securityapp.sviluppo.host
Open in
urlscan Pro
149.62.187.110
Malicious Activity!
Public Scan
Submission: On October 31 via manual from IT — Scanned from IT
Summary
TLS certificate: Issued by E6 on October 21st 2024. Valid for: 3 months.
This is the only time securityapp.sviluppo.host was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banca Popolare di Bari (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 149.62.187.110 149.62.187.110 | 47242 (HOST-SPA) (HOST-SPA) | |
6 | 193.148.39.134 193.148.39.134 | 13180 (CEDACRI-S...) (CEDACRI-SPA-COLLECCHIO Via Conventino) | |
16 | 3 |
ASN47242 (HOST-SPA, IT)
PTR: w3007.shared.host.it
securityapp.sviluppo.host |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
sviluppo.host
securityapp.sviluppo.host |
2 MB |
6 |
agenziabpb.it
ihb.agenziabpb.it |
754 KB |
16 | 2 |
Domain | Requested by | |
---|---|---|
8 | securityapp.sviluppo.host |
securityapp.sviluppo.host
|
6 | ihb.agenziabpb.it |
securityapp.sviluppo.host
|
16 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
ihb.agenziabpb.it |
www.bdmbanca.it |
www.popolarebari.it |
www.cariorvieto.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
securityapp.sviluppo.host E6 |
2024-10-21 - 2025-01-19 |
3 months | crt.sh |
ihb.agenziabpb.it DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-12 - 2025-03-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://securityapp.sviluppo.host/
Frame ID: F5DDCE5A543A20F37F5AB8580E988828
Requests: 16 HTTP requests in this frame
11 Outgoing links
These are links going to different origins than the main page.
Title: informativa alla privacy
Search URL Search Domain Scan URL
Title: Non ricordi la tua username? clicca qui. Te la invieremo al tuo indirizzo mail.
Search URL Search Domain Scan URL
Title: Scopri come effettuare l'accesso al servizio
Search URL Search Domain Scan URL
Title: Guida rapida nuova app Mi@
Search URL Search Domain Scan URL
Title: GUIDA PER TOKEN FISICO ONESPAN
Search URL Search Domain Scan URL
Title: Istruzioni operative disattivazione protocollo SSL 3.0 e attivazione TLS 1.0
Search URL Search Domain Scan URL
Title: Fogli Informativi BPB
Search URL Search Domain Scan URL
Title: ISC - Profili di Operatività BPB
Search URL Search Domain Scan URL
Title: Fogli Informativi CRO
Search URL Search Domain Scan URL
Title: ISC - Profili di Operatività CRO
Search URL Search Domain Scan URL
Title: qui
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
securityapp.sviluppo.host/ |
89 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preloader.css
securityapp.sviluppo.host/Home%20banking%20-%20Login_files/ |
215 B 514 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles-9487fe66bd.css
securityapp.sviluppo.host/Home%20banking%20-%20Login_files/ |
169 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-89de1abb0b.js.download
securityapp.sviluppo.host/Home%20banking%20-%20Login_files/ |
2 MB 2 MB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
templates-public-c83dd1ed06.js.download
securityapp.sviluppo.host/Home%20banking%20-%20Login_files/ |
227 KB 227 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hbng_style.css
securityapp.sviluppo.host/Home%20banking%20-%20Login_files/ |
334 KB 58 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hb2-logo.png
securityapp.sviluppo.host/Home%20banking%20-%20Login_files/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-logo.png
securityapp.sviluppo.host/Home%20banking%20-%20Login_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
V.png
ihb.agenziabpb.it/home-banking-ng/public/brand/05424/default/asset/images/menu/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Lato-Regular.woff2
ihb.agenziabpb.it/home-banking-ng/public/brand/05424/default/asset/fonts/ |
178 KB 180 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Lato-Black.woff2
ihb.agenziabpb.it/home-banking-ng/public/brand/05424/default/asset/fonts/ |
173 KB 174 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Lato-BoldItalic.woff2
ihb.agenziabpb.it/home-banking-ng/public/brand/05424/default/asset/fonts/ |
189 KB 190 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Lato-Bold.woff2
ihb.agenziabpb.it/home-banking-ng/public/brand/05424/default/asset/fonts/ |
181 KB 182 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoon1.ttf
ihb.agenziabpb.it/home-banking-ng/public/brand/05424/default/asset/fonts/ |
14 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon.ico
ihb.agenziabpb.it/home-banking-ng/public/brand/favicon/05424/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon.ico
ihb.agenziabpb.it/home-banking-ng/public/brand/favicon/05424/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ihb.agenziabpb.it
- URL
- https://ihb.agenziabpb.it/home-banking-ng/public/brand/favicon/05424/favicon.ico
- Domain
- ihb.agenziabpb.it
- URL
- https://ihb.agenziabpb.it/home-banking-ng/public/brand/favicon/05424/favicon.ico
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banca Popolare di Bari (Banking)82 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ngFileUpload function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| genRandomNumber function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| TimestampCollector object| UIEventCollector function| RSAUIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug object| angular object| @uirouter/angularjs function| moment object| d3 function| OverlayScrollbars function| SVGPathSeg function| SVGPathSegClosePath function| SVGPathSegMovetoAbs function| SVGPathSegMovetoRel function| SVGPathSegLinetoAbs function| SVGPathSegLinetoRel function| SVGPathSegCurvetoCubicAbs function| SVGPathSegCurvetoCubicRel function| SVGPathSegCurvetoQuadraticAbs function| SVGPathSegCurvetoQuadraticRel function| SVGPathSegArcAbs function| SVGPathSegArcRel function| SVGPathSegLinetoHorizontalAbs function| SVGPathSegLinetoHorizontalRel function| SVGPathSegLinetoVerticalAbs function| SVGPathSegLinetoVerticalRel function| SVGPathSegCurvetoCubicSmoothAbs function| SVGPathSegCurvetoCubicSmoothRel function| SVGPathSegCurvetoQuadraticSmoothAbs function| SVGPathSegCurvetoQuadraticSmoothRel function| SVGPathSegList object| c3 function| download function| filterCSS function| filterXSS function| forceIE89Synchronicity string| abi string| prodotto2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
securityapp.sviluppo.host/ | Name: PHPSESSID Value: 5ff5ac36bec26a7399bd335e3f61421e |
|
securityapp.sviluppo.host/ | Name: COOKIE_KEY Value: 173039030326 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ihb.agenziabpb.it
securityapp.sviluppo.host
ihb.agenziabpb.it
149.62.187.110
193.148.39.134
03a2bcccc4038a7c06081357f0414c904500f5de5d24803ac1a745c2b4999eb2
34bb46634d07ac579411823eb39fac1376b012257460066a98b95075d086ccdd
557168a0e879a958602ded62ecc97ccf5bee9b21b120d81647fc3d8f2bf80fb7
5b9457faa899589ac0e47bdfe0d33d7fd55593599d99a424dd1ec6ac0f766860
5f7b60300fca3ac28683d3707ba3b8c57a95a02781594af07d7bd3777f42555a
649a65f22ee8872281373093a2674eb4c1a45f1d6db4c85cd5340c2ab73e905a
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
9c356e0af3fb3c658c2b16af668d62e688dec5211d3a1eddc4910873ba5e0a57
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6
aee4c2f79374c2b524a8e201bb3072a0ef7200eae215bc9e999c51ddb278b69b
b1e83124d92829301ece6934b742d6f1aa74a3384e9554a56778790b2eb00e01
c0916a33340d063f7b05679e08031e729d1888444706f04804705da5966d895d
dab7fc4ee987c7c9ff10000b760774c87c09c25719893eaf7268191a7ed5923b
e8a93f5cc7a56eced4ecedc396661a22c4d8e075a43ed6f34ffb02571aa3c255