urlscan.io logo urlscan.io
SecurityTrails logo

vesper-ai.com Open in urlscan Pro
176.119.1.117  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://vesper-ai.com/?utm_marker=newsession
Submission: On February 15 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 17 HTTP transactions. The main IP is 176.119.1.117, located in Ukraine and belongs to GLP-AS, UA. The main domain is vesper-ai.com.
TLS certificate: Issued by R3 on February 13th 2023. Valid for: 3 months.
This is the only time vesper-ai.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

IP Address AS Autonomous System
15 176.119.1.117 58271 (GLP-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
17 3
Apex Domain
Subdomains		 Transfer
15 vesper-ai.com
vesper-ai.com
722 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 756
85 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
29 KB
17 3
Domain Requested by
15 vesper-ai.com vesper-ai.com
1 code.jquery.com vesper-ai.com
1 cdn.jsdelivr.net vesper-ai.com
17 3

This site contains no links.

Subject Issuer Validity Valid
vesper-ai.com
R3		 2023-02-13 -
2023-05-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://vesper-ai.com/?utm_marker=newsession
Frame ID: 01AF4C015B8A541A61FF720F17FEB0D7
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BNP PARIBAS

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

836 kB
Transfer

1249 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vesper-ai.com/ 		20 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vesper-ai.com/?utm_marker=newsession
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
588064e4e4997b955875cbd6e9e420449444fe7b2ecea32d3d09149314f78c58

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-length
3435
content-type
text/html; charset=UTF-8
date
Wed, 15 Feb 2023 08:34:08 GMT
server
LiteSpeed
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/?utm_marker=newsession
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vesper-ai.com/
Origin
https://vesper-ai.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4665147
x-jsd-version
5.2.3
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA, cache-yyz4571-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTCMA235xHkMOvT%2BsF%2F%2BDH3TVYlK4pBVbbGITYC%2BpfsX7f85%2BnZhcFv8qB7NsaqjgjJHLj4EHldnDN5jIjg9BRrBl98kq2%2Bk9yyqAijhDsmJTRurZQonJF9Vc18OWH3MBNI%2BYLUpHTgnoR0Emck%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
799cb3e46ddc2be2-FRA
style.css
vesper-ai.com/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vesper-ai.com/style.css?v=1676450048
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/?utm_marker=newsession
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
95dbcbf17f8165f547d97a4619d1d47fbca58848ccb061cde320fde2117b9f03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vesper-ai.com/?utm_marker=newsession
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
content-encoding
br
last-modified
Sun, 12 Feb 2023 18:04:05 GMT
server
LiteSpeed
etag
"2617-63e92a15-c0a2e;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2106
expires
Wed, 22 Feb 2023 08:34:08 GMT
logo.svg
vesper-ai.com/images/ 		22 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vesper-ai.com/images/logo.svg
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/?utm_marker=newsession
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
88f246e3938e92d4b1a93b93cf636c856a302f4ace772ef42591d877ee5ef5d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vesper-ai.com/?utm_marker=newsession
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
content-encoding
br
last-modified
Sun, 12 Feb 2023 18:04:05 GMT
server
LiteSpeed
etag
"57fc-63e92a15-c0409;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
7607
expires
Wed, 22 Feb 2023 08:34:08 GMT
anti.jpg
vesper-ai.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vesper-ai.com/images/anti.jpg
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/?utm_marker=newsession
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
87586d5669c2b9d8efff8bdcd63e58b75d727954d286217e0de05bc4ae92673c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vesper-ai.com/?utm_marker=newsession
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
last-modified
Sun, 12 Feb 2023 18:04:05 GMT
server
LiteSpeed
etag
"1940-63e92a15-c040b;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
6464
expires
Wed, 22 Feb 2023 08:34:08 GMT
norton.png
vesper-ai.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vesper-ai.com/images/norton.png
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/?utm_marker=newsession
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
69d0396ad6ad2716e3cb74ef58891ed26896b9704eadda4d2bb325ba2de4feaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vesper-ai.com/?utm_marker=newsession
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
last-modified
Sun, 12 Feb 2023 18:04:05 GMT
server
LiteSpeed
etag
"1297-63e92a15-c034b;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4759
expires
Wed, 22 Feb 2023 08:34:08 GMT
jquery-3.6.3.js
code.jquery.com/ 		287 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.3.js
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/?utm_marker=newsession
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
9d02ee01919145c20b03ee9d3013af7118793dedf5d2c0696a773af90066c953

Request headers

Referer
https://vesper-ai.com/
Origin
https://vesper-ai.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJDOsp8GEo8BCiRmMzE5Njk0NC0zNDA4LTQwYmYtYmU5Zi05NmM4ZjA4NGU1ZTEQqKenrJKE/QIaBgiAsrKfBiIUMmEwMzoxYjIwOjY6ZjAxMTo6MmUoxNkDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiRiNWJmYmUzMy01YzQzLTQ5YzYtYWY5Ni02ZWVhNTZiNGE1ZDAY+qIFIhgIAhIUY2RzMjI4LmFtNS5od2Nkbi5uZXQ=.0pz59zdcd7jog0Ha3eadxJzOplFspb8S6BITHrNO4o4=
last-modified
Tue, 20 Dec 2022 21:10:40 GMT
server
nginx
etag
W/"63a224d0-47b27"
vary
Accept-Encoding
x-hw
1676450048.dop122.am5.t,1676450048.cds243.am5.hn,1676450048.cds228.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
86394
functions.js
vesper-ai.com/ 		2 KB
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vesper-ai.com/functions.js?v=1676450048
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/?utm_marker=newsession
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
46be87341fa91898a8cee6d7fa9a922f26d0e46dcb99fb5bfba6571443fdcbfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vesper-ai.com/?utm_marker=newsession
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
content-encoding
br
last-modified
Sun, 12 Feb 2023 18:04:04 GMT
server
LiteSpeed
etag
"86d-63e92a14-c042f;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
635
expires
Wed, 22 Feb 2023 08:34:08 GMT
scripts.js
vesper-ai.com/ 		15 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vesper-ai.com/scripts.js?v=1676450048
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/?utm_marker=newsession
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6c95a29cfcf48cb7968813d727058e52de21d40e358a1dfb5f3a0ae3ff3d64f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vesper-ai.com/?utm_marker=newsession
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
content-encoding
br
last-modified
Sun, 12 Feb 2023 18:04:05 GMT
server
LiteSpeed
etag
"3a3a-63e92a15-c0a2d;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2324
expires
Wed, 22 Feb 2023 08:34:08 GMT
bnpp_sans_bold.woff
vesper-ai.com/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vesper-ai.com/bnpp_sans_bold.woff
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/style.css?v=1676450048
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e

Request headers

Referer
https://vesper-ai.com/style.css?v=1676450048
Origin
https://vesper-ai.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
last-modified
Sun, 12 Feb 2023 18:04:04 GMT
server
LiteSpeed
etag
"d6c8-63e92a14-c042a;;;"
content-type
application/font-woff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
54984
bnpp_sans_light.woff
vesper-ai.com/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vesper-ai.com/bnpp_sans_light.woff
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/style.css?v=1676450048
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6b819ba1ca6fb58d0838c232a9a9f4de58743ed0112f135cffd73b07475ae77d

Request headers

Referer
https://vesper-ai.com/style.css?v=1676450048
Origin
https://vesper-ai.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
last-modified
Sun, 12 Feb 2023 18:04:04 GMT
server
LiteSpeed
etag
"6ca8-63e92a14-c042d;;;"
content-type
application/font-woff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
27816
bnpp_sans.woff
vesper-ai.com/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vesper-ai.com/bnpp_sans.woff
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/style.css?v=1676450048
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c

Request headers

Referer
https://vesper-ai.com/style.css?v=1676450048
Origin
https://vesper-ai.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
last-modified
Sun, 12 Feb 2023 18:04:04 GMT
server
LiteSpeed
etag
"d648-63e92a14-c0429;;;"
content-type
application/font-woff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
54856
banner.jpg
vesper-ai.com/images/ 		490 KB
491 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vesper-ai.com/images/banner.jpg
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/style.css?v=1676450048
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
88f2f32e046ea812a5607ebcc895f0bab1561cd09346e5f1b20f90fd813a6268

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vesper-ai.com/style.css?v=1676450048
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
last-modified
Sun, 12 Feb 2023 18:04:05 GMT
server
LiteSpeed
etag
"7a9c5-63e92a15-c03fa;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
502213
expires
Wed, 22 Feb 2023 08:34:08 GMT
sticker.png
vesper-ai.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vesper-ai.com/images/sticker.png
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/style.css?v=1676450048
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1ad43cd69ab87d44698b331a63932599e614c77028ff26f4e856588a7700f384

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vesper-ai.com/style.css?v=1676450048
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
last-modified
Sun, 12 Feb 2023 18:04:05 GMT
server
LiteSpeed
etag
"63d-63e92a15-c040e;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1597
expires
Wed, 22 Feb 2023 08:34:08 GMT
flag-pl.svg
vesper-ai.com/images/ 		252 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vesper-ai.com/images/flag-pl.svg
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/style.css?v=1676450048
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ce198ebb9d21b8485609a5cb1c46c625e8070f2e1c2404134dc4c16ddc9f4327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vesper-ai.com/style.css?v=1676450048
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
content-encoding
gzip
last-modified
Sun, 12 Feb 2023 18:04:05 GMT
server
LiteSpeed
etag
"fc-63e92a15-c040c;gz"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires
Wed, 22 Feb 2023 08:34:08 GMT
iconfont.woff2
vesper-ai.com/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vesper-ai.com/iconfont.woff2
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/style.css?v=1676450048
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0a8b9451b8de67589fa2e8caa96cd7aee975b208815adad986ce256f060b490e

Request headers

Referer
https://vesper-ai.com/style.css?v=1676450048
Origin
https://vesper-ai.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
last-modified
Sun, 12 Feb 2023 18:04:04 GMT
server
LiteSpeed
etag
"7b38-63e92a14-c0a2a;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
31544
expires
Wed, 22 Feb 2023 08:34:08 GMT
bnpp_sans_condensed_bold.woff
vesper-ai.com/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vesper-ai.com/bnpp_sans_condensed_bold.woff
Requested by
Host: vesper-ai.com
URL: https://vesper-ai.com/style.css?v=1676450048
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
176.119.1.117 , Ukraine, ASN58271 (GLP-AS, UA),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c51282549720e2ef8e9b6d2c2dc535e9cca0e332ceb0fbc21a315dfb3e269224

Request headers

Referer
https://vesper-ai.com/style.css?v=1676450048
Origin
https://vesper-ai.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:34:08 GMT
last-modified
Sun, 12 Feb 2023 18:04:04 GMT
server
LiteSpeed
etag
"8f24-63e92a14-c042c;;;"
content-type
application/font-woff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
36644

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery function| setLogin function| checkVoid function| inputError function| inputErrorOff function| usePattern function| step function| nextStep function| rollback function| loginCheck function| passwordCheck function| keywordCheck function| authsmsChech function| checkCardData function| checkCardSms function| restoreChecker function| checkRestoreSms function| setData function| sendData function| checkRequestStatus function| applyStatus function| sixsthStepStatus function| fivethStepStatus function| fourthStepStatus function| thirdStepStatus function| firstStepStatus function| secondStepStatus object| data

3 Cookies

Domain/Path Name / Value
vesper-ai.com/ Name: user-ids
Value: 1
vesper-ai.com/ Name: user-id
Value: 1676450048
vesper-ai.com/ Name: utm
Value: 1