urlscan.io logo urlscan.io
SecurityTrails logo

verifica-conto.64-226-106-164.cprapid.com Open in urlscan Pro
64.226.106.164  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://8w2q.short.gy/Bper
Effective URL: https://verifica-conto.64-226-106-164.cprapid.com/bper/
Submission: On April 18 via api from GB — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 64.226.106.164, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is verifica-conto.64-226-106-164.cprapid.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 17th 2023. Valid for: 3 months.
This is the only time verifica-conto.64-226-106-164.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BPER Banca (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 52.59.165.42 16509 (AMAZON-02)
7 64.226.106.164 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 18.197.84.20 16509 (AMAZON-02)
5 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
17 6
1    52.59.165.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: eu-ip-1.short.io
8w2q.short.gy
7    64.226.106.164 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
verifica-conto.64-226-106-164.cprapid.com
1    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
www.smartsuppchat.com
1    18.197.84.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-84-20.eu-central-1.compute.amazonaws.com
bootstrap.smartsuppchat.com
5    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
widget-v2.smartsuppcdn.com
translations.smartsuppcdn.com
2    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
rec.smartlook.com
Apex Domain
Subdomains		 Transfer
7 cprapid.com
verifica-conto.64-226-106-164.cprapid.com
240 KB
5 smartsuppcdn.com
widget-v2.smartsuppcdn.com — Cisco Umbrella Rank: 53558
translations.smartsuppcdn.com — Cisco Umbrella Rank: 46641
194 KB
2 smartlook.com
rec.smartlook.com — Cisco Umbrella Rank: 26702
18 KB
2 smartsuppchat.com
www.smartsuppchat.com — Cisco Umbrella Rank: 43602
bootstrap.smartsuppchat.com — Cisco Umbrella Rank: 41425
6 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1180
4 KB
1 short.gy
8w2q.short.gy
357 B
17 6
Domain Requested by
7 verifica-conto.64-226-106-164.cprapid.com verifica-conto.64-226-106-164.cprapid.com
4 widget-v2.smartsuppcdn.com www.smartsuppchat.com
2 rec.smartlook.com widget-v2.smartsuppcdn.com
rec.smartlook.com
1 translations.smartsuppcdn.com widget-v2.smartsuppcdn.com
1 bootstrap.smartsuppchat.com www.smartsuppchat.com
1 www.smartsuppchat.com verifica-conto.64-226-106-164.cprapid.com
1 unpkg.com verifica-conto.64-226-106-164.cprapid.com
1 8w2q.short.gy 1 redirects
17 8

This site contains no links.

Subject Issuer Validity Valid
verifica-conto.64-226-106-164.cprapid.com
cPanel, Inc. Certification Authority		 2023-04-17 -
2023-07-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-01 -
2023-06-01		 a year crt.sh
*.smartsuppchat.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-30 -
2023-12-29		 a year crt.sh
*.smartsuppcdn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-10-19 -
2023-11-19		 a year crt.sh
1610534878.rsc.cdn77.org
R3		 2023-03-23 -
2023-06-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://verifica-conto.64-226-106-164.cprapid.com/bper/
Frame ID: D58EB529CC7B30A1AEE390D8E98ACCAB
Requests: 13 HTTP requests in this frame

Frame: https://widget-v2.smartsuppcdn.com/static/js/runtime-main.476fedce.js
Frame ID: 5FD95E635A8D904E162C8E18AAECB7A6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BPER

Page URL History Show full URLs

  1. https://8w2q.short.gy/Bper HTTP 302
    https://verifica-conto.64-226-106-164.cprapid.com/bper/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]+(?:([\d.])+/)?pure(?:-min)?\.css
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

8
Subdomains

6
IPs

2
Countries

462 kB
Transfer

983 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://8w2q.short.gy/Bper HTTP 302
    https://verifica-conto.64-226-106-164.cprapid.com/bper/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
verifica-conto.64-226-106-164.cprapid.com/bper/
Redirect Chain
  • https://8w2q.short.gy/Bper
  • https://verifica-conto.64-226-106-164.cprapid.com/bper/
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://verifica-conto.64-226-106-164.cprapid.com/bper/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.226.106.164 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
8548eea5fc0d882cba2c438ac6d8e4ac24e9236f3b336eb7b8c7701fc251ee52

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
it-IT,it;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 18 Apr 2023 09:00:02 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Date
Tue, 18 Apr 2023 09:00:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
connection
close
content-length
0
content-type
text/html; charset=utf-8
location
https://verifica-conto.64-226-106-164.cprapid.com/bper/
pragma
no-cache
x-content-type-options
nosniff
x-powered-by
Short.io link shortener
logo1.jpg
verifica-conto.64-226-106-164.cprapid.com/bper/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verifica-conto.64-226-106-164.cprapid.com/bper/logo1.jpg
Requested by
Host: verifica-conto.64-226-106-164.cprapid.com
URL: https://verifica-conto.64-226-106-164.cprapid.com/bper/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.226.106.164 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
5000659534ad5673ed8f0292fe8942fe248e552d4a05ce3d580ad8a9ec560a5d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://verifica-conto.64-226-106-164.cprapid.com/bper/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 18 Apr 2023 09:00:02 GMT
Last-Modified
Tue, 22 Feb 2022 23:46:38 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
14124
pure-min.css
unpkg.com/purecss@2.0.5/build/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/purecss@2.0.5/build/pure-min.css
Requested by
Host: verifica-conto.64-226-106-164.cprapid.com
URL: https://verifica-conto.64-226-106-164.cprapid.com/bper/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0b11cc95b046dabdab9a5bbe9c3035d2db1d7036e644acbb9e00b7c639f3f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://verifica-conto.64-226-106-164.cprapid.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Apr 2023 09:00:02 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1168965
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GX6YN8PQ27A527VJFGDXNYTG-fra
server
cloudflare
etag
W/"4195-XLNKX4yxaMYG7+jslQdUA8knpHQ"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7b9bb7139e3759a1-MXP
jquery-latest.min.js
verifica-conto.64-226-106-164.cprapid.com/bper/ 		84 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://verifica-conto.64-226-106-164.cprapid.com/bper/jquery-latest.min.js
Requested by
Host: verifica-conto.64-226-106-164.cprapid.com
URL: https://verifica-conto.64-226-106-164.cprapid.com/bper/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.226.106.164 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://verifica-conto.64-226-106-164.cprapid.com/bper/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 18 Apr 2023 09:00:02 GMT
Last-Modified
Tue, 26 Jan 2021 23:41:18 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
85578
jquery.payform.min.js
verifica-conto.64-226-106-164.cprapid.com/bper/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://verifica-conto.64-226-106-164.cprapid.com/bper/jquery.payform.min.js
Requested by
Host: verifica-conto.64-226-106-164.cprapid.com
URL: https://verifica-conto.64-226-106-164.cprapid.com/bper/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.226.106.164 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
ddda7da0b1510e2f6916258890d06a64da32e94be54489117ff249f4630fd999

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://verifica-conto.64-226-106-164.cprapid.com/bper/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 18 Apr 2023 09:00:02 GMT
Last-Modified
Thu, 24 Jan 2019 00:57:24 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
16385
bperlogo.jpg
verifica-conto.64-226-106-164.cprapid.com/bper/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verifica-conto.64-226-106-164.cprapid.com/bper/bperlogo.jpg
Requested by
Host: verifica-conto.64-226-106-164.cprapid.com
URL: https://verifica-conto.64-226-106-164.cprapid.com/bper/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.226.106.164 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
d9ae869c3dd00f983666dde345708c6939f7f9f2c40077524de594c7783a7951

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://verifica-conto.64-226-106-164.cprapid.com/bper/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 18 Apr 2023 09:00:02 GMT
Last-Modified
Tue, 22 Feb 2022 23:49:18 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
15275
barra.jpg
verifica-conto.64-226-106-164.cprapid.com/bper/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verifica-conto.64-226-106-164.cprapid.com/bper/barra.jpg
Requested by
Host: verifica-conto.64-226-106-164.cprapid.com
URL: https://verifica-conto.64-226-106-164.cprapid.com/bper/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.226.106.164 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
4712e2649e9407f997c8708642b3f01a854b61f686d39b4f40979eef1219b2d1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://verifica-conto.64-226-106-164.cprapid.com/bper/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 18 Apr 2023 09:00:02 GMT
Last-Modified
Tue, 22 Feb 2022 23:51:08 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7999
loader.js
www.smartsuppchat.com/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.smartsuppchat.com/loader.js?
Requested by
Host: verifica-conto.64-226-106-164.cprapid.com
URL: https://verifica-conto.64-226-106-164.cprapid.com/bper/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a1f452567983dc505d5514cba4297e731be583360051d053579888f4b2422aff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://verifica-conto.64-226-106-164.cprapid.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-77-pop
frankfurtDE
date
Tue, 18 Apr 2023 09:00:02 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
50
x-accel-date
1681808352
x-77-nzt
AcO1rgVF9hr/MgAAAA
x-accel-expires
@1681808412
last-modified
Mon, 13 Mar 2023 07:47:07 GMT
server
CDN77-Turbo
etag
W/"640ed4fb-4a0b"
x-77-nzt-ray
25b02131f208c9b3125c3e64ce4bad2e
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300, public, s-maxage=60
expires
Mon, 13 Mar 2023 07:54:04 GMT
f730ce6b125928f62b20ed2c3ac28af339e9231a.json
bootstrap.smartsuppchat.com/widget/ 		1 KB
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bootstrap.smartsuppchat.com/widget/f730ce6b125928f62b20ed2c3ac28af339e9231a.json
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.84.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-84-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
03145182ccaf2db97271651a21ca8d3e0ad8c8935092ff7e32c7c93b01988f40

Request headers

Referer
https://verifica-conto.64-226-106-164.cprapid.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

x-version
62713eedc1f171511be259caec0493e3a10586ea
date
Tue, 18 Apr 2023 09:00:02 GMT
content-encoding
br
x-hit
redis
etag
"504-VhJFqMQhuuXBTR0OSbu0ZyDTgVE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=0, must-revalidate
asset-manifest.json
widget-v2.smartsuppcdn.com/ 		2 KB
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget-v2.smartsuppcdn.com/asset-manifest.json
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3c22a548522722679df65b3fe11b4852396ccd5a3684f611d7980738c50464fc

Request headers

Referer
https://verifica-conto.64-226-106-164.cprapid.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

x-77-pop
frankfurtDE
date
Tue, 18 Apr 2023 09:00:03 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
31
x-77-nzt
Abk73BDCRbn/HwAAAA
x-accel-expires
@1681808432
last-modified
Mon, 13 Feb 2023 08:33:32 GMT
server
CDN77-Turbo
etag
W/"63e9f5dc-6ce"
x-77-nzt-ray
90833930181dd8e7135c3e64cdd7b403
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300, public, s-maxage=60
expires
Mon, 13 Feb 2023 09:26:49 GMT
runtime-main.476fedce.js
widget-v2.smartsuppcdn.com/static/js/ Frame 5FD9 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v2.smartsuppcdn.com/static/js/runtime-main.476fedce.js
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
36699b912ca380a373d5de1978a2055e6112c7727e6b5041d66a77a6be407b50

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-77-pop
frankfurtDE
date
Tue, 18 Apr 2023 09:00:03 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
5528315
x-77-nzt
Abk73BCU9pn/+1pUAA
x-accel-expires
@1707816088
last-modified
Mon, 13 Feb 2023 08:33:32 GMT
server
CDN77-Turbo
etag
W/"63e9f5dc-9bd"
x-77-nzt-ray
908339302c2883ea135c3e64a90f6f0b
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable
expires
Tue, 13 Feb 2024 09:21:28 GMT
6.80b8e19c.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 5FD9 		525 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v2.smartsuppcdn.com/static/js/6.80b8e19c.chunk.js
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f4123664f2a6fb1437f5dae6df0748307b6baa8243c11fe364ddc8f409556575

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-77-pop
frankfurtDE
date
Tue, 18 Apr 2023 09:00:03 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
5528308
x-77-nzt
Abk73BBz623/9FpUAA
x-accel-expires
@1707816095
last-modified
Mon, 13 Feb 2023 08:33:32 GMT
server
CDN77-Turbo
etag
W/"63e9f5dc-8338c"
x-77-nzt-ray
908339302c2883ea135c3e6466b2740b
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable
expires
Tue, 13 Feb 2024 09:21:35 GMT
main.3c944932.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 5FD9 		115 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v2.smartsuppcdn.com/static/js/main.3c944932.chunk.js
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6fd15847073c063cb948b5cc2e9a1bc5976392aef4d50b9434bd50a61da59405

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-77-pop
frankfurtDE
date
Tue, 18 Apr 2023 09:00:03 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
5528308
x-77-nzt
Abk73BDjIdH/9FpUAA
x-accel-expires
@1707816095
last-modified
Mon, 13 Feb 2023 08:33:32 GMT
server
CDN77-Turbo
etag
W/"63e9f5dc-1cc88"
x-77-nzt-ray
908339302c2883ea135c3e646f34d00b
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable
expires
Tue, 13 Feb 2024 09:21:35 GMT
recorder.js
rec.smartlook.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.smartlook.com/recorder.js
Requested by
Host: widget-v2.smartsuppcdn.com
URL: https://widget-v2.smartsuppcdn.com/static/js/main.3c944932.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1ad69d0d5d31b02e9d63a18efed5bb99114c1cfe6c7297f1129d435561991fa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://verifica-conto.64-226-106-164.cprapid.com/
Origin
https://verifica-conto.64-226-106-164.cprapid.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-77-pop
frankfurtDE
date
Tue, 18 Apr 2023 09:00:03 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
145
x-77-nzt
AZySIRkPuYL/kQAAAA
x-accel-expires
@1681808858
last-modified
Tue, 18 Apr 2023 07:47:29 GMT
server
CDN77-Turbo
etag
W/"643e4b11-e8b"
x-77-nzt-ray
cf8787277895b128135c3e64f28c4e22
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
defaults
translations.smartsuppcdn.com/api/v1/widget/translations/lang/it/ Frame 5FD9 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://translations.smartsuppcdn.com/api/v1/widget/translations/lang/it/defaults
Requested by
Host: widget-v2.smartsuppcdn.com
URL: https://widget-v2.smartsuppcdn.com/static/js/6.80b8e19c.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6ebcc7afa8e809193927c99f2b2f1508f1f2e85fbe580e5534e7aadc5f62dc97

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-77-pop
frankfurtDE
x-version
00e9510a99a354a3e638456c70a09a41ab56ce80
date
Tue, 18 Apr 2023 09:00:03 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
39
x-response-time
0ms
x-77-nzt
Abk73BCE4en/JwAAAA
x-accel-expires
@1681808964
server
CDN77-Turbo
x-77-nzt-ray
90833930181dd8e7135c3e6407a7451d
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
init.832b29f132c1628fc0e1.js
rec.smartlook.com/es6/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.smartlook.com/es6/init.832b29f132c1628fc0e1.js
Requested by
Host: rec.smartlook.com
URL: https://rec.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
61980bdfee2e8d6990b4f1f5e1ef67b51f9249e01d93046ec7aac094214adcb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://verifica-conto.64-226-106-164.cprapid.com/
Origin
https://verifica-conto.64-226-106-164.cprapid.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-77-pop
frankfurtDE
date
Tue, 18 Apr 2023 09:00:03 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
3149
x-77-nzt
AZySIRnEVz3/TQwAAA
x-accel-expires
@1713341254
last-modified
Tue, 18 Apr 2023 07:47:29 GMT
server
CDN77-Turbo
etag
W/"643e4b11-de50"
x-77-nzt-ray
cf8787277895b128135c3e64ab01f624
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
unicredit-regular.otf
verifica-conto.64-226-106-164.cprapid.com/bper/fonts/ 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://verifica-conto.64-226-106-164.cprapid.com/bper/fonts/unicredit-regular.otf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.226.106.164 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
fb3eee259238bb8f097a10f92ad30df49fe02fa3889ee4ee64407514840383a5

Request headers

Referer
https://verifica-conto.64-226-106-164.cprapid.com/bper/
Origin
https://verifica-conto.64-226-106-164.cprapid.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 18 Apr 2023 09:00:05 GMT
Last-Modified
Tue, 22 Feb 2022 15:31:12 GMT
Server
Apache
Content-Type
font/otf
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
100032

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BPER Banca (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery object| _smartsupp function| smartsupp boolean| SMARTSUPP_LOADED object| $smartsupp function| smartlook object| webpackChunk_smartlook_recorder

3 Cookies

Domain/Path Name / Value
verifica-conto.64-226-106-164.cprapid.com/bper Name: COOKIE_KEY
Value: 168180840217
verifica-conto.64-226-106-164.cprapid.com/ Name: ssupp.vid
Value: vix6rY8fqx-Kz
verifica-conto.64-226-106-164.cprapid.com/ Name: ssupp.visits
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8w2q.short.gy
bootstrap.smartsuppchat.com
rec.smartlook.com
translations.smartsuppcdn.com
unpkg.com
verifica-conto.64-226-106-164.cprapid.com
widget-v2.smartsuppcdn.com
www.smartsuppchat.com
18.197.84.20
2606:4700::6810:7eaf
2a02:6ea0:c700::10
2a02:6ea0:c700::11
2a02:6ea0:c700::18
52.59.165.42
64.226.106.164
03145182ccaf2db97271651a21ca8d3e0ad8c8935092ff7e32c7c93b01988f40
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1ad69d0d5d31b02e9d63a18efed5bb99114c1cfe6c7297f1129d435561991fa9
2d0b11cc95b046dabdab9a5bbe9c3035d2db1d7036e644acbb9e00b7c639f3f6
36699b912ca380a373d5de1978a2055e6112c7727e6b5041d66a77a6be407b50
3c22a548522722679df65b3fe11b4852396ccd5a3684f611d7980738c50464fc
4712e2649e9407f997c8708642b3f01a854b61f686d39b4f40979eef1219b2d1
5000659534ad5673ed8f0292fe8942fe248e552d4a05ce3d580ad8a9ec560a5d
61980bdfee2e8d6990b4f1f5e1ef67b51f9249e01d93046ec7aac094214adcb8
6ebcc7afa8e809193927c99f2b2f1508f1f2e85fbe580e5534e7aadc5f62dc97
6fd15847073c063cb948b5cc2e9a1bc5976392aef4d50b9434bd50a61da59405
8548eea5fc0d882cba2c438ac6d8e4ac24e9236f3b336eb7b8c7701fc251ee52
a1f452567983dc505d5514cba4297e731be583360051d053579888f4b2422aff
d9ae869c3dd00f983666dde345708c6939f7f9f2c40077524de594c7783a7951
ddda7da0b1510e2f6916258890d06a64da32e94be54489117ff249f4630fd999
f4123664f2a6fb1437f5dae6df0748307b6baa8243c11fe364ddc8f409556575
fb3eee259238bb8f097a10f92ad30df49fe02fa3889ee4ee64407514840383a5