www.fituniforms.com
Open in
urlscan Pro
23.229.153.184
Malicious Activity!
Public Scan
Effective URL: https://www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos/foo-autenticazione.php
Submission: On August 28 via automatic, source twitter_phishingalert
Summary
TLS certificate: Issued by COMODO RSA Organization Validation Se... on March 3rd 2015. Valid for: 3 years.
This is the only time www.fituniforms.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Poste Italiane (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 23.229.153.184 23.229.153.184 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
1 | 62.241.12.20 62.241.12.20 | 15720 (Viale Europa) (Viale Europa) | |
1 | 2a00:1450:400... 2a00:1450:4001:824::200a | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
3 | 2a00:1450:400... 2a00:1450:4001:824::2003 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
27 | 4 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-23-229-153-184.ip.secureserver.net
www.fituniforms.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
fituniforms.com
www.fituniforms.com |
116 KB |
3 |
gstatic.com
fonts.gstatic.com |
54 KB |
1 |
googleapis.com
fonts.googleapis.com |
603 B |
1 |
poste.it
www.poste.it |
39 KB |
27 | 4 |
Domain | Requested by | |
---|---|---|
22 | www.fituniforms.com |
www.fituniforms.com
www.poste.it |
3 | fonts.gstatic.com |
www.fituniforms.com
|
1 | fonts.googleapis.com |
www.fituniforms.com
|
1 | www.poste.it |
www.fituniforms.com
|
27 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
fituniforms.com COMODO RSA Organization Validation Secure Server CA |
2015-03-03 - 2018-03-02 |
3 years | crt.sh |
www.poste.it GlobalSign Extended Validation CA - SHA256 - G3 |
2017-03-20 - 2018-03-21 |
a year | crt.sh |
*.googleapis.com Google Internet Authority G2 |
2017-08-15 - 2017-11-07 |
3 months | crt.sh |
*.google.com Google Internet Authority G2 |
2017-08-15 - 2017-11-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos/foo-autenticazione.php
Frame ID: 31529.1
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/ Page URL
- https://www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos/ Page URL
- https://www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos/index.php Page URL
- https://www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos/foo-autenticazione.php Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/ Page URL
- https://www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos/ Page URL
- https://www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos/index.php Page URL
- https://www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos/foo-autenticazione.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request 0- https://www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc
- https://www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/
- https://www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos
- https://www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos/
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/ Redirect Chain
|
56 B 56 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos/ Redirect Chain
|
54 B 54 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.php
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos/ |
333 B 230 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
foo-autenticazione.php
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos/ |
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/datas/ |
115 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/datas/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stylebase.css
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/datas/ |
17 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
www.poste.it/risorse_dt/condivise/javascript/ |
95 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cerc.js
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/datas/ |
13 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/datas/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base-responsive.css
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/datas/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
step1.png
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/datas/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
step2.png
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/datas/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
3 KB 603 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/datas/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
www.fituniforms.com/risorse/condivise/stili/trasversali/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spaces.css
www.fituniforms.com/risorse/condivise/stili/trasversali/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alignment.css
www.fituniforms.com/risorse/condivise/stili/trasversali/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
extra.css
www.fituniforms.com/risorse/condivise/stili/trasversali/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tool.css
www.fituniforms.com/risorse/condivise/stili/trasversali/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/opensans/v14/ |
26 KB 17 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
MTP_ySUJH_bn48VBG8sNSonF5uFdDttMLvmWuJdhhgs.ttf
fonts.gstatic.com/s/opensans/v14/ |
27 KB 18 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
fonts.gstatic.com/s/opensans/v14/ |
27 KB 18 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.jpg
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/datas/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-arrow-blue-right.png
www.fituniforms.com/risorse/applicazioni/login/immagini/ |
377 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-poste-italiane.png
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos/risorse_dt/condivise/immagini/loghi/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spinner_giallo.gif
www.fituniforms.com/PostePay/Poste/69574b092db225bcd39a610b8e01b5fc/pos/risorse_dt/condivise/immagini/generiche/ |
33 KB 33 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Poste Italiane (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.fituniforms.com/ | Name: PHPSESSID Value: 67b55e6f78724d5e8c2e6a28516596be |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
www.fituniforms.com
www.poste.it
23.229.153.184
2a00:1450:4001:824::2003
2a00:1450:4001:824::200a
62.241.12.20
037a39eec6221c63c7fd2cac24eaada00552b8a9498271f854118ffa9d9fb540
0c9c33bb5a28509425a32af12df67a7a8b93d1b108ff837e2f49db4d88bb846c
13bae504416b265dbe0e362a3db27d606a65c93f84ae46bc2152f9b3ffc2c063
20a09a5ee6e493db5e4f44ee2f25809cf77ce1f42d0466456dcfc1cf236128a6
3d7ddadc31f4b901efd6534b32b55418be887cf18cf323d32ac2b9b20e21b6e4
4b76e5a6a06f430c4c3c7a801632cf646f4fac8bbe919ff14938396abb08ae0f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
793c9557c2fcfd79a48b2ace2d2c2e6a14a09f50d1d3812828838623d643e455
7c042b9c33d1a3b0b9f1e5d928db274f931fdd721476fdf34453872b7615fa11
7dd58a918046093c157c030be6774b2360d43529e2393f3b665c4727e6e3df61
7f72449525b33424e893eab641aa9cb176ce0c116e4b363efc1789953e267600
8d01122df167a58a107f65f3e513721926370e324798f534e3fabf757053646b
9c09627b7a15884c76b7d2df6a35130f29fe5d3d99e67593e065f3c3472374e8
a2c822593d56103441feb46e59b2c8b65a6bfd8af349ff9d93c21c580d2ba0b7
b689a3500d9589fd82d08463be65505a8ac1a6d58548ec1ace0ac64f3c3e0b58
ea638c8244c7a5cc50e617807b1fc35637430f976e8210ef3d560a5eb059e5f5
ee0e9f094fef6c441e46b19edf26f0ee28a0c5a7369d50afe660a5833a564389
f6dcac5c1922117ab0cb01e076b86caab0c416d95d17d7d7781ec7d5233d739b
f7ab5767711fdbb908f5eac77f922ed355bce39e960e42dfdcd64d86848cd0b2
f8f7011da51c1d4c55a123107fa854c1750daff3c8dcc3331e0c0633727c797d