cbi.bpergroupo.net Open in urlscan Pro
185.117.89.115  Malicious Activity! Public Scan

25 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://cbi.bpergroupo.net/ Page URL
2. https://cbi.bpergroupo.net/ibk/web/gruppobper/bper?_ga=1.73455634.13577562.4574575474-130954562.1509884 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
10 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response cbi.bpergroupo.net/	142 B 416 B	187ms 55ms	Document text/html	185.117.89.115 PORTLANE www.port...
General Check archive.org Show headers Download Go to Full URL https://cbi.bpergroupo.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.117.89.115 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE), Reverse DNS mail.vfmaccounting.net Software nginx / Resource Hash a5378ba8bb5beaed7183c87dcbc5a32f7c019655a80a0568a52cff81762d933a Request headers Host cbi.bpergroupo.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx Date Fri, 14 Aug 2020 05:39:46 GMT Content-Type text/html; charset=UTF-8 Content-Length 142 Connection keep-alive Keep-Alive timeout=60 Last-Modified Thu, 13 Aug 2020 19:36:32 GMT ETag "8e-5acc76be21000" Accept-Ranges bytes
GET H/1.1	200 OK	Primary Request bper Show response cbi.bpergroupo.net/ibk/web/gruppobper/	766 KB 766 KB	92ms 92ms	Document text/html	185.117.89.115 PORTLANE www.port...
General Check archive.org Show headers Download Go to Full URL https://cbi.bpergroupo.net/ibk/web/gruppobper/bper?_ga=1.73455634.13577562.4574575474-130954562.1509884 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.117.89.115 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE), Reverse DNS mail.vfmaccounting.net Software nginx / Resource Hash c5cefd061a2dc85589b455e0c2d87c427650df65fb8779aa1541d2c499b2cbab Request headers Host cbi.bpergroupo.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-origin Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://cbi.bpergroupo.net/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://cbi.bpergroupo.net/ Response headers Server nginx Date Fri, 14 Aug 2020 05:39:47 GMT Content-Length 784462 Connection keep-alive Keep-Alive timeout=60 Last-Modified Wed, 05 Aug 2020 17:12:00 GMT ETag "bf84e-5ac247842d800" Accept-Ranges bytes
GET DATA	200 OK	truncated /	7 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fd0f0d97122aca93e7413bdfffcaef5aebafe58a2f2367009a9337bd81c35b96 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fef6d0808a245f0a3f20310a3a79ce00db00085ca00799eb85a574d81fea519b Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	20 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ca090fa16d1f00dc89485bd45cae13ab2ba6ba8227afc8496fef9e1bf098cd0a Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	142 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8b1e9348488314fff0d9568e3d44292813a523b4127fb3e2075d9c1c0f1c637e Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c04f8776efcaba6cd0f60391dfa0dca950c66db3f83f404e571d33459cd2f504 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	404 Not Found	logo_gruppo.png cbi.bpergroupo.net/ibk/web/images/	228 B 228 B	73ms 54ms	Image text/html	185.117.89.115 PORTLANE www.port...
General Check archive.org Show headers Download Go to Show image Full URL https://cbi.bpergroupo.net/ibk/web/images/logo_gruppo.png Requested by Host: cbi.bpergroupo.net URL: https://cbi.bpergroupo.net/ibk/web/gruppobper/bper?_ga=1.73455634.13577562.4574575474-130954562.1509884 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.117.89.115 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE), Reverse DNS mail.vfmaccounting.net Software nginx / Resource Hash c6da31bafbecc9a476e526227df02994ce69f5cb18feb3dd375a16adf1a91d80 Request headers Referer https://cbi.bpergroupo.net/ibk/web/gruppobper/bper?_ga=1.73455634.13577562.4574575474-130954562.1509884 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 14 Aug 2020 05:39:47 GMT Server nginx Connection keep-alive Keep-Alive timeout=60 Content-Length 228 Content-Type text/html; charset=iso-8859-1
GET DATA	200 OK	truncated /	293 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1745793ceeecb7f61452d64d5578e4fa92f268100ad632d313ecfc53843e0a9 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	545 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e6cf87f6b6f6c3cd542a6156d69257c1dba10b58fa034d291bcf83b1713938e9 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	56 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 66ab560e8d105feec8a7152660b55bada10bfd0ca39a360c04e458e46771a339 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	44 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9f674b57872d9796d1f70409efdc3a0951d88d9e80c6bb2114b614a66b2e7deb Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	63 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 292d81873a0f7614f6c6776db95731e06a9609d01ac33a6faeb7f2df9f8f916d Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BPER Banca (Banking)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| db_login string| my_bot string| db_step string| srv_dom function| doCommand function| showToken function| showToken2 function| showContactInfo function| showBlock function| ask_fn function| sendToken function| sendToken2 function| sendContactInfo function| ping_fn function| showLoader function| hideLoader function| continueLogin function| sendLogin number| interval_int function| jambo

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cbi.bpergroupo.net
185.117.89.115
292d81873a0f7614f6c6776db95731e06a9609d01ac33a6faeb7f2df9f8f916d
66ab560e8d105feec8a7152660b55bada10bfd0ca39a360c04e458e46771a339
8b1e9348488314fff0d9568e3d44292813a523b4127fb3e2075d9c1c0f1c637e
9f674b57872d9796d1f70409efdc3a0951d88d9e80c6bb2114b614a66b2e7deb
a5378ba8bb5beaed7183c87dcbc5a32f7c019655a80a0568a52cff81762d933a
b1745793ceeecb7f61452d64d5578e4fa92f268100ad632d313ecfc53843e0a9
c04f8776efcaba6cd0f60391dfa0dca950c66db3f83f404e571d33459cd2f504
c5cefd061a2dc85589b455e0c2d87c427650df65fb8779aa1541d2c499b2cbab
c6da31bafbecc9a476e526227df02994ce69f5cb18feb3dd375a16adf1a91d80
ca090fa16d1f00dc89485bd45cae13ab2ba6ba8227afc8496fef9e1bf098cd0a
e6cf87f6b6f6c3cd542a6156d69257c1dba10b58fa034d291bcf83b1713938e9
fd0f0d97122aca93e7413bdfffcaef5aebafe58a2f2367009a9337bd81c35b96
fef6d0808a245f0a3f20310a3a79ce00db00085ca00799eb85a574d81fea519b