updates.microsolut.com
Open in
urlscan Pro
82.213.200.151
Malicious Activity!
Public Scan
Effective URL: http://updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/index.html
Submission: On January 25 via manual from IT
Summary
This is the only time updates.microsolut.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banca Intesa Sanpaolo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 67.199.248.11 67.199.248.11 | 395224 (BITLY-AS) (BITLY-AS - Bitly Inc) | |
1 29 | 82.213.200.151 82.213.200.151 | 15704 (AS15704) (AS15704) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 193.203.234.216 193.203.234.216 | 20942 (ISGS-ASN2) (ISGS-ASN2) | |
2 2 | 2606:4700:20:... 2606:4700:20::681a:e49 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
2 | 2606:4700:20:... 2606:4700:20::681a:f49 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
32 | 5 |
ASN15704 (AS15704, ES)
PTR: static.151.200.213.82.ibercom.com
updates.microsolut.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
freegeoip.net |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
freegeoip.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
microsolut.com
1 redirects
updates.microsolut.com |
3 MB |
4 |
freegeoip.net
2 redirects
freegeoip.net |
297 B |
1 |
intesasanpaolo.com
www.intesasanpaolo.com |
128 KB |
1 |
googleapis.com
ajax.googleapis.com |
30 KB |
1 |
bit.ly
1 redirects
bit.ly |
370 B |
32 | 5 |
Domain | Requested by | |
---|---|---|
29 | updates.microsolut.com |
1 redirects
updates.microsolut.com
|
4 | freegeoip.net | 2 redirects |
1 | www.intesasanpaolo.com |
updates.microsolut.com
|
1 | ajax.googleapis.com |
updates.microsolut.com
|
1 | bit.ly | 1 redirects |
32 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.googleapis.com Google Internet Authority G3 |
2018-12-19 - 2019-03-13 |
3 months | crt.sh |
www.intesasanpaolo.com Camerfirma Corporate Server II - 2015 |
2018-09-03 - 2020-09-02 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
http://updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/index.html
Frame ID: E624E6E7FB84C5985C459602317037D5
Requests: 22 HTTP requests in this frame
Frame:
http://updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/login.html
Frame ID: DF97EBCFB8B5C4D987E8D568B94FF86C
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://bit.ly/2UbSYJ7
HTTP 301
http://updates.microsolut.com/maintenance/intesa/ HTTP 302
http://updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/index.html Page URL
Detected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- script /\/etc\/designs\//i
PHP (Programming Languages) Expand
Detected patterns
- headers server /php\/?([\d.]+)?/i
Java (Programming Languages) Expand
Detected patterns
- script /\/etc\/designs\//i
Windows Server (Operating Systems) Expand
Detected patterns
- headers server /Win32|Win64/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bit.ly/2UbSYJ7
HTTP 301
http://updates.microsolut.com/maintenance/intesa/ HTTP 302
http://updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 30- https://freegeoip.net/json/?callback=jQuery222008487929480740708_1548434411308&_=1548434411309 HTTP 301
- http://freegeoip.net/shutdown
- https://freegeoip.net/json/?callback=jQuery222008487929480740708_1548434411308&_=1548434411310 HTTP 301
- http://freegeoip.net/shutdown
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.html
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/ Redirect Chain
|
39 KB 39 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-all.css
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/ |
646 KB 646 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ArchIbPublicStyle.css
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/ |
39 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-intesasanpaolo.png
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-burger-mob.png
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-lock-mob.png
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-search-mob.png
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.html
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/ Frame DF97 |
18 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
freccia_dx.png
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/ Frame DF97 |
579 B 890 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
require.js
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/ Frame DF97 |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.css
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/ Frame DF97 |
1 MB 1 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.2/ Frame DF97 |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sf-navigation.png
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/clientlib-site/css/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-search.png
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/clientlib-site/css/images/ |
238 B 238 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Regular.woff
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/clientlib-site/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset-search-50.jpg
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/clientlib-site/css/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search-select-50.jpg
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/clientlib-site/css/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-lock.png
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/clientlib-site/css/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-burger.png
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/clientlib-site/css/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
breadcrumb-separator.png
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/clientlib-site/css/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hero_login_ponte.jpg
www.intesasanpaolo.com/content/dam/vetrina/design/img/HomePage/ |
128 KB 128 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ispfont.woff
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tool-arr-down.png
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/clientlib-site/css/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Regular.ttf
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/clientlib-site/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ispfont.ttf
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame DF97 |
169 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Regular.woff2
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/ Frame DF97 |
14 KB 14 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Semibold.woff2
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/ Frame DF97 |
14 KB 14 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ispfont.woff
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/ Frame DF97 |
695 KB 695 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ispfont.woff
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/clientlib-site/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ispfont.ttf
updates.microsolut.com/maintenance/intesa/cc259a82c434c89ea72b0913af99fc7c/files/clientlib-site/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shutdown
freegeoip.net/ Frame DF97 Redirect Chain
|
0 0 |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shutdown
freegeoip.net/ Frame DF97 Redirect Chain
|
0 0 |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banca Intesa Sanpaolo (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
bit.ly
freegeoip.net
updates.microsolut.com
www.intesasanpaolo.com
193.203.234.216
2606:4700:20::681a:e49
2606:4700:20::681a:f49
2a00:1450:4001:820::200a
67.199.248.11
82.213.200.151
0130c3c398e9a41a9f5ce8566ef6d7e769128c4c87258fd6f9faa0035cd4cae0
231dc2c3f4b42438fb2a1346801a0325354cbe21c95c3167489aa3fb1d1d36ca
2ed7d3df8b8695db881df15bbb972b5c9d3a61395ec890340da50a21a07ec7af
2f80ab81b0348e30c402e7c1d78fa46290498587187006627d9852f680add934
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
4eb5c5e47a8aed23a202e0ca94d3757d328b87c839ac926c61020d3dfcf3039d
50ce0dfe8050b9566d8fdc15f291cebff6aef6cf45d336a1446107c2ef41307d
559bde803d8dedb905509859f3c1d14c9837788f2d5cf6ee26f1518f528d0cf8
5c1b4ac8507155053a4c10423e24f8b58e755ac286d0767d088d5d1f1fead3c3
7b4a7c7987a3369a6db20234da3b9789d913048e981d352493cd5608c2316ade
7d3dfb5a812e656c5fa970a86130d2cef3193a175ffea3a40a96017b8bb6b4e4
8c9be1c965959c384a3dd54e8de4f58571c8614c1cca7384f08aeae78088b631
c646bc9d21fc52ac9305eb5362ebcc9f5b96d1db3b73498c091647d1ba8bb7e5
d59f32fefa54c860acd26f34302e66e277a8b0aa5c8bc2cd8f1bdc5974c87073
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e5e7a3122a31a37be2f692003bf83ef4924b31e5dc32bf5c250abda2f7f10af2
e947ab5840086510b0be978287ddac38038e0802b0bd6aa840d2c8bc981884f3
f224f63f26dc4e34bdff81e55d12c78a5657c707d1cf60bc4a99a99cf6667dd5