![](/screenshots/c603038b-4a78-4b91-9011-f096f0294c4e.png)
alfacdn.com
Open in
urlscan Pro
79.124.67.68
Malicious Activity!
Public Scan
Effective URL: https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/pos/foo-autenticazione.php
Submission: On February 09 via manual from IT
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 29th 2018. Valid for: 3 months.
This is the only time alfacdn.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Poste Italiane (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 174.136.57.250 174.136.57.250 | 36024 (AS-TIERP-...) (AS-TIERP-36024 - TierPoint) | |
4 40 | 79.124.67.68 79.124.67.68 | 31083 (TELEPOINT) (TELEPOINT) | |
37 | 2 |
ASN36024 (AS-TIERP-36024 - TierPoint, LLC, US)
PTR: funk.webserverns.com
rotativascordobasa.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
40 |
alfacdn.com
4 redirects
alfacdn.com |
136 KB |
1 |
rotativascordobasa.com
rotativascordobasa.com |
248 B |
37 | 2 |
Domain | Requested by | |
---|---|---|
40 | alfacdn.com |
4 redirects
alfacdn.com
|
1 | rotativascordobasa.com | |
37 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.poste.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
rotativascordobasa.com cPanel, Inc. Certification Authority |
2017-11-28 - 2018-02-26 |
3 months | crt.sh |
alfacdn.com cPanel, Inc. Certification Authority |
2018-01-29 - 2018-04-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/pos/foo-autenticazione.php
Frame ID: (CBC1A6B3B1FAAE7DB5FD1D7CD1815B5A)
Requests: 37 HTTP requests in this frame
Screenshot
![](/screenshots/c603038b-4a78-4b91-9011-f096f0294c4e.png)
Page URL History Show full URLs
- https://rotativascordobasa.com/language/it/p.html Page URL
-
https://alfacdn.com/i/posta/
HTTP 302
https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70 HTTP 301
https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/ HTTP 302
https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/pos HTTP 301
https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/pos/ Page URL
- https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/pos/foo-autenticazione.php Page URL
Detected technologies
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Assistenza
Search URL Search Domain Scan URL
Title: registrati
Search URL Search Domain Scan URL
Title: Cerca nelsito o traccia una spedizione Cerca
Search URL Search Domain Scan URL
Title: registrati
Search URL Search Domain Scan URL
Title: Chiamaci
Search URL Search Domain Scan URL
Title: Scrivici
Search URL Search Domain Scan URL
Title: Vieni in Poste
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://rotativascordobasa.com/language/it/p.html Page URL
-
https://alfacdn.com/i/posta/
HTTP 302
https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70 HTTP 301
https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/ HTTP 302
https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/pos HTTP 301
https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/pos/ Page URL
- https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/pos/foo-autenticazione.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://alfacdn.com/i/posta/ HTTP 302
- https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70 HTTP 301
- https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/ HTTP 302
- https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/pos HTTP 301
- https://alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/pos/
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
p.html
rotativascordobasa.com/language/it/ |
116 B 248 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/pos/ Redirect Chain
|
333 B 522 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
foo-autenticazione.php
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/pos/ |
18 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
119 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
owl.css
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
slick.css
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
2 KB 925 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
slick-theme.css
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
580 B 545 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base-element.css
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
129 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
megamenu-pi.css
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
19 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
retina.css
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
59 B 370 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom-form-element.css
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
18 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-datepicker.css
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ion_002.css
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ion.css
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-poste-italiane.png
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
22 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spinner_giallo.gif
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
33 KB 30 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-poste-italiane-medium.png
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-poste-italiane-small.png
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-posteid.png
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-poste-italiane_002.png
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chiamaci.png
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
677 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scrivici.png
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
630 B 1013 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vieni-in-poste-cerca-up.png
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
669 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spinner_bianco.gif
alfacdn.com/i/posta/6106cba619183018d70b43676d660a70/datas/ |
14 KB 11 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
typography.css
alfacdn.com/risorse_dt/condivise/stili/trasversali/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
alfacdn.com/risorse_dt/condivise/stili/trasversali/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spaces.css
alfacdn.com/risorse_dt/condivise/stili/trasversali/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alignment.css
alfacdn.com/risorse_dt/condivise/stili/trasversali/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
extra.css
alfacdn.com/risorse_dt/condivise/stili/trasversali/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base-element.css
alfacdn.com/risorse_dt/condivise/stili/trasversali/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-torna-indietro.png
alfacdn.com/risorse_dt/condivise/immagini/icone/icone-default-on/ |
392 B 392 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-assistenza-domande-frequenti.png
alfacdn.com/risorse_dt/condivise/immagini/icone/icone-default-on/ |
406 B 406 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-area-personale.png
alfacdn.com/risorse_dt/condivise/immagini/icone/icone-default-on/ |
392 B 392 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-cerca.png
alfacdn.com/risorse_dt/condivise/immagini/icone/icone-default-on/ |
383 B 383 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
line-bg.png
alfacdn.com/risorse_dt/condivise/immagini/generiche/ |
368 B 368 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-freccia-up.png
alfacdn.com/risorse_dt/condivise/immagini/icone/icone-default-on/ |
388 B 388 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Poste Italiane (Online)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| check_form1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
alfacdn.com/ | Name: PHPSESSID Value: tv8bcb74om2cnif646lo94v896 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alfacdn.com
rotativascordobasa.com
174.136.57.250
79.124.67.68
01102a55d98369727f683d66b2a234525c9fe0246e94c2c2d6ff3ddc35ccecbb
09b671d25fc19494900c092d6d205f16c0830a9bfb29819902137e676aa2d553
1a049ca5f04b15a191a616774e15d83f404a1e8660e410cea8b7bc95733fefe2
1f56b2e5328426f5f1f1003fb3f4e0ba85047bb46af5d0fc8d4c2dc7f4586499
225db591005865daec851b92a96b0ec618ac3a8a964fc5c824528db46d5f4b24
2c08507d355e55e09431c10511d5157477e38c94fdce088a43e2f0b9b0309e15
3b4c32be2ea2774ad226ec79cf1f82f0d3436e44be01a30b51c76400ccc2d305
4107c25521da5ee37c5d24e380378112c466e5e3d26925e2e296c7783de26f53
41171011db6a6fed5cf69b1acbe8638018b2ee182fb037cd77288eeff5443c48
4b76e5a6a06f430c4c3c7a801632cf646f4fac8bbe919ff14938396abb08ae0f
627f05fbb06b94e088e5ef47c74af884a81cb83828b4afdd6b814b39f87fd958
64a42f338dfeb8a8d96426afc134df194afce1dcf0fb9771e02905b8e366103a
727b827c207827a7d09f6eb22f76da900e2d26027e17df159cccc9e0b35d6f5a
7a2a801cacf1796cde2505da006cb385ae65cdf0c75f3ac55e87a3653d59482f
7bfb4cc906d6c916081c5d9d2d8d6521170c630a702186c536f82dd44952aaff
7c042b9c33d1a3b0b9f1e5d928db274f931fdd721476fdf34453872b7615fa11
867ddabcd1bbec2fb2454fd084064d6be5bf8f2d0371fbf332e129eee3b98375
9a05d3abb3fb3a1cfd61003d77c1c6b185b3e36947c1f459e2a6b7e6f81bd8ad
9ff77f4a96667c4c35e7572f597b733d13f34396c8d5d4c9fac1d61da11c35f0
a33e87e33370bebff3f4cbfc9240d18ad793ca1e5bbb3b7f30c62e2414599468
a8fafb3979cb206518537bbd02e5cdaa78a1808b6e58ab8e7cf7941d0b7b344e
b5c7432107d028af5f30f9f1e6270f80531ea58f9f0fc0af48062854492d20ee
d26cdfa4e4c99bcd4d99047beff09a62f8e0c955654b7a4968acf1ebdc293cb8
d8a7fdb117e3995db8a1676e26a7af8d3c53f91d9890a986a6ec62ba4467d5c5
dd0ab1e36ae815f589abafb027e9de8c810e22552afacfc2ceaae6e67f1beca7
ddb311355c47c29688cab28a8c3df71f46d86d9b6baf2141e0e9db011076352d
ddd41858b52a7903f9daf29bfc6d6c81cbb3281860e922cfdc51f36b2223329d
ea638c8244c7a5cc50e617807b1fc35637430f976e8210ef3d560a5eb059e5f5
f0f792a755fb75de14018ae913898fc038fed0338f361b53cc110952149109c4
f97dc8796d6188136c4f09f80b425be64a2eda69fb9401bf3adf5f383dc34f10
fb3e85576e662d2b8afe16d00d9de193303185e8e41e99d2ee749199852c4d0f