progvig.ir
Open in
urlscan Pro
185.18.215.15
Malicious Activity!
Public Scan
Submission: On March 14 via api from IT — Scanned from IT
Summary
TLS certificate: Issued by R3 on February 7th 2023. Valid for: 3 months.
This is the only time progvig.ir was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banca Intesa Sanpaolo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 185.18.215.15 185.18.215.15 | 48715 (SEFROYEKP...) (SEFROYEKPARDAZENG-AS Sefroyek Pardaz Engineering Company) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a02:6ea0:c70... 2a02:6ea0:c700::18 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
16 | 4 |
ASN48715 (SEFROYEKPARDAZENG-AS Sefroyek Pardaz Engineering Company, IR)
PTR: wh3.webalfa.net
progvig.ir |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
progvig.ir
1 redirects
progvig.ir |
227 KB |
1 |
gstatic.com
fonts.gstatic.com |
44 KB |
1 |
nicepagecdn.com
assets.nicepagecdn.com — Cisco Umbrella Rank: 538837 |
329 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34 |
2 KB |
16 | 4 |
Domain | Requested by | |
---|---|---|
14 | progvig.ir |
1 redirects
progvig.ir
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | assets.nicepagecdn.com |
progvig.ir
|
1 | fonts.googleapis.com |
progvig.ir
|
16 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
nicepage.com |
nicepage.cloud |
facebook.com |
twitter.com |
instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.khaninejad.progvig.ir R3 |
2023-02-07 - 2023-05-08 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-02-20 - 2023-05-15 |
3 months | crt.sh |
1071178158.rsc.cdn77.org R3 |
2023-01-24 - 2023-04-24 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-02-20 - 2023-05-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://progvig.ir/verifica-intesasanpaolo/
Frame ID: D1A7C4E4A6B2E1724E71377AAA54A301
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
HomePage URL History Show full URLs
-
https://progvig.ir/verifica-intesasanpaolo
HTTP 301
https://progvig.ir/verifica-intesasanpaolo/ Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: APRI XME CONTO
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://progvig.ir/verifica-intesasanpaolo
HTTP 301
https://progvig.ir/verifica-intesasanpaolo/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
progvig.ir/verifica-intesasanpaolo/ Redirect Chain
|
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nicepage.css
progvig.ir/verifica-intesasanpaolo/ |
1 MB 85 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Home.css
progvig.ir/verifica-intesasanpaolo/ |
2 KB 603 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.9.1.min.js
progvig.ir/verifica-intesasanpaolo/ |
90 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nicepage.js
progvig.ir/verifica-intesasanpaolo/ |
284 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
55 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-parla-con-noi.png
progvig.ir/verifica-intesasanpaolo/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1828859-233e7caf.png
progvig.ir/verifica-intesasanpaolo/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
748137-f23d1f36.png
progvig.ir/verifica-intesasanpaolo/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2889676-60620c2c.png
progvig.ir/verifica-intesasanpaolo/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-intesasanpaolo.png
progvig.ir/verifica-intesasanpaolo/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3031293-f17c21bf.png
progvig.ir/verifica-intesasanpaolo/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utente_ok_green.png
progvig.ir/verifica-intesasanpaolo/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2889676.png
progvig.ir/verifica-intesasanpaolo/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pexels-andrea-piacquadio-3791666.jpg
assets.nicepagecdn.com/27ffa556/4204576/images/ |
328 KB 329 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banca Intesa Sanpaolo (Banking)42 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery object| cssBgParser function| ResponsiveMenu function| MailChimpForm object| jQuery19107865755189483372 object| bootstrap function| loadMapsContent function| mapIframeApiReady object| MapsLoader function| Lightbox object| Utility object| skrollr function| Waypoint function| WaypointAdapter function| _npStickyStack function| _npInitMenuLink function| AnimationInfo object| AnimationEventScroll function| AnimationEventSlider object| WillChangeHint function| AnimationFactory function| CountUp undefined| uAnimation object| _npScrollAnchor function| _npScrollSpyInit function| ImageZoom function| _npHorizontalLayoutSlider function| TabsControl function| _npTabsInit object| lazySizes object| _npLazyImages object| lazySizesConfig function| _npDialogsInit function| _npAccordionInit function| setImmediate function| clearImmediate object| sha256 function| _npAuthInit object| CountryList object| _responsive1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
progvig.ir/ | Name: PHPSESSID Value: be330b39041a9b399dea3c480d6088b7 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.nicepagecdn.com
fonts.googleapis.com
fonts.gstatic.com
progvig.ir
185.18.215.15
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200a
2a02:6ea0:c700::18
01021c2ccadf15cab9984d352f3ed8baee53b19ca9693a2696a833ad519340fa
04885833d94238efe955cbbec83cfb9340cc2d5ebd17d3dcc9556ef4ff644d53
559bde803d8dedb905509859f3c1d14c9837788f2d5cf6ee26f1518f528d0cf8
5b6c388830606607beac52792986c99b7b846afa5161eafb78686e234b99801e
6b06689bccae390944f9971ce567fd14166aeb03aeb661523781cec0b3deb96d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
9e5f7acbc049c135bfae2d725aa23aeced8e05320aadf2629ca8fa11f5dafb14
af48163da7ed2b30cde51f80f1000ea670cedfe33ae6c9fbbb020c3e90da9727
b9713aa2709fe26ac3ba42dd3ece508112c3684422bc8ab6f38f6304f7012262
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c9e0f616e448b649e438ead855c895ab69ea7000d1d9208bd2bf4fd226270309
cd71438b112b2484de48757ce5bc6c3e1c16526daf566178eacd9cd13e4413ed
d76dca061840d1088812bf329e70a714307f2a673b2a9d2911317d047dd263bb
e0fcab273e0c72094db26aa6a1dd0ba108d6df2a6a5ffbd8004c6435c3cfd33a
eef5f470f57578ce3b764fcc38d784627dcd7e193e5990fb3dcc71f522c35483
f55464945c202f9b96ab6bd1ebeae218637b435e1fb5944e9105d50e05ef23c0