cbi.bpergroupo.net
Open in
urlscan Pro
185.117.89.115
Malicious Activity!
Public Scan
Effective URL: https://cbi.bpergroupo.net/ibk/web/gruppobper/bper?_ga=1.73455634.13577562.4574575474-130954562.1509884
Submission Tags: 6731947
Submission: On August 14 via api from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on August 13th 2020. Valid for: 3 months.
This is the only time cbi.bpergroupo.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BPER Banca (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 185.117.89.115 185.117.89.115 | 42708 (PORTLANE ...) (PORTLANE www.portlane.com) | |
3 | 2 |
ASN42708 (PORTLANE www.portlane.com, SE)
PTR: mail.vfmaccounting.net
cbi.bpergroupo.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
bpergroupo.net
cbi.bpergroupo.net |
767 KB |
3 | 1 |
Domain | Requested by | |
---|---|---|
3 | cbi.bpergroupo.net |
cbi.bpergroupo.net
|
3 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
cbi.bpergroup.net |
www.bper.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cbi.bpergroupo.net Let's Encrypt Authority X3 |
2020-08-13 - 2020-11-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://cbi.bpergroupo.net/ibk/web/gruppobper/bper?_ga=1.73455634.13577562.4574575474-130954562.1509884
Frame ID: BCD4942F96F829E61181CDD8120AD2A9
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://cbi.bpergroupo.net/ Page URL
- https://cbi.bpergroupo.net/ibk/web/gruppobper/bper?_ga=1.73455634.13577562.4574575474-130954562.1509884 Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
25 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: bper
Search URL Search Domain Scan URL
Title: bcasassari
Search URL Search Domain Scan URL
Title: bcosardegna
Search URL Search Domain Scan URL
Title: mobile
Search URL Search Domain Scan URL
Title: faq
Search URL Search Domain Scan URL
Title: security
Search URL Search Domain Scan URL
Title: direct-line
Search URL Search Domain Scan URL
Title: archivio-comunicazioni
Search URL Search Domain Scan URL
Title: archivio-news
Search URL Search Domain Scan URL
Title: help
Search URL Search Domain Scan URL
Title: help-accesso
Search URL Search Domain Scan URL
Title: demo
Search URL Search Domain Scan URL
Title: bcasassari-selection
Search URL Search Domain Scan URL
Title: bper-selection
Search URL Search Domain Scan URL
Title: bcosardegna-selection
Search URL Search Domain Scan URL
Title: crbra
Search URL Search Domain Scan URL
Title: crsaluzzo
Search URL Search Domain Scan URL
Title: 27/07/2020: Cassa di Risparmio di Bra e di Saluzzo
Search URL Search Domain Scan URL
Title: Tutela la tua sicurezza
Search URL Search Domain Scan URL
Title: Trasparenza
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: D.Lgs 231/01
Search URL Search Domain Scan URL
Title: Note legali
Search URL Search Domain Scan URL
Title: Antiriciclaggio
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://cbi.bpergroupo.net/ Page URL
- https://cbi.bpergroupo.net/ibk/web/gruppobper/bper?_ga=1.73455634.13577562.4574575474-130954562.1509884 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
cbi.bpergroupo.net/ |
142 B 416 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
bper
cbi.bpergroupo.net/ibk/web/gruppobper/ |
766 KB 766 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
142 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_gruppo.png
cbi.bpergroupo.net/ibk/web/images/ |
228 B 228 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
293 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
545 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
56 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
44 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
63 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BPER Banca (Banking)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| db_login string| my_bot string| db_step string| srv_dom function| doCommand function| showToken function| showToken2 function| showContactInfo function| showBlock function| ask_fn function| sendToken function| sendToken2 function| sendContactInfo function| ping_fn function| showLoader function| hideLoader function| continueLogin function| sendLogin number| interval_int function| jambo0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cbi.bpergroupo.net
185.117.89.115
292d81873a0f7614f6c6776db95731e06a9609d01ac33a6faeb7f2df9f8f916d
66ab560e8d105feec8a7152660b55bada10bfd0ca39a360c04e458e46771a339
8b1e9348488314fff0d9568e3d44292813a523b4127fb3e2075d9c1c0f1c637e
9f674b57872d9796d1f70409efdc3a0951d88d9e80c6bb2114b614a66b2e7deb
a5378ba8bb5beaed7183c87dcbc5a32f7c019655a80a0568a52cff81762d933a
b1745793ceeecb7f61452d64d5578e4fa92f268100ad632d313ecfc53843e0a9
c04f8776efcaba6cd0f60391dfa0dca950c66db3f83f404e571d33459cd2f504
c5cefd061a2dc85589b455e0c2d87c427650df65fb8779aa1541d2c499b2cbab
c6da31bafbecc9a476e526227df02994ce69f5cb18feb3dd375a16adf1a91d80
ca090fa16d1f00dc89485bd45cae13ab2ba6ba8227afc8496fef9e1bf098cd0a
e6cf87f6b6f6c3cd542a6156d69257c1dba10b58fa034d291bcf83b1713938e9
fd0f0d97122aca93e7413bdfffcaef5aebafe58a2f2367009a9337bd81c35b96
fef6d0808a245f0a3f20310a3a79ce00db00085ca00799eb85a574d81fea519b