www.nuovi-clienti.com
Open in
urlscan Pro
104.21.9.189
Malicious Activity!
Public Scan
Submission: On January 19 via manual from IT — Scanned from IT
Summary
TLS certificate: Issued by GTS CA 1P5 on January 17th 2024. Valid for: 3 months.
This is the only time www.nuovi-clienti.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: CheBanca! (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 104.21.9.189 104.21.9.189 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 2606:4700:303... 2606:4700:3035::ac43:bd84 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
nuovi-clienti.com
www.nuovi-clienti.com |
131 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
10 | www.nuovi-clienti.com |
www.nuovi-clienti.com
|
10 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
nuovi-clienti.com GTS CA 1P5 |
2024-01-17 - 2024-04-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.nuovi-clienti.com/
Frame ID: DA6D6E35D7F20A36B9D3560EF03CE375
Requests: 10 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.nuovi-clienti.com/ |
71 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.min.3177882b91f1f9a1.css
www.nuovi-clienti.com/Accesso%20Clienti_files/ |
584 KB 79 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js.download
www.nuovi-clienti.com/Accesso%20Clienti_files/ |
91 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sprite.1611833475219.png
www.nuovi-clienti.com/img/login-page/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GT-America-Light.woff2
www.nuovi-clienti.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GT-America-Medium.woff2
www.nuovi-clienti.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GT-America-Medium.woff
www.nuovi-clienti.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GT-America-Light.woff
www.nuovi-clienti.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GT-America-Medium.ttf
www.nuovi-clienti.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GT-America-Light.ttf
www.nuovi-clienti.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: CheBanca! (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.nuovi-clienti.com/ | Name: COOKIE_KEY Value: 170569448920 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.nuovi-clienti.com
104.21.9.189
2606:4700:3035::ac43:bd84
42dd197f5d15d2a06539ab87fb97e1d3e1c40583deee00b6899a68981f0e33fa
9576bc4e3b8a3cda3f652607dd3b2b4ad646f55ba070f402e61dcdb08673f8c7
ab4beb10a98c6594f9decdd9f590e60176a3de87bc2e62e9c7766ce90ee41606
fab6d70c15ea41eae978234d1b7ee9f1b0a67a5d7495adf639ac73f49aab8b05