hntva.za.com Open in urlscan Pro
2606:4700:3036::ac43:9848  Malicious Activity! Public Scan

25 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response hntva.za.com/RelaxBanking/	25 KB 10 KB	488ms 417ms	Document text/html	2606:4700:3036::ac43:9848 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hntva.za.com/RelaxBanking/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f046b8731e7e909081d5bc7893a71c85b5fb01f895767b3e7a4725e8975b4eea Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 898d1b868ebe5a31-MXP content-encoding zstd content-type text/html; charset=UTF-8 date Mon, 24 Jun 2024 13:36:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qyNIQ1y7fHhvHq1sNrVW4lBb4bTg9QQ2RbaTtDVYuUEjskbUGC7GWDyyXw6BCU0C6JByGlpUtwjFjhUdiO3HiB%2B%2FTDctZku%2BwqQXLJ%2B0GjUAxUbAVx1J5Jh%2F1mvU5E6Yo1qUENiv5tut6Tw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	2.0a7dc7d3.chunk.css hntva.za.com/RelaxBanking/assets/	154 KB 27 KB	57ms 55ms	Stylesheet text/css	2606:4700:3036::ac43:9848 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hntva.za.com/RelaxBanking/assets/2.0a7dc7d3.chunk.css Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a457e578dae2896d27dca50e04fbbec6b6d09bbe326018c0621b732e9253cf6 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT content-encoding zstd cf-cache-status HIT last-modified Fri, 05 Mar 2021 04:05:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 58 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xCDa9JE1ZxUsHrJppPqxW%2Baqz7zznuiOd6%2F0Gnpm6670vzWmTLv1%2BQ%2Bvl9EM1YmVN6SRXKQYl4cJxLPZd11b1ztN3WWC82BZ%2Fqy2q5Fg%2BGiZ3ULPjuJ7Rabqg0d634oc24DE73UkeCXkZ00%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 898d1b893afc5a31-MXP alt-svc h3=":443"; ma=86400
GET H2	200	main.e02365d2.chunk.css hntva.za.com/RelaxBanking/assets/	110 KB 29 KB	54ms 54ms	Stylesheet text/css	2606:4700:3036::ac43:9848 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hntva.za.com/RelaxBanking/assets/main.e02365d2.chunk.css Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b857ae22e24c0834555281c69c8af25f96af333ddeb1d7a1ceb346fc2e7740b Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT content-encoding zstd cf-cache-status HIT last-modified Fri, 05 Mar 2021 21:55:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 58 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oS%2Fv36RjuyCBrziRlG3VPGxZt4q2JAE4hFSAGmusgF4BqiqJEcTcWUqVmBnUWSeVB8lOuN6%2FKNIOsYr6lGx5MD9iAYMXDBEyWy%2Fw8WiM063zAZnxZ%2BPOFqBB1eB4TI6D46yEGMFRU82v%2B%2FE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 898d1b893b005a31-MXP alt-svc h3=":443"; ma=86400
GET H2	200	gruppo-bancario-iccrea.bed7bd06.svg hntva.za.com/RelaxBanking/assets/	5 KB 2 KB	57ms 57ms	Image image/svg+xml	2606:4700:3036::ac43:9848 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hntva.za.com/RelaxBanking/assets/gruppo-bancario-iccrea.bed7bd06.svg Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3cb1769910048e531fd1dc8eaa305a1a6527c29d523ee244066e7860fc96949 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT content-encoding zstd cf-cache-status HIT last-modified Tue, 08 Mar 2022 17:36:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 58 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b1sydlUw79ld7gHLcziPahLWFgkK3zzfPTzx6RJDoE0cUu2edE9FAbZpUxrBz33MJSEteckOgRa4VtjKXuZqDwoYcdTrHSYM2g4%2BAUFv5BdMRx2XNPUpmIEtBj46%2F67cGnEyzNGCvTBPHoA%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 898d1b893b045a31-MXP alt-svc h3=":443"; ma=86400
GET H2	200	RelaxBankingLogo.1cf34e46.svg hntva.za.com/RelaxBanking/assets/	18 KB 5 KB	65ms 65ms	Image image/svg+xml	2606:4700:3036::ac43:9848 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hntva.za.com/RelaxBanking/assets/RelaxBankingLogo.1cf34e46.svg Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2d7d6d583df34c2b7eeb8fd96ffc227aa9e378d8426749bd3aeac02887c6140 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT content-encoding zstd cf-cache-status HIT last-modified Fri, 05 Mar 2021 04:05:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 58 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2L901eEeQvYF%2B7k3LJacIw2SrlLgX1PkHSF1vMq5%2BiaKRuRwQgBCHR5HeOwdR7sW9WeFJhLD5GvErwPEl1PkHF8cCtlV3vw4Xct%2FM1obzZl%2F%2B3SgnY8yLs1yIAHXyt%2FzhGJE%2B9%2BlpqOwZ2c%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 898d1b893b085a31-MXP alt-svc h3=":443"; ma=86400
GET H2	200	burger.1fa8dd12.svg hntva.za.com/RelaxBanking/assets/	540 B 667 B	68ms 68ms	Image image/svg+xml	2606:4700:3036::ac43:9848 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hntva.za.com/RelaxBanking/assets/burger.1fa8dd12.svg Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 574f93129ad34d1aaf81d6b0fe3e1eb4a0c79ac6f3a4f2e7bf7f0a756b2aa105 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT content-encoding zstd cf-cache-status HIT last-modified Fri, 05 Mar 2021 04:05:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 58 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sWZ1dDprPzdnrDxNsbgst7ZLBKGUwxaLcFv%2FoYG4vRLjuLZ1eLc6YkdKN2HCYm5XpS0%2Bf6X6ZvkFsPR6Iw1rgqA6Y%2BteDZpZ6GsO5FLA8CjlPMxxvVasEUhbEqsnwg5Ps1mDUkSGPxHkC8E%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 898d1b895b1d5a31-MXP alt-svc h3=":443"; ma=86400
GET H2	200	ico-home.b57a6aba.svg hntva.za.com/RelaxBanking/assets/	778 B 793 B	49ms 48ms	Image image/svg+xml	2606:4700:3036::ac43:9848 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hntva.za.com/RelaxBanking/assets/ico-home.b57a6aba.svg Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c14c0d8984499f44ae0d0b3a1dee321d5763712b0aadeccf210defbbcadc25a0 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT content-encoding zstd cf-cache-status HIT last-modified Fri, 05 Mar 2021 04:05:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 58 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aSBAXJUqDAi2O%2F%2FiLVqRyFiGbHq4QnmiYJcVksHO9ICQCffISVJY%2BPOrwP1HtbQSlNWm8YHZ4tqaVFqfQtcczHEFgvl%2Fz07nZYCj1pjgaMviySUF2%2FbUf33B5EMt0isRGnjgvNjPLXOZIj0%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 898d1b895b245a31-MXP alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a9afb7a957c47cd9c737f82af2c41bbe1ae65982ab4a70854a0558fb5dc8813c Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b3d3ec28b1ab7ecaa5009c53d5cf11e9f649917445c1de826a12f5d50759fb6c Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers Content-Type image/png
GET H3	200	cover_premiati_3.jpg hntva.za.com/RelaxBanking/assets/	240 KB 241 KB	58ms 57ms	Image image/jpeg	172.67.152.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hntva.za.com/RelaxBanking/assets/cover_premiati_3.jpg Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.152.72 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22ba48844f24093e78aab5c201371f2cc5dc899760f8719c9dff87787cca05a6 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT cf-cache-status HIT last-modified Fri, 05 Mar 2021 04:05:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 57 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sfuvUWJ4%2FEiteaVo0imajOVFwtC%2FOjfifEfO3Gt3MSL34PLsi4f5D0J65EZRognKFmxSS1PuZr0MvMfq1VqyKFPwGfoiyqgqm7RC3hyFPtp6IJW9Kh4kBH8RiSeEw58%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 898d1b89d9800e4d-MXP alt-svc h3=":443"; ma=86400 content-length 246244
GET H3	200	cover_studioSi.jpg hntva.za.com/RelaxBanking/assets/	72 KB 73 KB	39ms 39ms	Image image/jpeg	172.67.152.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hntva.za.com/RelaxBanking/assets/cover_studioSi.jpg Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.152.72 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ce9e7180e0fcf6c705cdfd66cf8f5f26cb42ad828c58dd792c241301948df24 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT cf-cache-status HIT last-modified Fri, 05 Mar 2021 04:05:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 54 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cm8YQuEH9AHDAQODw8fqT22hzCeey%2BaWbMUzdzxwB4wZZSLzVTU3MT98pfkWSrCcEfgpMjgFww9iUt1GVMOrSi%2FvPMHL25JPSrWSSNejbyOmYBSdacPagT35pXSZ5hM%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 898d1b89d9840e4d-MXP alt-svc h3=":443"; ma=86400 content-length 74014
GET H3	200	cover_Huawei_store.jpg hntva.za.com/RelaxBanking/assets/	137 KB 137 KB	55ms 54ms	Image image/jpeg	172.67.152.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hntva.za.com/RelaxBanking/assets/cover_Huawei_store.jpg Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.152.72 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7500b064e41a4c6d63ea3f5f7caca79a64adc074582eac1c1747d6c62bdf7e1 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT cf-cache-status HIT last-modified Fri, 05 Mar 2021 04:05:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 56 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ltgkGw3JgifnmmlekCYzGZD6cDh9CtY%2BI9yisNealdAs2%2FGtZVR%2BFVo0G713R6XtTVJWc09sMOn92rBnLdqN9rYbZroCemqAnAvJj3fNQGcvATWxL9Od27rq3lFnOvs%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 898d1b89d9930e4d-MXP alt-svc h3=":443"; ma=86400 content-length 139942
GET H3	200	cover_unitixitalia.jpg hntva.za.com/RelaxBanking/assets/	146 KB 146 KB	182ms 181ms	Image image/jpeg	172.67.152.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hntva.za.com/RelaxBanking/assets/cover_unitixitalia.jpg Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.152.72 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74a0ea004c0dda8a443c8d6b606e7150debf124e2fa211dfa009a96d719f6708 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT cf-cache-status HIT last-modified Fri, 05 Mar 2021 04:05:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 54 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2FaA0W16qUS1gV0xGwxPKIYUJuHAwXD9F3j5lxO%2BwgchGQGIsBfGA%2B8a%2BbmFU%2FKY5nF0MECiiDWpaY5uVBFRnoHb8js4sV%2F2K6qqV4Cy%2Bfhgt3WjhSLhz90yYYiB1nM%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 898d1b89d99a0e4d-MXP alt-svc h3=":443"; ma=86400 content-length 149367
GET H3	200	psd2-ico.d62f8100.svg hntva.za.com/RelaxBanking/assets/	958 B 867 B	191ms 190ms	Image image/svg+xml	172.67.152.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hntva.za.com/RelaxBanking/assets/psd2-ico.d62f8100.svg Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.152.72 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef66e7182746918d5fbd840de4cd3c22ef3685b3389ab1a1db899919159c2a25 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT content-encoding zstd cf-cache-status HIT last-modified Fri, 05 Mar 2021 04:05:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 55 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eNe2oCkVRrDhpJ4pI72Lrcm1uDM6%2BMPKx39tGmRhwSQp40YY1AXZ668fy9AgBtRHCn0aM3YqiFVJvX4D1776ii0I%2BP7pVJQBHK4vQ8LlYNrEeTQXzA%2FqKTY9dxiED8U%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 898d1b89d99e0e4d-MXP alt-svc h3=":443"; ma=86400
GET H3	200	footer-psd2-tel.a0d62203.png hntva.za.com/RelaxBanking/assets/	11 KB 11 KB	192ms 190ms	Image image/png	172.67.152.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hntva.za.com/RelaxBanking/assets/footer-psd2-tel.a0d62203.png Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.152.72 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93a523af5516d2dd53a25321b977a1850eecd129bc2031162fdd3e440e0034fa Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT cf-cache-status HIT last-modified Fri, 05 Mar 2021 04:05:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 55 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eI0PQulxjSZ4VVuPOipOimtS2WuK1CNSWR5k9%2FjNXsRhB1eAz87yiygPxj36Da%2F5XWeH4n1zHvo1xzQk3hoUeExTlPdf7K%2F1Dcbc3DmCnwQ%2FCUwD%2B3go2IjAWnNApO8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 898d1b89d9a50e4d-MXP alt-svc h3=":443"; ma=86400 content-length 10895
GET H3	200	ico-famiglia.2cd20ab2.svg hntva.za.com/RelaxBanking/assets/	2 KB 1 KB	192ms 191ms	Image image/svg+xml	172.67.152.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hntva.za.com/RelaxBanking/assets/ico-famiglia.2cd20ab2.svg Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.152.72 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae8d6d4b21df56676f7c04707858a6b31432cdeba7766fb150427fcadcc42fa8 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT content-encoding zstd cf-cache-status HIT last-modified Fri, 05 Mar 2021 04:05:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 57 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GgrTPDV%2B2%2B8eOivTLg9gfFTUks6RGsaHZUHol%2FKWPVKUpljdO8DtxO7pY%2FFa9AbRblSExInyLCNrR6Grow47%2FjFpMQrXyagy3xipK%2B%2FWJXidqFAiwRG4MyeqlYeKut0%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 898d1b89d9aa0e4d-MXP alt-svc h3=":443"; ma=86400
GET H3	200	sicurezza-img.49666d41.svg hntva.za.com/RelaxBanking/assets/	783 B 879 B	194ms 193ms	Image image/svg+xml	172.67.152.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hntva.za.com/RelaxBanking/assets/sicurezza-img.49666d41.svg Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.152.72 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75b23a5cc752b408a74ef7add411d910db08c22e9ca5cfdee9d33a59d60f5d29 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT content-encoding zstd cf-cache-status HIT last-modified Fri, 05 Mar 2021 04:05:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 55 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FS7TEGku46U%2FfA3MFZqvZyCkQUHx5Jz%2FkTE8b%2BS6p39YH4GWCpY%2Bt%2FX2nb2vvbC5dE4%2FJQGkSDrrrCcCLeffc8eRCPgiO8vaa0wPBBoUgsI0%2Fmw4fV1CA4oia%2B5lcDE%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 898d1b89d9ad0e4d-MXP alt-svc h3=":443"; ma=86400
GET H3	200	pdf-logo.bd34fad6.svg hntva.za.com/RelaxBanking/assets/	2 KB 1 KB	194ms 193ms	Image image/svg+xml	172.67.152.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hntva.za.com/RelaxBanking/assets/pdf-logo.bd34fad6.svg Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.152.72 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc4121eb79e04d6285d554742d90df3a41d2b4c0b9c6039e332856eff76bf43d Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT content-encoding zstd cf-cache-status HIT last-modified Fri, 05 Mar 2021 04:05:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 55 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RaH3xVdWOKTtQ7JgRCMaZReVM2Y0T0uk3siv%2FBTUNkkqVU%2BzKRfQC%2FhyVZVP2zH9mi4QUoq3Vu5Nqkzfv9yMUWhQJ5EU%2B5VduufEJhyZ0zx8tBfvrPeBntibsF9YjTc%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 898d1b89d9b10e4d-MXP alt-svc h3=":443"; ma=86400
GET H3	200	iccrea-logo.8394dd6d.svg hntva.za.com/RelaxBanking/assets/	23 KB 4 KB	195ms 194ms	Image image/svg+xml	172.67.152.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hntva.za.com/RelaxBanking/assets/iccrea-logo.8394dd6d.svg Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.152.72 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 810044ea4d0b9a04f4518d2e8227db053d80322173c0f512af14e835277fd22f Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:34 GMT content-encoding zstd cf-cache-status HIT last-modified Fri, 05 Mar 2021 04:05:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 56 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azSeRpSvbPRBjWu5w7xjNSWMWcZYJTkAdstDXvVMEqHbV4FvXB8Nq%2BNWbqg%2FfFHNvLyU9llwS%2B6f9L93b7Mka179I%2FrT3uPBPUPRt9kbN7uNWoxawiSqewihM%2F2SVAY%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 898d1b89d9b20e4d-MXP alt-svc h3=":443"; ma=86400
GET H3	200	roboto-slab-v6-latin-700.f16a4a54.woff2 hntva.za.com/RelaxBanking/assets/react/relaxbanking/static/media/	17 KB 18 KB	375ms 374ms	Font font/woff2	172.67.152.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hntva.za.com/RelaxBanking/assets/react/relaxbanking/static/media/roboto-slab-v6-latin-700.f16a4a54.woff2 Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/assets/main.e02365d2.chunk.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.152.72 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0107935a0303f0ce2b60d53eed58d106585867a4cd428c41270e8f2a4543f846 Request headers Referer https://hntva.za.com/RelaxBanking/assets/main.e02365d2.chunk.css Origin https://hntva.za.com Accept-Language it-IT,it;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:35 GMT cf-cache-status MISS last-modified Fri, 05 Mar 2021 21:57:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2BIpVbT0tc1NiC0oXxnVceJlS36bVWl1LCIY8BnM18DTRm%2F5pRtSwEkc5cAs%2BoyUhpaz5kS7gFZIcMFCG22T7lU8C%2BVKd8Ofw%2F%2FIszGa25smjndSd00a583IuJJGOFM%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 898d1b89f9c80e4d-MXP alt-svc h3=":443"; ma=86400 content-length 17596
GET H/1.1	200 OK	favicon.ico www.relaxbanking.it/react/relaxbanking/	1 KB 2 KB	221ms 47ms	Other image/vnd.microsoft.icon	149.154.92.82 ICCREA-AS
General Check archive.org Show headers Download Go to Full URL https://www.relaxbanking.it/react/relaxbanking/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.154.92.82 Rome, Italy, ASN57144 (ICCREA-AS, IT), Reverse DNS Software / Resource Hash 418c791e8b9d197bc844576c627c2a7760994077e92e94a472e5a7c9bb85837f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers Date Mon, 24 Jun 2024 13:36:35 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 18 Mar 2022 16:59:37 GMT X-Permitted-Cross-Domain-Policies none ETag "47e-5da811258d040" X-Frame-Options sameorigin Content-Type image/vnd.microsoft.icon Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=1000 Content-Length 1150 X-XSS-Protection 1; mode=block
GET H3	200	visite.php Show response hntva.za.com/RelaxBanking/	0 419 B	263ms 262ms	XHR text/html	172.67.152.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hntva.za.com/RelaxBanking/visite.php?pagina=index Requested by Host: hntva.za.com URL: https://hntva.za.com/RelaxBanking/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.152.72 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://hntva.za.com/RelaxBanking/ User-Agent Mozilla/5.0 (Android 11; Mobile; LG-M255; rv:90.0) Gecko/90.0 Firefox/90.0 Response headers date Mon, 24 Jun 2024 13:36:37 GMT content-encoding zstd cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sBhOsDrySy7L9ZdfAhqV8sx%2BCyoupNc%2BBn82wwudzCOcVCuAWQxidXONEE%2Bhrt3jXc%2FqZ8XccPFBpSSqhcwenuPsWm6%2B%2FthZQhJYxH2ayJmC2kIAW6lX3wPZiuimCMc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 898d1b965ef90e4d-MXP alt-svc h3=":443"; ma=86400

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Gruppo Bancario Cooperativo Iccrea (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hntva.za.com/RelaxBanking	1970-01-21 07:09:56	Name: COOKIE_KEY Value: 171923619492

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hntva.za.com
www.relaxbanking.it
149.154.92.82
172.67.152.72
2606:4700:3036::ac43:9848
0107935a0303f0ce2b60d53eed58d106585867a4cd428c41270e8f2a4543f846
0b857ae22e24c0834555281c69c8af25f96af333ddeb1d7a1ceb346fc2e7740b
1a457e578dae2896d27dca50e04fbbec6b6d09bbe326018c0621b732e9253cf6
22ba48844f24093e78aab5c201371f2cc5dc899760f8719c9dff87787cca05a6
418c791e8b9d197bc844576c627c2a7760994077e92e94a472e5a7c9bb85837f
574f93129ad34d1aaf81d6b0fe3e1eb4a0c79ac6f3a4f2e7bf7f0a756b2aa105
5ce9e7180e0fcf6c705cdfd66cf8f5f26cb42ad828c58dd792c241301948df24
74a0ea004c0dda8a443c8d6b606e7150debf124e2fa211dfa009a96d719f6708
75b23a5cc752b408a74ef7add411d910db08c22e9ca5cfdee9d33a59d60f5d29
810044ea4d0b9a04f4518d2e8227db053d80322173c0f512af14e835277fd22f
93a523af5516d2dd53a25321b977a1850eecd129bc2031162fdd3e440e0034fa
a9afb7a957c47cd9c737f82af2c41bbe1ae65982ab4a70854a0558fb5dc8813c
ae8d6d4b21df56676f7c04707858a6b31432cdeba7766fb150427fcadcc42fa8
b3d3ec28b1ab7ecaa5009c53d5cf11e9f649917445c1de826a12f5d50759fb6c
c14c0d8984499f44ae0d0b3a1dee321d5763712b0aadeccf210defbbcadc25a0
c7500b064e41a4c6d63ea3f5f7caca79a64adc074582eac1c1747d6c62bdf7e1
d2d7d6d583df34c2b7eeb8fd96ffc227aa9e378d8426749bd3aeac02887c6140
d3cb1769910048e531fd1dc8eaa305a1a6527c29d523ee244066e7860fc96949
dc4121eb79e04d6285d554742d90df3a41d2b4c0b9c6039e332856eff76bf43d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef66e7182746918d5fbd840de4cd3c22ef3685b3389ab1a1db899919159c2a25
f046b8731e7e909081d5bc7893a71c85b5fb01f895767b3e7a4725e8975b4eea