www.sales.it Open in urlscan Pro
109.233.126.13 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sales.it/libraries/joomla/language/
Submission: On April 27 via manual (April 27th 2020, 10:04:31 am UTC) from ZA

Summary HTTP 25 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 25 HTTP transactions. The main IP is 109.233.126.13, located in Rimini, Italy and belongs to CRITICALCASE, IT. The main domain is www.sales.it.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 19th 2020. Valid for: 3 months.

This is the only time www.sales.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nedbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	109.233.126.13 109.233.126.13	48815 (CRITICALCASE) (CRITICALCASE)
24	168.142.204.33 168.142.204.33	3741 (IS) (IS)
25	2

1 109.233.126.13 (Rimini, Italy)

ASN48815 (CRITICALCASE, IT)
PTR: cp01.infinitynet.it

www.sales.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 168.142.204.33 (South Africa)

ASN3741 (IS, ZA)

netbank.nedsecure.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	nedsecure.co.za netbank.nedsecure.co.za	58 KB
1	sales.it www.sales.it	81 KB
25	2

	Domain	Requested by
24	netbank.nedsecure.co.za	www.sales.it
1	www.sales.it
25	2

This site contains links to these domains. Also see Links.

Domain
netbank.nedsecure.co.za
www.nedbank.co.za
www.netbankdemo.co.za
nedbankonlinetrading.nedsecure.co.za
www.entrust.net

Subject Issuer	Validity	Valid
sales.it cPanel, Inc. Certification Authority	`2020-02-19` - `2020-05-19`	3 months	crt.sh
netbank.nedsecure.co.za Entrust Certification Authority - L1M	`2018-10-22` - `2020-10-22`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://www.sales.it/libraries/joomla/language/
Frame ID: BD56E0B499D8C83FFBE5E7D5B2DABC9D
Requests: 23 HTTP requests in this frame

Frame: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/html/slider_promos.htm
Frame ID: 65729B612F6DF4A70388E10F0CC644CA
Requests: 1 HTTP requests in this frame

Frame: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/html/Welcome.htm
Frame ID: 7DBAFFAF7A3826D704E7F8C3BCBCCC06
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

139 kB
Transfer

200 kB
Size

8
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://netbank.nedsecure.co.za/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/website/content/promotions/index_detail.asp?PromoID=529
Title: Online Security

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/website/content/forms/FormsDetails.asp?FormsId=582&Location=%20&FormLocation
Title: Apply

Search URL Search Domain Scan URL

URL: http://www.netbankdemo.co.za/netbank44/demo/default.htm
Title: NetBank Demo

Search URL Search Domain Scan URL

URL: http://www.netbankdemo.co.za/netbank31/UserGuide/retib_mainmenu/index.html
Title: NetBank User Guide

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/website/content/promotions/index_detail.asp?PromoID=528
Title: More About NetBank

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/website/content/forms/form.asp?FormsId=68&Location=&FormLocation=
Title: Talk to Us

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/website/content/personalmoneymanager/
Title: Personal Money Manager

Search URL Search Domain Scan URL

URL: https://nedbankonlinetrading.nedsecure.co.za/Home.aspx
Title: Online Share Trading

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/terms/Nedbank_terms1.htm
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://www.netbankdemo.co.za/netbank44/faqs/NetbankFaqs.pdf
Title: FAQ

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/website/content/rapport/
Title: Trusteer Rapport Security

Search URL Search Domain Scan URL

URL: https://www.entrust.net/customer/profile.cfm?domain=netbank.nedsecure.co.za
Title: Click here

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/website/content/bfc/
Title: Fees

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/website/content/askonce/askonce.asp
Title:

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/
Title: Home

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/website/content/legal/index.asp
Title: Legal Requirements

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/website/content/home/glossary.asp
Title: Glossary

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.sales.it/libraries/joomla/language/	80 KB 81 KB	329ms 111ms	Document text/html	109.233.126.13 CRITICALCASE
General Check archive.org Show headers Download Go to Full URL https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.233.126.13 Rimini, Italy, ASN48815 (CRITICALCASE, IT), Reverse DNS cp01.infinitynet.it Software Apache / Resource Hash `3c61003c8f643a995b119ac6f2180f29d30b80e1e2470e19187d1c417c52278a` Request headers Host www.sales.it Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:11 GMT Server Apache Last-Modified Thu, 23 Apr 2020 08:22:03 GMT Accept-Ranges bytes Content-Length 82222 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	info.css netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/branding/	2 KB 1 KB	1573ms 250ms	Stylesheet text/css	168.142.204.33 IS
General Check archive.org Show headers Download Go to Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/branding/info.css Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `f59b7978885e1ce59874d8b42ecdeeaf96eaecbe4eaa3299748805ec6c8cc5bb` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:12 GMT Content-Encoding gzip Last-Modified Mon, 21 May 2018 11:00:10 GMT X-Powered-By ASP.NET ETag "0d9b2e2f2f0d31:0" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=7200, public Connection Keep-Alive Accept-Ranges bytes Content-Length 591 Expires Mon, 27 Apr 2020 12:04:13 GMT
GET H/1.1	200 OK	main.css netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/branding/	5 KB 2 KB	1569ms 242ms	Stylesheet text/css	168.142.204.33 IS
General Check archive.org Show headers Download Go to Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/branding/main.css Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `5f5077cb7cdffe7e22862fbe4b9594099092cf655df8d7df889fcb0a2d8e0fe8` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:12 GMT Content-Encoding gzip Last-Modified Mon, 21 May 2018 11:00:10 GMT X-Powered-By ASP.NET ETag "0d9b2e2f2f0d31:0" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=7200, public Connection Keep-Alive Accept-Ranges bytes Content-Length 1166 Expires Mon, 27 Apr 2020 12:04:13 GMT
GET H/1.1	200 OK	Nedbank.css netbank.nedsecure.co.za/App_Themes/NEDBANKTheme/	20 KB 6 KB	1598ms 271ms	Stylesheet text/css	168.142.204.33 IS
General Check archive.org Show headers Download Go to Full URL https://netbank.nedsecure.co.za/App_Themes/NEDBANKTheme/Nedbank.css Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `b6d564c22df601ee79a04d8f4c90319ba14fd99fef56580af4a25918aca6b07a` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:12 GMT Content-Encoding gzip Last-Modified Mon, 21 May 2018 11:00:04 GMT X-Powered-By ASP.NET ETag "0521fdff2f0d31:0" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=7200, public Connection Keep-Alive Accept-Ranges bytes Content-Length 5076 Expires Mon, 27 Apr 2020 12:04:13 GMT
GET H/1.1	404 Not Found	Nedbank_old.css netbank.nedsecure.co.za/App_Themes/NEDBANKTheme/	0 0	1574ms 244ms	Stylesheet text/html	168.142.204.33 IS
General Check archive.org Show headers Download Go to Full URL https://netbank.nedsecure.co.za/App_Themes/NEDBANKTheme/Nedbank_old.css Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:12 GMT Cache-Control max-age=7200, public Content-Type text/html X-Powered-By ASP.NET Content-Length 103 Expires Mon, 27 Apr 2020 12:04:13 GMT
GET H/1.1	200 OK	jquery.min.js Show response netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/jQuery/	78 KB 31 KB	1782ms 453ms	Script application/javascript	168.142.204.33 IS
General Check archive.org Show headers Download Go to Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/jQuery/jquery.min.js Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `d09c43907e99f3323be424e4d83e7ddd3072b3596580a56adb50fcbb57fc5ddf` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:12 GMT Content-Encoding gzip Last-Modified Mon, 21 May 2018 11:00:14 GMT X-Powered-By ASP.NET ETag "03315e5f2f0d31:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=7200, public Connection Keep-Alive Accept-Ranges bytes Content-Length 30597 Expires Mon, 27 Apr 2020 12:04:13 GMT
GET H/1.1	200 OK	arrow_down.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	56 B 350 B	243ms 243ms	Image image/gif	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/arrow_down.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `89fdecac64019eebad7cd1121c2c83c528808f1c7fcf3832a50c7743d641ed86` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:12 GMT Last-Modified Mon, 21 May 2018 11:00:12 GMT X-Powered-By ASP.NET ETag "06e4e3f2f0d31:0" Content-Type image/gif Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 56 Expires Mon, 27 Apr 2020 12:04:13 GMT
GET H/1.1	200 OK	arrow.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	56 B 350 B	237ms 237ms	Image image/gif	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/arrow.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `5d6c838e884407d498f2972291b87ce84ed5095d6d3c7696182ec83a674f865e` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:12 GMT Last-Modified Mon, 21 May 2018 11:00:12 GMT X-Powered-By ASP.NET ETag "06e4e3f2f0d31:0" Content-Type image/gif Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 56 Expires Mon, 27 Apr 2020 12:04:13 GMT
GET H/1.1	200 OK	NedbankLogo.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	2 KB 3 KB	244ms 244ms	Image image/gif	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/NedbankLogo.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `811a0d96cb6b717ef578136f7097d43de2a459f727ca760626e5cefa5eff59c3` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:13 GMT Last-Modified Mon, 21 May 2018 11:00:12 GMT X-Powered-By ASP.NET ETag "06e4e3f2f0d31:0" Content-Type image/gif Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 2352 Expires Mon, 27 Apr 2020 12:04:13 GMT
GET H/1.1	200 OK	menu_shadow_left.jpg netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	405 B 702 B	234ms 234ms	Image image/jpeg	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/menu_shadow_left.jpg Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `d809db86b29fdd1bcc963f05a9031fb16cddd8d809a4a28b3ff162a4c801ecc2` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:13 GMT Last-Modified Mon, 21 May 2018 10:08:38 GMT X-Powered-By ASP.NET ETag "017b9afebf0d31:0" Content-Type image/jpeg Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 405 Expires Mon, 27 Apr 2020 12:04:13 GMT
GET H/1.1	200 OK	Login_Top.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	230 B 525 B	236ms 235ms	Image image/gif	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Login_Top.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `45f1184ff5eac46f031add376f07140c17933e7d443f941013a672dec971e979` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:14 GMT Last-Modified Mon, 21 May 2018 11:00:12 GMT X-Powered-By ASP.NET ETag "06e4e3f2f0d31:0" Content-Type image/gif Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 230 Expires Mon, 27 Apr 2020 12:04:13 GMT
GET H/1.1	200 OK	Promo_Left.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	195 B 490 B	232ms 230ms	Image image/gif	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Promo_Left.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `6f6cbd97fefa5dbc83b4cb4ca51e644f87a9d05f8fd7e4e73c8669ceec1fe917` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:13 GMT Last-Modified Mon, 21 May 2018 11:00:12 GMT X-Powered-By ASP.NET ETag "06e4e3f2f0d31:0" Content-Type image/gif Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 195 Expires Mon, 27 Apr 2020 12:04:13 GMT
GET H/1.1	200 OK	lock.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	587 B 883 B	234ms 233ms	Image image/gif	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/lock.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `1e5684f00ff66a12e9da468f21c59d240094d842f2a941c10adc9b8bf98b176c` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:13 GMT Last-Modified Mon, 21 May 2018 11:00:14 GMT X-Powered-By ASP.NET ETag "03315e5f2f0d31:0" Content-Type image/gif Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 587 Expires Mon, 27 Apr 2020 12:04:13 GMT
GET H/1.1	200 OK	logonButton.jpg netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	2 KB 2 KB	1107ms 233ms	Image image/jpeg	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/logonButton.jpg Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `43a9904189012ecb780451f877b2a8c158522acaadacdb8c56549eeb6ffbcebf` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:14 GMT Last-Modified Mon, 21 May 2018 10:08:38 GMT X-Powered-By ASP.NET ETag "017b9afebf0d31:0" Content-Type image/jpeg Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 2194 Expires Mon, 27 Apr 2020 12:04:14 GMT
GET H/1.1	200 OK	Promo_Right.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	197 B 492 B	453ms 232ms	Image image/gif	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Promo_Right.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `1ff0eeb21779fdb3fa2519e017c13db776d5c53337b96d74b9431ba897414046` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:13 GMT Last-Modified Mon, 21 May 2018 11:00:12 GMT X-Powered-By ASP.NET ETag "06e4e3f2f0d31:0" Content-Type image/gif Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 197 Expires Mon, 27 Apr 2020 12:04:14 GMT
GET H/1.1	200 OK	Login_Bottom.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	233 B 528 B	455ms 231ms	Image image/gif	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Login_Bottom.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `87e9bbbc46dd91eeffa515b2401303a855928189acc6c8baf65f0c7d06f6c4d6` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:13 GMT Last-Modified Mon, 21 May 2018 11:00:12 GMT X-Powered-By ASP.NET ETag "06e4e3f2f0d31:0" Content-Type image/gif Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 233 Expires Mon, 27 Apr 2020 12:04:14 GMT
GET H/1.1	200 OK	Promo_Top.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	244 B 539 B	857ms 236ms	Image image/gif	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Promo_Top.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `5bbdb2f06f5f2aa872e00a0d6fcd16c409c2cfab770b5d18245fca9beec91fc4` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:13 GMT Last-Modified Mon, 21 May 2018 11:00:12 GMT X-Powered-By ASP.NET ETag "06e4e3f2f0d31:0" Content-Type image/gif Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 244 Expires Mon, 27 Apr 2020 12:04:14 GMT
GET H/1.1	200 OK	Promo_Bottom.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	247 B 542 B	455ms 234ms	Image image/gif	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Promo_Bottom.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `9296726d409bae23e760579ce4d2f092d3940f365ecf9f02a724dee059c9f050` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:14 GMT Last-Modified Mon, 21 May 2018 11:00:12 GMT X-Powered-By ASP.NET ETag "06e4e3f2f0d31:0" Content-Type image/gif Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 247 Expires Mon, 27 Apr 2020 12:04:14 GMT
GET H/1.1	200 OK	alertIcon.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	754 B 1 KB	926ms 237ms	Image image/gif	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/alertIcon.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `a82e568a648cb5517e0b5c18fb09f7c5c9db0728d6cd3293393fb908fb88bc70` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:13 GMT Last-Modified Mon, 21 May 2018 11:00:12 GMT X-Powered-By ASP.NET ETag "06e4e3f2f0d31:0" Content-Type image/gif Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 754 Expires Mon, 27 Apr 2020 12:04:14 GMT
GET H/1.1	200 OK	EntrustLogo.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	2 KB 3 KB	621ms 233ms	Image image/gif	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/EntrustLogo.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `bf100bfbc2dd803f103900a8751e466111c223630e3af9993fd1012bbe2813cc` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:13 GMT Last-Modified Mon, 21 May 2018 11:00:12 GMT X-Powered-By ASP.NET ETag "06e4e3f2f0d31:0" Content-Type image/gif Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 2403 Expires Mon, 27 Apr 2020 12:04:14 GMT
GET H/1.1	404 Not Found	PSALogo.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logonimages/	103 B 103 B	689ms 239ms	Image text/html	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logonimages/PSALogo.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:13 GMT Cache-Control max-age=7200, public Content-Type text/html X-Powered-By ASP.NET Content-Length 103 Expires Mon, 27 Apr 2020 12:04:14 GMT
GET H/1.1	200 OK	AskOnceLogo.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	2 KB 2 KB	693ms 244ms	Image image/gif	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/AskOnceLogo.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `3a18ff487b9fcc4b10efb7bad289ff8cdf545159637b30ff3fe2bf15606d8f77` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:13 GMT Last-Modified Mon, 21 May 2018 11:00:12 GMT X-Powered-By ASP.NET ETag "06e4e3f2f0d31:0" Content-Type image/gif Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 1904 Expires Mon, 27 Apr 2020 12:04:14 GMT
GET H/1.1	200 OK	NedbankFooterLogo.gif netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/	2 KB 2 KB	896ms 258ms	Image image/gif	168.142.204.33 IS
General Check archive.org Show headers Download Go to Show image Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/NedbankFooterLogo.gif Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash `fbed31fe516c5f3e20d8df909160988e65a7199781e1cf5a43b9d278629b704d` Request headers Referer https://www.sales.it/libraries/joomla/language/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 27 Apr 2020 10:04:13 GMT Last-Modified Mon, 21 May 2018 11:00:12 GMT X-Powered-By ASP.NET ETag "06e4e3f2f0d31:0" Content-Type image/gif Cache-Control max-age=7200, public Accept-Ranges bytes Content-Length 2236 Expires Mon, 27 Apr 2020 12:04:14 GMT
GET H/1.1	200 OK	slider_promos.htm netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/html/ Frame 6572	0 0	390ms 262ms	Document text/html	168.142.204.33 IS
General Check archive.org Show headers Download Go to Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/html/slider_promos.htm Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash Request headers Host netbank.nedsecure.co.za Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.sales.it/libraries/joomla/language/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie dtCookie=1$C42CBF28CFC1BA8EFB3604B3AB051F00; BIGipServer~partition_so-retail~poolprd_nbr-ie-nedbank_11001=3925940396.63786.0000; TS01d73912=01db7de3377ea7280f20ad1f442d491505c1a9e55269f61c65fa6ce7fa315766d5265a4f6089b032fbddcfe54988c595b5337bcd09; TS0188a3ac=01db7de3374d5209b87be0041cfe74729b6e71452e431235ae2ad25c7db2a3528a22bdc8c795c95f304966fc1f91c188bbaf3e99d3 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.sales.it/libraries/joomla/language/ Response headers Content-Type text/html Last-Modified Mon, 21 May 2018 11:00:11 GMT Accept-Ranges bytes ETag "06e4e3f2f0d31:0:dtagent10181191119154660SOP3" X-Powered-By ASP.NET X-OneAgent-JS-Injection true X-ruxit-JS-Agent true Date Mon, 27 Apr 2020 10:04:13 GMT Content-Length 1295 Cache-Control max-age=7200, public Expires Mon, 27 Apr 2020 12:04:14 GMT Vary Accept-Encoding Content-Encoding gzip Connection Keep-Alive
GET H/1.1	200 OK	Welcome.htm netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/html/ Frame 7DBA	0 0	451ms 235ms	Document text/html	168.142.204.33 IS
General Check archive.org Show headers Download Go to Full URL https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/html/Welcome.htm Requested by Host: www.sales.it URL: https://www.sales.it/libraries/joomla/language/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.142.204.33 , South Africa, ASN3741 (IS, ZA), Reverse DNS Software / ASP.NET Resource Hash Request headers Host netbank.nedsecure.co.za Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.sales.it/libraries/joomla/language/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie dtCookie=1$C42CBF28CFC1BA8EFB3604B3AB051F00; BIGipServer~partition_so-retail~poolprd_nbr-ie-nedbank_11001=3925940396.63786.0000; TS01d73912=01db7de3377ea7280f20ad1f442d491505c1a9e55269f61c65fa6ce7fa315766d5265a4f6089b032fbddcfe54988c595b5337bcd09; TS0188a3ac=01db7de3374d5209b87be0041cfe74729b6e71452e431235ae2ad25c7db2a3528a22bdc8c795c95f304966fc1f91c188bbaf3e99d3 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.sales.it/libraries/joomla/language/ Response headers Content-Type text/html Last-Modified Mon, 10 Sep 2018 12:41:51 GMT Accept-Ranges bytes ETag "028aa6349d41:0:dtagent10181191119154660SOP3" X-Powered-By ASP.NET X-OneAgent-JS-Injection true X-ruxit-JS-Agent true Date Mon, 27 Apr 2020 10:04:13 GMT Content-Length 2541 Cache-Control max-age=7200, public Expires Mon, 27 Apr 2020 12:04:14 GMT Vary Accept-Encoding Content-Encoding gzip Connection Keep-Alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nedbank (Banking)

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nedsecure.co.za/	1969-12-31 23:59:59	Name: dtPC Value: -6$381855467_967h1p-6$381855487_361h1vGTXGQXDPGLUMONOAOFLDXYVZKYOEKSBT
.nedsecure.co.za/	1969-12-31 23:59:59	Name: rxvt Value: 1587983655969\|1587981855471
.nedsecure.co.za/	1969-12-31 23:59:59	Name: TS0188a3ac Value: 01db7de33734c07379e1616f2beae1f501660cab6292a163e8b04e7c691cd0e8c84fad0cfc78a8c7ded2ed7c8ab4b252d847ea75ce
netbank.nedsecure.co.za/	1969-12-31 23:59:59	Name: TS01d73912 Value: 01db7de337d6f57b3ee26796830630c78225c6eff0d8a12eca99081870f1649cc2909e6c42
.nedsecure.co.za/	1969-12-31 23:59:59	Name: dtCookie Value: 7$7TG1AG2O3FVCFDCPATK2GSVSEVG1JM8C
.nedsecure.co.za/	1969-12-31 23:59:59	Name: dtSa Value: -
.nedsecure.co.za/	1969-12-31 23:59:59	Name: dtLatC Value: 108
.nedsecure.co.za/	1969-12-31 23:59:59	Name: rxVisitor Value: 158798185547009DQ62CGAJFHNC6OE70UNUQJAGGHMMQH

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

netbank.nedsecure.co.za
www.sales.it
109.233.126.13
168.142.204.33
1e5684f00ff66a12e9da468f21c59d240094d842f2a941c10adc9b8bf98b176c
1ff0eeb21779fdb3fa2519e017c13db776d5c53337b96d74b9431ba897414046
3a18ff487b9fcc4b10efb7bad289ff8cdf545159637b30ff3fe2bf15606d8f77
3c61003c8f643a995b119ac6f2180f29d30b80e1e2470e19187d1c417c52278a
43a9904189012ecb780451f877b2a8c158522acaadacdb8c56549eeb6ffbcebf
45f1184ff5eac46f031add376f07140c17933e7d443f941013a672dec971e979
5bbdb2f06f5f2aa872e00a0d6fcd16c409c2cfab770b5d18245fca9beec91fc4
5d6c838e884407d498f2972291b87ce84ed5095d6d3c7696182ec83a674f865e
5f5077cb7cdffe7e22862fbe4b9594099092cf655df8d7df889fcb0a2d8e0fe8
6f6cbd97fefa5dbc83b4cb4ca51e644f87a9d05f8fd7e4e73c8669ceec1fe917
811a0d96cb6b717ef578136f7097d43de2a459f727ca760626e5cefa5eff59c3
87e9bbbc46dd91eeffa515b2401303a855928189acc6c8baf65f0c7d06f6c4d6
89fdecac64019eebad7cd1121c2c83c528808f1c7fcf3832a50c7743d641ed86
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
9296726d409bae23e760579ce4d2f092d3940f365ecf9f02a724dee059c9f050
a82e568a648cb5517e0b5c18fb09f7c5c9db0728d6cd3293393fb908fb88bc70
b6d564c22df601ee79a04d8f4c90319ba14fd99fef56580af4a25918aca6b07a
bf100bfbc2dd803f103900a8751e466111c223630e3af9993fd1012bbe2813cc
d09c43907e99f3323be424e4d83e7ddd3072b3596580a56adb50fcbb57fc5ddf
d809db86b29fdd1bcc963f05a9031fb16cddd8d809a4a28b3ff162a4c801ecc2
f59b7978885e1ce59874d8b42ecdeeaf96eaecbe4eaa3299748805ec6c8cc5bb
fbed31fe516c5f3e20d8df909160988e65a7199781e1cf5a43b9d278629b704d

www.sales.it Open in urlscan Pro 109.233.126.13 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

139 kBTransfer

200 kBSize

8 Cookies

18 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

46 JavaScript Global Variables

8 Cookies

Indicators

www.sales.it Open in urlscan Pro
109.233.126.13 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

139 kB
Transfer

200 kB
Size

8
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!