URL: http://www.costruzioniperregrini.it/local/bnk.php
Submission: On March 29 via automatic, source openphish

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 17 HTTP transactions. The main IP is 195.110.124.188, located in Italy and belongs to REGISTER-AS, IT. The main domain is www.costruzioniperregrini.it.
This is the only time www.costruzioniperregrini.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 195.110.124.188 39729 (REGISTER-AS)
1 204.194.122.42 10390 (TELECHECK)
1 2.16.186.83 20940 (AKAMAI-ASN1)
1 9 2.18.233.20 16625 (AKAMAI-AS)
1 170.128.141.29 11685 (HNBCOL-AS)
1 161.113.8.26 26415 (VERISIGN-INC)
1 104.25.37.103 13335 (CLOUDFLAR...)
1 52.222.163.204 16509 (AMAZON-02)
1 104.109.75.199 20940 (AKAMAI-ASN1)
1 199.96.192.70 29813 (WNBAS)
1 1 23.67.137.8 20940 (AKAMAI-ASN1)
17 10
Domain Requested by
9 www.paypalobjects.com 1 redirects www.costruzioniperregrini.it
www.paypalobjects.com
1 ak1s.abmr.net 1 redirects
1 www.woodforest.com www.costruzioniperregrini.it
1 www.bbt.com www.costruzioniperregrini.it
1 d9hjv462jiw15.cloudfront.net www.costruzioniperregrini.it
1 www.paconferenceforwomen.org www.costruzioniperregrini.it
1 www.us.hsbc.com www.costruzioniperregrini.it
1 www.huntington.com www.costruzioniperregrini.it
1 image.notifications.intuit.com www.costruzioniperregrini.it
1 directpay.irs.gov www.costruzioniperregrini.it
1 www.costruzioniperregrini.it
17 11

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://www.costruzioniperregrini.it/local/bnk.php
Frame ID: D0F23F231D2903FF7295C40D7B229921
Requests: 17 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /require.*\.js/i
  • env /^requirejs$/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

17
Requests

0 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

10
IPs

4
Countries

291 kB
Transfer

546 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://www.paypalobjects.com/webstatic/i/sprite/sprite_bank-logos.png HTTP 302
  • https://ak1s.abmr.net/is/www.paypalobjects.com?U=/webstatic/i/sprite/sprite_bank-logos.png&V=3-N6nP4a%2fzvC7Yv9JCv+BKQCNnhW85TQ+xHg90TyfTgD3ENCywh9PCXjCf0IuiQyad&I=8F5B2AECEB71BE1&D=paypalobjects.com&01AD=1& HTTP 302
  • https://www.paypalobjects.com/webstatic/i/sprite/sprite_bank-logos.png?01AD=3WgVPD0sQSWjD8IO0V_ilsTykl5nBP0yuLGtSXJxNvAYS2t4DQuJqUQ&01RI=8F5B2AECEB71BE1&01NA=na

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request bnk.php
www.costruzioniperregrini.it/local/
16 KB
17 KB
Document
General
Full URL
http://www.costruzioniperregrini.it/local/bnk.php
Protocol
HTTP/1.1
Server
195.110.124.188 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
opus.register.it
Software
Apache / PHP/5.2.5
Resource Hash
ffbe24011560ecbd76233f48133461dad76fe4c24f8471ea4b2ed57146a7dc00

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.costruzioniperregrini.it
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 29 Mar 2018 17:41:12 GMT
Server
Apache
Connection
close
Content-Type
text/html
X-Powered-By
PHP/5.2.5
Transfer-Encoding
chunked
Content-Language
it
irs_logo.svg
directpay.irs.gov/directpay/resources/img/
7 KB
8 KB
Image
General
Full URL
https://directpay.irs.gov/directpay/resources/img/irs_logo.svg
Requested by
Host: www.costruzioniperregrini.it
URL: http://www.costruzioniperregrini.it/local/bnk.php
Protocol
HTTP/1.1
Server
204.194.122.42 Omaha, United States, ASN10390 (TELECHECK - TeleCheck International, Inc., US),
Reverse DNS
Software
/
Resource Hash
fe9120c4420fc998e66591ffea67ad58ee3ffb68ef40f5d3e8988e4acc828328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://www.costruzioniperregrini.it/local/bnk.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 29 Mar 2018 17:41:13 GMT
Last-Modified
Wed, 28 Feb 2018 18:31:42 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Content-Language
en
Cache-Control
max-age=31536000
Connection
Keep-Alive
Content-Type
image/svg+xml
Keep-Alive
timeout=10, max=100
Content-Length
7606
Expires
Fri, 29 Mar 2019 17:41:13 GMT
b005d0f5-3.gif
image.notifications.intuit.com/lib/fef01d75716203/i/1/
1 KB
2 KB
Image
General
Full URL
http://image.notifications.intuit.com/lib/fef01d75716203/i/1/b005d0f5-3.gif
Requested by
Host: www.costruzioniperregrini.it
URL: http://www.costruzioniperregrini.it/local/bnk.php
Protocol
HTTP/1.1
Server
2.16.186.83 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-83.deploy.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
874c9ed316cd006b5a0ce6345035141aa4ffa627ca4fcffc01a580d48842014a

Request headers

Referer
http://www.costruzioniperregrini.it/local/bnk.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 29 Mar 2018 17:41:13 GMT
Last-Modified
Fri, 30 Sep 2016 17:12:09 GMT
Server
AkamaiNetStorage
ETag
"6aac7d576f6a44ea057fd38b5af41373:1475255529"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1307
fab-app.css
www.paypalobjects.com/eboxapps/css/9b/5d01e23d55bc2d5bf65b289f01bec3/yodleefiwebintegration/
49 KB
10 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/eboxapps/css/9b/5d01e23d55bc2d5bf65b289f01bec3/yodleefiwebintegration/fab-app.css
Requested by
Host: www.costruzioniperregrini.it
URL: http://www.costruzioniperregrini.it/local/bnk.php
Protocol
SPDY
Server
2.18.233.20 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
2b004ed26f3e648b1be83d00d4aea8ae70d7dd116d76e9e893e51ddc2a4931a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.costruzioniperregrini.it/local/bnk.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 29 Mar 2018 17:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Apr 2015 03:31:31 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7776000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
10434
expires
Wed, 27 Jun 2018 17:41:12 GMT
require-2.0.1.js
www.paypalobjects.com/eboxapps/js/bc/f657d9f55f274bb998f9037dc9872c/lib/
76 KB
19 KB
Script
General
Full URL
https://www.paypalobjects.com/eboxapps/js/bc/f657d9f55f274bb998f9037dc9872c/lib/require-2.0.1.js
Requested by
Host: www.costruzioniperregrini.it
URL: http://www.costruzioniperregrini.it/local/bnk.php
Protocol
SPDY
Server
2.18.233.20 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
b7d105e6a0bdbdc869b9d9bf75e007bcaa7233b88762a4f34687a61a89b85944
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.costruzioniperregrini.it/local/bnk.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 29 Mar 2018 17:41:13 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
last-modified
Wed, 15 Apr 2015 03:31:31 GMT
server
Apache
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=7776000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
19047
expires
Wed, 27 Jun 2018 17:41:13 GMT
lockup.svg
www.huntington.com/-/media/hcom/global/logo/
7 KB
4 KB
Image
General
Full URL
https://www.huntington.com/-/media/hcom/global/logo/lockup.svg
Requested by
Host: www.costruzioniperregrini.it
URL: http://www.costruzioniperregrini.it/local/bnk.php
Protocol
HTTP/1.1
Server
170.128.141.29 Columbus, United States, ASN11685 (HNBCOL-AS - Huntington National Bank, US),
Reverse DNS
Software
/
Resource Hash
12bcda705bd9d0f1b88b74815be7bdaa215a85d66e938bea3836df8b59391382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.costruzioniperregrini.it/local/bnk.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 29 Mar 2018 17:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
Transfer-Encoding
chunked
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-disposition
inline; filename="lockup.svg"
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 15 Apr 2016 13:20:56 GMT
x-frame-options
sameorigin
etag
14f17ea77bed4878bfca4a14578b44c3:dtagent700000013101443Pq
Strict-Transport-Security
max-age=31536000
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-dynatrace
PT=172089794;PA=216919318;SP=SiteCore_Dotcom;PS=1580579097
expires
Sat, 28 Apr 2018 17:41:14 GMT
HSBC-logo.svg
www.us.hsbc.com/content/dam/hsbc/us/images/
4 KB
5 KB
Image
General
Full URL
https://www.us.hsbc.com/content/dam/hsbc/us/images/HSBC-logo.svg
Requested by
Host: www.costruzioniperregrini.it
URL: http://www.costruzioniperregrini.it/local/bnk.php
Protocol
HTTP/1.1
Server
161.113.8.26 , United States, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
b70cca4abc304048d536172e60a9452b10fac0223997999cf82c912bb36744cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.costruzioniperregrini.it/local/bnk.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 29 Mar 2018 17:41:13 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 30 Jan 2018 12:08:46 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/svg+xml
Content-Disposition
attachment; filename="HSBC-logo.svg"
Connection
Keep-Alive
S
usnls-prod-aempub04
Keep-Alive
timeout=5, max=100
Content-Length
4434
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Citizens-Bank-Logo-2015-Green_h_r_c_RS1.jpg
www.paconferenceforwomen.org/wp-content/uploads/2014/09/
40 KB
40 KB
Image
General
Full URL
https://www.paconferenceforwomen.org/wp-content/uploads/2014/09/Citizens-Bank-Logo-2015-Green_h_r_c_RS1.jpg
Requested by
Host: www.costruzioniperregrini.it
URL: http://www.costruzioniperregrini.it/local/bnk.php
Protocol
SPDY
Server
104.25.37.103 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7618beed6e07a4c7ed8aa595564b7953bdcb98cb9d726a8c16cb25e7175bf12
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.costruzioniperregrini.it/local/bnk.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
static/known
date
Thu, 29 Mar 2018 17:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
vary
Accept-Encoding
content-length
40580
last-modified
Wed, 01 Nov 2017 06:57:55 GMT
server
cloudflare
etag
"59f97073-9e84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
403420448813267e-FRA
expires
Fri, 29 Mar 2019 17:41:13 GMT
20970_bbva-compass-logo-2_large.JPG
d9hjv462jiw15.cloudfront.net/media/
13 KB
14 KB
Image
General
Full URL
http://d9hjv462jiw15.cloudfront.net/media/20970_bbva-compass-logo-2_large.JPG
Requested by
Host: www.costruzioniperregrini.it
URL: http://www.costruzioniperregrini.it/local/bnk.php
Protocol
HTTP/1.1
Server
52.222.163.204 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-163-204.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f1dab41db591e8b340e3fbf68de73c70fe27abf3db36fdc9cb48687647a63ba

Request headers

Referer
http://www.costruzioniperregrini.it/local/bnk.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 28 Mar 2018 20:18:06 GMT
Via
1.1 268be5c908db8ae22ed9c5c6cfffc109.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2017 20:39:42 GMT
Server
AmazonS3
Age
76988
ETag
"6585affdffadfe98f1e935c946a3d69e"
X-Cache
Hit from cloudfront
x-amz-version-id
xHAr61EhGMc83jZABNjN5as9.LlE4YoK
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
13580
X-Amz-Cf-Id
Id5b8Dsfxq_p95huyAWYohZq2aRjQ5NCOBn8-7wXP6gxKFGbV2CvIQ==
logo.gif
www.bbt.com/roao/resources/img/ui/
2 KB
3 KB
Image
General
Full URL
https://www.bbt.com/roao/resources/img/ui/logo.gif
Requested by
Host: www.costruzioniperregrini.it
URL: http://www.costruzioniperregrini.it/local/bnk.php
Protocol
HTTP/1.1
Server
104.109.75.199 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-75-199.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3263fb1d40e86f312321670b529580469fbf8b385b8386116e822a95bd1060bd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://www.costruzioniperregrini.it/local/bnk.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 29 Mar 2018 17:41:13 GMT
Last-Modified
Mon, 19 Mar 2018 18:51:46 GMT
x-frame-options
SAMEORIGIN
p3p
CP="NON UNI CUR OTPi OUR NOR"
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif;charset=UTF-8
Content-Length
2553
headerlogo.png
www.woodforest.com/Frontend/Images/
5 KB
6 KB
Image
General
Full URL
http://www.woodforest.com/Frontend/Images/headerlogo.png
Requested by
Host: www.costruzioniperregrini.it
URL: http://www.costruzioniperregrini.it/local/bnk.php
Protocol
HTTP/1.1
Server
199.96.192.70 Spring, United States, ASN29813 (WNBAS - Woodforest National Bank, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3ac721ceb901ccc8b9ae8104bad7a10ff6a27dafd315509ad073e75bd5c0cc97
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://www.costruzioniperregrini.it/local/bnk.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 29 Mar 2018 17:41:12 GMT
Last-Modified
Mon, 24 Jul 2017 21:54:13 GMT
X-Powered-By
ASP.NET
ETag
"fbffc63c74d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private,max-age=86400
Accept-Ranges
bytes
Content-Length
5217
main.js
www.paypalobjects.com/eboxapps/js/bc/f657d9f55f274bb998f9037dc9872c/
5 KB
2 KB
Script
General
Full URL
https://www.paypalobjects.com/eboxapps/js/bc/f657d9f55f274bb998f9037dc9872c/main.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/eboxapps/js/bc/f657d9f55f274bb998f9037dc9872c/lib/require-2.0.1.js
Protocol
SPDY
Server
2.18.233.20 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
74d6e818430ae36b64bb43873201b00097536ef7c6d7f4cf40724247a346196c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.costruzioniperregrini.it/local/bnk.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 29 Mar 2018 17:41:13 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
last-modified
Wed, 15 Apr 2015 03:31:31 GMT
server
Apache
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=7776000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
1753
expires
Wed, 27 Jun 2018 17:41:13 GMT
scr_backGradient_1x250.gif
www.paypalobjects.com//en_US/i/scr/
196 B
525 B
Image
General
Full URL
https://www.paypalobjects.com//en_US/i/scr/scr_backGradient_1x250.gif
Requested by
Host: www.costruzioniperregrini.it
URL: http://www.costruzioniperregrini.it/local/bnk.php
Protocol
SPDY
Server
2.18.233.20 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
c90bcb5019df05cae0a7781be42a9cc27e89f669944da1e4081d4670cc9d9776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/eboxapps/css/9b/5d01e23d55bc2d5bf65b289f01bec3/yodleefiwebintegration/fab-app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Mar 2018 17:41:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Feb 2018 00:46:22 GMT
server
Apache
strict-transport-security
max-age=31536000
p3p
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
status
200
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-type
image/gif
content-length
196
expires
Thu, 29 Mar 2018 17:41:13 GMT
json.js
www.paypalobjects.com/eboxapps/js/bc/f657d9f55f274bb998f9037dc9872c/lib/requirejs-plugins/
2 KB
1 KB
Script
General
Full URL
https://www.paypalobjects.com/eboxapps/js/bc/f657d9f55f274bb998f9037dc9872c/lib/requirejs-plugins/json.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/eboxapps/js/bc/f657d9f55f274bb998f9037dc9872c/lib/require-2.0.1.js
Protocol
SPDY
Server
2.18.233.20 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
2f1c805e12b936ed23a6055946cb1b03105f2b3313820f7794c492a5931521f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.costruzioniperregrini.it/local/bnk.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 29 Mar 2018 17:41:13 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
last-modified
Wed, 15 Apr 2015 03:31:31 GMT
server
Apache
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=7776000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
933
expires
Wed, 27 Jun 2018 17:41:13 GMT
text.js
www.paypalobjects.com/eboxapps/js/bc/f657d9f55f274bb998f9037dc9872c/lib/requirejs-plugins/
12 KB
4 KB
Script
General
Full URL
https://www.paypalobjects.com/eboxapps/js/bc/f657d9f55f274bb998f9037dc9872c/lib/requirejs-plugins/text.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/eboxapps/js/bc/f657d9f55f274bb998f9037dc9872c/lib/require-2.0.1.js
Protocol
SPDY
Server
2.18.233.20 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
55ca4049b5c45293a87a1add8ca48ef4d14fca606c3c22ea19c8296f980a385f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.costruzioniperregrini.it/local/bnk.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 29 Mar 2018 17:41:13 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
last-modified
Wed, 15 Apr 2015 03:31:31 GMT
server
Apache
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=7776000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
3959
expires
Wed, 27 Jun 2018 17:41:13 GMT
voc-app.js
www.paypalobjects.com/eboxapps/js/bc/f657d9f55f274bb998f9037dc9872c/
214 KB
66 KB
Script
General
Full URL
https://www.paypalobjects.com/eboxapps/js/bc/f657d9f55f274bb998f9037dc9872c/voc-app.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/eboxapps/js/bc/f657d9f55f274bb998f9037dc9872c/lib/require-2.0.1.js
Protocol
SPDY
Server
2.18.233.20 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
df081549d2e8c1cff4f7ae5bd6577e49275d0f3ab1cf8a9d4ba32407543f8ed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.costruzioniperregrini.it/local/bnk.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 29 Mar 2018 17:41:13 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
last-modified
Wed, 15 Apr 2015 03:31:31 GMT
server
Apache
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=7776000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
expires
Wed, 27 Jun 2018 17:41:13 GMT
sprite_bank-logos.png
www.paypalobjects.com/webstatic/i/sprite/
Redirect Chain
  • https://www.paypalobjects.com/webstatic/i/sprite/sprite_bank-logos.png
  • https://ak1s.abmr.net/is/www.paypalobjects.com?U=/webstatic/i/sprite/sprite_bank-logos.png&V=3-N6nP4a%2fzvC7Yv9JCv+BKQCNnhW85TQ+xHg90TyfTgD3ENCywh9PCXjCf0IuiQyad&I=8F5B2AECEB71BE1&D=paypalobjects.c...
  • https://www.paypalobjects.com/webstatic/i/sprite/sprite_bank-logos.png?01AD=3WgVPD0sQSWjD8IO0V_ilsTykl5nBP0yuLGtSXJxNvAYS2t4DQuJqUQ&01RI=8F5B2AECEB71BE1&01NA=na
90 KB
91 KB
Image
General
Full URL
https://www.paypalobjects.com/webstatic/i/sprite/sprite_bank-logos.png?01AD=3WgVPD0sQSWjD8IO0V_ilsTykl5nBP0yuLGtSXJxNvAYS2t4DQuJqUQ&01RI=8F5B2AECEB71BE1&01NA=na
Protocol
SPDY
Server
2.18.233.20 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
5e1f60ca133fceae353e2610a59b547915c929afdf3f5354c77339d16cd2e073
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/eboxapps/css/9b/5d01e23d55bc2d5bf65b289f01bec3/yodleefiwebintegration/fab-app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Mar 2018 17:41:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 14 Oct 2014 11:41:58 GMT
server
Apache
strict-transport-security
max-age=31536000
p3p
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
status
200
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-type
image/png
content-length
92476
expires
Thu, 29 Mar 2018 17:41:13 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Mar 2018 17:41:13 GMT
P3P
policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND"
Location
https://www.paypalobjects.com/webstatic/i/sprite/sprite_bank-logos.png?01AD=3WgVPD0sQSWjD8IO0V_ilsTykl5nBP0yuLGtSXJxNvAYS2t4DQuJqUQ&01RI=8F5B2AECEB71BE1&01NA=na
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 29 Mar 2018 17:41:13 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getCalendarDate function| getClockTime string| calendarDate string| clockTime function| requirejs function| require function| define function| preload function| doJsSubmit function| $ function| jQuery function| DP_jQuery_1522345273082

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak1s.abmr.net
d9hjv462jiw15.cloudfront.net
directpay.irs.gov
image.notifications.intuit.com
www.bbt.com
www.costruzioniperregrini.it
www.huntington.com
www.paconferenceforwomen.org
www.paypalobjects.com
www.us.hsbc.com
www.woodforest.com
104.109.75.199
104.25.37.103
161.113.8.26
170.128.141.29
195.110.124.188
199.96.192.70
2.16.186.83
2.18.233.20
204.194.122.42
23.67.137.8
52.222.163.204
12bcda705bd9d0f1b88b74815be7bdaa215a85d66e938bea3836df8b59391382
2b004ed26f3e648b1be83d00d4aea8ae70d7dd116d76e9e893e51ddc2a4931a3
2f1c805e12b936ed23a6055946cb1b03105f2b3313820f7794c492a5931521f3
3263fb1d40e86f312321670b529580469fbf8b385b8386116e822a95bd1060bd
3ac721ceb901ccc8b9ae8104bad7a10ff6a27dafd315509ad073e75bd5c0cc97
3f1dab41db591e8b340e3fbf68de73c70fe27abf3db36fdc9cb48687647a63ba
55ca4049b5c45293a87a1add8ca48ef4d14fca606c3c22ea19c8296f980a385f
5e1f60ca133fceae353e2610a59b547915c929afdf3f5354c77339d16cd2e073
74d6e818430ae36b64bb43873201b00097536ef7c6d7f4cf40724247a346196c
874c9ed316cd006b5a0ce6345035141aa4ffa627ca4fcffc01a580d48842014a
b70cca4abc304048d536172e60a9452b10fac0223997999cf82c912bb36744cb
b7d105e6a0bdbdc869b9d9bf75e007bcaa7233b88762a4f34687a61a89b85944
c90bcb5019df05cae0a7781be42a9cc27e89f669944da1e4081d4670cc9d9776
df081549d2e8c1cff4f7ae5bd6577e49275d0f3ab1cf8a9d4ba32407543f8ed5
f7618beed6e07a4c7ed8aa595564b7953bdcb98cb9d726a8c16cb25e7175bf12
fe9120c4420fc998e66591ffea67ad58ee3ffb68ef40f5d3e8988e4acc828328
ffbe24011560ecbd76233f48133461dad76fe4c24f8471ea4b2ed57146a7dc00