urlscan.io logo urlscan.io
SecurityTrails logo

widiba.app Open in urlscan Pro
8.208.76.71  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://widiba.app/ads%20widiba/
Submission Tags: 7538774
Submission: On June 09 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 27 HTTP transactions. The main IP is 8.208.76.71, located in London, United Kingdom and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is widiba.app.
TLS certificate: Issued by R3 on June 8th 2022. Valid for: 3 months.
This is the only time widiba.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banca Widiba (Banking)

Domain & IP information

IP Address AS Autonomous System
2 8.208.76.71 45102 (ALIBABA-C...)
1 2a00:1450:400... 15169 (GOOGLE)
12 195.7.18.190 13018 (Banca Mon...)
27 4
Apex Domain
Subdomains		 Transfer
12 widiba.it
www.widiba.it
451 KB
2 widiba.app
widiba.app
35 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 281
31 KB
27 3
Domain Requested by
12 www.widiba.it widiba.app
www.widiba.it
2 widiba.app www.widiba.it
1 ajax.googleapis.com widiba.app
27 3

This site contains links to these domains. Also see Links.

Domain
www.widiba.it
Subject Issuer Validity Valid
*.widiba.app
R3		 2022-06-08 -
2022-09-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
widiba.it
Entrust Certification Authority - L1K		 2021-09-20 -
2022-09-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://widiba.app/ads%20widiba/
Frame ID: C1F7D92D04E94BD8767F8D1814F5BE25
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Effettua la Login: entra nell'area privata | Banca Widiba

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

56 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

517 kB
Transfer

2537 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
widiba.app/ads%20widiba/ 		35 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widiba.app/ads%20widiba/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.208.76.71 London, United Kingdom, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
149024e31c77b7d2ea1ba0baa632cb121a39e20f9870ec199ef0879e71a60412

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
35530
Content-Type
text/html
Date
Thu, 09 Jun 2022 12:28:46 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 09 Jun 2022 12:26:42 GMT
Server
Apache
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: widiba.app
URL: https://widiba.app/ads%20widiba/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://widiba.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 20:31:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
489438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Jun 2023 20:31:28 GMT
w.public.min.css
www.widiba.it/cmp/dist/nav_widipub/ 		416 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.widiba.it/cmp/dist/nav_widipub/w.public.min.css?vers=373140
Requested by
Host: widiba.app
URL: https://widiba.app/ads%20widiba/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.7.18.190 Siena, Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
Software
Apache /
Resource Hash
dde9b910817cd5c259f64f7606963261f4b1fdabee9f9b3c0bdcf24e46db0447
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://widiba.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:28:46 GMT
content-encoding
br
last-modified
Wed, 08 Jun 2022 19:05:39 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"8891-5e0f4641086c0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1200
accept-ranges
bytes
content-length
34961
expires
Thu, 09 Jun 2022 12:48:46 GMT
w.mediacenter.min.css
www.widiba.it/cmp/dist/nav_widipub/ 		307 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.widiba.it/cmp/dist/nav_widipub/w.mediacenter.min.css?vers=373140
Requested by
Host: widiba.app
URL: https://widiba.app/ads%20widiba/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.7.18.190 Siena, Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
Software
Apache /
Resource Hash
e65659b68d2eaabb60d41d8fcfa8f9f9341b1fd23fdfdf2b3f10b7c74ba79a96
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://widiba.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:28:46 GMT
content-encoding
br
last-modified
Wed, 08 Jun 2022 19:05:40 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"4162-5e0f4641fc900"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1200
accept-ranges
bytes
content-length
16738
expires
Thu, 09 Jun 2022 12:48:46 GMT
w.login.min.css
www.widiba.it/cmp/dist/nav_widipub/nav_login_widibapub/login/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.widiba.it/cmp/dist/nav_widipub/nav_login_widibapub/login/w.login.min.css?vers=373140
Requested by
Host: widiba.app
URL: https://widiba.app/ads%20widiba/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.7.18.190 Siena, Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
Software
Apache /
Resource Hash
3cefe39a0c00959c8355c9ee422dadd2899c0a786498f75df401d858fd9030dd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://widiba.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:28:46 GMT
content-encoding
br
last-modified
Wed, 08 Jun 2022 19:05:38 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"9b1-5e0f464014480"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1200
accept-ranges
bytes
content-length
2481
expires
Thu, 09 Jun 2022 12:48:46 GMT
libs.conc.min.js
www.widiba.it/cmp/dist/nav_widipub/ 		814 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.widiba.it/cmp/dist/nav_widipub/libs.conc.min.js?vers=373140
Requested by
Host: widiba.app
URL: https://widiba.app/ads%20widiba/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.7.18.190 Siena, Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
Software
Apache /
Resource Hash
ba6a94f2a05fc6009fe6e77294f1179187c262c86b47ec1e1fe05091c5131b39
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://widiba.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:28:46 GMT
content-encoding
br
last-modified
Wed, 08 Jun 2022 19:05:59 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"2c8c3-5e0f46541b3c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1200
accept-ranges
bytes
content-length
182467
expires
Thu, 09 Jun 2022 12:48:46 GMT
framework.conc.min.js
www.widiba.it/cmp/dist/nav_widipub/ 		258 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.widiba.it/cmp/dist/nav_widipub/framework.conc.min.js?vers=373140
Requested by
Host: widiba.app
URL: https://widiba.app/ads%20widiba/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.7.18.190 Siena, Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
Software
Apache /
Resource Hash
ffa5ea6b2d468c96c59b475e0bb27015cab6c5fcd2854e8122fe40a0ec7b3e44
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://widiba.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:28:46 GMT
content-encoding
br
last-modified
Wed, 08 Jun 2022 19:05:59 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"b60d-5e0f46541b3c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1200
accept-ranges
bytes
content-length
46605
expires
Thu, 09 Jun 2022 12:48:46 GMT
components.conc.min.js
www.widiba.it/cmp/dist/nav_widipub/ 		182 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.widiba.it/cmp/dist/nav_widipub/components.conc.min.js?vers=373140
Requested by
Host: widiba.app
URL: https://widiba.app/ads%20widiba/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.7.18.190 Siena, Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
Software
Apache /
Resource Hash
b6e4de058aa1830209a9eddef2958eab13b8b70d54dcae71529f8516b820b7e1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://widiba.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:28:46 GMT
content-encoding
br
last-modified
Wed, 08 Jun 2022 19:05:59 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"739b-5e0f46541b3c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1200
accept-ranges
bytes
content-length
29595
expires
Thu, 09 Jun 2022 12:48:46 GMT
mediacenterlibs.conc.min.js
www.widiba.it/cmp/dist/nav_widipub/ 		133 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.widiba.it/cmp/dist/nav_widipub/mediacenterlibs.conc.min.js?vers=373140
Requested by
Host: widiba.app
URL: https://widiba.app/ads%20widiba/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.7.18.190 Siena, Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
Software
Apache /
Resource Hash
a1412002c50fad6d367c10add21a5fe92361c344a8aef2c80274704b98ed8866
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://widiba.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:28:46 GMT
content-encoding
br
last-modified
Wed, 08 Jun 2022 19:05:59 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"4b32-5e0f46541b3c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1200
accept-ranges
bytes
content-length
19250
expires
Thu, 09 Jun 2022 12:48:46 GMT
mediacenter.conc.min.js
www.widiba.it/cmp/dist/nav_widipub/ 		156 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.widiba.it/cmp/dist/nav_widipub/mediacenter.conc.min.js?vers=373140
Requested by
Host: widiba.app
URL: https://widiba.app/ads%20widiba/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.7.18.190 Siena, Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
Software
Apache /
Resource Hash
f7bd978696ec803fb1f8c5b66031ba79e0b2e817e26322ba790155b57fc6aa5f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://widiba.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:28:46 GMT
content-encoding
br
last-modified
Wed, 08 Jun 2022 19:05:59 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"6b95-5e0f46541b3c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1200
accept-ranges
bytes
content-length
27541
expires
Thu, 09 Jun 2022 12:48:46 GMT
nav_login_widibapub.conc.min.js
www.widiba.it/cmp/dist/nav_widipub/nav_login_widibapub/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.widiba.it/cmp/dist/nav_widipub/nav_login_widibapub/nav_login_widibapub.conc.min.js?vers=373140
Requested by
Host: widiba.app
URL: https://widiba.app/ads%20widiba/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.7.18.190 Siena, Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
Software
Apache /
Resource Hash
83a61083a1bbe9a35489f4acb91fecefe2f3cec428cbbda061093288b27f875f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://widiba.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:28:46 GMT
content-encoding
br
last-modified
Wed, 08 Jun 2022 19:05:59 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1c45-5e0f46541b3c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1200
accept-ranges
bytes
content-length
7237
expires
Thu, 09 Jun 2022 12:48:46 GMT
picturefill.3.0.2.min.js
www.widiba.it/cmn/assets/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.widiba.it/cmn/assets/js/picturefill.3.0.2.min.js
Requested by
Host: widiba.app
URL: https://widiba.app/ads%20widiba/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.7.18.190 Siena, Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
Software
Apache /
Resource Hash
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://widiba.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:28:46 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 20:06:59 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1217-5dfdb9da19ec0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
4631
expires
Thu, 09 Jun 2022 12:38:46 GMT
logo_official.svg
www.widiba.it/cmn/libs/img/loghi/bancawidiba/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.widiba.it/cmn/libs/img/loghi/bancawidiba/logo_official.svg
Requested by
Host: widiba.app
URL: https://widiba.app/ads%20widiba/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.7.18.190 Siena, Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
Software
Apache /
Resource Hash
bc311dc2a786579294284799adbaf806255839057b7d95b44401b0bc1f954384
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://widiba.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:28:46 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 20:07:06 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1507-5dfdb9e0c6e80-br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=600
accept-ranges
bytes
content-length
2272
expires
Thu, 09 Jun 2022 12:38:46 GMT
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/webp
login_5_xl.webp
www.widiba.it/libs/img/public_2020/login/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.widiba.it/libs/img/public_2020/login/login_5_xl.webp
Requested by
Host: www.widiba.it
URL: https://www.widiba.it/cmp/dist/nav_widipub/nav_login_widibapub/login/w.login.min.css?vers=373140
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.7.18.190 Siena, Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
Software
Apache /
Resource Hash
bb684a8ff56f07cfd529eeb86ff79f30b85ea7348726355b31fa3dc5debef7ab
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.widiba.it/cmp/dist/nav_widipub/nav_login_widibapub/login/w.login.min.css?vers=373140
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:28:46 GMT
last-modified
Wed, 25 May 2022 20:06:45 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"146a4-5dfdb9ccbff40"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=600
accept-ranges
bytes
content-length
83620
expires
Thu, 09 Jun 2022 12:38:46 GMT
WidibaBook_0.009.woff2
www.widiba.it/cmn/font/ 		0
0
WidibaLight_0.005.woff2
www.widiba.it/cmn/font/ 		0
0
WidibaMedium_0.011.woff2
www.widiba.it/cmn/font/ 		0
0
WidibaIcons_0.056.woff2
www.widiba.it/cmn/font/ 		0
0
widiba.reqinfo.jsp
widiba.app/banca/common/requestinfo/ 		315 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widiba.app/banca/common/requestinfo/widiba.reqinfo.jsp?ri_windowWidth=1600&ri_windowHeight=1200&ri_pixelRatio=1
Requested by
Host: www.widiba.it
URL: https://www.widiba.it/cmp/dist/nav_widipub/libs.conc.min.js?vers=373140
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.208.76.71 London, United Kingdom, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://widiba.app/ads%20widiba/
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 09 Jun 2022 12:28:46 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
WidibaBook_0.009.woff
www.widiba.it/cmn/font/ 		0
0
WidibaIcons_0.056.woff
www.widiba.it/cmn/font/ 		0
0
WidibaLight_0.005.woff
www.widiba.it/cmn/font/ 		0
0
WidibaMedium_0.011.woff
www.widiba.it/cmn/font/ 		0
0
WidibaBook_0.009.ttf
www.widiba.it/cmn/font/ 		0
0
WidibaIcons_0.056.ttf
www.widiba.it/cmn/font/ 		0
0
WidibaLight_0.005.ttf
www.widiba.it/cmn/font/ 		0
0
WidibaMedium_0.011.ttf
www.widiba.it/cmn/font/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.widiba.it
URL
https://www.widiba.it/cmn/font/WidibaBook_0.009.woff2
Domain
www.widiba.it
URL
https://www.widiba.it/cmn/font/WidibaLight_0.005.woff2
Domain
www.widiba.it
URL
https://www.widiba.it/cmn/font/WidibaMedium_0.011.woff2
Domain
www.widiba.it
URL
https://www.widiba.it/cmn/font/WidibaIcons_0.056.woff2
Domain
www.widiba.it
URL
https://www.widiba.it/cmn/font/WidibaBook_0.009.woff
Domain
www.widiba.it
URL
https://www.widiba.it/cmn/font/WidibaIcons_0.056.woff
Domain
www.widiba.it
URL
https://www.widiba.it/cmn/font/WidibaLight_0.005.woff
Domain
www.widiba.it
URL
https://www.widiba.it/cmn/font/WidibaMedium_0.011.woff
Domain
www.widiba.it
URL
https://www.widiba.it/cmn/font/WidibaBook_0.009.ttf
Domain
www.widiba.it
URL
https://www.widiba.it/cmn/font/WidibaIcons_0.056.ttf
Domain
www.widiba.it
URL
https://www.widiba.it/cmn/font/WidibaLight_0.005.ttf
Domain
www.widiba.it
URL
https://www.widiba.it/cmn/font/WidibaMedium_0.011.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banca Widiba (Banking)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery boolean| disableFastClick function| _ function| AutoNumeric function| format function| Swiper object| FWRecorder object| Modernizr function| createBolToolSelectBox function| addEventListenerOrig object| widiba object| dlWidiba function| login function| Site function| GeneralHelper object| microsoft object| picturefillCFG function| picturefill function| fwr_event_handler object| dataLayer

0 Cookies

25 Console Messages

Source Level URL
Text
network error URL: https://widiba.app/banca/common/requestinfo/widiba.reqinfo.jsp?ri_windowWidth=1600&ri_windowHeight=1200&ri_pixelRatio=1
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: https://widiba.app/ads%20widiba/
Message:
Access to font at 'https://www.widiba.it/cmn/font/WidibaBook_0.009.woff2' from origin 'https://widiba.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.widiba.it/cmn/font/WidibaBook_0.009.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://widiba.app/ads%20widiba/
Message:
Access to font at 'https://www.widiba.it/cmn/font/WidibaIcons_0.056.woff2' from origin 'https://widiba.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.widiba.it/cmn/font/WidibaIcons_0.056.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://widiba.app/ads%20widiba/
Message:
Access to font at 'https://www.widiba.it/cmn/font/WidibaLight_0.005.woff2' from origin 'https://widiba.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.widiba.it/cmn/font/WidibaLight_0.005.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://widiba.app/ads%20widiba/
Message:
Access to font at 'https://www.widiba.it/cmn/font/WidibaMedium_0.011.woff2' from origin 'https://widiba.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.widiba.it/cmn/font/WidibaMedium_0.011.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://widiba.app/ads%20widiba/
Message:
Access to font at 'https://www.widiba.it/cmn/font/WidibaBook_0.009.woff' from origin 'https://widiba.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.widiba.it/cmn/font/WidibaBook_0.009.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://widiba.app/ads%20widiba/
Message:
Access to font at 'https://www.widiba.it/cmn/font/WidibaIcons_0.056.woff' from origin 'https://widiba.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.widiba.it/cmn/font/WidibaIcons_0.056.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://widiba.app/ads%20widiba/
Message:
Access to font at 'https://www.widiba.it/cmn/font/WidibaLight_0.005.woff' from origin 'https://widiba.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.widiba.it/cmn/font/WidibaLight_0.005.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://widiba.app/ads%20widiba/
Message:
Access to font at 'https://www.widiba.it/cmn/font/WidibaMedium_0.011.woff' from origin 'https://widiba.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.widiba.it/cmn/font/WidibaMedium_0.011.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://widiba.app/ads%20widiba/
Message:
Access to font at 'https://www.widiba.it/cmn/font/WidibaBook_0.009.ttf' from origin 'https://widiba.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.widiba.it/cmn/font/WidibaBook_0.009.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://widiba.app/ads%20widiba/
Message:
Access to font at 'https://www.widiba.it/cmn/font/WidibaIcons_0.056.ttf' from origin 'https://widiba.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.widiba.it/cmn/font/WidibaIcons_0.056.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://widiba.app/ads%20widiba/
Message:
Access to font at 'https://www.widiba.it/cmn/font/WidibaLight_0.005.ttf' from origin 'https://widiba.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.widiba.it/cmn/font/WidibaLight_0.005.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://widiba.app/ads%20widiba/
Message:
Access to font at 'https://www.widiba.it/cmn/font/WidibaMedium_0.011.ttf' from origin 'https://widiba.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.widiba.it/cmn/font/WidibaMedium_0.011.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
widiba.app
www.widiba.it
www.widiba.it
195.7.18.190
2a00:1450:4001:813::200a
8.208.76.71
149024e31c77b7d2ea1ba0baa632cb121a39e20f9870ec199ef0879e71a60412
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3cefe39a0c00959c8355c9ee422dadd2899c0a786498f75df401d858fd9030dd
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
83a61083a1bbe9a35489f4acb91fecefe2f3cec428cbbda061093288b27f875f
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
a1412002c50fad6d367c10add21a5fe92361c344a8aef2c80274704b98ed8866
b6e4de058aa1830209a9eddef2958eab13b8b70d54dcae71529f8516b820b7e1
ba6a94f2a05fc6009fe6e77294f1179187c262c86b47ec1e1fe05091c5131b39
bb684a8ff56f07cfd529eeb86ff79f30b85ea7348726355b31fa3dc5debef7ab
bc311dc2a786579294284799adbaf806255839057b7d95b44401b0bc1f954384
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dde9b910817cd5c259f64f7606963261f4b1fdabee9f9b3c0bdcf24e46db0447
e65659b68d2eaabb60d41d8fcfa8f9f9341b1fd23fdfdf2b3f10b7c74ba79a96
f7bd978696ec803fb1f8c5b66031ba79e0b2e817e26322ba790155b57fc6aa5f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ffa5ea6b2d468c96c59b475e0bb27015cab6c5fcd2854e8122fe40a0ec7b3e44