URL: https://bergen.cl/
Submission: On July 27 via automatic, source openphish

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 19 HTTP transactions. The main IP is 186.64.116.215, located in Curicó, Chile and belongs to ZAM LTDA., CL. The main domain is bergen.cl.
TLS certificate: Issued by R3 on July 10th 2021. Valid for: 3 months.
This is the only time bergen.cl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banca Monte dei Paschi (Banking)

Domain & IP information

IP Address AS Autonomous System
1 186.64.116.215 52368 (ZAM LTDA.)
8 81.26.195.203 13018 (Banca Mon...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
5 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 3.120.69.250 16509 (AMAZON-02)
19 6
Domain Requested by
8 digital.mps.it bergen.cl
digital.mps.it
4 widget-v2.smartsuppcdn.com www.smartsuppchat.com
1 bootstrap.smartsuppchat.com www.smartsuppchat.com
1 www.smartsuppchat.com bergen.cl
1 code.jquery.com bergen.cl
1 bergen.cl
19 6
Subject Issuer Validity Valid
bergen.cl
R3
2021-07-10 -
2021-10-08
3 months crt.sh
digital.mps.it
Sectigo RSA Extended Validation Secure Server CA
2020-03-25 -
2022-04-27
2 years crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
*.smartsuppchat.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2020-12-02 -
2021-12-30
a year crt.sh
*.smartsuppcdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2020-11-03 -
2021-12-04
a year crt.sh

This page contains 3 frames:

Primary Page: https://bergen.cl/
Frame ID: BBB55838B01D8DB374C480900D9DC126
Requests: 15 HTTP requests in this frame

Frame: https://digital.mps.it/login.html
Frame ID: A28961735C9B2951F5E9BC4C6421537A
Requests: 1 HTTP requests in this frame

Frame: https://widget-v2.smartsuppcdn.com/static/js/runtime-main.ad41bfad.js
Frame ID: 9D6D966E26784AAFAF70156D6DED2A0A
Requests: 3 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

19
Requests

84 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

6
IPs

4
Countries

319 kB
Transfer

1150 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bergen.cl/
181 KB
18 KB
Document
General
Full URL
https://bergen.cl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.64.116.215 Curicó, Chile, ASN52368 (ZAM LTDA., CL),
Reverse DNS
mail.pyme81.pymedns.net
Software
Apache /
Resource Hash
fbada2455fee9aca709cc4d9fc879bca09ae9df11ea93a39b0b9783277f43c40
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

:method
GET
:authority
bergen.cl
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 13:42:07 GMT
server
Apache
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 11 Nov 2020 03:10:12 GMT
etag
"6e4a4dd-2d5f0-5b3cc2232ad00-gzip"
accept-ranges
bytes
cache-control
max-age=604800, must-revalidate
expires
Tue, 27 Jul 2021 13:42:07 GMT
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
w.login.digitalBanking.min.css
digital.mps.it/cmn/assets/css/catalogo/
47 KB
11 KB
Stylesheet
General
Full URL
https://digital.mps.it/cmn/assets/css/catalogo/w.login.digitalBanking.min.css?vers=1131606
Requested by
Host: bergen.cl
URL: https://bergen.cl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
digital.mps.it
Software
/
Resource Hash
7b487c27e8f58205e6365f7eb2201d9b33c0708ce8580abdce450e3be84e9fdb
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bergen.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 13:42:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
X-Original-Content-Length
47636
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
9604
X-Xss-Protection
1; mode=block
Access-Control-Allow-Headers
Content-Type
Last-Modified
Tue, 06 Jul 2021 12:31:20 GMT
X-Frame-Options
SAMEORIGIN
Etag
W/"PSA-FVzCgDKGRW"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Cache-Control
max-age=2592000
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Expires
Thu, 26 Aug 2021 13:22:58 GMT
jquery-latest.min.js
code.jquery.com/
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: bergen.cl
URL: https://bergen.cl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://bergen.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 13:42:07 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:08 GMT
server
nginx
etag
"54499a48-1762a"
vary
Accept-Encoding
x-hw
1627393327.dop236.fr8.t,1627393327.cds268.fr8.hc,1627393327.cds280.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33202
jquery-ext.js
digital.mps.it/cmn/assets/js/
25 KB
11 KB
Script
General
Full URL
https://digital.mps.it/cmn/assets/js/jquery-ext.js?vers=1131606
Requested by
Host: bergen.cl
URL: https://bergen.cl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
digital.mps.it
Software
/
Resource Hash
4cc5538409245f39f02560f6819be202d962c4dc0920ed4d8004571e1af8faa4
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bergen.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 13:42:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
X-Original-Content-Length
25288
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
9429
X-Xss-Protection
1; mode=block
Access-Control-Allow-Headers
Content-Type
Last-Modified
Tue, 06 Jul 2021 12:31:44 GMT
X-Frame-Options
SAMEORIGIN
Etag
W/"PSA-lw9dKP2uKY"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=2592000
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Expires
Thu, 26 Aug 2021 13:22:59 GMT
iconaSpeechAssistantred.png
digital.mps.it/libs/img/loginBI/
2 KB
4 KB
Image
General
Full URL
https://digital.mps.it/libs/img/loginBI/iconaSpeechAssistantred.png
Requested by
Host: bergen.cl
URL: https://bergen.cl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
digital.mps.it
Software
/
Resource Hash
d46dda2fab1d8fe763cec3ef41291116c4df2667bdb89448b37fbc342249924a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bergen.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Date
Tue, 27 Jul 2021 13:42:08 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-Xss-Protection
1; mode=block
Cache-Control
max-age=2590835
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
2394
Etag
W/"PSA-aj-ym2Ym0rtFb"
Keep-Alive
timeout=15, max=99
Expires
Thu, 26 Aug 2021 13:22:44 GMT
Cookie set login.html
digital.mps.it/ Frame A289
0
0
Document
General
Full URL
https://digital.mps.it/login.html
Requested by
Host: bergen.cl
URL: https://bergen.cl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
digital.mps.it
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
digital.mps.it
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bergen.cl/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bergen.cl/

Response headers

Date
Tue, 27 Jul 2021 13:42:08 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
Accept-Ranges
bytes
X-Mod-Pagespeed
1.11.33.2-0
Cache-Control
max-age=0, no-cache
Set-Cookie
dtCookie=|ZGlnaXRhbC5tcHMuaXR8MA; Path=/; Domain=.mps.it; Secure TS01d2b0ab=01eaad23890ad2fac84c5e7a88778ebeccca4d907091afab5dfca4f85bf580e6e6bdfa45fd3e38c5354a7e0f95fa786b1ff6c6d6af; Path=/; Secure; HTTPOnly TS01802bdf=01eaad2389dcfc0938056243168e83a90367552c5a91afab5dfca4f85bf580e6e6bdfa45fd8f666c87cb7372ed2406aa87eb77f86c41a62e690e584a9d2b38b0e9a64a522c; path=/; domain=.mps.it; HTTPonly; Secure
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Access-Control-Allow-Headers
Content-Type
Content-Length
13
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
montedeipaschi_logo_hd.png
digital.mps.it/libs/img/
11 KB
12 KB
Image
General
Full URL
https://digital.mps.it/libs/img/montedeipaschi_logo_hd.png
Requested by
Host: bergen.cl
URL: https://bergen.cl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
digital.mps.it
Software
/
Resource Hash
0a0c6433b58c72136375414d6f7a6a511932eeaac396f7c0991a2b953fa2eaaa
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bergen.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Date
Tue, 27 Jul 2021 13:42:08 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
X-Xss-Protection
1; mode=block
Cache-Control
max-age=2590826
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
10960
Etag
W/"PSA-aj-I0rwWqEAus"
Keep-Alive
timeout=15, max=98
Expires
Thu, 26 Aug 2021 13:22:35 GMT
text-security-disc.woff2
digital.mps.it/cmn/font/
0
0

loader.js
www.smartsuppchat.com/
23 KB
7 KB
Script
General
Full URL
https://www.smartsuppchat.com/loader.js?
Requested by
Host: bergen.cl
URL: https://bergen.cl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b4bfeb1be6e77a5be771c7f615d36199e05607a8d10e4d188c994a05948bd39e

Request headers

Referer
https://bergen.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzVOfv/vFAAAAA==
x-accel-expires
@1627393368
date
Tue, 27 Jul 2021 13:42:08 GMT
content-encoding
br
etag
W/"60b8ebb2-5bf5"
last-modified
Thu, 03 Jun 2021 14:48:18 GMT
server
CDN77-Turbo
x-77-nzt-ray
mEueiyyzNnQ=
x-77-cache
HIT
content-type
application/javascript
cache-control
max-age=300, public, s-maxage=60
x-cache
HIT
x-age
20
x-77-pop
frankfurtDE
expires
Thu, 03 Jun 2021 14:54:14 GMT
info%20tooltip_UI.svg
digital.mps.it/cmn/assets/icons/catalogo/
999 B
3 KB
Image
General
Full URL
https://digital.mps.it/cmn/assets/icons/catalogo/info%20tooltip_UI.svg
Requested by
Host: bergen.cl
URL: https://bergen.cl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
digital.mps.it
Software
/
Resource Hash
9c9b26055379437522e81d6ad02ec43de51199f7ee3ad2fb8a7f6ab3a44efccf
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bergen.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 13:42:08 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
999
X-Xss-Protection
1; mode=block
Access-Control-Allow-Headers
Content-Type
Last-Modified
Tue, 06 Jul 2021 12:30:24 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Expires
Thu, 26 Aug 2021 13:42:08 GMT
ico_carte.svg
digital.mps.it/libs/img/loginBI/
1 KB
3 KB
Image
General
Full URL
https://digital.mps.it/libs/img/loginBI/ico_carte.svg
Requested by
Host: bergen.cl
URL: https://bergen.cl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
digital.mps.it
Software
/
Resource Hash
b989e87444353500fa31829b5814b69d053f5e5553bfff4fcb26a38f76e0f08e
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bergen.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 13:42:08 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
1330
X-Xss-Protection
1; mode=block
Access-Control-Allow-Headers
Content-Type
Last-Modified
Tue, 06 Jul 2021 12:30:56 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Expires
Thu, 26 Aug 2021 13:42:08 GMT
ico_informazioni.svg
digital.mps.it/libs/img/loginBI/
2 KB
4 KB
Image
General
Full URL
https://digital.mps.it/libs/img/loginBI/ico_informazioni.svg
Requested by
Host: bergen.cl
URL: https://bergen.cl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.26.195.203 , Italy, ASN13018 (Banca Monte Dei Paschi Di Siena, IT),
Reverse DNS
digital.mps.it
Software
/
Resource Hash
0723be3bac2e41d6d7aa267af24f45a7240d74ead82a130765f83fc6fbf19723
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bergen.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 13:42:08 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
2448
X-Xss-Protection
1; mode=block
Access-Control-Allow-Headers
Content-Type
Last-Modified
Tue, 06 Jul 2021 12:30:56 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://ajax.googleapis.com https://maps.googleapis.com www.google-analytics.com https://8294890.fls.doubleclick.net https://secure.adnxs.com https://white.mynsystems.com https://blue.mynsystems.com/ https://privacy.mynsystems.com https://ib.adnxs.com https://yellow.mynsystems.com https://zna4cciryw9kzle8d-mps.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://connect.facebook.net https://zn9nahtxma7dxxjqe-mps.siteintercept.qualtrics.com https://zn5j9lftsu1lqzb1k-mps.siteintercept.qualtrics.com;
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Expires
Thu, 26 Aug 2021 13:42:08 GMT
76c55fb536a8a3965c8cd8c28546bd2c38f6704f.json
bootstrap.smartsuppchat.com/widget/
909 B
1 KB
XHR
General
Full URL
https://bootstrap.smartsuppchat.com/widget/76c55fb536a8a3965c8cd8c28546bd2c38f6704f.json
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.69.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-69-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
dce1ef97918fc59c451051e33a16dab9b9e5090f64c5ff14e2776b00db185d01

Request headers

Referer
https://bergen.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-version
dd7aa3fd74890dee45e641d61fd476758d95b5cd
date
Tue, 27 Jul 2021 13:42:08 GMT
x-hit
redis
etag
"38d-WTD9bYifAc/p19mTCHPG2Ij08k4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=0, must-revalidate
content-length
909
asset-manifest.json
widget-v2.smartsuppcdn.com/
1 KB
659 B
XHR
General
Full URL
https://widget-v2.smartsuppcdn.com/asset-manifest.json
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
dc51724305ec27522136b466ec23979c57608358da3c356a2d9dabbce6a2efa6

Request headers

Referer
https://bergen.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-77-pop
frankfurtDE
date
Tue, 27 Jul 2021 13:42:08 GMT
content-encoding
br
x-77-nzt-ray
GAi/pxmdYO4=
x-77-cache
HIT
x-cache
HIT
x-age
10
x-77-nzt
AcO1rzW1UD/vCgAAAA==
x-accel-expires
@1627393378
last-modified
Mon, 19 Jul 2021 06:28:25 GMT
server
CDN77-Turbo
etag
W/"60f51b89-5f8"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300, public, s-maxage=60
expires
Mon, 19 Jul 2021 06:49:12 GMT
runtime-main.ad41bfad.js
widget-v2.smartsuppcdn.com/static/js/ Frame 9D6D
2 KB
2 KB
Script
General
Full URL
https://widget-v2.smartsuppcdn.com/static/js/runtime-main.ad41bfad.js
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6bff1f97adff914018d79780010c0dd6ca0c322d7d7a9d24a711f2fe838e99c8

Request headers

Referer
https://bergen.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 27 Jul 2021 13:42:08 GMT
content-encoding
br
x-77-nzt-ray
Uetva8KIamE=
x-77-cache
HIT
x-cache
HIT
x-age
716276
x-77-nzt
AcO1rzWd5njv9O0KAA==
x-accel-expires
@1658213052
last-modified
Mon, 19 Jul 2021 06:28:25 GMT
server
CDN77-Turbo
etag
W/"60f51b89-982"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable
expires
Tue, 19 Jul 2022 06:44:12 GMT
3.59af7861.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 9D6D
655 KB
185 KB
Script
General
Full URL
https://widget-v2.smartsuppcdn.com/static/js/3.59af7861.chunk.js
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a1b0c4b6f9c00ab5258e2f364ad836c683d739bfeaee769f7294841883c46858

Request headers

Referer
https://bergen.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 27 Jul 2021 13:42:08 GMT
content-encoding
br
x-77-nzt-ray
vLXm0badkj0=
x-77-cache
HIT
x-cache
HIT
x-age
716276
x-77-nzt
AcO1rzXc7fPv9O0KAA==
x-accel-expires
@1658213052
last-modified
Mon, 19 Jul 2021 06:28:25 GMT
server
CDN77-Turbo
etag
W/"60f51b89-a3c57"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable
expires
Tue, 19 Jul 2022 06:44:12 GMT
main.e0f31f64.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 9D6D
103 KB
25 KB
Script
General
Full URL
https://widget-v2.smartsuppcdn.com/static/js/main.e0f31f64.chunk.js
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
41ca02e3458b9d04dd5e6389fb05eef44f1ad5a4d0db0748223f3d37412abd44

Request headers

Referer
https://bergen.cl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 27 Jul 2021 13:42:08 GMT
content-encoding
br
x-77-nzt-ray
IgJL6mB/FqU=
x-77-cache
HIT
x-cache
HIT
x-age
716276
x-77-nzt
AcO1rzX5llDv9O0KAA==
x-accel-expires
@1658213052
last-modified
Mon, 19 Jul 2021 06:28:25 GMT
server
CDN77-Turbo
etag
W/"60f51b89-19cdf"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable
expires
Tue, 19 Jul 2022 06:44:12 GMT
text-security-disc.woff
digital.mps.it/cmn/font/
0
0

text-security-disc.ttf
digital.mps.it/cmn/font/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
digital.mps.it
URL
https://digital.mps.it/cmn/font/text-security-disc.woff2
Domain
digital.mps.it
URL
https://digital.mps.it/cmn/font/text-security-disc.woff
Domain
digital.mps.it
URL
https://digital.mps.it/cmn/font/text-security-disc.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banca Monte dei Paschi (Banking)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| encodeHTML function| unescapeHTML function| escapeHTML function| open_win object| pagespeed function| reloadCaptcha2Step function| open_infoMT object| userSelectionLast object| userSelectionFirst function| registerUsername function| registerPwd function| registerUser function| soloNumeri function| hideOverlay object| _smartsupp function| smartsupp object| userSelectionLinkPk function| setImmediate function| clearImmediate boolean| SMARTSUPP_LOADED object| $smartsupp

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://digital.mps.it/cmn/assets/js/jquery-ext.js?vers=1131606(Line 1)
Message:
JQMIGRATE: jQuery 3.0.0+ REQUIRED
console-api log URL: https://digital.mps.it/cmn/assets/js/jquery-ext.js?vers=1131606(Line 1)
Message:
JQMIGRATE: Migrate is installed, version 3.1.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains;