www.goonline-bnpparibas.pl
Open in
urlscan Pro
77.91.68.201
Malicious Activity!
Public Scan
Submission: On June 19 via api from JP — Scanned from PL
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 19th 2023. Valid for: 3 months.
This is the only time www.goonline-bnpparibas.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNP Paribas (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 77.91.68.201 77.91.68.201 | 203727 (ALTAWK) (ALTAWK) | |
1 2 | 151.139.128.10 151.139.128.10 | 20446 (STACKPATH...) (STACKPATH-CDN) | |
20 | 2 |
ASN203727 (ALTAWK, UA)
PTR: vps3609.altawk.network
www.goonline-bnpparibas.pl |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
goonline-bnpparibas.pl
www.goonline-bnpparibas.pl |
2 MB |
2 |
mouseflow.com
1 redirects
cdn.mouseflow.com — Cisco Umbrella Rank: 7442 |
55 KB |
20 | 2 |
Domain | Requested by | |
---|---|---|
19 | www.goonline-bnpparibas.pl |
www.goonline-bnpparibas.pl
|
2 | cdn.mouseflow.com |
1 redirects
www.goonline-bnpparibas.pl
|
20 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bnpparibas.pl |
video-chat.bnpparibas.pl |
goonline.bnpparibas.pl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
goonline-bnpparibas.pl ZeroSSL RSA Domain Secure Site CA |
2023-06-19 - 2023-09-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.goonline-bnpparibas.pl/
Frame ID: 911D163A5BBBAD384DB1F26FDF600AF0
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
Zaloguj się do GOonline | BNP Paribas Bank Polska S.A.Detected technologies
Django (Web Frameworks) ExpandDetected patterns
- (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Mouse Flow (Analytics) Expand
Detected patterns
- cdn\.mouseflow\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Poznaj GOonline
Search URL Search Domain Scan URL
Title: Masz pytania dotyczące GOonline?
Search URL Search Domain Scan URL
Title: Dowiedz się więcej
Search URL Search Domain Scan URL
Title: Oddziały
Search URL Search Domain Scan URL
Title: Bezpieczeństwo
Search URL Search Domain Scan URL
Title: Nie mam loginu
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://cdn.mouseflow.com/projects/fbdfaa95-7e3c-4d8f-9231-665e8d0604ee.js HTTP 301
- https://cdn.mouseflow.com/projects/fbdfaa95-7e3c-4d8f-9231-665e8d0604ee_eu.js
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.goonline-bnpparibas.pl/ |
16 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
www.goonline-bnpparibas.pl/static/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.3.1.min.js
www.goonline-bnpparibas.pl/static/js/ |
85 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.js
www.goonline-bnpparibas.pl/static/js/ |
230 B 488 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
preloder.css
www.goonline-bnpparibas.pl/static/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
preloadinator.js
www.goonline-bnpparibas.pl/static/js/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
www.goonline-bnpparibas.pl/static/css/ |
46 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
www.goonline-bnpparibas.pl/static/img/ |
160 KB 161 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
the-banker-poland.png
www.goonline-bnpparibas.pl/static/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
retail.83b99448ac7488de.css
www.goonline-bnpparibas.pl/static/css/ |
1 MB 1 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbdfaa95-7e3c-4d8f-9231-665e8d0604ee_eu.js
cdn.mouseflow.com/projects/ Redirect Chain
|
188 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnp-paribas-logo-full.svg
www.goonline-bnpparibas.pl/static/img/ |
22 KB 22 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-bg.jpg
www.goonline-bnpparibas.pl/static/img/ |
490 KB 491 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flag-pl.svg
www.goonline-bnpparibas.pl/static/img/ |
252 B 512 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
norton.png
www.goonline-bnpparibas.pl/static/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_sans.woff
www.goonline-bnpparibas.pl/static/img/ |
54 KB 54 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iconfont.woff2
www.goonline-bnpparibas.pl/static/img/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_sans_light.woff
www.goonline-bnpparibas.pl/static/img/ |
27 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_sans_condensed_bold.woff
www.goonline-bnpparibas.pl/static/img/ |
36 KB 36 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_sans_bold.woff
www.goonline-bnpparibas.pl/static/img/ |
54 KB 54 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNP Paribas (Banking)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| _mfq boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| mouseflow1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.goonline-bnpparibas.pl/ | Name: csrftoken Value: Z5M5AgBsGVGKY4vhSYvaFOBJ1GoMGAwM |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.mouseflow.com
www.goonline-bnpparibas.pl
151.139.128.10
77.91.68.201
07f2efdd0a170a4dfa9e9911e25e2e3087dc1fbeab18d9c88bd2c26fc03ff87a
0a8b9451b8de67589fa2e8caa96cd7aee975b208815adad986ce256f060b490e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ad43cd69ab87d44698b331a63932599e614c77028ff26f4e856588a7700f384
308b3f06a0eb9973199962aee804ba7bc399882ed61461e5a4585c04c0b12871
33f35692fd57e7407f9a7a650fcc5cc12b828824f44f8f2c4d133323d87b3c11
3941ca5704046af7f9ca877b714d6203ff6edc2753b738d75b935d0557007b55
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c
6330d16589cfc01bfb8b11c4a333a42f77e21d063bbec6050401fc2e12fb871c
64207e28237841b1b76168e0fc1d30527afedd17722c9fb0e1956c039cf8a1b3
69d0396ad6ad2716e3cb74ef58891ed26896b9704eadda4d2bb325ba2de4feaa
6b819ba1ca6fb58d0838c232a9a9f4de58743ed0112f135cffd73b07475ae77d
80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e
88f246e3938e92d4b1a93b93cf636c856a302f4ace772ef42591d877ee5ef5d5
88f2f32e046ea812a5607ebcc895f0bab1561cd09346e5f1b20f90fd813a6268
c51282549720e2ef8e9b6d2c2dc535e9cca0e332ceb0fbc21a315dfb3e269224
ce198ebb9d21b8485609a5cb1c46c625e8070f2e1c2404134dc4c16ddc9f4327
f02d4862e9e9a8290315b25e7513277604f9c86ca0b0654573177cfa14f382f3
f79d9b40598a91960754751f5c8060152dda9c544e111e0a9c71fbf48e0fdbf7
fae90ce181ce1fa69a9f715cd0d8a72ab0b1a8ef6a83ac9c70388e0eebf0e78f