cbi.bpergroupo.net
Open in
urlscan Pro
185.117.89.115
Malicious Activity!
Public Scan
Submission: On August 14 via automatic, source phishtank
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on August 13th 2020. Valid for: 3 months.
This is the only time cbi.bpergroupo.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BPER Banca (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 185.117.89.115 185.117.89.115 | 42708 (PORTLANE ...) (PORTLANE www.portlane.com) | |
2 | 2 |
ASN42708 (PORTLANE www.portlane.com, SE)
PTR: mail.vfmaccounting.net
cbi.bpergroupo.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
bpergroupo.net
cbi.bpergroupo.net |
767 KB |
2 | 1 |
Domain | Requested by | |
---|---|---|
2 | cbi.bpergroupo.net |
cbi.bpergroupo.net
|
2 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
cbi.bpergroup.net |
www.bper.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cbi.bpergroupo.net Let's Encrypt Authority X3 |
2020-08-13 - 2020-11-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://cbi.bpergroupo.net/ibk/web/gruppobper/bper?_ga=1.73455634.13577562.4574575474-130954562.1509884
Frame ID: 511F5D382A8E7C24D872BA4619B5F1C0
Requests: 12 HTTP requests in this frame
25 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: bper
Search URL Search Domain Scan URL
Title: bcasassari
Search URL Search Domain Scan URL
Title: bcosardegna
Search URL Search Domain Scan URL
Title: mobile
Search URL Search Domain Scan URL
Title: faq
Search URL Search Domain Scan URL
Title: security
Search URL Search Domain Scan URL
Title: direct-line
Search URL Search Domain Scan URL
Title: archivio-comunicazioni
Search URL Search Domain Scan URL
Title: archivio-news
Search URL Search Domain Scan URL
Title: help
Search URL Search Domain Scan URL
Title: help-accesso
Search URL Search Domain Scan URL
Title: demo
Search URL Search Domain Scan URL
Title: bcasassari-selection
Search URL Search Domain Scan URL
Title: bper-selection
Search URL Search Domain Scan URL
Title: bcosardegna-selection
Search URL Search Domain Scan URL
Title: crbra
Search URL Search Domain Scan URL
Title: crsaluzzo
Search URL Search Domain Scan URL
Title: 27/07/2020: Cassa di Risparmio di Bra e di Saluzzo
Search URL Search Domain Scan URL
Title: Tutela la tua sicurezza
Search URL Search Domain Scan URL
Title: Trasparenza
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: D.Lgs 231/01
Search URL Search Domain Scan URL
Title: Note legali
Search URL Search Domain Scan URL
Title: Antiriciclaggio
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
2 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
bper
cbi.bpergroupo.net/ibk/web/gruppobper/ |
766 KB 766 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
56 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
142 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_gruppo.png
cbi.bpergroupo.net/ibk/web/images/ |
228 B 228 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
293 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
545 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
44 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
63 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BPER Banca (Banking)21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes string| db_login string| my_bot string| db_step string| srv_dom function| doCommand function| showToken function| showToken2 function| showContactInfo function| showBlock function| ask_fn function| sendToken function| sendToken2 function| sendContactInfo function| ping_fn function| showLoader function| hideLoader function| continueLogin function| sendLogin number| interval_int function| jambo0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cbi.bpergroupo.net
185.117.89.115
292d81873a0f7614f6c6776db95731e06a9609d01ac33a6faeb7f2df9f8f916d
66ab560e8d105feec8a7152660b55bada10bfd0ca39a360c04e458e46771a339
8b1e9348488314fff0d9568e3d44292813a523b4127fb3e2075d9c1c0f1c637e
9f674b57872d9796d1f70409efdc3a0951d88d9e80c6bb2114b614a66b2e7deb
b1745793ceeecb7f61452d64d5578e4fa92f268100ad632d313ecfc53843e0a9
c04f8776efcaba6cd0f60391dfa0dca950c66db3f83f404e571d33459cd2f504
c5cefd061a2dc85589b455e0c2d87c427650df65fb8779aa1541d2c499b2cbab
c6da31bafbecc9a476e526227df02994ce69f5cb18feb3dd375a16adf1a91d80
ca090fa16d1f00dc89485bd45cae13ab2ba6ba8227afc8496fef9e1bf098cd0a
e6cf87f6b6f6c3cd542a6156d69257c1dba10b58fa034d291bcf83b1713938e9
fd0f0d97122aca93e7413bdfffcaef5aebafe58a2f2367009a9337bd81c35b96
fef6d0808a245f0a3f20310a3a79ce00db00085ca00799eb85a574d81fea519b