nexi-controlla.online Open in urlscan Pro
104.21.56.228  Malicious Activity! Public Scan

URL: https://nexi-controlla.online/
Submission: On January 15 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 18 HTTP transactions. The main IP is 104.21.56.228, located in and belongs to CLOUDFLARENET, US. The main domain is nexi-controlla.online.
TLS certificate: Issued by GTS CA 1P5 on January 15th 2024. Valid for: 3 months.
This is the only time nexi-controlla.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nexi (Banking)

Domain & IP information

IP Address AS Autonomous System
6 104.21.56.228 13335 (CLOUDFLAR...)
12 2606:4700:303... 13335 (CLOUDFLAR...)
18 2
Apex Domain
Subdomains
Transfer
18 nexi-controlla.online
nexi-controlla.online
716 KB
18 1
Domain Requested by
18 nexi-controlla.online nexi-controlla.online
18 1
Subject Issuer Validity Valid
nexi-controlla.online
GTS CA 1P5
2024-01-15 -
2024-04-14
3 months crt.sh

This page contains 1 frames:

Primary Page: https://nexi-controlla.online/
Frame ID: 3C4F44E345C3B969425873B54D7D3273
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Area Personale

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

2
IPs

2
Countries

716 kB
Transfer

1537 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nexi-controlla.online/
314 KB
23 KB
Document
General
Full URL
https://nexi-controlla.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f79b6f2ce2be77cd174792b5160c551a9a86815b37f5531e43dd0f5b4cfd66a6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
845e3fd2ec7b4da0-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 15 Jan 2024 12:51:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chsAqM4nZ2I116j%2F31NRBTUPfvoFTxRtHR1Kqz1eusaZUqQ9I9GmIbY56AqBR54tXPN%2FzJNnPs2G4qo6RbzgzHLfsSotFLGo0TA1nz2rkXf6WUnbJRlOdiCq%2FLSwpHh8JBjsEVVtN2M%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.css
nexi-controlla.online/Area%20Personale_files/
568 KB
69 KB
Stylesheet
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/style.css
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
458bea4f85a5cafc5ee092b64710838b0cac9d1b0a481344350cc6a89b0c55bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexi-controlla.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 14:49:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6061e8e8-8df88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLWAZZbFlRsPEqePHEDqbjx5q2SVh58zqmbIAe7WONKGustuvT22v49rLyj76Dyg9iqfKVbfcRAKJPPKiGS3h9XN8VTcbHnWApkNz33GHlT3DrTN15gzp%2BHIPkKOltGlCfAj8y%2F1ftc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
845e3fd3ed834da0-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 00:51:17 GMT
jquery-3.5.1.min.js.download
nexi-controlla.online/Area%20Personale_files/
87 KB
88 KB
Script
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/jquery-3.5.1.min.js.download
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexi-controlla.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:17 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Mar 2021 14:49:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6061e8e8-15d83"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtKDp3y0ZvL%2B5ghu%2BzH9NiWg2lq6s%2BBhIrYpBDCV1E3oogWV6nu5%2BxUzPMnCT2fJrzWZtooiFC%2FI8RGXVvCJ3w0qlSAzIxgqXCvPFJa6xReAsso60ATuOjqJMWPXG3nz8OR%2Ff9Kye%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
845e3fd3ed874da0-FRA
alt-svc
h3=":443"; ma=86400
content-length
89475
style(1).css
nexi-controlla.online/Area%20Personale_files/
18 KB
4 KB
Stylesheet
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/style(1).css
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50c8f8cf3eb1f7a201882f9edf2adfffc6e581e1b82dff0036aafd0a753e2e3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexi-controlla.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 14:49:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6061e8e8-47cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TW6bP0XXOUgJ6QfStzy%2B5EyV5EeBl7kRebXfpAS8q260zdosTA7vfEIzmwIGfO3Sp8lughXVatH7QjT6keZuxXkwgKIWMnT%2Bprk9lDy5k%2FzGnpzNhKZa02yuhgs8C%2BawhHRHLOMkkYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
845e3fd3ed864da0-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 00:51:17 GMT
logo--light-double.svg
nexi-controlla.online/Area%20Personale_files/
1 KB
1 KB
Image
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/logo--light-double.svg
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c37a1253313f01ecf7b8d5ac83025a8059d161d955ecbe5254c99d4edf6989fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexi-controlla.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 14:49:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6061e8e8-5c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IC55cVHWVK%2BShrebRRa7557oBmV0CjFPk6gKH7DPowSICg2sEz9kdEks9hTPTE8XOZW%2FoFRjfGVZRnZfchPR%2F1nNetKg8fTrdNDiwMKDK%2Bxa8%2Bc5Fm3u5Q0xyPj7NXFuiMGGTYihaI0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
845e3fd3ed8b4da0-FRA
alt-svc
h3=":443"; ma=86400
app_store.svg
nexi-controlla.online/Area%20Personale_files/
15 KB
6 KB
Image
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/app_store.svg
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3c6b5c51b5fbf7691fa5d0adbcd05be694548d5f03aee7d59d7a8b092b5d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexi-controlla.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 14:49:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6061e8e8-3dc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w965kiWA919sSFodZIH5z4tqc0SZAQTN9rNnwb%2FqXmG4q32tsCBKHAkeVThM1JPyQuNFndSuM26Qmhhu17GgsNJsgMX1i%2FYyDBgm1T89z%2Bp28N8ynsX60uh2seNVXQptuWWKG52x7Y8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
845e3fd3ed8d4da0-FRA
alt-svc
h3=":443"; ma=86400
google_play.svg
nexi-controlla.online/Area%20Personale_files/
25 KB
19 KB
Image
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/google_play.svg
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:89aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed313341bbd73a61ddacf268f494c9f85cb84e46f8954bde8a5260e21174f340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexi-controlla.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 14:49:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6061e8e8-62ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24EiaEtjqfsd%2BGyoGUZkUftxqZDzLMLfkyUkJlrSUKltQgRw4oIwtnXIyrvG095%2FN%2FWrdX0Kmm6N4c9ciVEyI6zvCqmPTVJjXsYWYKBHHJLknwrc2ltNhPAR33xAw97SI7Hit7E7jEMMniSQvOnv2sGkJj8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
845e3fd4de2e0a5f-AMS
alt-svc
h3=":443"; ma=86400
icon-close.svg
nexi-controlla.online/Area%20Personale_files/
2 KB
1 KB
Image
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/icon-close.svg
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:89aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1926ee7a205ed96afdd1b8a74d845d21a64dadb6ef76e672558e5b84b58274c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexi-controlla.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 14:49:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6061e8e8-628"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cglNoEOeVXIZZDkspvAzRHD8z7GK%2BlHafIIZvFaDT7nW4YfJQbUqLM%2BtjhT2%2B0HxLKU%2FrahxRMQI8gCSrybEcIaBJxpSdPd6fjwgMXmBfO7jKBOW0WCJZXv5yvjuEhCkN7hwp%2BcUS3%2FZey7SmCI1h2Hf0rs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
845e3fd4fe710a5f-AMS
alt-svc
h3=":443"; ma=86400
icon-phone.svg
nexi-controlla.online/Area%20Personale_files/
4 KB
2 KB
Image
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/icon-phone.svg
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:89aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6f9ccce4ea514b53fb258d72b5682c74d1e81ef9148d3c406fbd03cfd56919

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexi-controlla.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 14:49:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6061e8e8-fb0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XN97NGk3xoiG5q2tGNuk4k37slnpo9yRpeLzgl%2BcdrDpH3gA8G8Wac2yHG0ZpKxZY%2ByIrmfoqB0xVTzaEfTFW67BfG0iAwWTL9sZqwu3BFpiIJ%2BQlTL1xdPS3y9p8QQqwhhHbcORRfKajfafh1cE%2B4dhL14%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
845e3fd59f600a5f-AMS
alt-svc
h3=":443"; ma=86400
icon-close-white.svg
nexi-controlla.online/Area%20Personale_files/
2 KB
1 KB
Image
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/icon-close-white.svg
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:89aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32cde70fcb4ed6949904cec5ef9065adce2196b3e8216bb5874019a9efe96edd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexi-controlla.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 14:49:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6061e8e8-637"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8CnSZn6EfbyF0vdtUOyXs8tJyktbVVMpond9VUWgpdC%2FCmlozVsJwfCMk%2BBMP7xZIPrS9QY2uJc0lGTOizUZcfrb9SmauxILHyxH9QaS%2FtiFp%2BtXTpiukPgh%2BLyhjVShqc1ndOLxgb%2BwV9DOqmP4EVs1yc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
845e3fd59f640a5f-AMS
alt-svc
h3=":443"; ma=86400
icon-phone-warning-white.svg
nexi-controlla.online/Area%20Personale_files/
4 KB
2 KB
Image
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/icon-phone-warning-white.svg
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:89aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8e1f312e86564f3d293bb04806f55d4296cc3342321655bb738d7d61eeeef22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexi-controlla.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 14:49:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6061e8e8-f29"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tim3PFGIq19J57Wj4t2hd203gmMwvs8el5bWWV0wBYcuBOfVw1TwlZd9Skh7i7Ga4t8HoRqWukc%2BS6VYRYSa7Xh451qlxVIbScGSw099Td9BmWyrOf3a0X2AFfv52araWYJ7MKVvGZoX50Xb8aACHldM4VI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
845e3fd59f650a5f-AMS
alt-svc
h3=":443"; ma=86400
ico-down-blue.svg
nexi-controlla.online/Area%20Personale_files/
898 B
1009 B
Image
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/ico-down-blue.svg
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:89aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5ded7a91066c885b90252eb9849575a6c2f2e9c87d8748c496af886b731d3f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexi-controlla.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 14:49:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6061e8e8-382"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gKegKxak4ciRGPOw1gVfkeXH2Ip%2BVoN3n2QaEICFecNs2Fi7BiyQTUzsagK688LxU6XUNxRpR7AA3p3CepOcIOQo6xuDvYSoxEdGBYzMRk%2B3FKc4uJDuqaCFY0PwECRmDMOvEFwvW3NfEm4I84ryyNqoks%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
845e3fd59f670a5f-AMS
alt-svc
h3=":443"; ma=86400
icon-blocked.svg
nexi-controlla.online/Area%20Personale_files/
935 B
970 B
Image
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/icon-blocked.svg
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:89aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92751c1749c593c1ad2a7b61ff640b0dbb1a4c32db1981a523e5432cc35a029f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexi-controlla.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 14:49:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6061e8e8-3a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIqQIZ7Wtt%2F7ghTLcNQTZ6hQRch54WzmoF0VCwERkJ%2Fq4uwcQnz9l26NJg4kk2uH29cXg8K4tZLIg6Andwu3gRJRt5XCHYfY5em563Xbdi4BIMP2zmI2YZkEL%2FdEZ%2FxFvmuTIX1LJTmERhKyUIz0cQ%2BuhG8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
845e3fd59f680a5f-AMS
alt-svc
h3=":443"; ma=86400
email-decode.min.js
nexi-controlla.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://nexi-controlla.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:89aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexi-controlla.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Dec 2023 10:36:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"658bfe17-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ztz7Nwq1AXridsQx3EFx%2B4yYUjk%2BtLeN2BqAbkJahdWqsFNkjOKX%2Ba9Ju3ignNFF7iHuPaJ2gk38oXxAZME%2FoWXjwbhlChiBK30bf2fTG7B23fctz1gR%2BxpQLb38yu37MBXrDpDLgxR%2FwZcg0XI2TZmpQA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
845e3fd59f630a5f-AMS
expires
Wed, 17 Jan 2024 12:51:18 GMT
placeholder_login_portale_privati.png
nexi-controlla.online/
422 KB
423 KB
Image
General
Full URL
https://nexi-controlla.online/placeholder_login_portale_privati.png
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:89aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc50ef7f80147b0a2407f5a560125db8b36c799d5a5a32b17d83fea8f03492e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexi-controlla.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:18 GMT
cf-cache-status
MISS
last-modified
Thu, 18 Nov 2021 06:23:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6195f14a-69983"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AecHdUmspFeZHm9g30Ba7ZDQDyrJk5PLYHCWspUj2b2kL69UuIqcCnq1yvcDY4DBXffgmTsWjsIa1Z2dgRRpP2hSriC23bGkgZoeyEI2fP%2BbikUW44Y%2Foi39JE9FQyfBY%2BlvnaGc9AqjM2FRfL7foPnGox8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
845e3fd5af700a5f-AMS
alt-svc
h3=":443"; ma=86400
content-length
432515
expires
Wed, 14 Feb 2024 12:51:17 GMT
karbon-regular-webfont.woff
nexi-controlla.online/Area%20Personale_files/fonts/
24 KB
24 KB
Font
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/fonts/karbon-regular-webfont.woff
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/Area%20Personale_files/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:89aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ade827343407a2a81168acb91cabc1ed7d83de7010966dd1b7f06f4e0344b9e6

Request headers

Referer
https://nexi-controlla.online/Area%20Personale_files/style.css
Origin
https://nexi-controlla.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:18 GMT
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 16:23:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6061ff04-5ef4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ic27wn56qFBY7i%2BzaBbyjAPcTs%2BnrGv%2FrSzhP%2B2wgM7TSXmYCyCRKLTskz8nNkn%2FCZ9b1eX4c9Is2pqI2vUFT0baLyyZzCvP7Y2sN5wAthhllMtxk19ZazQ8106J1QhXxG6gFtc3UwoiUwBCAK3bIelON8s%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
845e3fd5af720a5f-AMS
alt-svc
h3=":443"; ma=86400
content-length
24308
karbon-medium-webfont.woff
nexi-controlla.online/Area%20Personale_files/fonts/
24 KB
25 KB
Font
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/fonts/karbon-medium-webfont.woff
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/Area%20Personale_files/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:89aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4061275193aa1a5245941f7768b307219fc0f86f44dc1cf4d293168b93a72259

Request headers

Referer
https://nexi-controlla.online/Area%20Personale_files/style.css
Origin
https://nexi-controlla.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:18 GMT
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 16:23:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6061ff02-617c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOPBWeVmTy2zxG3XvJS7JW1JAtQctkxgDzMuw5hvFmQy1YXHj1MpsNuV%2FXmvxWMB3VGVUjNce7VLuVofMLFQphXlSZewWn%2FR6yqz%2BP3%2BxwbrxnSFmjFPjee3khYAk3MQb5%2FW9i7Sf5f7pJi8laqauPCgdjY%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
845e3fd5af750a5f-AMS
alt-svc
h3=":443"; ma=86400
content-length
24956
karbon-semibold-webfont.woff
nexi-controlla.online/Area%20Personale_files/fonts/
24 KB
25 KB
Font
General
Full URL
https://nexi-controlla.online/Area%20Personale_files/fonts/karbon-semibold-webfont.woff
Requested by
Host: nexi-controlla.online
URL: https://nexi-controlla.online/Area%20Personale_files/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:89aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0696904b24ea3bdaf9ee857ded71391ccd44d40b84334571a5c5e71f93b4a0c6

Request headers

Referer
https://nexi-controlla.online/Area%20Personale_files/style.css
Origin
https://nexi-controlla.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:51:18 GMT
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 16:23:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6061ff06-61c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWKBBDKbyjHVCR730gNf2q859Z2TGCPxRIfJTwtzsBhkEBYSRjV2u2d4lHX%2BoIoMPnzHQy80M2wlCQraXEIqlS7orpWMBu%2FrGPSVrIRDd8h3mwYFD3%2BpU1MOme60YeYQx%2FsyIQq3gmP9ixKo8p6FdJ38RcA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
845e3fd5af780a5f-AMS
alt-svc
h3=":443"; ma=86400
content-length
25032

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nexi (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
nexi-controlla.online/ Name: COOKIE_KEY
Value: 170532307670