www.edatabook.com Open in urlscan Pro
103.145.50.153  Malicious Activity! Public Scan

Submitted URL: https://www.edatabook.com/bper/
Effective URL: https://www.edatabook.com/bper/auth/clients/login.php?verification
Submission: On August 01 via api from JP — Scanned from JP

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 103.145.50.153, located in India and belongs to QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN. The main domain is www.edatabook.com.
TLS certificate: Issued by R3 on June 13th 2023. Valid for: 3 months.
This is the only time www.edatabook.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BPER Banca (Banking)

Domain & IP information

IP Address AS Autonomous System
1 3 103.145.50.153 141004 (QTIME-AS-...)
2 2
Apex Domain
Subdomains
Transfer
3 edatabook.com
www.edatabook.com
2 MB
2 1
Domain Requested by
3 www.edatabook.com 1 redirects www.edatabook.com
2 1

This site contains links to these domains. Also see Links.

Domain
homebanking.bpergroup.net
www.bper.it
Subject Issuer Validity Valid
edatabook.com
R3
2023-06-13 -
2023-09-11
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.edatabook.com/bper/auth/clients/login.php?verification
Frame ID: 74DEF7251587C02FF14CAC562B1191F7
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Login

Page URL History Show full URLs

  1. https://www.edatabook.com/bper/ Page URL
  2. https://www.edatabook.com/bper/auth/index.php?pwd=UEh0cFFyRkA HTTP 302
    https://www.edatabook.com/bper/auth/clients/login.php?verification Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

2947 kB
Transfer

5863 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.edatabook.com/bper/ Page URL
  2. https://www.edatabook.com/bper/auth/index.php?pwd=UEh0cFFyRkA HTTP 302
    https://www.edatabook.com/bper/auth/clients/login.php?verification Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.edatabook.com/bper/
74 B
323 B
Document
General
Full URL
https://www.edatabook.com/bper/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.145.50.153 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS
vps.banksloan.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
88
Content-Type
text/html; charset=UTF-8
Date
Tue, 01 Aug 2023 07:33:19 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding
Primary Request login.php
www.edatabook.com/bper/auth/clients/
Redirect Chain
  • https://www.edatabook.com/bper/auth/index.php?pwd=UEh0cFFyRkA
  • https://www.edatabook.com/bper/auth/clients/login.php?verification
4 MB
2 MB
Document
General
Full URL
https://www.edatabook.com/bper/auth/clients/login.php?verification
Requested by
Host: www.edatabook.com
URL: https://www.edatabook.com/bper/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.145.50.153 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS
vps.banksloan.com
Software
Apache /
Resource Hash
5cf0b493d5ec70c7eb8b5c8458e95f34ee79697dcde1320810f197a59841f38d

Request headers

Referer
https://www.edatabook.com/bper/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 01 Aug 2023 07:33:21 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=98
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 01 Aug 2023 07:33:20 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Location
clients/login.php?verification#_
Pragma
no-cache
Server
Apache
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f64c1547d33c0d5a6ec2bea1296da06f8d1b876ff4b3bdc6e5151a1ca0c702c

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03b99f1b7c7d616204ee60056eee3d6b2d4153365131d606978ccbfc30404082

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
12 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60db760f7d5fd9c6b680ac00f719128ebd9fa9a30168e0d98f92ae7a66e4a5a5

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d7257d5d026cee2c8d3a673ed80ba236122bed9bf8504ca5cb846985e99c81a

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
13 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a81fd5d88908220d70c5c8af65732d0f63d1de0b5e413f658392b245c6402e7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
118 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d8d90b0d6790c92d58efb1cdb5074ab053686472b2c72bbf6c0b904330dd370

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
88 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
311167b08911270f63af4fc478295e4da13b546eba9d38a8146a23bd2bcdb313

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
684 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2e5d114edc565e7c290a9941bf9989c6113936537c397137400314e4098c745

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
885 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8a05f8286d745f6c593a532f7df92bb742c778b30083f1233e17df9478c9170

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
693 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c145e601056fb95cf4535f1c2d063aa04d0b85270aedc33de3c5c0cb87fc0caa

Request headers

Referer
Origin
https://www.edatabook.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
140 KB
140 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65c5f92b8c9b015ff9f30794e92f74863b2230a489f99d5f2eee31cc3caacc35

Request headers

Referer
Origin
https://www.edatabook.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/
81 KB
81 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf996a693d8c7b587ecb289bea2789e2141ab78c1ac33e5d1dbb7a7e2d83c69f

Request headers

Referer
Origin
https://www.edatabook.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/
143 KB
143 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76e69830b8d2953df45a0acfd2b6290a5f817145f048fce5620d15fc93ef7bb0

Request headers

Referer
Origin
https://www.edatabook.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/
91 KB
91 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cff4895f0f3bb9572b58947952cc8ea899933769b4cefe951caf630315ab39bd

Request headers

Referer
Origin
https://www.edatabook.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/
142 KB
142 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02c4d3b380dbd48f28aa31ae66172cdfbaac8ff940e3ebc9cfef7d853b73ea61

Request headers

Referer
Origin
https://www.edatabook.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/
140 KB
140 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92fa835eeba17c1cecced2b77b8442e56c64b849b38c9c45198abcc6f92da365

Request headers

Referer
Origin
https://www.edatabook.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a779ad318a4da0e360b8540a7db4a9353398d5eb877b6b86bd0e5e831ff855b9

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
3 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer
Origin
https://www.edatabook.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
application/octet-stream

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BPER Banca (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| savepage_ShadowLoader

1 Cookies

Domain/Path Name / Value
www.edatabook.com/ Name: PHPSESSID
Value: 7mblqusnkpkjji3p8u5sj1fi7t