www.orderperegrine.com
Open in
urlscan Pro
2606:4700:3033::ac43:afb6
Malicious Activity!
Public Scan
Submission: On January 29 via api from US — Scanned from US
Summary
This is the only time www.orderperegrine.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNP Paribas (Banking) Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 16 | 2606:4700:303... 2606:4700:3033::ac43:afb6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2607:f8b0:400... 2607:f8b0:4004:c1f::5f | 15169 (GOOGLE) (GOOGLE) | |
17 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
orderperegrine.com
1 redirects
www.orderperegrine.com |
346 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369 |
57 KB |
17 | 2 |
Domain | Requested by | |
---|---|---|
16 | www.orderperegrine.com |
1 redirects
www.orderperegrine.com
|
2 | ajax.googleapis.com |
www.orderperegrine.com
|
17 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
mabanque.bnpparibas |
mabanqueprivee.bnpparibas |
mabanquepro.bnpparibas |
entreprises.bnpparibas.fr |
associations.bnpparibas.fr |
www.epargne-retraite-entreprises.bnpparibas.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/index.html
Frame ID: EC76FBB03B86EA8DB48C4966BDD0C8B7
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Espace clientPage URL History Show full URLs
- http://www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/index.html Page URL
-
http://www.orderperegrine.com/cdn-cgi/phish-bypass?atok=n1Av295pxfi2qBQ6iUAkwjagPAEjWUk6QNXSFwS2Sgw-170656...
HTTP 301
http://www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/index.html Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- googleapis\.com/.+webfont
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
17 Outgoing links
These are links going to different origins than the main page.
Title: Particuliers
Search URL Search Domain Scan URL
Title: Banque privée
Search URL Search Domain Scan URL
Title: Professionnels
Search URL Search Domain Scan URL
Title: Entreprises
Search URL Search Domain Scan URL
Title: Associations
Search URL Search Domain Scan URL
Title: BNP Paribas La banque d'un monde qui change
Search URL Search Domain Scan URL
Title: Devenir client
Search URL Search Domain Scan URL
Title: Signaler un problème technique
Search URL Search Domain Scan URL
Title: Mes comptes
Search URL Search Domain Scan URL
Title: Effectuez une nouvelle demande.
Search URL Search Domain Scan URL
Title: Connectez-vous
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Mentions légales
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Title: Site sécurisé
Search URL Search Domain Scan URL
Title: Epargne Entreprise
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/index.html Page URL
-
http://www.orderperegrine.com/cdn-cgi/phish-bypass?atok=n1Av295pxfi2qBQ6iUAkwjagPAEjWUk6QNXSFwS2Sgw-1706568330-0-%2Fweb%2Fdigitale%2F8598705a96c21c553e43b7303a13c8d7%2Findex.html
HTTP 301
http://www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
index.html
www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/ |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cf.errors.css
www.orderperegrine.com/cdn-cgi/styles/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-exclamation.png
www.orderperegrine.com/cdn-cgi/images/ |
452 B 889 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index.html
www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/ Redirect Chain
|
44 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.10.2.min.js
www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/js/ |
91 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/ |
198 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ |
92 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.1/ |
69 KB 24 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnp-alone.png
www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/ |
21 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_sans-webfont-webfont.woff2
www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/ |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_type_regular_v2-webfont.woff
www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/ |
32 KB 33 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
picto-ident.png
www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/ |
23 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite-form.png
www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
l32294908580232108298696234710927116188
www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_sans_cond_light_v2-webfont.woff
www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/ |
22 KB 23 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iconbnp.woff
www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/ |
81 KB 82 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_type_bold_v2-webfont.woff
www.orderperegrine.com/web/digitale/8598705a96c21c553e43b7303a13c8d7/ |
24 KB 25 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNP Paribas (Banking) Generic Cloudflare (Online)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery string| sfAxes1 string| sfAxes2 string| sfAxes3 string| sfAxes4 string| sfSiteId string| sfCookieErrorPage string| sfCustomerDacLevel function| checkhit1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.orderperegrine.com/ | Name: __cf_mw_byp Value: n1Av295pxfi2qBQ6iUAkwjagPAEjWUk6QNXSFwS2Sgw-1706568330-0-/web/digitale/8598705a96c21c553e43b7303a13c8d7/index.html |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
www.orderperegrine.com
2606:4700:3033::ac43:afb6
2607:f8b0:4004:c1f::5f
010eddd503a3b3cd606f1b0a09804baf2aae5df1e5d2de85bc9453c868c9207b
0b1b7beabe53bfc029dc6baf6437b11c8944b7f9308548d6ba53bfe46e7abfca
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
13a4288d793f7442b32c5b40162c851a30ba8776b8bd4797c95ca1ee27e4b4d2
2cec78f739fbddfed852cd7934d2530e7cc4c8f14b38673b03ba5fb880ad4cc7
3dfdf449ad6a7f0906d8b51c94ef3cd06a58c641de8969b4e3f8431a65525312
5cfcd47c763f59b765edf88bf251164a95e5e1dbcb5ad4e031a6460a2409d73c
6935aeee017a8da33fa52da1dd852fef33fbd73bc1a07279da5f12a193ed2313
7765b30f55d23c1e9b5da76e6b4bb7129665b9fb7e0ff1f949f51d74a22f93be
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8a5914aa91aff6db50981ac794d68b868dfecf6909305ab6c568466faa49d366
9cd3780027bd1fbbeca2bfca80a0d57d1bdb97a0da0a45c4b9c118825030882c
b6b78e7bcb6945403e4ceea9b2814d405eb1ad0c40875b69b125a95f99ea25e4
d550ddeaf2016388b70c8669310b1bb7e0a1e67be73df38926ad2a61f0bbbe8b
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f369aafad7dd64145e15972462e84dbf18ddebf193e594345debcfc8d40c30e8