spa-it-login-form.itsaol.com Open in urlscan Pro
185.80.129.231 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://riflessologiaplantarecagliari.it/.uni/
Effective URL:
https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/
Submission Tags: falconsandbox
Submission: On October 31 via api (October 31st 2022, 9:32:16 pm UTC) from US — Scanned from IT

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 33 HTTP transactions. The main IP is 185.80.129.231, located in Lithuania and belongs to VPSNET-AS, LT. The main domain is spa-it-login-form.itsaol.com.
TLS certificate: Issued by R3 on October 30th 2022. Valid for: 3 months.

This is the only time spa-it-login-form.itsaol.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Unicredit (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	46.252.151.236 46.252.151.236	60087 (ASSUPERNOVA) (ASSUPERNOVA)
2 33	185.80.129.231 185.80.129.231	61053 (VPSNET-AS) (VPSNET-AS)
2	194.76.227.106 194.76.227.106	207408 (SERVINGA-EE) (SERVINGA-EE)
33	3

1 46.252.151.236 (Italy) 1 redirects

ASN60087 (ASSUPERNOVA, IT)
PTR: hostingssd75-236.netsons.net

riflessologiaplantarecagliari.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 185.80.129.231 (Lithuania) 2 redirects

ASN61053 (VPSNET-AS, LT)

spa-it-login-form.itsaol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.76.227.106 (Tallinn, Estonia)

ASN207408 (SERVINGA-EE, DE)

cartoficubranza.itsaol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	itsaol.com 2 redirects spa-it-login-form.itsaol.com cartoficubranza.itsaol.com	3 MB
1	riflessologiaplantarecagliari.it 1 redirects riflessologiaplantarecagliari.it	296 B
33	2

	Domain	Requested by
33	spa-it-login-form.itsaol.com	2 redirects spa-it-login-form.itsaol.com
2	cartoficubranza.itsaol.com	spa-it-login-form.itsaol.com
1	riflessologiaplantarecagliari.it	1 redirects
33	3

This site contains no links.

Subject Issuer	Validity	Valid
spa-it-login-form.itsaol.com R3	`2022-10-30` - `2023-01-28`	3 months	crt.sh
cartoficubranza.itsaol.com R3	`2022-10-15` - `2023-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/
Frame ID: A9102193A8C94C82DE808A5DDF66E333
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UniСredit Bаnса: Соnti соrrenti, Prestiti, Саrte e Investimenti

Page URL History Show full URLs

https://riflessologiaplantarecagliari.it/.uni/ HTTP 302
https://spa-it-login-form.itsaol.com/uc/ HTTP 302
https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/ HTTP 302
https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

3112 kB
Transfer

3102 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://riflessologiaplantarecagliari.it/.uni/ HTTP 302
https://spa-it-login-form.itsaol.com/uc/ HTTP 302
https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/ HTTP 302
https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/ Redirect Chain https://riflessologiaplantarecagliari.it/.uni/ https://spa-it-login-form.itsaol.com/uc/ https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/? https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/?	48 KB 48 KB	70ms 69ms	Document text/html	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16 Resource Hash `ae3779c6cc62408db0ac5aedf6fb5c46429c09ae1aa62544444f9349332dab81` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Mon, 31 Oct 2022 21:32:11 GMT Keep-Alive timeout=5, max=98 Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 Transfer-Encoding chunked X-Powered-By PHP/5.4.16 Redirect headers Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Mon, 31 Oct 2022 21:32:10 GMT Keep-Alive timeout=5, max=99 Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 X-Powered-By PHP/5.4.16 location login/?
GET H/1.1	200 OK	jquery.min.js Show response spa-it-login-form.itsaol.com/uc/bower_components/jquery/dist/	85 KB 85 KB	273ms 61ms	Script application/javascript	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/bower_components/jquery/dist/jquery.min.js Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Sun, 04 Jun 2017 23:55:06 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "15283-5512b1d9faa80" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 86659
GET H/1.1	200 OK	ua-parser.min.js Show response spa-it-login-form.itsaol.com/uc/bower_components/ua-parser-js/dist/	17 KB 17 KB	272ms 61ms	Script application/javascript	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/bower_components/ua-parser-js/dist/ua-parser.min.js Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Thu, 12 Oct 2017 04:16:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "4298-55b51cda25600" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 17048
GET H/1.1	200 OK	font-awesome.min.css spa-it-login-form.itsaol.com/uc/bower_components/font-awesome/css/	30 KB 31 KB	209ms 61ms	Stylesheet text/css	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/bower_components/font-awesome/css/font-awesome.min.css Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Sun, 09 Apr 2017 00:29:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "7918-54cb0f355e100" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 31000
GET H/1.1	200 OK	css.css spa-it-login-form.itsaol.com/uc/login/form/	424 B 738 B	270ms 60ms	Stylesheet text/css	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/form/css.css Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `5a87ab40c556c444c19121d72e6bd49c39c860265e00a1dc0146e1d3a3193fd1` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Thu, 22 Nov 2018 13:52:32 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "1a8-57b412d9e6800" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 424
GET H/1.1	200 OK	etc01.png spa-it-login-form.itsaol.com/uc/login/	924 B 1 KB	73ms 61ms	Image image/png	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://spa-it-login-form.itsaol.com/uc/login/etc01.png Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `705a4996f7b4dbd5bc22eec596d9b6480563938c73dec3f7f57ad31403b9e790` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Tue, 20 Nov 2018 08:55:28 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "39c-57b14cb8b0000" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 924
GET H/1.1	200 OK	bootstrap.css spa-it-login-form.itsaol.com/uc/login/	143 KB 143 KB	61ms 61ms	Stylesheet text/css	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/bootstrap.css Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `b01a132d67911824c606f6138c75960eb09ce8e4ad06c0045518603dcd2e4afc` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Tue, 20 Nov 2018 14:37:12 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "23a78-57b1991ad3600" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 146040
GET H/1.1	200 OK	font-families.css spa-it-login-form.itsaol.com/uc/login/	2 KB 2 KB	63ms 62ms	Stylesheet text/css	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/font-families.css Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `c453584ab3d9f150db9d72995040541ad6d4c57f16dba4920864c2d84fd1a0c3` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Tue, 20 Nov 2018 09:28:12 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "7b0-57b15409b4300" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1968
GET H/1.1	200 OK	font_public.css spa-it-login-form.itsaol.com/uc/login/	38 KB 38 KB	62ms 61ms	Stylesheet text/css	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/font_public.css Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `7840a0189a3f40d335e47aa8e2c5b6e97a94881fc4e3812e654dcf7fab4a8d82` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Mon, 19 Nov 2018 20:02:50 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "97ca-57b0a00640e80" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 38858
GET H/1.1	200 OK	font_extra.css spa-it-login-form.itsaol.com/uc/login/	47 KB 48 KB	64ms 61ms	Stylesheet text/css	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/font_extra.css Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `0caa580cfb101af5584b2636965829b0b8be12959bbc186c2a9b4159c0658723` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Mon, 19 Nov 2018 20:02:20 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "bdf0-57b09fe9a4b00" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 48624
GET H/1.1	200 OK	font_mutui.css spa-it-login-form.itsaol.com/uc/login/	2 KB 2 KB	63ms 61ms	Stylesheet text/css	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/font_mutui.css Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `8014a4c879dcbe838e833d893ca21a011362313fd11242a9a21e5b0359d4d3ed` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Mon, 19 Nov 2018 20:02:16 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "647-57b09fe5d4200" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1607
GET H/1.1	200 OK	font_multicolor.css spa-it-login-form.itsaol.com/uc/login/	41 KB 42 KB	131ms 67ms	Stylesheet text/css	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/font_multicolor.css Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `d6a8220b977fa2c93709a5ba92f5eade8ccadf4a99a0b4ead91358ed9b06886f` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Mon, 19 Nov 2018 20:02:16 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "a5e6-57b09fe5d4200" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 42470
GET H/1.1	200 OK	font_mono.css spa-it-login-form.itsaol.com/uc/login/	21 KB 21 KB	67ms 63ms	Stylesheet text/css	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/font_mono.css Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `41df6e04a208213aec3450aa313c14344af73d5a80321a557ed5f3ba383b4d27` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Mon, 19 Nov 2018 20:02:08 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "531c-57b09fde33000" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 21276
GET H/1.1	200 OK	main.css spa-it-login-form.itsaol.com/uc/login/	367 KB 367 KB	70ms 61ms	Stylesheet text/css	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/main.css Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `5926ca7d3fa05d922f3fe1de417aa230d77f586911dfdab5d1b57af272c267ce` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Tue, 20 Nov 2018 14:38:22 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "5bc16-57b1995d95380" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 375830
GET H/1.1	200 OK	common.css spa-it-login-form.itsaol.com/uc/login/	330 KB 330 KB	114ms 60ms	Stylesheet text/css	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/common.css Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `61db57d20d976821ee83076caf40c2e20c341e599bbafc8bed90494a9f390f07` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Tue, 20 Nov 2018 14:38:36 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "52620-57b1996aef300" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 337440
GET H/1.1	200 OK	login-common.min.301020181138.css spa-it-login-form.itsaol.com/uc/login/	322 B 635 B	61ms 61ms	Stylesheet text/css	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/login-common.min.301020181138.css Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `2fcf00a2595063ad2da641bdf062d9ba78947196493de35cff9db2802d9266ac` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Tue, 20 Nov 2018 09:29:26 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "142-57b1545046980" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 322
GET H/1.1	200 OK	login.min.301020181138.css spa-it-login-form.itsaol.com/uc/login/	12 KB 12 KB	62ms 61ms	Stylesheet text/css	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/login.min.301020181138.css Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `e3cc8cf693c37f205259e653279624abd91896141d39e873cc157e8039226229` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Tue, 20 Nov 2018 09:29:26 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "2ece-57b1545046980" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 11982
GET H/1.1	200 OK	trasparenza.png spa-it-login-form.itsaol.com/uc/login/	4 KB 5 KB	66ms 64ms	Image image/png	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://spa-it-login-form.itsaol.com/uc/login/trasparenza.png Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `56f26c94a3f02e30f5149f672e901db31c782202ebb261cad84ed8b4810236e1` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Tue, 20 Nov 2018 08:55:28 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "1157-57b14cb8b0000" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 4439
GET H/1.1	200 OK	1497278182294.png spa-it-login-form.itsaol.com/uc/login/	658 B 972 B	65ms 64ms	Image image/png	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://spa-it-login-form.itsaol.com/uc/login/1497278182294.png Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `f1cc6117fafce6d72486f5f547a96cab28fe68b4efdc0dbea5f2ddb8a9578b16` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Tue, 20 Nov 2018 08:55:28 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "292-57b14cb8b0000" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 658
GET H/1.1	200 OK	1497278182294_001.png spa-it-login-form.itsaol.com/uc/login/	1 KB 2 KB	61ms 61ms	Image image/png	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://spa-it-login-form.itsaol.com/uc/login/1497278182294_001.png Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `4a8f4bb92cdad151318623ae735a6e038bc20578aeb3403c6913f37d4043bb0f` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Tue, 20 Nov 2018 08:55:28 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "531-57b14cb8b0000" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1329
GET H/1.1	200 OK	form.js Show response spa-it-login-form.itsaol.com/uc/login/form/	10 KB 10 KB	63ms 63ms	Script application/javascript	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/form/form.js?v=63603edb035ff Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `a875bddc884735e8b7df96a69ae69535455276de2f813c227acbf23afea30259` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Fri, 30 Nov 2018 07:29:22 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "27b9-57bdcc209d880" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 10169
GET H/1.1	200 OK	token.js Show response spa-it-login-form.itsaol.com/uc/login/token/	13 KB 13 KB	66ms 63ms	Script application/javascript	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/token/token.js?v=63603edb0360f Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `55b8c1aa34bafb918f1e55d3e201af01b2d488ad7dac543615e15b1fb7018842` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:11 GMT Last-Modified Thu, 18 Apr 2019 12:24:58 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "3266-586cd1720da80" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 12902
GET H/1.1	200 OK	unicredit-regular.otf spa-it-login-form.itsaol.com/uc/login/	98 KB 98 KB	61ms 61ms	Font application/vnd.oasis.opendocument.formula-template	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/unicredit-regular.otf Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/login/font-families.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `fb3eee259238bb8f097a10f92ad30df49fe02fa3889ee4ee64407514840383a5` Request headers Referer https://spa-it-login-form.itsaol.com/uc/login/font-families.css Origin https://spa-it-login-form.itsaol.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:12 GMT Last-Modified Tue, 20 Nov 2018 08:55:28 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "186c0-57b14cb8b0000" Content-Type application/vnd.oasis.opendocument.formula-template Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 100032
GET DATA	200 OK	truncated /	26 KB 26 KB		Font application/x-font-ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `da70ce90dde2976728a929557f1d44e35321319fc31c4401b295774d126b778c` Request headers Referer Origin https://spa-it-login-form.itsaol.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Type application/x-font-ttf;charset=utf-8
GET DATA	200 OK	truncated /	15 KB 15 KB		Font application/x-font-ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a5c964a414eb15eb56362cc8a76fb9138bec99a78ac0060a18f71f23ba9eee74` Request headers Referer Origin https://spa-it-login-form.itsaol.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Type application/x-font-ttf;charset=utf-8
GET H/1.1	200 OK	unicredit-medium.otf spa-it-login-form.itsaol.com/uc/login/	114 KB 115 KB	62ms 61ms	Font application/vnd.oasis.opendocument.formula-template	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/unicredit-medium.otf Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/login/font-families.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `2ad850adfd4c44eca0fb84badbd18222af65c98d9086d5175b22d3b02f1fe67c` Request headers Referer https://spa-it-login-form.itsaol.com/uc/login/font-families.css Origin https://spa-it-login-form.itsaol.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:12 GMT Last-Modified Tue, 20 Nov 2018 08:55:28 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "1c9fc-57b14cb8b0000" Content-Type application/vnd.oasis.opendocument.formula-template Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 117244
GET DATA	200 OK	truncated /	13 KB 13 KB		Font application/x-font-ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `55f78980cb6d2751be861d8cc3c0469257c1d488e085f58b99c088b7d6825401` Request headers Referer Origin https://spa-it-login-form.itsaol.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Type application/x-font-ttf;charset=utf-8
GET H/1.1	200 OK	1840x450_overlaysmartvoucher.jpg spa-it-login-form.itsaol.com/uc/login/	513 KB 514 KB	61ms 61ms	Image image/jpeg	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://spa-it-login-form.itsaol.com/uc/login/1840x450_overlaysmartvoucher.jpg Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `626444656cdc40048b00ddc9eebf8bbdf38f01693bcadbc696e33bf889d6a81c` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:12 GMT Last-Modified Tue, 20 Nov 2018 08:55:28 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "80539-57b14cb8b0000" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 525625
GET H/1.1	200 OK	1840x450_overlay_matrimonio.jpg spa-it-login-form.itsaol.com/uc/login/	363 KB 363 KB	62ms 61ms	Image image/jpeg	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://spa-it-login-form.itsaol.com/uc/login/1840x450_overlay_matrimonio.jpg Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `1607e6c7ff7f053cedd33c115cbb2828f78bd941cfd94535f421f4704dba066f` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:12 GMT Last-Modified Tue, 20 Nov 2018 08:55:28 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "5aa3d-57b14cb8b0000" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 371261
GET H/1.1	200 OK	subitocasa_1840x450_1808_hb.jpg spa-it-login-form.itsaol.com/uc/login/	482 KB 482 KB	61ms 61ms	Image image/jpeg	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://spa-it-login-form.itsaol.com/uc/login/subitocasa_1840x450_1808_hb.jpg Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `acb942721fe035159b21f33d5a30d4f629ba467ca6f9bb87d7a2cdd41bb7a2d4` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:12 GMT Last-Modified Tue, 20 Nov 2018 08:55:28 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "78754-57b14cb8b0000" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 493396
GET H/1.1	200 OK	sprite-common.png spa-it-login-form.itsaol.com/uc/login/	22 KB 22 KB	61ms 60ms	Image image/png	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://spa-it-login-form.itsaol.com/uc/login/sprite-common.png Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/login/common.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `9ba28c18fb75f3a6fcee96df6421c475570a4161b0c59637b878d7b4520169c3` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/login/common.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:12 GMT Last-Modified Tue, 20 Nov 2018 08:55:28 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "58ad-57b14cb8b0000" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 22701
GET H/1.1	200 OK	unicredit-light.otf spa-it-login-form.itsaol.com/uc/login/	102 KB 103 KB	92ms 61ms	Font application/vnd.oasis.opendocument.formula-template	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/unicredit-light.otf Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/login/font-families.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `d91ea6df371995153328efe12017133994e9e25881f620ee00942462251cfeaa` Request headers Referer https://spa-it-login-form.itsaol.com/uc/login/font-families.css Origin https://spa-it-login-form.itsaol.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:12 GMT Last-Modified Tue, 20 Nov 2018 08:55:28 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "19930-57b14cb8b0000" Content-Type application/vnd.oasis.opendocument.formula-template Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 104752
GET H/1.1	200 OK	login-sprite.png spa-it-login-form.itsaol.com/uc/login/	4 KB 4 KB	147ms 60ms	Image image/png	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://spa-it-login-form.itsaol.com/uc/login/login-sprite.png Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/login/login.min.301020181138.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `d1fd304ce1783090c465fd5cee414c2a09b2134555742d2a51a2d397fd116ac0` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/uc/login/login.min.301020181138.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:12 GMT Last-Modified Tue, 20 Nov 2018 08:55:28 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "f9e-57b14cb8b0000" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 3998
GET DATA	200 OK	truncated /	26 KB 26 KB		Font application/x-font-ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `1ed4e687d0372417996e6b3023435865b27facbb60c6f54b69ccdaca66960f6d` Request headers Referer Origin https://spa-it-login-form.itsaol.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Type application/x-font-ttf;charset=utf-8
GET H/1.1	200 OK	unicredit-bold.otf spa-it-login-form.itsaol.com/uc/login/	111 KB 111 KB	123ms 63ms	Font application/vnd.oasis.opendocument.formula-template	185.80.129.231 VPSNET-AS
General Check archive.org Show headers Download Go to Full URL https://spa-it-login-form.itsaol.com/uc/login/unicredit-bold.otf Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/login/font-families.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.129.231 , Lithuania, ASN61053 (VPSNET-AS, LT), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash `94592c8edc66ab81c193ce386b298c8e25ea16540af28df2b703d533490959b7` Request headers Referer https://spa-it-login-form.itsaol.com/uc/login/font-families.css Origin https://spa-it-login-form.itsaol.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:12 GMT Last-Modified Tue, 20 Nov 2018 08:55:28 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "1bc48-57b14cb8b0000" Content-Type application/vnd.oasis.opendocument.formula-template Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 113736
GET H/1.1	200 OK	gate.php Show response cartoficubranza.itsaol.com/soft/uadmin//	58 B 260 B	352ms 76ms	Script application/javascript	194.76.227.106 SERVINGA-EE
General Check archive.org Show headers Download Go to Full URL https://cartoficubranza.itsaol.com/soft/uadmin//gate.php?pl=token&link=uni.it&bid=d20a5a4b23d281bbfdf27e3899a47c2a&callback=jQuery321043748548314281344_1667251931345&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1667251931346 Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 194.76.227.106 Tallinn, Estonia, ASN207408 (SERVINGA-EE, DE), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash `158a0f62f04f379b51944541d2976aedab4a1a494321f7636a9ae8d404f2433b` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:12 GMT Server Apache/2.4.18 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 58 Content-Type application/javascript
GET H/1.1	200 OK	gate.php Show response cartoficubranza.itsaol.com/soft/uadmin//	58 B 260 B	346ms 71ms	Script application/javascript	194.76.227.106 SERVINGA-EE
General Check archive.org Show headers Download Go to Full URL https://cartoficubranza.itsaol.com/soft/uadmin//gate.php?pl=token&link=uni.it&bid=d20a5a4b23d281bbfdf27e3899a47c2a&callback=jQuery321043748548314281344_1667251931347&data=%7B%22mes%22%3A%22User%20on%20Login%20page%22%7D&_=1667251931348 Requested by Host: spa-it-login-form.itsaol.com URL: https://spa-it-login-form.itsaol.com/uc/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 194.76.227.106 Tallinn, Estonia, ASN207408 (SERVINGA-EE, DE), Reverse DNS Software Apache/2.4.18 (Ubuntu) / Resource Hash `760c06b6e4c0c96bb2f557980e30c26b0dc04570c89ae4c384a3f03d8f896671` Request headers accept-language it-IT,it;q=0.9 Referer https://spa-it-login-form.itsaol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 21:32:12 GMT Server Apache/2.4.18 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 58 Content-Type application/javascript

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Unicredit (Banking)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			spa-it-login-form.itsaol.com/uc/privati/d20a5a4b23d281bbfdf27e3899a47c2a	1969-12-31 23:59:59	Name: bid Value: d20a5a4b23d281bbfdf27e3899a47c2a
			spa-it-login-form.itsaol.com/uc	1969-12-31 23:59:59	Name: real Value: OK

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cartoficubranza.itsaol.com
riflessologiaplantarecagliari.it
spa-it-login-form.itsaol.com
185.80.129.231
194.76.227.106
46.252.151.236
0caa580cfb101af5584b2636965829b0b8be12959bbc186c2a9b4159c0658723
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
158a0f62f04f379b51944541d2976aedab4a1a494321f7636a9ae8d404f2433b
1607e6c7ff7f053cedd33c115cbb2828f78bd941cfd94535f421f4704dba066f
1ed4e687d0372417996e6b3023435865b27facbb60c6f54b69ccdaca66960f6d
2ad850adfd4c44eca0fb84badbd18222af65c98d9086d5175b22d3b02f1fe67c
2fcf00a2595063ad2da641bdf062d9ba78947196493de35cff9db2802d9266ac
41df6e04a208213aec3450aa313c14344af73d5a80321a557ed5f3ba383b4d27
4a8f4bb92cdad151318623ae735a6e038bc20578aeb3403c6913f37d4043bb0f
55b8c1aa34bafb918f1e55d3e201af01b2d488ad7dac543615e15b1fb7018842
55f78980cb6d2751be861d8cc3c0469257c1d488e085f58b99c088b7d6825401
56f26c94a3f02e30f5149f672e901db31c782202ebb261cad84ed8b4810236e1
5926ca7d3fa05d922f3fe1de417aa230d77f586911dfdab5d1b57af272c267ce
5a87ab40c556c444c19121d72e6bd49c39c860265e00a1dc0146e1d3a3193fd1
61db57d20d976821ee83076caf40c2e20c341e599bbafc8bed90494a9f390f07
626444656cdc40048b00ddc9eebf8bbdf38f01693bcadbc696e33bf889d6a81c
705a4996f7b4dbd5bc22eec596d9b6480563938c73dec3f7f57ad31403b9e790
760c06b6e4c0c96bb2f557980e30c26b0dc04570c89ae4c384a3f03d8f896671
7840a0189a3f40d335e47aa8e2c5b6e97a94881fc4e3812e654dcf7fab4a8d82
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8014a4c879dcbe838e833d893ca21a011362313fd11242a9a21e5b0359d4d3ed
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
94592c8edc66ab81c193ce386b298c8e25ea16540af28df2b703d533490959b7
9ba28c18fb75f3a6fcee96df6421c475570a4161b0c59637b878d7b4520169c3
a5c964a414eb15eb56362cc8a76fb9138bec99a78ac0060a18f71f23ba9eee74
a875bddc884735e8b7df96a69ae69535455276de2f813c227acbf23afea30259
acb942721fe035159b21f33d5a30d4f629ba467ca6f9bb87d7a2cdd41bb7a2d4
ae3779c6cc62408db0ac5aedf6fb5c46429c09ae1aa62544444f9349332dab81
b01a132d67911824c606f6138c75960eb09ce8e4ad06c0045518603dcd2e4afc
c453584ab3d9f150db9d72995040541ad6d4c57f16dba4920864c2d84fd1a0c3
d1fd304ce1783090c465fd5cee414c2a09b2134555742d2a51a2d397fd116ac0
d6a8220b977fa2c93709a5ba92f5eade8ccadf4a99a0b4ead91358ed9b06886f
d91ea6df371995153328efe12017133994e9e25881f620ee00942462251cfeaa
da70ce90dde2976728a929557f1d44e35321319fc31c4401b295774d126b778c
e3cc8cf693c37f205259e653279624abd91896141d39e873cc157e8039226229
f1cc6117fafce6d72486f5f547a96cab28fe68b4efdc0dbea5f2ddb8a9578b16
fb3eee259238bb8f097a10f92ad30df49fe02fa3889ee4ee64407514840383a5

spa-it-login-form.itsaol.com Open in urlscan Pro 185.80.129.231 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

3 Countries

3112 kBTransfer

3102 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

spa-it-login-form.itsaol.com Open in urlscan Pro
185.80.129.231 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

3112 kB
Transfer

3102 kB
Size

2
Cookies

33 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!