imigani.com
Open in
urlscan Pro
93.104.213.49
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On May 14 via api from GB
Summary
This is the only time imigani.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Unicredit (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
31 | 93.104.213.49 93.104.213.49 | 8767 (MNET-AS G...) (MNET-AS Germany) | |
1 | 194.149.233.150 194.149.233.150 | 15515 (UNICREDIT...) (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16) | |
32 | 2 |
ASN8767 (MNET-AS Germany, DE)
PTR: loft96.milegamerz.com
imigani.com |
ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT)
online.bankaustria.at |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
imigani.com
imigani.com |
314 KB |
1 |
bankaustria.at
online.bankaustria.at |
1 KB |
32 | 2 |
Domain | Requested by | |
---|---|---|
31 | imigani.com |
imigani.com
|
1 | online.bankaustria.at |
imigani.com
|
32 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
online.bankaustria.at |
Subject Issuer | Validity | Valid | |
---|---|---|---|
online.bankaustria.at Actalis Extended Validation Server CA G2 |
2019-06-06 - 2020-06-06 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
http://imigani.com/LoginBusinessNet.html
Frame ID: 7EB950AEEC460CE75A2FA6B8D319DB8D
Requests: 30 HTTP requests in this frame
Frame:
http://imigani.com/Bank%20Austria_files/logout.html
Frame ID: 8A84B62CF09C37A3176BE2F57148B8A9
Requests: 1 HTTP requests in this frame
Frame:
http://imigani.com/Bank%20Austria_files/logout(1).html
Frame ID: 0C012307738D952DCC3B01A361713B21
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Deutsch
Search URL Search Domain Scan URL
Title: English
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
LoginBusinessNet.html
imigani.com/ |
38 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unicredit_style_aggregator.css
imigani.com/Bank%20Austria_files/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usecon_style_aggregator.css
imigani.com/Bank%20Austria_files/ |
54 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.6.1.min.js.download
imigani.com/Bank%20Austria_files/ |
129 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cookie.js.download
imigani.com/Bank%20Austria_files/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dojo.js.download
imigani.com/Bank%20Austria_files/ |
275 KB 77 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenAjaxManagedHub-all.js.download
imigani.com/Bank%20Austria_files/ |
53 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all_min.css
imigani.com/Bank%20Austria_files/ |
55 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unicredit_aggregator.js.download
imigani.com/Bank%20Austria_files/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BKA-icon01.gif
imigani.com/Bank%20Austria_files/ |
826 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginDIVResize.js.download
imigani.com/Bank%20Austria_files/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s_code.js.download
imigani.com/Bank%20Austria_files/ |
35 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BA+logo.png
imigani.com/Bank%20Austria_files/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.alerts.custom.js.download
imigani.com/Bank%20Austria_files/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
deviceprint.js.download
imigani.com/Bank%20Austria_files/ |
48 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
newLogin.css
imigani.com/Bank%20Austria_files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unicredit_NEW_login_style_aggregator.css
imigani.com/Bank%20Austria_files/ |
26 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
teaser_1.jpg
imigani.com/Bank%20Austria_files/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
teaser_2.jpg
imigani.com/Bank%20Austria_files/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
teaser_3.jpg
imigani.com/Bank%20Austria_files/ |
38 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
teaser_4.jpg
imigani.com/Bank%20Austria_files/ |
26 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config_js.jsp
imigani.com/Bank%20Austria_files/ |
5 KB 5 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dojo_en.js
imigani.com/wps/portal_dojo/v1.4.3/dojo/nls/ |
85 B 437 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spritex.png
imigani.com/images/ |
85 B 85 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite.png
imigani.com/images/ |
85 B 85 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
topbar_buttons_arrow-down.png
imigani.com/images/ |
85 B 85 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ptsans-regular.woff
imigani.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logout.html
imigani.com/Bank%20Austria_files/ Frame 8A84 |
203 B 709 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logout(1).html
imigani.com/Bank%20Austria_files/ Frame 0C01 |
2 KB 726 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_button.gif
online.bankaustria.at/wps/PA_IPS-PSA-LOGIN/_UnicoLoginPortlet/images/ |
976 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
leftnav_arrow-right-grey.png
imigani.com/images/ |
85 B 85 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ptsans-regular.ttf
imigani.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Unicredit (Banking)98 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| sizeFrame undefined| $ function| jQuery function| $j object| djConfig object| dojo object| dijit object| dojox object| com object| ibm object| OpenAjax string| style function| actionIframe function| doMethod function| elementVisibility function| setCookie function| createCookie function| readCookie function| goToLocation string| GRAY_HEADER_NAME string| RED_HEADER_NAME string| BREADCRUMB_NAME string| GRAY_FOOTER_NAME function| changeMarginSize object| jQuery16107482131426862151 string| s_account object| s function| s_doPlugins string| s_code undefined| s_objectID function| s_gi function| s_giqf string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq function| jAlert function| jConfirm function| jConfirmFallback function| jPrompt function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity function| getLinkChangeReb object| ibmPortalCPConfig0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
imigani.com
online.bankaustria.at
194.149.233.150
93.104.213.49
04bd7d1579a88cbda42d1fe58f38133ca654175b132bf101ac4be5f0d0e84959
0ac10dcb3b48763e7eff2b517772b0badee80db45648f8048ec080ebca690b24
0f1a7481c3884613af77784418e609a467cd1237f21cc41af24f141219dc8757
125cac055196b0ff4e3551b473c6c5647c03b48c2d1eacaed8b860ca2eb407e1
1860d5e97334b77ded0c7ab0acbb2937712ae1056a583c2da02502ff95219cda
1c3c5290cbe4ad3dbe086398f576b07875027e744dcbccbd67941f67e4582b27
28fbd9c8494c2193b59938b37868edf220ba70fe699632ccb9fa57b997c6193b
3a4996f428ceb79fdd1cfef17d760e41b173c0127cd8c69249575065f4a31891
3a5be463d96216c9e6b7b92eab26b6fdfbdb80e05fdb84c0f8c16bf26e310997
4077401d3b237c0663ef8dd2779d31181caf582ff3b45f537ab017bb0b658a92
6065a4f221ff9c1a6425c1a248fb539b280c24f199937702e23c3bb9e50fdae5
60a1d30822ae91d7e7d2edc69547221f3cb0111cc201e07e480b6bfd335e0688
6f2f3bd88d9eb92e9f33900d17d88f660b50ff59108787f293397287a9051fcd
7a1312bb46e7fd442e4af04c8e459da6c1aafd9ad5410f070aa5fe29fa478a5f
81d4df89a94cf9608d04d6920ff83c4249f2bba0fd684d2b7f1316760ad3071e
86cdd1e7c64a58fca4cd1965c8558b4392364113e485b2444f4e945ac83636c0
95327658632bdc8ed881aa2e766427708692d6e52562b2b9b113280c420aa508
99930684b9180e48e062ff1a0a5848b1b83f5a5d3cb37329f9dc04697e95182e
a5f7661e48889bdc268c49a096159e0da6a75be1869df3080fb118b1e2676522
b651844c81a11850aaac6930b95006d8c23caf941d7726d02ce3629e033e4506
c5dfc52e158210d452c3af6a42a5a0867a15318c25bdd6830db260b2adb6a004
ccbe00a2b6cbb3d79a6c42409cf01ea3514731637d4e42ce4c2107343d5fae19
ea665b7844e3a952082a7a5724a53438feb3632da960dbe81bade988481d24ff
ece17fbfa2e4713aa90a067bb26f607386412ebe24d1db5d7d7b52365afdf020
eee47c3d0cab9c35f658ac01eecc9dfe40025a67f2315f14294ddc1139702df8
fe9c9fe80a8e07dde33aa52b6690f22b6c67107646a738474ddae9e45f765937