fatturabartolinidpd.com Open in urlscan Pro
92.205.11.200 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.my-sky.app/
Effective URL:
https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt-infos.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IH...
Submission: On November 30 via manual (November 30th 2021, 10:28:08 am UTC) from IT — Scanned from IT

Summary HTTP 5 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 92.205.11.200, located in Strasbourg, France and belongs to GODADDY-SXB, DE. The main domain is fatturabartolinidpd.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 29th 2021. Valid for: a year.

This is the only time fatturabartolinidpd.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BRT S.p.A (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	166.88.19.181 166.88.19.181	18779 (EGIHOSTING) (EGIHOSTING)
1 6	92.205.11.200 92.205.11.200	21499 (GODADDY-SXB) (GODADDY-SXB)
5	2

1 166.88.19.181 (United States) 1 redirects

ASN18779 (EGIHOSTING, US)

www.my-sky.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 92.205.11.200 (Strasbourg, France) 1 redirects

ASN21499 (GODADDY-SXB, DE)
PTR: ip-92-205-11-200.ip.secureserver.net

fatturabartolinidpd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	fatturabartolinidpd.com 1 redirects fatturabartolinidpd.com	578 KB
1	my-sky.app 1 redirects www.my-sky.app	301 B
5	2

	Domain	Requested by
6	fatturabartolinidpd.com	1 redirects fatturabartolinidpd.com
1	www.my-sky.app	1 redirects
5	2

This site contains no links.

Subject Issuer	Validity	Valid
fatturabartolinidpd.com Go Daddy Secure Certificate Authority - G2	`2021-11-29` - `2022-11-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt-infos.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2OTUuMTc0LjY0LjIwMzIwMjE6Tm92OlR1ZQ==
Frame ID: 8A7FE695137F0B2824903EFE96DC7A67
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Utility - Lavora con noi - BRT

Page URL History Show full URLs

http://www.my-sky.app/ HTTP 307
https://www.my-sky.app/ HTTP 302
https://fatturabartolinidpd.com/it/Bartolini2021/brt/ Page URL
https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/ HTTP 302
https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt-infos.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTl... Page URL

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

920 kB
Transfer

1355 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.my-sky.app/ HTTP 307
https://www.my-sky.app/ HTTP 302
https://fatturabartolinidpd.com/it/Bartolini2021/brt/ Page URL
https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/ HTTP 302
https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt-infos.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2OTUuMTc0LjY0LjIwMzIwMjE6Tm92OlR1ZQ== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.my-sky.app/ HTTP 307
https://www.my-sky.app/ HTTP 302
https://fatturabartolinidpd.com/it/Bartolini2021/brt/

5 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
fatturabartolinidpd.com/it/Bartolini2021/brt/
Redirect Chain

http://www.my-sky.app/
https://www.my-sky.app/
https://fatturabartolinidpd.com/it/Bartolini2021/brt/

104 B
248 B

151ms
74ms

Document
text/html

92.205.11.200
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://fatturabartolinidpd.com/it/Bartolini2021/brt/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.205.11.200 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

ip-92-205-11-200.ip.secureserver.net

Software

Apache / PHP/7.4.25

Resource Hash

0efae8927c3a86e353d09d08ec7f30d5e18260295b589d68c66a24dff5ba944a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

x-powered-by: PHP/7.4.25
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
content-length: 108
content-type: text/html; charset=UTF-8
date: Tue, 30 Nov 2021 10:28:03 GMT
server: Apache

Redirect headers

Date: Tue, 30 Nov 2021 10:27:58 GMT
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: https://fatturabartolinidpd.com/it/Bartolini2021/brt/

GET
H2

200

Primary Request Brt-infos.php Show response
fatturabartolinidpd.com/it/Bartolini2021/brt/home/
Redirect Chain

https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/
https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt-infos.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk...

738 KB
497 KB

74ms
74ms

Document
text/html

92.205.11.200
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt-infos.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2OTUuMTc0LjY0LjIwMzIwMjE6Tm92OlR1ZQ==

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.205.11.200 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

ip-92-205-11-200.ip.secureserver.net

Software

Apache / PHP/7.4.25

Resource Hash

16322ff8715dbe8db423eea66368a1be971ebe70841475572a2cbdfe4bd6b256

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://fatturabartolinidpd.com/it/Bartolini2021/brt/

Response headers

x-powered-by: PHP/7.4.25
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 30 Nov 2021 10:28:03 GMT
server: Apache

Redirect headers

x-powered-by: PHP/7.4.25
x-content-type-options: nosniff
location: Brt-infos.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2OTUuMTc0LjY0LjIwMzIwMjE6Tm92OlR1ZQ==
content-type: text/html; charset=UTF-8
date: Tue, 30 Nov 2021 10:28:03 GMT
server: Apache

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0fb3be5d63f2f41cb3bd93b7dcdfa97df5b81f8cbe25f6e47304da536a0d12c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef8a5f444c988e2c08260642c8257654f5e825e839a9c3d355933d4d12e0345b

Request headers

Referer
Origin: https://fatturabartolinidpd.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 170 KB
170 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583

Request headers

Referer
Origin: https://fatturabartolinidpd.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 138 KB
138 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2

Request headers

Referer
Origin: https://fatturabartolinidpd.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fa20d91c9e94f0dcd1398f5e8909706c437748ca1800616ee76deb6cefbdf03

Request headers

Referer
Origin: https://fatturabartolinidpd.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82459ee1c5cbd6c6103eb91f7b32d9bee528b18ae3fdce9aaf21d4f3711d3c57

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 23 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23cf43bd1fba912a202d88a8b32aae29b95839abab79a539911bbd6ebea785d1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d841754163f6d3f7a257af53c78c476857b03f211f41f931204a840770a089bb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85d1ced8d90658369569ba4680fd81c96fb50ee1933c3a3b70832942bb7ff8b7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 jquery.min.js Show response
fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt_files/ 86 KB
30 KB 49ms
49ms Script
application/javascript 92.205.11.200
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt_files/jquery.min.js

Requested by

Host: fatturabartolinidpd.com
URL: https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt-infos.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2OTUuMTc0LjY0LjIwMzIwMjE6Tm92OlR1ZQ==

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.205.11.200 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

ip-92-205-11-200.ip.secureserver.net

Software

Apache /

Resource Hash

2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt-infos.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2OTUuMTc0LjY0LjIwMzIwMjE6Tm92OlR1ZQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 10:28:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Sep 2021 21:57:54 GMT
server: Apache
etag: "2aa0050-15851-5cd3d89e8fc80-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 30679

GET
H2 200 imask.min.js Show response
fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt_files/ 45 KB
13 KB 35ms
35ms Script
application/javascript 92.205.11.200
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt_files/imask.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.205.11.200 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

ip-92-205-11-200.ip.secureserver.net

Software

Apache /

Resource Hash

8b76b3502583edddf22df0b9c6ee640053a2cdfeaa113ceff3ea9b61d1f6410d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt-infos.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2OTUuMTc0LjY0LjIwMzIwMjE6Tm92OlR1ZQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 10:28:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Sep 2021 21:57:54 GMT
server: Apache
etag: "2aa004d-b217-5cd3d89e8fc80-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 12864

GET
H2 200 infos.js Show response
fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt_files/ 94 KB
37 KB 66ms
66ms Script
application/javascript 92.205.11.200
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt_files/infos.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.205.11.200 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

ip-92-205-11-200.ip.secureserver.net

Software

Apache /

Resource Hash

3306d6e0ec89f49af056ec04e04988c2b88b4d986ee203c6687a808aa3958c2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://fatturabartolinidpd.com/it/Bartolini2021/brt/home/Brt-infos.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2OTUuMTc0LjY0LjIwMzIwMjE6Tm92OlR1ZQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 10:28:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Sep 2021 21:57:54 GMT
server: Apache
etag: "2aa004f-179c3-5cd3d89e8fc80-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 37501

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d

Request headers

Referer
Origin: https://fatturabartolinidpd.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ec0cc94e8325a36d18ab2200c07f2113c7219d34763e8269461b3f1f89c15ab

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BRT S.p.A (Transportation)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fatturabartolinidpd.com
www.my-sky.app
166.88.19.181
92.205.11.200
0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d
0efae8927c3a86e353d09d08ec7f30d5e18260295b589d68c66a24dff5ba944a
16322ff8715dbe8db423eea66368a1be971ebe70841475572a2cbdfe4bd6b256
23cf43bd1fba912a202d88a8b32aae29b95839abab79a539911bbd6ebea785d1
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
3306d6e0ec89f49af056ec04e04988c2b88b4d986ee203c6687a808aa3958c2f
4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583
4ec0cc94e8325a36d18ab2200c07f2113c7219d34763e8269461b3f1f89c15ab
5fa20d91c9e94f0dcd1398f5e8909706c437748ca1800616ee76deb6cefbdf03
82459ee1c5cbd6c6103eb91f7b32d9bee528b18ae3fdce9aaf21d4f3711d3c57
85d1ced8d90658369569ba4680fd81c96fb50ee1933c3a3b70832942bb7ff8b7
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
8b76b3502583edddf22df0b9c6ee640053a2cdfeaa113ceff3ea9b61d1f6410d
d0fb3be5d63f2f41cb3bd93b7dcdfa97df5b81f8cbe25f6e47304da536a0d12c
d841754163f6d3f7a257af53c78c476857b03f211f41f931204a840770a089bb
ef8a5f444c988e2c08260642c8257654f5e825e839a9c3d355933d4d12e0345b

fatturabartolinidpd.com Open in urlscan Pro 92.205.11.200 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

920 kBTransfer

1355 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

fatturabartolinidpd.com Open in urlscan Pro
92.205.11.200 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

920 kB
Transfer

1355 kB
Size

0
Cookies

5 HTTP transactions
11 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!