youweb-banco-bpm.xyz Open in urlscan Pro
2606:4700:3032::ac43:a592 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://youweb-banco-bpm.xyz/it/app/
Submission: On March 14 via manual (March 14th 2024, 9:17:26 am UTC) from IT — Scanned from IT

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3032::ac43:a592, located in United States and belongs to CLOUDFLARENET, US. The main domain is youweb-banco-bpm.xyz.
TLS certificate: Issued by GTS CA 1P5 on March 11th 2024. Valid for: 3 months.

This is the only time youweb-banco-bpm.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco BPM S.p.A. (Banking)

Domain & IP information

	IP Address		AS Autonomous System
2 19	2606:4700:303... 2606:4700:3032::ac43:a592		13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	1

19 2606:4700:3032::ac43:a592 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

youweb-banco-bpm.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	youweb-banco-bpm.xyz 2 redirects youweb-banco-bpm.xyz	500 KB
17	1

	Domain	Requested by
19	youweb-banco-bpm.xyz	2 redirects youweb-banco-bpm.xyz
17	1

This site contains no links.

Subject Issuer	Validity	Valid
youweb-banco-bpm.xyz GTS CA 1P5	`2024-03-11` - `2024-06-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://youweb-banco-bpm.xyz/it/app/
Frame ID: 0FFFAE7FEC4661A6A62ED90C6D4B259E
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://youweb-banco-bpm.xyz/it/app HTTP 301
http://youweb-banco-bpm.xyz/it/app/ HTTP 301
https://youweb-banco-bpm.xyz/it/app/ Page URL

Page Statistics

17
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

499 kB
Transfer

954 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://youweb-banco-bpm.xyz/it/app HTTP 301
http://youweb-banco-bpm.xyz/it/app/ HTTP 301
https://youweb-banco-bpm.xyz/it/app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response youweb-banco-bpm.xyz/it/app/ Redirect Chain https://youweb-banco-bpm.xyz/it/app http://youweb-banco-bpm.xyz/it/app/ https://youweb-banco-bpm.xyz/it/app/	5 KB 2 KB	409ms 409ms	Document text/html	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `af494938986adc8574cedc8c43d5b14fb4ebc1e937b4d93256065399e49db5e3` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language it-IT,it;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 86432b91bcde526d-MXP content-encoding br content-type text/html; charset=UTF-8 date Thu, 14 Mar 2024 09:17:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZELGlYARbSDD9qOmZq5%2B5Lj%2BjNRkcIr1J4Ms1JR1BGavLVZtVwQthHEwTnkCnpJkPhVAq45jS70fI092oO%2BwjZfIFuEtpp2dIpBEnCOBvj%2B6x8V4yEsrJ0cEzOhvXQ94ZIGieh7PZwc4uZXrQHZi%2B0Y4w%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers CF-RAY 86432b914c475242-MXP Cache-Control max-age=3600 Connection keep-alive Date Thu, 14 Mar 2024 09:17:21 GMT Expires Thu, 14 Mar 2024 10:17:21 GMT Location https://youweb-banco-bpm.xyz/it/app/ NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YsbwuDIwf03WgBQXcH3hAOAg4dz%2FYkZi9kmNs29AFNytfHsHwnZq6A%2BaL1xUaIQ2Cc9iZYHXWpgdid1l8myuACaxk%2FSMrCq4aDXC%2FnuLiqgRr4qSZtLs%2B1IM0y81MBzwFZqUqoPO9uYcYPdMCP2sM1WVqg%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400
GET H3	200	all.css youweb-banco-bpm.xyz/it/app/asset/	62 B 554 B	68ms 67ms	Stylesheet text/css	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/asset/all.css Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b63a5b26a268f8e753d0ba75bb087d79698d7177f8ccc0ba2ac914a329bfe625` Request headers accept-language it-IT,it;q=0.9 Referer https://youweb-banco-bpm.xyz/it/app/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:21 GMT content-encoding br cf-cache-status HIT last-modified Fri, 05 Mar 2021 23:05:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2807 etag W/"6042b944-3e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMVNw7HaNR6QJbB0dL8aU79XCTXbThZw6t4GC8MMCmdT1E2PAyV7q9MU6MjhDqeD0R8BnK59mFp60Q892RuJQ%2BwruPSo23Kjo9gfQq%2BHdTyBPbOxbjzqcw6TEL3PwJa3mKQ7YhpxFNwBnXJI80sMoOlhBQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 86432b945cfd4bdd-MXP alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	ie10-viewport.css youweb-banco-bpm.xyz/it/app/asset/	518 B 765 B	69ms 68ms	Stylesheet text/css	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/asset/ie10-viewport.css Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `40d3bc447175dafb479f5f2204ed79b27e852a949320f55522287d8428849415` Request headers accept-language it-IT,it;q=0.9 Referer https://youweb-banco-bpm.xyz/it/app/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:21 GMT content-encoding br cf-cache-status HIT last-modified Fri, 05 Mar 2021 23:02:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2807 etag W/"6042b8a0-206" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gqMiBWHCp%2FUoyKtHDTj%2FB91dkpF%2FInUivmFtle94%2F5chSUxbQySFyY0WxC5Azn5a2aW87NMBhL18Fsst3BFwlCkJhokaPzn5YfEQ8T2ul4oRMoVcY8kvXEt6E3PmNSdq8jyL7z3iOoS0wb1YzSFGYHnzg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 86432b945d004bdd-MXP alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	youWeb-main.css youweb-banco-bpm.xyz/it/app/asset/	318 KB 56 KB	70ms 69ms	Stylesheet text/css	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/asset/youWeb-main.css Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e8901fde1422eda631b8ecaa4f5b481fc9295e2a2e39305d6f41da50f7d69a30` Request headers accept-language it-IT,it;q=0.9 Referer https://youweb-banco-bpm.xyz/it/app/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:21 GMT content-encoding br cf-cache-status HIT last-modified Fri, 05 Mar 2021 23:10:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 177655 etag W/"6042ba56-4f7fe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXkdwvVsqFVjEJ3M9vASyn1zsc4xXWfmTXwrH%2BkSfcVkX0EiT3%2F2kQ%2F3HjT4D1ybN3YfUkSDjU8E97H8%2F0KWzMCGhOv64heSGLy4QzlteFocWyaCam8k3s51S0xVv8dFCA0DYesoI2uCbtSBBgMRJ5FqrQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 86432b945d024bdd-MXP alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	youWeb-struttura.css youweb-banco-bpm.xyz/it/app/asset/	24 KB 6 KB	107ms 106ms	Stylesheet text/css	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/asset/youWeb-struttura.css Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a5a96fe34232e9a423688994c3d8899d2f5ae361eb1104a4d135e3ca7d27833f` Request headers accept-language it-IT,it;q=0.9 Referer https://youweb-banco-bpm.xyz/it/app/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:21 GMT content-encoding br cf-cache-status HIT last-modified Fri, 05 Mar 2021 23:10:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 177655 etag W/"6042ba70-5fd8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiSl2z4MvbycUnnex5156mfziHfmQkoLPKYeYjMV%2B7a9k6XACN2mBTWLP01mKPbY%2BuhR6zZCUv5%2FuxLvEX7Oaa4LDDzWlQZdoG9iPKMy5pkzG97%2FUPI0%2FTq%2BA7NV%2F2qBA34fFsrhEBDivj7GlnsRzbw%2BMQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 86432b945d054bdd-MXP alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	youWeb-sm-desktop.css youweb-banco-bpm.xyz/it/app/asset/	9 KB 3 KB	108ms 107ms	Stylesheet text/css	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/asset/youWeb-sm-desktop.css Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8b6e93132724e12ec714f88a7d850451df7d555830ff4fbc2d632d0e7bc81fb4` Request headers accept-language it-IT,it;q=0.9 Referer https://youweb-banco-bpm.xyz/it/app/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:21 GMT content-encoding br cf-cache-status HIT last-modified Fri, 05 Mar 2021 23:10:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2806 etag W/"6042ba68-2459" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qajy7BZcL0glLs7nqrICZ8SqC07j9bmO%2BFoVWPfdnRyM%2B%2BQjUD0BqLxelrKL5cgZ3Z%2BVMBYZV3Wb9Efl56JOnFtKxNNebxqKX%2BrXqA5ppu5jV0tz%2BFvSi6S0BIVWVn9YpTDD%2Bfkj7GIfjS556tBzDxZ2yQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 86432b945d074bdd-MXP alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	alert.png youweb-banco-bpm.xyz/it/app/	17 KB 18 KB	42ms 41ms	Image image/png	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://youweb-banco-bpm.xyz/it/app/alert.png Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `db74a5ed1d75f14480e2b93449eebb5f4764e4dce1a16ff6b010cb5a43711534` Request headers accept-language it-IT,it;q=0.9 Referer https://youweb-banco-bpm.xyz/it/app/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 177654 alt-svc h3=":443"; ma=86400 content-length 17877 last-modified Tue, 21 Sep 2021 03:03:14 GMT server cloudflare etag "61494b72-45d5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jc7Z8rYugJVZ9%2ByW%2FWMCG9efwnKKoIVckoy4tjQSYVC%2Bgk7r%2F2Bcn%2FIGVDBVCQoqsZccuMjsskZYCQKBjklJSF21ZzyoUSPqO7wiUYcsxQsz5DGAUVr8gTsxRk%2BU1CsVeID0Ao8SuHqePIeDM4qjjWmJxg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 86432b945d084bdd-MXP expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	bootstrap.css youweb-banco-bpm.xyz/it/app/asset/	66 KB 11 KB	38ms 38ms	Stylesheet text/css	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/asset/bootstrap.css Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/asset/all.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ce4827e596ff84952373cad1fbfae8ec6b43e81dc29e165afdbbef3fd9de0d96` Request headers accept-language it-IT,it;q=0.9 Referer https://youweb-banco-bpm.xyz/it/app/asset/all.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:22 GMT content-encoding br cf-cache-status HIT last-modified Fri, 05 Mar 2021 23:06:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 177655 etag W/"6042b958-10945" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vy83Nu9VYlaVytCLpruKeV6HGtgOb0GC5FR3zdOcHcimQPTA0v0fBikObks58nRfOg8ExZ4EwCKl8J1XCU9OwU%2B9WP6D5EGqei%2FB5f0RiS%2BmVJHQKCFaVi0JUrTrG9tEUIwqMrQEZOMF3r58pZFM243cBg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 86432b94bdb44bdd-MXP alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	print.css youweb-banco-bpm.xyz/it/app/asset/	14 KB 4 KB	39ms 39ms	Stylesheet text/css	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/asset/print.css Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/asset/all.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5e3057f7e3cd590f4407505bf95c0055f5cb32953b776711086bd846e5de4a07` Request headers accept-language it-IT,it;q=0.9 Referer https://youweb-banco-bpm.xyz/it/app/asset/all.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:22 GMT content-encoding br cf-cache-status HIT last-modified Fri, 05 Mar 2021 23:02:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 177655 etag W/"6042b8a0-3804" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWnL0sI1CZcNy8aPMWS1cztgKqasQnb2rucJjdcX0%2FvqE76FJt2LCeNEupRw%2ByFEhUoUmBDLvXdOQlivjrm3SpVQQOpRq9WH2Gk60%2FydXfYcLqcwmGPne98txON6MgsK%2F49BjiaLc0QybmXtd%2BvQRSbn5A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 86432b94bdb64bdd-MXP alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	youWeb-xxs-mobile.css youweb-banco-bpm.xyz/it/app/asset/	757 B 842 B	33ms 32ms	Stylesheet text/css	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/asset/youWeb-xxs-mobile.css Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/asset/youWeb-main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3bb54cd702fc7c6f265126bfda02357aaf0f6ef0f4b9143517e270c27c9eb999` Request headers accept-language it-IT,it;q=0.9 Referer https://youweb-banco-bpm.xyz/it/app/asset/youWeb-main.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:22 GMT content-encoding br cf-cache-status HIT last-modified Fri, 05 Mar 2021 23:07:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 177655 etag W/"6042b9a0-2f5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPL5iax9ZSWL7AEM%2FQextbnGlyOoeiiMAjCCaRASOWnX97vQiOyGntHeLDLI6hO%2FTDe%2Bi5sBwgUG0toT85oNBl1tuFS4z5KdQPUNWdSo5TS7Dv2BXyixUwytTBFuG4ho%2Ft0GoLQSDQA6tC7sZ6J%2FEjXTeQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 86432b950e014bdd-MXP alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	youWeb-xs-mobile.css youweb-banco-bpm.xyz/it/app/asset/	78 KB 16 KB	37ms 36ms	Stylesheet text/css	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/asset/youWeb-xs-mobile.css Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/asset/youWeb-main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4ae9cdebc2205a860c888733fbef6b5bcc4faee2285df77d59f9cf41f45b3f0f` Request headers accept-language it-IT,it;q=0.9 Referer https://youweb-banco-bpm.xyz/it/app/asset/youWeb-main.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:22 GMT content-encoding br cf-cache-status HIT last-modified Fri, 05 Mar 2021 23:11:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 177656 etag W/"6042ba86-139d0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfSfJyrTdNzHqx9UxnYiZBTVpwPrBE6B4rLmsQrdIeeQ9fuqVlLLWyzht%2BIruIgFI2R3Zei7k6%2FjfWcCupPKKzUfSurunTl%2Fbz3Ool62rqUheTsTklEMwIx1ma3zshsOW6wvoqoT1aJyJxLrBz4jYXGzxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 86432b950e024bdd-MXP alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	youWeb-icone.css youweb-banco-bpm.xyz/it/app/asset/	16 KB 3 KB	36ms 35ms	Stylesheet text/css	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/asset/youWeb-icone.css Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/asset/youWeb-main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8b042878b9323acf8c7b92953e2e2c293b1be3479a430cf7e3ef3a7c188c9160` Request headers accept-language it-IT,it;q=0.9 Referer https://youweb-banco-bpm.xyz/it/app/asset/youWeb-main.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:22 GMT content-encoding br cf-cache-status HIT last-modified Fri, 05 Mar 2021 23:10:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 177655 etag W/"6042ba48-3fa4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pjBxrlDxAm9SOCgnxX6PSyE%2BWc7G7Hza1fvg1bbWF6wa53QIy%2BbfyVfz13bvilvyJemQwG80dgpXqdaBKIgl1OMR2qs3cTZP5AWU6JIpJCnYjp%2F%2BcPczfkvSsN6MXQ%2Ff4bF8OIoT6LQjKvWc%2Fz%2FLTK8iw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 86432b950e044bdd-MXP alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	youWeb-xs-mobile-struttura.css youweb-banco-bpm.xyz/it/app/asset/	19 KB 4 KB	32ms 32ms	Stylesheet text/css	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/asset/youWeb-xs-mobile-struttura.css Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/asset/youWeb-struttura.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `73283ea98fa2cf11c77903f207385aea60302277c3de61444e27d80ea634f696` Request headers accept-language it-IT,it;q=0.9 Referer https://youweb-banco-bpm.xyz/it/app/asset/youWeb-struttura.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:22 GMT content-encoding br cf-cache-status HIT last-modified Fri, 05 Mar 2021 23:10:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 177655 etag W/"6042ba7e-4d0d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3z%2BrAA%2FpZAmVFe%2BESnRFU2xmR5Tt9JX5sfCuP7ttkg9mJi4sXjRyUpFe%2B1Eu5jaryqUo7gC7crfWVU7Ihti%2BgYwPAe3CRXupIGCz7CX7V%2FdkrGNAsUokREu%2FFtiZCrAYj8HcVedyrXUDmRaP4pugDFI%2B5g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 86432b954e4b4bdd-MXP alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	youWeb-sm-desktop-struttura.css youweb-banco-bpm.xyz/it/app/asset/	20 KB 5 KB	31ms 31ms	Stylesheet text/css	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/asset/youWeb-sm-desktop-struttura.css Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/asset/youWeb-struttura.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8f234e83d14ea5ba763159a72eac361f5ccc61f404bf49d10b5c5c2e113651cb` Request headers accept-language it-IT,it;q=0.9 Referer https://youweb-banco-bpm.xyz/it/app/asset/youWeb-struttura.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:22 GMT content-encoding br cf-cache-status HIT last-modified Fri, 05 Mar 2021 23:10:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 177655 etag W/"6042ba60-4ee8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSWIKsYV2OcduCuOTHVt1Wu%2FZ%2BMhBcd7JS4hDvIDgSvFt4BfUVoXFuYXeZUTDUPufq21moIHjuDmbTpwrw3fjYYQWk0w%2BN5Cb2BOm70d7OD9nJeY1MkawN73GnCzHmSZOKSxJqvfYwN7%2FISINMVMMvcxsQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 86432b954e4e4bdd-MXP alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	bg_public.jpg youweb-banco-bpm.xyz/it/app/asset/img/	330 KB 330 KB	34ms 34ms	Image image/jpeg	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://youweb-banco-bpm.xyz/it/app/asset/img/bg_public.jpg?a=1 Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/asset/youWeb-main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3ce125c7587c0e7f2f050abd4f9a963ad6f43f7fce080a89e3d74c08ab8b0780` Request headers accept-language it-IT,it;q=0.9 Referer https://youweb-banco-bpm.xyz/it/app/asset/youWeb-main.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 177655 alt-svc h3=":443"; ma=86400 content-length 337762 last-modified Tue, 24 May 2022 17:24:28 GMT server cloudflare etag "628d14cc-52762" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTcpBFtCjDlL93I2I2LJWoj5OeG%2BKmglOS62lMLiiPMdd1zkZEs990Os%2FyrUGMUc6dxIr2KV5%2BprDM%2BUkX1eTTPEWrEKWuqvtQf5Hb0y2CJqHf1%2B5xaY5XWANRsXd5gIMLmucLWLrQBMzl%2FFlZ1kThpr1Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes cf-ray 86432b955e614bdd-MXP expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	montserrat-medium-webfont.woff2 youweb-banco-bpm.xyz/it/app/asset/font/	18 KB 19 KB	49ms 49ms	Font font/woff2	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/asset/font/montserrat-medium-webfont.woff2 Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/asset/youWeb-main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `25c121f7614482fbd31ae2a13e5b70e1f627ee69219bee2804f5c17a418468c3` Request headers Referer https://youweb-banco-bpm.xyz/it/app/asset/youWeb-main.css Origin https://youweb-banco-bpm.xyz accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2807 alt-svc h3=":443"; ma=86400 content-length 18724 last-modified Fri, 05 Mar 2021 23:12:50 GMT server cloudflare etag "6042baf2-4924" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlFMk1Yp%2BWQwd3T0x7Rym8OKm1mLOGhijj8Qy3U0NNo6GGWDcOfs95GUB4MYgm%2F0oO7EC6QlybDvJ52IesPINqCFxVDKDenFaIuz%2FvcvL0Y3DPxfBcIh5VDZHZRIvnWWaF0e4JxzZV6PesQcRht49ylS9Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=315360000 accept-ranges bytes cf-ray 86432b959eaa4bdd-MXP expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	montserrat-light-webfont.woff2 youweb-banco-bpm.xyz/it/app/asset/font/	18 KB 18 KB	53ms 53ms	Font font/woff2	2606:4700:3032::ac43:a592 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youweb-banco-bpm.xyz/it/app/asset/font/montserrat-light-webfont.woff2 Requested by Host: youweb-banco-bpm.xyz URL: https://youweb-banco-bpm.xyz/it/app/asset/youWeb-main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a592 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2e04fd03380f37826cd7910fd6572db153539af8df6af646a953d84879ecc3f0` Request headers Referer https://youweb-banco-bpm.xyz/it/app/asset/youWeb-main.css Origin https://youweb-banco-bpm.xyz accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 14 Mar 2024 09:17:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2807 alt-svc h3=":443"; ma=86400 content-length 18008 last-modified Fri, 05 Mar 2021 23:12:48 GMT server cloudflare etag "6042baf0-4658" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbxUKHHDcRDuCIPZ1EH6K4XkMR9lui%2FrRik5sAu7Kyd0xezjiTnaVwtEpL0g3ad1LbyszrSQqIoMrx6ifAp%2B14teftNSVZfI1JLkJa7qRq8V0Ga9QRznuvju1elyZ%2BeEaUlgEiF6epWq%2BQb%2ByWUZMvjdaw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=315360000 accept-ranges bytes cf-ray 86432b959eac4bdd-MXP expires Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco BPM S.p.A. (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			youweb-banco-bpm.xyz/it/app	1970-01-21 04:42:47	Name: COOKIE_KEY Value: 171040784157

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

youweb-banco-bpm.xyz
2606:4700:3032::ac43:a592
25c121f7614482fbd31ae2a13e5b70e1f627ee69219bee2804f5c17a418468c3
2e04fd03380f37826cd7910fd6572db153539af8df6af646a953d84879ecc3f0
3bb54cd702fc7c6f265126bfda02357aaf0f6ef0f4b9143517e270c27c9eb999
3ce125c7587c0e7f2f050abd4f9a963ad6f43f7fce080a89e3d74c08ab8b0780
40d3bc447175dafb479f5f2204ed79b27e852a949320f55522287d8428849415
4ae9cdebc2205a860c888733fbef6b5bcc4faee2285df77d59f9cf41f45b3f0f
5e3057f7e3cd590f4407505bf95c0055f5cb32953b776711086bd846e5de4a07
73283ea98fa2cf11c77903f207385aea60302277c3de61444e27d80ea634f696
8b042878b9323acf8c7b92953e2e2c293b1be3479a430cf7e3ef3a7c188c9160
8b6e93132724e12ec714f88a7d850451df7d555830ff4fbc2d632d0e7bc81fb4
8f234e83d14ea5ba763159a72eac361f5ccc61f404bf49d10b5c5c2e113651cb
a5a96fe34232e9a423688994c3d8899d2f5ae361eb1104a4d135e3ca7d27833f
af494938986adc8574cedc8c43d5b14fb4ebc1e937b4d93256065399e49db5e3
b63a5b26a268f8e753d0ba75bb087d79698d7177f8ccc0ba2ac914a329bfe625
ce4827e596ff84952373cad1fbfae8ec6b43e81dc29e165afdbbef3fd9de0d96
db74a5ed1d75f14480e2b93449eebb5f4764e4dce1a16ff6b010cb5a43711534
e8901fde1422eda631b8ecaa4f5b481fc9295e2a2e39305d6f41da50f7d69a30

youweb-banco-bpm.xyz Open in urlscan Pro 2606:4700:3032::ac43:a592 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

17 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

499 kBTransfer

954 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

youweb-banco-bpm.xyz Open in urlscan Pro
2606:4700:3032::ac43:a592 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

499 kB
Transfer

954 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!