curvepebbles.com
Open in
urlscan Pro
192.232.192.29
Malicious Activity!
Public Scan
Submission: On July 22 via api from TW
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 19th 2020. Valid for: 3 months.
This is the only time curvepebbles.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Unicredit (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 192.232.192.29 192.232.192.29 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
3 | 195.68.201.32 195.68.201.32 | 29080 (BULBANK-AS) (BULBANK-AS) | |
2 | 104.111.249.240 104.111.249.240 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
16 | 4 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-232-192-29.unifiedlayer.com
curvepebbles.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-249-240.deploy.static.akamaitechnologies.com
seal.websecurity.norton.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
curvepebbles.com
curvepebbles.com |
260 KB |
3 |
bulbankonline.bg
bulbankonline.bg |
585 KB |
2 |
norton.com
seal.websecurity.norton.com |
458 B |
16 | 3 |
Domain | Requested by | |
---|---|---|
7 | curvepebbles.com |
curvepebbles.com
|
3 | bulbankonline.bg |
curvepebbles.com
|
2 | seal.websecurity.norton.com |
curvepebbles.com
|
16 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
online.bulbank.bg |
www.unicreditbulbank.bg |
Subject Issuer | Validity | Valid | |
---|---|---|---|
curvepebbles.com cPanel, Inc. Certification Authority |
2020-07-19 - 2020-10-17 |
3 months | crt.sh |
bulbankonline.bg DigiCert SHA2 Extended Validation Server CA |
2019-08-26 - 2021-08-25 |
2 years | crt.sh |
seal.websecurity.norton.com DigiCert SHA2 Extended Validation Server CA |
2020-03-23 - 2022-04-03 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://curvepebbles.com/Bulk/Login.php?appIdKey=^64.106.213.*&country=US&link=https://bulbankonline.bg/en-US/none/Login/Index?s=efb28ee619306293f8b7909d6842f8cb&view=login
Frame ID: 70EB7E9D4371E2116582C9F36AE43ECB
Requests: 16 HTTP requests in this frame
10 Outgoing links
These are links going to different origins than the main page.
Title: Препоръки за сигурност при работа с алтернативни канали на Банката
Search URL Search Domain Scan URL
Title: Политика за прилагане на бисквитки
Search URL Search Domain Scan URL
Title: Общи условия за Булбанк Онлайн
Search URL Search Domain Scan URL
Title: Видове сметки и възможности за работа с тях в услугата „Булбанк Онлайн”
Search URL Search Domain Scan URL
Title: Искане за ползване на Булбанк Онлайн - корпоративни клиенти
Search URL Search Domain Scan URL
Title: Искане за ползване на Булбанк Онлайн – индивидуални клиенти
Search URL Search Domain Scan URL
Title: Искане за промяна на достъп на потребител за ползване на Булбанк Онлайн
Search URL Search Domain Scan URL
Title: Поверителност
Search URL Search Domain Scan URL
Title: Права на ползване
Search URL Search Domain Scan URL
Title: Често задавани въпроси
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Login.php
curvepebbles.com/Bulk/ |
17 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
bulbankonline.bg/Content/css/ |
421 KB 77 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getseal
seal.websecurity.norton.com/ |
13 B 217 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getseal
seal.websecurity.norton.com/ |
43 B 241 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unicredit-bulbank-logo.svg
bulbankonline.bg/Content/img/ |
6 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tel.png
curvepebbles.com/Bulk/ |
404 B 783 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile.png
curvepebbles.com/Bulk/ |
239 B 618 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-login.jpg
bulbankonline.bg/Content/img/ |
501 KB 502 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dar.png
curvepebbles.com/Bulk/ |
447 B 827 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
user.png
curvepebbles.com/Bulk/ |
251 KB 251 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usernamicon.png
curvepebbles.com/Bulk/ |
821 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lock.png
curvepebbles.com/Bulk/ |
435 B 815 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Material-Design-Iconic-Font.woff2
bulbankonline.bg/Content/icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
UniCredit%20CY-Regular.ttf
bulbankonline.bg/Content/fonts/UniCreditCY/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Material-Design-Iconic-Font.woff
bulbankonline.bg/Content/icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Material-Design-Iconic-Font.ttf
bulbankonline.bg/Content/icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- bulbankonline.bg
- URL
- https://bulbankonline.bg/Content/icons/Material-Design-Iconic-Font.woff2?v=2.2.0
- Domain
- bulbankonline.bg
- URL
- https://bulbankonline.bg/Content/fonts/UniCreditCY/UniCredit%20CY-Regular.ttf
- Domain
- bulbankonline.bg
- URL
- https://bulbankonline.bg/Content/icons/Material-Design-Iconic-Font.woff?v=2.2.0
- Domain
- bulbankonline.bg
- URL
- https://bulbankonline.bg/Content/icons/Material-Design-Iconic-Font.ttf?v=2.2.0
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Unicredit (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bulbankonline.bg
curvepebbles.com
seal.websecurity.norton.com
bulbankonline.bg
104.111.249.240
192.232.192.29
195.68.201.32
0af36ef532df80f9b11ca5acea6798a26943db08d6d27f9322225da62d91333f
2341d64aadfd89d9d21788c4e5c309e83209bd6406b167f7181050d77add46cd
245f91663d4e7dd6f959c8043868830256c6d3774e3bb40a607557f8921ff70c
3d67a6e8cd02ecb88d4d924a5e29098324e5b5bf27d43752074f4b94f26c91c9
51441f51f8fb9a7a820cbd086c4b8ec1fedfca249e1f04c1661bc499d4ad2296
5e0a4eb4b2b6d103a2b2a65d96c1527bf59111f646e360a7c865839545991d5b
5ea0d9dbd04e1e9d895c49545da879f5520a1c9b41ceaa9cd991482ffe2f1c76
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
bb807cd3b9903a753407ec9d82c403490bad87e9b707458b7d0e7f165277cd2c
bd82efdfdeda0c08ac9239242de3e22e05dfbd9595ca833faf7e92d161d69bee
e2b4b11e3c11f24269127ac43be1c2fb50e9ad794170e9b2a87def6ebdb6420c
f2d724582468fae5e71c87711119cd71d54d9cac496ad0018238653d3ea59de5