jge.dzl.mybluehost.me Open in urlscan Pro
50.6.153.174  Malicious Activity! Public Scan

URL: https://jge.dzl.mybluehost.me/wp-admin/it/web/login.php
Submission: On September 29 via manual from HU — Scanned from IT

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 50.6.153.174, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is jge.dzl.mybluehost.me.
TLS certificate: Issued by R11 on September 25th 2024. Valid for: 3 months.
This is the only time jge.dzl.mybluehost.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banca Intesa Sanpaolo (Banking)

Domain & IP information

IP Address AS Autonomous System
1 50.6.153.174 19871 (NETWORK-S...)
1 2
Apex Domain
Subdomains
Transfer
1 mybluehost.me
jge.dzl.mybluehost.me
3 MB
1 1
Domain Requested by
1 jge.dzl.mybluehost.me
1 1

This site contains links to these domains. Also see Links.

Domain
kulturportal-russland.de
Subject Issuer Validity Valid
www.jge.dzl.mybluehost.me
R11
2024-09-25 -
2024-12-24
3 months crt.sh

This page contains 4 frames:

Primary Page: https://jge.dzl.mybluehost.me/wp-admin/it/web/login.php
Frame ID: AC30DE91838AA9DA5CDD6B3E959E6923
Requests: 19 HTTP requests in this frame

Frame: data://truncated
Frame ID: 069D45D02F760284534E6F6A3188BAE3
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 076CFBA031C7C4F9F1D20EBD73C086A2
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 92603A84976C9000182002DE39B9165A
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Login - Entra - Intesa Sanpaolo

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

3607 kB
Transfer

6969 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
jge.dzl.mybluehost.me/wp-admin/it/web/
6 MB
3 MB
Document
General
Full URL
https://jge.dzl.mybluehost.me/wp-admin/it/web/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.6.153.174 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
50-6-153-174.unifiedlayer.com
Software
Apache /
Resource Hash
5540a46bc00ede6cf0b20e3334d2db719486bbcb4ef1237a7458d1693ae746e4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=7200
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 29 Sep 2024 23:10:06 GMT
expires
Mon, 30 Sep 2024 01:10:06 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
server
Apache
vary
Accept-Encoding
x-newfold-cache-level
2
truncated
/
252 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32249fe389cebcbbdd2af1b36852733e86a74d3cdbe5bcf0e13970d6fc21a340

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
26 KB
26 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://jge.dzl.mybluehost.me
Referer

Response headers

Content-Type
application/font-sfnt
truncated
/
769 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de06f4ebd0f89a97e88aaf43f277bfe3fd14727e9d57370c0b65faaf7940f656

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 069D
579 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0130c3c398e9a41a9f5ce8566ef6d7e769128c4c87258fd6f9faa0035cd4cae0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84266c4ff297f1fe0c23a7c1d5d294535ea69b535d7087e2364324da4bd9aeee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
951 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17b7f2840362d47098d3dc042df608243902df7f633ad8a286245bf3200cc677

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
559bde803d8dedb905509859f3c1d14c9837788f2d5cf6ee26f1518f528d0cf8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
714 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
854c668d48254817bbb177aba5ee2d0fa637e9a61adb0d80bfb774516cdd4e45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ed7d3df8b8695db881df15bbb972b5c9d3a61395ec890340da50a21a07ec7af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f224f63f26dc4e34bdff81e55d12c78a5657c707d1cf60bc4a99a99cf6667dd5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4eb5c5e47a8aed23a202e0ca94d3757d328b87c839ac926c61020d3dfcf3039d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9cf5ac56dd524668e1156759674215a9224dcaec961914e0e36c2c0efcb9bc0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8ee579b58e07fe98634a739561b1b0d9280de42377e460b0e839141b3ed480e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0baff927a4d1df435510b5898c1d3af367400fd8666073591e89958d6ef23a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
976 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02c87df433479915d5a72c18bb99c073dda7d7022c376d840ed2d5832fd89595

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 076C
579 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0130c3c398e9a41a9f5ce8566ef6d7e769128c4c87258fd6f9faa0035cd4cae0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af48163da7ed2b30cde51f80f1000ea670cedfe33ae6c9fbbb020c3e90da9727

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af13859e6c4fa7910d13f78d99dfb525908d4f21b4341895e9da0232619184e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eda84293ee27a68a1ed48c5e5b79196dd7ade814cb203e3e240fb7023e3a52b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
219 KB
219 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a763a7e062e07ecff7353150309fe9f272f111778232f4158f0a0525fc3d930

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://jge.dzl.mybluehost.me
Referer

Response headers

Content-Type
application/font-woff
truncated
/ Frame 9260
579 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0130c3c398e9a41a9f5ce8566ef6d7e769128c4c87258fd6f9faa0035cd4cae0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 9260
219 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://jge.dzl.mybluehost.me
Referer

Response headers

Content-Type
application/font-woff
truncated
/ Frame 9260
18 KB
18 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81f0ec27796225ea29f9f1c7b74f083edcd7bc97a09d5fc4e8d03c0134e62445

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://jge.dzl.mybluehost.me
Referer

Response headers

Content-Type
application/font-woff
truncated
/ Frame 9260
18 KB
18 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57c79375b1419ee1d984f443cda77c04b9b38c0be5330b2d41d65103115ffd72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://jge.dzl.mybluehost.me
Referer

Response headers

Content-Type
application/font-woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banca Intesa Sanpaolo (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| savepage_ShadowLoader

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

jge.dzl.mybluehost.me
50.6.153.174
0130c3c398e9a41a9f5ce8566ef6d7e769128c4c87258fd6f9faa0035cd4cae0
02c87df433479915d5a72c18bb99c073dda7d7022c376d840ed2d5832fd89595
0a763a7e062e07ecff7353150309fe9f272f111778232f4158f0a0525fc3d930
17b7f2840362d47098d3dc042df608243902df7f633ad8a286245bf3200cc677
2ed7d3df8b8695db881df15bbb972b5c9d3a61395ec890340da50a21a07ec7af
32249fe389cebcbbdd2af1b36852733e86a74d3cdbe5bcf0e13970d6fc21a340
4eb5c5e47a8aed23a202e0ca94d3757d328b87c839ac926c61020d3dfcf3039d
5540a46bc00ede6cf0b20e3334d2db719486bbcb4ef1237a7458d1693ae746e4
559bde803d8dedb905509859f3c1d14c9837788f2d5cf6ee26f1518f528d0cf8
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
57c79375b1419ee1d984f443cda77c04b9b38c0be5330b2d41d65103115ffd72
81f0ec27796225ea29f9f1c7b74f083edcd7bc97a09d5fc4e8d03c0134e62445
84266c4ff297f1fe0c23a7c1d5d294535ea69b535d7087e2364324da4bd9aeee
854c668d48254817bbb177aba5ee2d0fa637e9a61adb0d80bfb774516cdd4e45
af13859e6c4fa7910d13f78d99dfb525908d4f21b4341895e9da0232619184e6
af48163da7ed2b30cde51f80f1000ea670cedfe33ae6c9fbbb020c3e90da9727
b0baff927a4d1df435510b5898c1d3af367400fd8666073591e89958d6ef23a8
b9cf5ac56dd524668e1156759674215a9224dcaec961914e0e36c2c0efcb9bc0
de06f4ebd0f89a97e88aaf43f277bfe3fd14727e9d57370c0b65faaf7940f656
e8ee579b58e07fe98634a739561b1b0d9280de42377e460b0e839141b3ed480e
eda84293ee27a68a1ed48c5e5b79196dd7ade814cb203e3e240fb7023e3a52b5
f224f63f26dc4e34bdff81e55d12c78a5657c707d1cf60bc4a99a99cf6667dd5