bergen.cl
Open in
urlscan Pro
186.64.116.215
Malicious Activity!
Public Scan
Submission: On July 27 via automatic, source openphish
Summary
TLS certificate: Issued by R3 on July 10th 2021. Valid for: 3 months.
This is the only time bergen.cl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banca Monte dei Paschi (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 186.64.116.215 186.64.116.215 | 52368 (ZAM LTDA.) (ZAM LTDA.) | |
8 | 81.26.195.203 81.26.195.203 | 13018 (Banca Mon...) (Banca Monte Dei Paschi Di Siena) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
5 | 2a02:6ea0:c70... 2a02:6ea0:c700::4 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
1 | 3.120.69.250 3.120.69.250 | 16509 (AMAZON-02) (AMAZON-02) | |
19 | 6 |
ASN13018 (Banca Monte Dei Paschi Di Siena, IT)
PTR: digital.mps.it
digital.mps.it |
ASN60068 (CDN77 ^_^, GB)
www.smartsuppchat.com | |
widget-v2.smartsuppcdn.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-69-250.eu-central-1.compute.amazonaws.com
bootstrap.smartsuppchat.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
mps.it
digital.mps.it |
48 KB |
4 |
smartsuppcdn.com
widget-v2.smartsuppcdn.com |
212 KB |
2 |
smartsuppchat.com
www.smartsuppchat.com bootstrap.smartsuppchat.com |
8 KB |
1 |
jquery.com
code.jquery.com |
33 KB |
1 |
bergen.cl
bergen.cl |
18 KB |
19 | 5 |
Domain | Requested by | |
---|---|---|
8 | digital.mps.it |
bergen.cl
digital.mps.it |
4 | widget-v2.smartsuppcdn.com |
www.smartsuppchat.com
|
1 | bootstrap.smartsuppchat.com |
www.smartsuppchat.com
|
1 | www.smartsuppchat.com |
bergen.cl
|
1 | code.jquery.com |
bergen.cl
|
1 | bergen.cl | |
19 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
aziendaonline.mps.it |
ib.mps.it |
www.cartetitolari.mps.it |
www.carteaziende.mps.it |
www.mpshop.mps.it |
www.mps.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bergen.cl R3 |
2021-07-10 - 2021-10-08 |
3 months | crt.sh |
digital.mps.it Sectigo RSA Extended Validation Secure Server CA |
2020-03-25 - 2022-04-27 |
2 years | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
*.smartsuppchat.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2020-12-02 - 2021-12-30 |
a year | crt.sh |
*.smartsuppcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2020-11-03 - 2021-12-04 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://bergen.cl/
Frame ID: BBB55838B01D8DB374C480900D9DC126
Requests: 15 HTTP requests in this frame
Frame:
https://digital.mps.it/login.html
Frame ID: A28961735C9B2951F5E9BC4C6421537A
Requests: 1 HTTP requests in this frame
Frame:
https://widget-v2.smartsuppcdn.com/static/js/runtime-main.ad41bfad.js
Frame ID: 9D6D966E26784AAFAF70156D6DED2A0A
Requests: 3 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Title: PASKEY AZIENDAONLINE Corporate banking
Search URL Search Domain Scan URL
Title: PASKEY TESORERIA ONLINE E TRIBUNALI ONLINE Enti e istituzioni
Search URL Search Domain Scan URL
Title: PASKEY INTERNET BANKING Vecchia piattaforma
Search URL Search Domain Scan URL
Title: PORTALE CARTA MONTEPASCHI TITOLARI
Search URL Search Domain Scan URL
Title: PORTALE CARTA MONTEPASCHI AZIENDE
Search URL Search Domain Scan URL
Title: PORTALE ESERCENTI
Search URL Search Domain Scan URL
Title: SALDO CARTA PREPAGATA
Search URL Search Domain Scan URL
Title: DIFENDITI DALLE TRUFFE
Search URL Search Domain Scan URL
Title: HAI BISOGNO DI AIUTO?
Search URL Search Domain Scan URL
Title: Banca Monte dei Paschi di Siena S.p.A. GRUPPO IVA MPS - Partita IVA 01483500524
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
bergen.cl/ |
181 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
w.login.digitalBanking.min.css
digital.mps.it/cmn/assets/css/catalogo/ |
47 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-latest.min.js
code.jquery.com/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ext.js
digital.mps.it/cmn/assets/js/ |
25 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iconaSpeechAssistantred.png
digital.mps.it/libs/img/loginBI/ |
2 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
login.html
digital.mps.it/ Frame A289 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
montedeipaschi_logo_hd.png
digital.mps.it/libs/img/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
text-security-disc.woff2
digital.mps.it/cmn/font/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.smartsuppchat.com/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
info%20tooltip_UI.svg
digital.mps.it/cmn/assets/icons/catalogo/ |
999 B 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico_carte.svg
digital.mps.it/libs/img/loginBI/ |
1 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico_informazioni.svg
digital.mps.it/libs/img/loginBI/ |
2 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
76c55fb536a8a3965c8cd8c28546bd2c38f6704f.json
bootstrap.smartsuppchat.com/widget/ |
909 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asset-manifest.json
widget-v2.smartsuppcdn.com/ |
1 KB 659 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-main.ad41bfad.js
widget-v2.smartsuppcdn.com/static/js/ Frame 9D6D |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.59af7861.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 9D6D |
655 KB 185 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.e0f31f64.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 9D6D |
103 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
text-security-disc.woff
digital.mps.it/cmn/font/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
text-security-disc.ttf
digital.mps.it/cmn/font/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- digital.mps.it
- URL
- https://digital.mps.it/cmn/font/text-security-disc.woff2
- Domain
- digital.mps.it
- URL
- https://digital.mps.it/cmn/font/text-security-disc.woff
- Domain
- digital.mps.it
- URL
- https://digital.mps.it/cmn/font/text-security-disc.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banca Monte dei Paschi (Banking)36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| encodeHTML function| unescapeHTML function| escapeHTML function| open_win object| pagespeed function| reloadCaptcha2Step function| open_infoMT object| userSelectionLast object| userSelectionFirst function| registerUsername function| registerPwd function| registerUser function| soloNumeri function| hideOverlay object| _smartsupp function| smartsupp object| userSelectionLinkPk function| setImmediate function| clearImmediate boolean| SMARTSUPP_LOADED object| $smartsupp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubdomains; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bergen.cl
bootstrap.smartsuppchat.com
code.jquery.com
digital.mps.it
widget-v2.smartsuppcdn.com
www.smartsuppchat.com
digital.mps.it
186.64.116.215
2001:4de0:ac18::1:a:2b
2a02:6ea0:c700::4
3.120.69.250
81.26.195.203
0723be3bac2e41d6d7aa267af24f45a7240d74ead82a130765f83fc6fbf19723
0a0c6433b58c72136375414d6f7a6a511932eeaac396f7c0991a2b953fa2eaaa
41ca02e3458b9d04dd5e6389fb05eef44f1ad5a4d0db0748223f3d37412abd44
4cc5538409245f39f02560f6819be202d962c4dc0920ed4d8004571e1af8faa4
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6bff1f97adff914018d79780010c0dd6ca0c322d7d7a9d24a711f2fe838e99c8
7b487c27e8f58205e6365f7eb2201d9b33c0708ce8580abdce450e3be84e9fdb
9c9b26055379437522e81d6ad02ec43de51199f7ee3ad2fb8a7f6ab3a44efccf
a1b0c4b6f9c00ab5258e2f364ad836c683d739bfeaee769f7294841883c46858
b4bfeb1be6e77a5be771c7f615d36199e05607a8d10e4d188c994a05948bd39e
b989e87444353500fa31829b5814b69d053f5e5553bfff4fcb26a38f76e0f08e
d46dda2fab1d8fe763cec3ef41291116c4df2667bdb89448b37fbc342249924a
dc51724305ec27522136b466ec23979c57608358da3c356a2d9dabbce6a2efa6
dce1ef97918fc59c451051e33a16dab9b9e5090f64c5ff14e2776b00db185d01
fbada2455fee9aca709cc4d9fc879bca09ae9df11ea93a39b0b9783277f43c40