nexi-controlla.online
Open in
urlscan Pro
104.21.56.228
Malicious Activity!
Public Scan
Submission: On January 15 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on January 15th 2024. Valid for: 3 months.
This is the only time nexi-controlla.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nexi (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 104.21.56.228 104.21.56.228 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
12 | 2606:4700:303... 2606:4700:3037::ac43:89aa | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
nexi-controlla.online
nexi-controlla.online |
716 KB |
18 | 1 |
Domain | Requested by | |
---|---|---|
18 | nexi-controlla.online |
nexi-controlla.online
|
18 | 1 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
nexi-controlla.online GTS CA 1P5 |
2024-01-15 - 2024-04-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://nexi-controlla.online/
Frame ID: 3C4F44E345C3B969425873B54D7D3273
Requests: 18 HTTP requests in this frame
19 Outgoing links
These are links going to different origins than the main page.
Title: google-analytics.com
Search URL Search Domain Scan URL
Title: Hotjar.com
Search URL Search Domain Scan URL
Title: track.adform.net
Search URL Search Domain Scan URL
Title: doubleclick.net
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Amazon-adsystem.com
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Criteo.com
Search URL Search Domain Scan URL
Title: Bing
Search URL Search Domain Scan URL
Title: FanPlayr
Search URL Search Domain Scan URL
Title: Internet Explorer
Search URL Search Domain Scan URL
Title: Firefox
Search URL Search Domain Scan URL
Title: Google Chrome
Search URL Search Domain Scan URL
Title: Safari
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Non sei tu?
Search URL Search Domain Scan URL
Title: REGISTRATI
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
nexi-controlla.online/ |
314 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
nexi-controlla.online/Area%20Personale_files/ |
568 KB 69 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js.download
nexi-controlla.online/Area%20Personale_files/ |
87 KB 88 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style(1).css
nexi-controlla.online/Area%20Personale_files/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo--light-double.svg
nexi-controlla.online/Area%20Personale_files/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app_store.svg
nexi-controlla.online/Area%20Personale_files/ |
15 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
google_play.svg
nexi-controlla.online/Area%20Personale_files/ |
25 KB 19 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-close.svg
nexi-controlla.online/Area%20Personale_files/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-phone.svg
nexi-controlla.online/Area%20Personale_files/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-close-white.svg
nexi-controlla.online/Area%20Personale_files/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-phone-warning-white.svg
nexi-controlla.online/Area%20Personale_files/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ico-down-blue.svg
nexi-controlla.online/Area%20Personale_files/ |
898 B 1009 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-blocked.svg
nexi-controlla.online/Area%20Personale_files/ |
935 B 970 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email-decode.min.js
nexi-controlla.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
placeholder_login_portale_privati.png
nexi-controlla.online/ |
422 KB 423 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
karbon-regular-webfont.woff
nexi-controlla.online/Area%20Personale_files/fonts/ |
24 KB 24 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
karbon-medium-webfont.woff
nexi-controlla.online/Area%20Personale_files/fonts/ |
24 KB 25 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
karbon-semibold-webfont.woff
nexi-controlla.online/Area%20Personale_files/fonts/ |
24 KB 25 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nexi (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nexi-controlla.online/ | Name: COOKIE_KEY Value: 170532307670 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
nexi-controlla.online
104.21.56.228
2606:4700:3037::ac43:89aa
0696904b24ea3bdaf9ee857ded71391ccd44d40b84334571a5c5e71f93b4a0c6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
32cde70fcb4ed6949904cec5ef9065adce2196b3e8216bb5874019a9efe96edd
4061275193aa1a5245941f7768b307219fc0f86f44dc1cf4d293168b93a72259
458bea4f85a5cafc5ee092b64710838b0cac9d1b0a481344350cc6a89b0c55bb
50c8f8cf3eb1f7a201882f9edf2adfffc6e581e1b82dff0036aafd0a753e2e3c
5e3c6b5c51b5fbf7691fa5d0adbcd05be694548d5f03aee7d59d7a8b092b5d27
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
7e6f9ccce4ea514b53fb258d72b5682c74d1e81ef9148d3c406fbd03cfd56919
92751c1749c593c1ad2a7b61ff640b0dbb1a4c32db1981a523e5432cc35a029f
ade827343407a2a81168acb91cabc1ed7d83de7010966dd1b7f06f4e0344b9e6
c37a1253313f01ecf7b8d5ac83025a8059d161d955ecbe5254c99d4edf6989fc
c8e1f312e86564f3d293bb04806f55d4296cc3342321655bb738d7d61eeeef22
d5ded7a91066c885b90252eb9849575a6c2f2e9c87d8748c496af886b731d3f8
dc50ef7f80147b0a2407f5a560125db8b36c799d5a5a32b17d83fea8f03492e5
ed313341bbd73a61ddacf268f494c9f85cb84e46f8954bde8a5260e21174f340
f1926ee7a205ed96afdd1b8a74d845d21a64dadb6ef76e672558e5b84b58274c
f79b6f2ce2be77cd174792b5160c551a9a86815b37f5531e43dd0f5b4cfd66a6