manifestchrist.com
Open in
urlscan Pro
198.12.250.110
Malicious Activity!
Public Scan
URL:
https://manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/
Submission: On November 25 via automatic, source openphish
Submission: On November 25 via automatic, source openphish
Summary
This website contacted 2 IPs
in 2 countries
across 2 domains to perform 27 HTTP transactions.
The main IP is 198.12.250.110, located in
Scottsdale, United States and
belongs to AS-26496-GO-DADDY-COM-LLC, US.
The main domain is manifestchrist.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 20th 2020. Valid for: 3 months.
This is the only time manifestchrist.com was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on November 20th 2020. Valid for: 3 months.
This is the only time manifestchrist.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banca Intesa Sanpaolo (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 27 | 198.12.250.110 198.12.250.110 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
| 1 | 193.203.234.216 193.203.234.216 | 20942 (ISP-ASN2) (ISP-ASN2) | |
| 27 | 2 |
27
198.12.250.110
(Scottsdale, United States)
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-198-12-250-110.ip.secureserver.net
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-198-12-250-110.ip.secureserver.net
| manifestchrist.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 27 |
manifestchrist.com
1 redirects
manifestchrist.com |
3 MB |
| 1 |
intesasanpaolo.com
www.intesasanpaolo.com |
128 KB |
| 27 | 2 |
| Domain | Requested by | |
|---|---|---|
| 27 | manifestchrist.com |
1 redirects
manifestchrist.com
|
| 1 | www.intesasanpaolo.com |
manifestchrist.com
|
| 27 | 2 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| manifestchrist.com Let's Encrypt Authority X3 |
2020-11-20 - 2021-02-18 |
3 months | crt.sh |
| www.intesasanpaolo.com Camerfirma Corporate Server II - 2015 |
2020-08-19 - 2022-08-19 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/
Frame ID: 1316490B45D04875E21C731409E040AC
Requests: 20 HTTP requests in this frame
Frame:
https://manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/login.html
Frame ID: D3FEC65E87B441509AD54BC0A76D3C79
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1
HTTP 301
https://manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/ Page URL
Detected technologies
Adobe Experience Manager
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/etc\/designs\//i
Java
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/etc\/designs\//i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1
HTTP 301
https://manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/ Redirect Chain
|
40 KB 40 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clientlib-all.css
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/ |
646 KB 646 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ArchIbPublicStyle.css
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/ |
39 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-intesasanpaolo.png
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ico-burger-mob.png
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ico-lock-mob.png
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ico-search-mob.png
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login.html
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/ Frame D3FE |
16 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
freccia_dx.png
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/ Frame D3FE |
579 B 820 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
require.js
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/ Frame D3FE |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css.css
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/ Frame D3FE |
1 MB 1 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sf-navigation.png
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/clientlib-site/css/images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ico-search.png
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/clientlib-site/css/images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OpenSans-Regular.woff
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/clientlib-site/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ico-lock.png
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/clientlib-site/css/images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ico-burger.png
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/clientlib-site/css/images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
breadcrumb-separator.png
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/clientlib-site/css/images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hero_login_ponte.jpg
www.intesasanpaolo.com/content/dam/vetrina/design/img/HomePage/ |
128 KB 128 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ispfont.woff
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tool-arr-down.png
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/clientlib-site/css/images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OpenSans-Regular.ttf
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/clientlib-site/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ispfont.ttf
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ispfont.woff
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/clientlib-site/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ispfont.ttf
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/clientlib-site/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OpenSans-Regular.woff2
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/ Frame D3FE |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OpenSans-Semibold.woff2
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/ Frame D3FE |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ispfont.woff
manifestchrist.com/intesasioV2/c449ec702d73d82e7eff37ae989921a1/files/ Frame D3FE |
695 KB 695 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banca Intesa Sanpaolo (Banking)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
manifestchrist.com
www.intesasanpaolo.com
193.203.234.216
198.12.250.110
0130c3c398e9a41a9f5ce8566ef6d7e769128c4c87258fd6f9faa0035cd4cae0
231dc2c3f4b42438fb2a1346801a0325354cbe21c95c3167489aa3fb1d1d36ca
2ed7d3df8b8695db881df15bbb972b5c9d3a61395ec890340da50a21a07ec7af
3593d75dcf9804f17f6b4b5cd9f543d76e781b3cab1ef80bc03423ed144c6d3f
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
4eb5c5e47a8aed23a202e0ca94d3757d328b87c839ac926c61020d3dfcf3039d
559bde803d8dedb905509859f3c1d14c9837788f2d5cf6ee26f1518f528d0cf8
7d3dfb5a812e656c5fa970a86130d2cef3193a175ffea3a40a96017b8bb6b4e4
8c9be1c965959c384a3dd54e8de4f58571c8614c1cca7384f08aeae78088b631
abafec55c3ab54c6b4d4eb212b6ecee4e7240b8a5c7e283c17b46d6249596a69
c646bc9d21fc52ac9305eb5362ebcc9f5b96d1db3b73498c091647d1ba8bb7e5
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
e5e7a3122a31a37be2f692003bf83ef4924b31e5dc32bf5c250abda2f7f10af2
e947ab5840086510b0be978287ddac38038e0802b0bd6aa840d2c8bc981884f3
f224f63f26dc4e34bdff81e55d12c78a5657c707d1cf60bc4a99a99cf6667dd5