lntlesa.online
Open in
urlscan Pro
104.21.79.99
Malicious Activity!
Public Scan
Submission: On August 07 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on August 7th 2023. Valid for: 3 months.
This is the only time lntlesa.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banca Intesa Sanpaolo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 104.21.79.99 104.21.79.99 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
lntlesa.online
lntlesa.online |
886 KB |
2 | 1 |
Domain | Requested by | |
---|---|---|
2 | lntlesa.online |
lntlesa.online
|
2 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.intesasanpaolo.com |
www.facebook.com |
www.youtube.com |
twitter.com |
www.linkedin.com |
www.arbitrobancariofinanziario.it |
www.acf.consob.it |
www.ivass.it |
ec.europa.eu |
www.fondidigaranzia.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
lntlesa.online GTS CA 1P5 |
2023-08-07 - 2023-11-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://lntlesa.online/accesso.php
Frame ID: CA950B8A6852B9EA4AAB11E90183DD3D
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Banca Intesa Sanpaolo - Conto Corrente per Famiglie, Giovani e AziendeDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
24 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Apri il conto
Search URL Search Domain Scan URL
Title: Scopri come fare
Search URL Search Domain Scan URL
Title: Scopri i benefici
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: CI TROVI OVUNQUE
Search URL Search Domain Scan URL
Title: CERCA FILIALI, ATM E PUNTI VENDITA ABILITATI MOONEY
Search URL Search Domain Scan URL
Title: GUIDA AI SERVIZI
Search URL Search Domain Scan URL
Title: Domande Frequenti
Search URL Search Domain Scan URL
Title: BLOCCA LA TUA CARTA
Search URL Search Domain Scan URL
Title: Disconoscimento
Search URL Search Domain Scan URL
Title: PARLA CON LA FILIALE ONLINE
Search URL Search Domain Scan URL
Title: RECLAMI E RISOLUZIONE DELLE CONTROVERSIE
Search URL Search Domain Scan URL
Title: CONCILIAZIONE PERMANENTE
Search URL Search Domain Scan URL
Title: ABF
Search URL Search Domain Scan URL
Title: ACF
Search URL Search Domain Scan URL
Title: IVASS
Search URL Search Domain Scan URL
Title: ODR
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
2 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
accesso.php
lntlesa.online/ |
2 MB 807 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
lntlesa.online/partial/js/ |
266 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 18 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
840 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
831 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
93 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 18 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banca Intesa Sanpaolo (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
lntlesa.online/ | Name: PHPSESSID Value: nb3v367rcjej7554t3vcbv1rn4 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
lntlesa.online
104.21.79.99
09c850d89f41e9c808d6bd12871bcfc7e6f7d76cd1f7f959a5d79ffb800f8de2
0a9148f6e2717336ff367ab00ec1d5eaa172a0a6be1404dd324c28d77804c8cf
10ca81e1589cc3b4b1d18a25ee6acf121970effa02449deb4beb17a880af41fd
17b4afca46166fc395e83752554c9e737206f172f9ea7c155cb936d7af9ef9fc
38f60141cc1e154521ac85828d05078db1822b594627bad6bb5539bc07d506a0
426d4f855b51f92ce70ae5b53b71647dc23c4faa3d4df3615615e993720834ec
4ef5f864f89db7feaaaa5332c0a99d76076af49fef488806541ca2561e4cb379
559bde803d8dedb905509859f3c1d14c9837788f2d5cf6ee26f1518f528d0cf8
57c79375b1419ee1d984f443cda77c04b9b38c0be5330b2d41d65103115ffd72
6a471ccdefd7b51f03ad674ef48a005a7acc76d159d3b718eab59ce83e0489bb
7cdcf19862698850d11936ae24dd5fc1e56783a64a56846dc1b33ac548a0634d
81f0ec27796225ea29f9f1c7b74f083edcd7bc97a09d5fc4e8d03c0134e62445
822061f205f03a56f053b8845740f0c99d5118e75c346557cee51ad743c72fdf
a1493135c802ab0e82fe2648f7e2eb2c70bf95a36378717763ca029276be0092
a7d6168ac9974372cfd065bc30d1fb270837ab7ec0fa23e52b583c10034546e1
d9561fa4d3be12499d6736cc0781352340f9a9b209c977ccc233ac737d2c9e4d
e6cad2d7ce3f22274e9b0784c8e5d62e8b94ceb6680e18fed46c71975b214e8b
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c