urlscan.io logo urlscan.io
SecurityTrails logo

areariservata-divisioneconsumer.it-cc1089813.icu Open in urlscan Pro
176.121.14.103  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://areariservata.divisioneconsumer.it.per109912.icu/bper.php
Effective URL: https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/
Submission: On August 16 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 16 HTTP transactions. The main IP is 176.121.14.103, located in Ukraine and belongs to FLOWSPEC-AS, UA. The main domain is areariservata-divisioneconsumer.it-cc1089813.icu.
TLS certificate: Issued by RapidSSL RSA CA 2018 on August 16th 2019. Valid for: a year.
This is the only time areariservata-divisioneconsumer.it-cc1089813.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BPER Banca (Banking)

Domain & IP information

IP Address AS Autonomous System
3 19 176.121.14.103 210138 (FLOWSPEC-AS)
16 1
Domain Requested by
18 areariservata-divisioneconsumer.it-cc1089813.icu 2 redirects areariservata-divisioneconsumer.it-cc1089813.icu
1 areariservata.divisioneconsumer.it.per109912.icu 1 redirects
16 2

This site contains no links.

Subject Issuer Validity Valid
*.it-cc1089813.icu
RapidSSL RSA CA 2018		 2019-08-16 -
2020-08-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/
Frame ID: EE342062ACBDE9F4CC54DDABAC9C40AF
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://areariservata.divisioneconsumer.it.per109912.icu/bper.php HTTP 302
    https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/ Page URL
  2. https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404 HTTP 301
    https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/ HTTP 302
    https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /angular.*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

434 kB
Transfer

721 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://areariservata.divisioneconsumer.it.per109912.icu/bper.php HTTP 302
    https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/ Page URL
  2. https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404 HTTP 301
    https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/ HTTP 302
    https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://areariservata.divisioneconsumer.it.per109912.icu/bper.php HTTP 302
  • https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
areariservata-divisioneconsumer.it-cc1089813.icu/bper/
Redirect Chain
  • http://areariservata.divisioneconsumer.it.per109912.icu/bper.php
  • https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/
728 B
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
450df64c5806b0d698a5643c6a0c0e748deadaa5ddf931df5c3ce438acb86e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Host
areariservata-divisioneconsumer.it-cc1089813.icu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.6.2
Date
Fri, 16 Aug 2019 12:07:21 GMT
Content-Type
text/html
Content-Length
451
Connection
keep-alive
Set-Cookie
real=OK
Vary
Accept-Encoding
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin

Redirect headers

Server
nginx/1.6.2
Date
Fri, 16 Aug 2019 12:07:20 GMT
Content-Type
text/html
Content-Length
0
Connection
keep-alive
Location
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
Primary Request /
areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/
Redirect Chain
  • https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404?
  • https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/
  • https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
Requested by
Host: areariservata-divisioneconsumer.it-cc1089813.icu
URL: https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
c84a173d436ee6ba3683ba763a162cc66561d07bfabc3d5d1f72084be645206b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Host
areariservata-divisioneconsumer.it-cc1089813.icu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/
Accept-Encoding
gzip, deflate, br
Cookie
bid=1f382b13e7a00c30fafc61cbbd733404; real=OK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/

Response headers

Server
nginx/1.6.2
Date
Fri, 16 Aug 2019 12:07:23 GMT
Content-Type
text/html
Content-Length
3864
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin

Redirect headers

Server
nginx/1.6.2
Date
Fri, 16 Aug 2019 12:07:23 GMT
Content-Type
text/html
Content-Length
0
Connection
keep-alive
Set-Cookie
bid=1f382b13e7a00c30fafc61cbbd733404
location
login/?
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
jquery.min.js
areariservata-divisioneconsumer.it-cc1089813.icu/bper/bower_components/jquery/dist/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/bower_components/jquery/dist/jquery.min.js
Requested by
Host: areariservata-divisioneconsumer.it-cc1089813.icu
URL: https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 12:07:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 05 Jun 2017 03:55:06 GMT
Server
nginx/1.6.2
ETag
"15283-5512e77ee3a80-gzip"
X-Frame-Options
sameorigin
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
30138
ua-parser.min.js
areariservata-divisioneconsumer.it-cc1089813.icu/bper/bower_components/ua-parser-js/dist/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/bower_components/ua-parser-js/dist/ua-parser.min.js
Requested by
Host: areariservata-divisioneconsumer.it-cc1089813.icu
URL: https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 12:07:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 12 Oct 2017 08:16:24 GMT
Server
nginx/1.6.2
ETag
"4298-55b5527f0e600-gzip"
X-Frame-Options
sameorigin
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
6063
font-awesome.min.css
areariservata-divisioneconsumer.it-cc1089813.icu/bper/bower_components/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/bower_components/font-awesome/css/font-awesome.min.css
Requested by
Host: areariservata-divisioneconsumer.it-cc1089813.icu
URL: https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 12:07:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 09 Apr 2017 04:29:24 GMT
Server
nginx/1.6.2
ETag
"7918-54cb44da47100-gzip"
X-Frame-Options
sameorigin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
7053
core_form.js
areariservata-divisioneconsumer.it-cc1089813.icu/bper/core/form/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/core/form/core_form.js
Requested by
Host: areariservata-divisioneconsumer.it-cc1089813.icu
URL: https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
b4ce77a7acef120be1e92f2227acb371504e3b34206759ad7a63cc82ac438e5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 12:07:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 07 Aug 2019 19:24:07 GMT
Server
nginx/1.6.2
ETag
"35dd-58f8be282c3c0-gzip"
X-Frame-Options
sameorigin
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
3567
core_form.css
areariservata-divisioneconsumer.it-cc1089813.icu/bper/core/form/ 		2 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/core/form/core_form.css
Requested by
Host: areariservata-divisioneconsumer.it-cc1089813.icu
URL: https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
f4d43829a46aca95eff47f13325a06f22c5c8c981cbe102d471508241446c581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 12:07:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 04 Aug 2019 20:55:31 GMT
Server
nginx/1.6.2
ETag
"639-58f50cfdbd6c0-gzip"
X-Frame-Options
sameorigin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
345
angular.min.js
areariservata-divisioneconsumer.it-cc1089813.icu/bper/bower_components/angular/ 		165 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/bower_components/angular/angular.min.js
Requested by
Host: areariservata-divisioneconsumer.it-cc1089813.icu
URL: https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 12:07:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 18 Aug 2017 14:37:28 GMT
Server
nginx/1.6.2
X-Frame-Options
sameorigin
ETag
"2937c-5570811783a00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
css.css
areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/form/ 		157 B
466 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/form/css.css
Requested by
Host: areariservata-divisioneconsumer.it-cc1089813.icu
URL: https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
1a12bc7f3b15ff510d0ac65d5d7a9c5353b8d771fe6cd6c6506948bea40b43ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 12:07:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 07 Aug 2019 14:47:29 GMT
Server
nginx/1.6.2
ETag
"9d-58f8805316240-gzip"
X-Frame-Options
sameorigin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
112
index.css
areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/ 		87 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/index.css
Requested by
Host: areariservata-divisioneconsumer.it-cc1089813.icu
URL: https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
26c3b7e1778f5a5279d603c2af26a8b3f07fb86844a3ff3d82070a120e0d3c93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 12:07:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 07 Aug 2019 14:45:15 GMT
Server
nginx/1.6.2
ETag
"15b1d-58f87fd34b4c0-gzip"
X-Frame-Options
sameorigin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
15341
form.js
areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/form/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/form/form.js?v=5d569cb3230ce
Requested by
Host: areariservata-divisioneconsumer.it-cc1089813.icu
URL: https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
a40599657bd23eed367961ca4816b7f86858756689de53d0f52cee9e4ec5cd79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 12:07:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 07 Aug 2019 19:19:44 GMT
Server
nginx/1.6.2
ETag
"dee-58f8bd2d5b400-gzip"
X-Frame-Options
sameorigin
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
884
ng.js
areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/ng/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/ng/ng.js?v=5d569cb323119
Requested by
Host: areariservata-divisioneconsumer.it-cc1089813.icu
URL: https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
39fbf43cb6fc839ee0ae557d1cfafad93a05898951e42bfeb1a6f4c0f4aa029c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 12:07:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 22 Jun 2019 13:45:21 GMT
Server
nginx/1.6.2
ETag
"1294-58be9ca495e40-gzip"
X-Frame-Options
sameorigin
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
1244
logo.svg
areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/logo.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
119624fdbe86eb1e53385691c8d23f7a5859709f0f30e0681be666aded0005f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 12:07:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Aug 2019 16:04:52 GMT
Server
nginx/1.6.2
ETag
"9f0-58f74fc189100"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2544
bkg.jpg
areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/ 		265 KB
265 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/bkg.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
4b84eadad722aa7a0b07007cad5428c925d0ad73cdf5969447f85433f44bed3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 12:07:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Aug 2019 16:04:52 GMT
Server
nginx/1.6.2
ETag
"424aa-58f74fc189100"
X-Frame-Options
sameorigin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
271530
bperfont.woff
areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/bperfont.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
a11a390d85994f33005e20cdae9eb8fb084624b5437dbaa69507e14fcc5e2654
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
cors
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/index.css
Origin
https://areariservata-divisioneconsumer.it-cc1089813.icu
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 12:07:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Aug 2019 16:04:52 GMT
Server
nginx/1.6.2
ETag
"3558-58f74fc189100"
X-Frame-Options
sameorigin
Content-Type
application/x-font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13656
glyphicons-halflings-regular.woff
areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/glyphicons-halflings-regular.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.121.14.103 , Ukraine, ASN210138 (FLOWSPEC-AS, UA),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
cors
Referer
https://areariservata-divisioneconsumer.it-cc1089813.icu/bper/login/index.css
Origin
https://areariservata-divisioneconsumer.it-cc1089813.icu
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 12:07:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Aug 2019 16:04:52 GMT
Server
nginx/1.6.2
ETag
"5b80-58f74fc189100"
X-Frame-Options
sameorigin
Content-Type
application/x-font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23424

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BPER Banca (Banking)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| UAParser function| ask_def_proxy function| next__ function| finish__ function| set_event function| def_plugin_data_receiver function| deep_json_parse object| cookies function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_with_day_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q function| EN function| send1 object| angular object| _0xa211 function| _kaktys_encode string| bid object| php_js object| app string| el object| sc_ object| loader_

2 Cookies

Domain/Path Name / Value
areariservata-divisioneconsumer.it-cc1089813.icu/bper Name: real
Value: OK
areariservata-divisioneconsumer.it-cc1089813.icu/bper/a1b2c3/1f382b13e7a00c30fafc61cbbd733404 Name: bid
Value: 1f382b13e7a00c30fafc61cbbd733404

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin