www.produzionitipichesalentine.it
Open in
urlscan Pro
94.177.168.163
Malicious Activity!
Public Scan
Submission: On March 11 via manual from IT
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on March 1st 2020. Valid for: 3 months.
This is the only time www.produzionitipichesalentine.it was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sparkasse (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 94.177.168.163 94.177.168.163 | 31034 (ARUBA-ASN) (ARUBA-ASN) | |
5 | 213.150.6.28 213.150.6.28 | 12895 (IT-AUSTRI...) (IT-AUSTRIA Vienna) | |
15 | 3 |
ASN31034 (ARUBA-ASN, IT)
PTR: host163-168-177-94.serverdedicati.aruba.it
www.produzionitipichesalentine.it |
ASN12895 (IT-AUSTRIA Vienna, Austria, AT)
PTR: login.sparkasse.at
login.sparkasse.at |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
produzionitipichesalentine.it
www.produzionitipichesalentine.it |
72 KB |
5 |
sparkasse.at
login.sparkasse.at |
55 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
6 | www.produzionitipichesalentine.it |
www.produzionitipichesalentine.it
|
5 | login.sparkasse.at |
www.produzionitipichesalentine.it
|
15 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
login.sparkasse.at |
www.sparkasse.at |
Subject Issuer | Validity | Valid | |
---|---|---|---|
produzionitipichesalentine.it Let's Encrypt Authority X3 |
2020-03-01 - 2020-05-30 |
3 months | crt.sh |
login.sparkasse.at DigiCert SHA2 Extended Validation Server CA |
2019-05-13 - 2020-05-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.produzionitipichesalentine.it//modules/jmsslider/views/img/layers/alexus/cache/me/
Frame ID: F1B6429A920D73C927FB76E36D67CB00
Requests: 19 HTTP requests in this frame
8 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Title: Datenschutz
Search URL Search Domain Scan URL
Title: Geschäftsbedingungen
Search URL Search Domain Scan URL
Title: Service & Kontakt
Search URL Search Domain Scan URL
Title: App statt SMS - s Identity: Die neue Freigabemethode.
Search URL Search Domain Scan URL
Title: Sie nutzen s Identity und brauchen einen neuen Aktivierungscode?
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www.produzionitipichesalentine.it//modules/jmsslider/views/img/layers/alexus/cache/me/ |
0 293 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.produzionitipichesalentine.it//modules/jmsslider/views/img/layers/alexus/cache/me/ |
253 KB 71 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MrzQfuEGGBFphCI.css
login.sparkasse.at/ |
159 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Doppel-Logo_o_Claim.svg
login.sparkasse.at/sts/images/logos/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
George-symbol.svg
login.sparkasse.at/sts/images/clients/ |
915 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bankcard.gif
login.sparkasse.at/sts/images/ |
49 KB 50 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1z87wC3bGvE0.gif
login.sparkasse.at/ |
43 B 146 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
7374732f6f617574682f617574686f72697a65.js
login.sparkasse.at/KfE1bB30fy/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0819247478ab18008b73dda13a5137bbd1e905bd54562c74a05a89cda9e8d1af.js
login.sparkasse.at/9ig6dOujn/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
900 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
erstewf-bold-webfont.woff
www.produzionitipichesalentine.it//modules/jmsslider/views/img/layers/alexus/cache/me/DST_ErsteWeb/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
erstewf-book-webfont.woff
www.produzionitipichesalentine.it//modules/jmsslider/views/img/layers/alexus/cache/me/DST_ErsteWeb/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
webtrekk_v4.min.js
login.sparkasse.at/sts/scripts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
erstewf-bold-webfont.ttf
www.produzionitipichesalentine.it//modules/jmsslider/views/img/layers/alexus/cache/me/DST_ErsteWeb/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
login.sparkasse.at/Q2wS57y/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
erstewf-book-webfont.ttf
www.produzionitipichesalentine.it//modules/jmsslider/views/img/layers/alexus/cache/me/DST_ErsteWeb/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.sparkasse.at
- URL
- https://login.sparkasse.at/KfE1bB30fy/7374732f6f617574682f617574686f72697a65.js
- Domain
- login.sparkasse.at
- URL
- https://login.sparkasse.at/9ig6dOujn/0819247478ab18008b73dda13a5137bbd1e905bd54562c74a05a89cda9e8d1af.js
- Domain
- login.sparkasse.at
- URL
- https://login.sparkasse.at/sts/scripts/webtrekk_v4.min.js
- Domain
- login.sparkasse.at
- URL
- https://login.sparkasse.at/Q2wS57y/?m=4056e4967d485fabd6f44f5c30e570ddb39cc62c71f747c8664a08370b905c1d7f87e612432c9eab9f5d4172212aec665059f634b5f21046f0bcae36a46050b4c9ccd040a38685e3a10d5ef652f55d81460cd521769f2c14dc1a488f32f05cb67a185abe4a22a9167ee14c1b4d89e84e7f4d6259af6df861af6067695fec6afd3c7748919551f10466aa31d2ae8428df73d9f3dae662a4ec7b7b249ddb533332a0a4581ff53d73c6f7ee893a02acc9cddb5fb42787723f70c2eff02c95231b17e81543607e823c1abc82dff4a4d49636b10e6475795ad8e444c6b89bc85036ecc077cd1c55e8707f0c4950e1115b858cb5e08c6d213fceef62d630c3d7e5339ddf6702921d7a01e4df597dc64f27577d401e54c951c320d01c380f3df3bad5c3e4678a2b775d0fac6f6e6f6862ca5968abe509399a9d98a94e0f8e
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sparkasse (Banking)41 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| keepalive function| setupKeepaliveInterval number| FLIP_ICON_HEIGHT undefined| myWindow function| sumNumbers function| doRwd function| calcCol2Height function| calcVisibleWhiteboxHeight function| centerpage function| confirmmsg function| windowtracker function| $ function| jQuery object| reWhiteSpace function| Utf8Encode function| htmlToJsConversion function| nbalert function| setFldFocus function| isWhiteSpace function| isEmpty function| doDisableSpecifiedForm function| doSubmitAndDisable function| jsxEncrypt function| encodeToHex object| STS function| setFocus function| displayError function| checkUser function| submitCredentials function| submitCancelLoginForm undefined| ie9rgb4 boolean| IOGM string| anti_fraud boolean| bLauNCTx boolean| Tpimob object| STSCookieBanner object| pageConfig undefined| wt object| username0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.sparkasse.at
www.produzionitipichesalentine.it
login.sparkasse.at
213.150.6.28
94.177.168.163
04cf169a10f64a9ce6b5650e37e047651690b18b238e1f431636aa292d6fb600
2c1df40f4051396160404a97f1d2fdb72bd3c9a389c94d8a576efab514b27d9b
48c24fd8fb19b02949a64918eb768e58dbe70210ad7de1f7f78dfc0052dfde82
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
897068c8bd6aa8976df5356dd5a83a1f031b55674e30a870243d5a5c78215893
ac46b34d79ab1942b00cfcf903cf75e0e2ed9f354ed493a2cf7d5fa0d85c569b
b0f484443bd01c61cebbfb1c3abe4a253e3a0c314150025521712fefc3284224
b8bb52fdbcbdc0b034daee432a3eb2f3232cb0ba16a3eb527bae55cdbc4aaa96
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
fcefa276f4f9af1acd48ef626f2c53be9990253a7498d22bae50689baa834af7