nexi%2Faccedi.html&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip238.ip-158-69-139.net Software nginx/1.14.0 (Ubuntu) / Resource Hash 5bbe3b502b669c6be307323822de40c450a0930455f0ff17fb6538607da65dfa Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 05:50:37 GMT X-T 0.154 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked X-C 0 Content-Type application/javascript Cache-Control no-cache Connection close Expires Fri, 29 Oct 2021 05:50:36 GMT
GET H2	200	tc.js Show response cdn.tynt.com/	17 KB 7 KB	93ms 27ms	Script application/javascript	104.18.28.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/tc.js Requested by Host: waust.at URL: https://waust.at/d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.28.199 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62 Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:50:37 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 27 Aug 2021 20:58:51 GMT server cloudflare age 204663 etag W/"6129520b-431d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 6a5a2099f8e732b6-CDG expires Mon, 01 Nov 2021 05:50:37 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET H2	204	p ic.tynt.com/b/	0 227 B	379ms 124ms	Image text/plain	208.100.17.188 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!gjs5ie67b5&lm=0&ts=1635486637145&dn=TC&iso=0&t=Banca%20D%27Italia%20-%20Alert%20Sicurezza Requested by Host: orientalactu.com URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.188 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip188.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/portale.bancaitalia.nexi/accedi.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:50:37 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	200	v2 Show response de.tynt.com/deb/	4 B 202 B	356ms 112ms	Script application/javascript	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=w!gjs5ie67b5&dn=TC&cc=1&r= Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/tc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software / Resource Hash d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179 Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/portale.bancaitalia.nexi/accedi.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:50:37 GMT cache-control max-age=86400 content-type application/javascript p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" content-length 4 expires Sat, 30 Oct 2021 05:50:37 GMT
GET H2	204	p ic.tynt.com/b/	0 227 B	128ms 128ms	Image text/plain	208.100.17.188 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!gjs5ie67b5&lm=0&ts=1635486637145&dn=TC&iso=0&t=Banca%20D%27Italia%20-%20Alert%20Sicurezza Requested by Host: orientalactu.com URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.188 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip188.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/portale.bancaitalia.nexi/accedi.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:50:37 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	123ms 123ms	Image text/plain	208.100.17.188 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!gjs5ie67b5&lm=0&ts=1635486637145&dn=TC&iso=0&t=Banca%20D%27Italia%20-%20Alert%20Sicurezza Requested by Host: orientalactu.com URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.188 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip188.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/portale.bancaitalia.nexi/accedi.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:50:37 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	123ms 123ms	Image text/plain	208.100.17.188 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!gjs5ie67b5&lm=0&ts=1635486637145&dn=TC&iso=0 Requested by Host: orientalactu.com URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.188 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip188.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/portale.bancaitalia.nexi/accedi.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:50:37 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	124ms 124ms	Image text/plain	208.100.17.188 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!gjs5ie67b5&lm=0&ts=1635486637145&dn=TC&iso=0 Requested by Host: orientalactu.com URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.188 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip188.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/portale.bancaitalia.nexi/accedi.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:50:37 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	123ms 123ms	Image text/plain	208.100.17.188 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!gjs5ie67b5&lm=0&ts=1635486637145&dn=TC&iso=0 Requested by Host: orientalactu.com URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.188 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip188.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/portale.bancaitalia.nexi/accedi.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:50:38 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	124ms 123ms	Image text/plain	208.100.17.188 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!gjs5ie67b5&lm=0&ts=1635486637145&dn=TC&iso=0 Requested by Host: orientalactu.com URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.188 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip188.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://orientalactu.com/portale.bancaitalia.nexi/accedi.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:50:38 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

servizionline.bancaditalia.it

URL

https://servizionline.bancaditalia.it/titillium-web-v4-latin-600.99d941431f3f55fd46ad.woff2

Domain

servizionline.bancaditalia.it

URL

https://servizionline.bancaditalia.it/titillium-web-v4-latin-regular.b4375f78b37bdba3323f.woff2

Domain

servizionline.bancaditalia.it

URL

https://servizionline.bancaditalia.it/titillium-web-v4-latin-700.7694e06a64d08c6d3564.woff2

Domain

servizionline.bancaditalia.it

URL

https://servizionline.bancaditalia.it/titillium-web-v4-latin-300.6c3f043c89f623f06e37.woff2

Domain

servizionline.bancaditalia.it

URL

https://servizionline.bancaditalia.it/titillium-web-v4-latin-regular.18f37b8fccf3e295c232.woff

Domain

servizionline.bancaditalia.it

URL

https://servizionline.bancaditalia.it/titillium-web-v4-latin-600.b060eb46ce914bb63b25.woff

Domain

servizionline.bancaditalia.it

URL

https://servizionline.bancaditalia.it/titillium-web-v4-latin-700.fdb183c419fdb62f5300.woff

Domain

servizionline.bancaditalia.it

URL

https://servizionline.bancaditalia.it/titillium-web-v4-latin-300.0763f869c3cadee6d22d.woff

Domain

servizionline.bancaditalia.it

URL

https://servizionline.bancaditalia.it/titillium-web-v4-latin-regular.7e91f8ef73b5f3865005.ttf

Domain

servizionline.bancaditalia.it

URL

https://servizionline.bancaditalia.it/titillium-web-v4-latin-700.f97db0decff4d838f37a.ttf

Domain

servizionline.bancaditalia.it

URL

https://servizionline.bancaditalia.it/titillium-web-v4-latin-300.833b63057599d1fdd3a3.ttf

Domain

servizionline.bancaditalia.it

URL

https://servizionline.bancaditalia.it/titillium-web-v4-latin-600.365c44da87cfb66a8ec0.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banca d'Italia (Banking)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| _wau string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| _dtspv object| x string| x1 string| x2 object| Tynt object| _33Across function| __uspapi

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dtscout.com/	1970-01-19 22:18:11	Name: m Value: 1
			.dtscout.com/	1970-01-19 22:18:24	Name: b Value: 1
			.dtscout.com/	1970-01-19 22:18:21	Name: oa Value: 1
			.dtscout.com/	1970-01-20 00:42:06	Name: df Value: 1635486636

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Message: Access to font at 'https://servizionline.bancaditalia.it/titillium-web-v4-latin-regular.b4375f78b37bdba3323f.woff2' from origin 'https://orientalactu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://servizionline.bancaditalia.it/titillium-web-v4-latin-regular.b4375f78b37bdba3323f.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Message: Access to font at 'https://servizionline.bancaditalia.it/titillium-web-v4-latin-600.99d941431f3f55fd46ad.woff2' from origin 'https://orientalactu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://servizionline.bancaditalia.it/titillium-web-v4-latin-600.99d941431f3f55fd46ad.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Message: Access to font at 'https://servizionline.bancaditalia.it/titillium-web-v4-latin-700.7694e06a64d08c6d3564.woff2' from origin 'https://orientalactu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://servizionline.bancaditalia.it/titillium-web-v4-latin-700.7694e06a64d08c6d3564.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Message: Access to font at 'https://servizionline.bancaditalia.it/titillium-web-v4-latin-300.6c3f043c89f623f06e37.woff2' from origin 'https://orientalactu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://servizionline.bancaditalia.it/titillium-web-v4-latin-300.6c3f043c89f623f06e37.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Message: Access to font at 'https://servizionline.bancaditalia.it/titillium-web-v4-latin-regular.18f37b8fccf3e295c232.woff' from origin 'https://orientalactu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://servizionline.bancaditalia.it/titillium-web-v4-latin-regular.18f37b8fccf3e295c232.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Message: Access to font at 'https://servizionline.bancaditalia.it/titillium-web-v4-latin-700.fdb183c419fdb62f5300.woff' from origin 'https://orientalactu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://servizionline.bancaditalia.it/titillium-web-v4-latin-700.fdb183c419fdb62f5300.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Message: Access to font at 'https://servizionline.bancaditalia.it/titillium-web-v4-latin-300.0763f869c3cadee6d22d.woff' from origin 'https://orientalactu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://servizionline.bancaditalia.it/titillium-web-v4-latin-300.0763f869c3cadee6d22d.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Message: Access to font at 'https://servizionline.bancaditalia.it/titillium-web-v4-latin-600.b060eb46ce914bb63b25.woff' from origin 'https://orientalactu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://servizionline.bancaditalia.it/titillium-web-v4-latin-600.b060eb46ce914bb63b25.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Message: Access to font at 'https://servizionline.bancaditalia.it/titillium-web-v4-latin-regular.7e91f8ef73b5f3865005.ttf' from origin 'https://orientalactu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://servizionline.bancaditalia.it/titillium-web-v4-latin-regular.7e91f8ef73b5f3865005.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Message: Access to font at 'https://servizionline.bancaditalia.it/titillium-web-v4-latin-300.833b63057599d1fdd3a3.ttf' from origin 'https://orientalactu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://servizionline.bancaditalia.it/titillium-web-v4-latin-300.833b63057599d1fdd3a3.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Message: Access to font at 'https://servizionline.bancaditalia.it/titillium-web-v4-latin-700.f97db0decff4d838f37a.ttf' from origin 'https://orientalactu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://servizionline.bancaditalia.it/titillium-web-v4-latin-700.f97db0decff4d838f37a.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://orientalactu.com/portale.bancaitalia.nexi/accedi.html Message: Access to font at 'https://servizionline.bancaditalia.it/titillium-web-v4-latin-600.365c44da87cfb66a8ec0.ttf' from origin 'https://orientalactu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://servizionline.bancaditalia.it/titillium-web-v4-latin-600.365c44da87cfb66a8ec0.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tynt.com
code.jquery.com
de.tynt.com
ic.tynt.com
orientalactu.com
servizionline.bancaditalia.it
t.dtscout.com
waust.at
whos.amung.us
servizionline.bancaditalia.it
104.18.28.199
158.69.139.238
2001:4de0:ac18::1:a:2a
207.174.214.207
208.100.17.188
2606:4700:20::ac43:4739
67.202.105.31
67.202.114.212
85.159.192.145
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5bbe3b502b669c6be307323822de40c450a0930455f0ff17fb6538607da65dfa
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
88a168b5a9697328b8d90351186e71bb281827c39c24a68e2d9c5de727c187f3
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
9561897c1d9d7f0489092e647704fd3f864ba937b20e22f0d18e0479ca97bc6d
a6c8c3cc7887002a50911309fd6a949238707bdf7b7076756e64c0ea9bc064a8
bf39e1e8a7ac9c4b027a8038e4647070a2ae9d29b3634ef9527ab1b0e8f8ab46
cfab57b71c1fa68bc7a5f9c766053a2eeeee5a5f0bd89fc2712a43aa5931c6b0
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d68c2e80c4ea20111acbc59aea49be2864dd19ffd3563fb390d31e65a76b5c2b
df7eae06601cde3566aeb708e4baddeebf9f90c0e44a46e23d19d4ed88116141
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff7de9ce3627680f079794d02df36687edc8fe5eb48b56833ac52de1fb420a69