URL: https://bnppirabas.pl/
Submission: On June 09 via manual from IN — Scanned from PL

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 20 HTTP transactions. The main IP is 77.91.68.201, located in Helsinki, Finland and belongs to ALTAWK, UA. The main domain is bnppirabas.pl.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 8th 2023. Valid for: 3 months.
This is the only time bnppirabas.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

IP Address AS Autonomous System
19 77.91.68.201 203727 (ALTAWK)
1 2 151.139.128.10 20446 (STACKPATH...)
20 2
Apex Domain
Subdomains
Transfer
19 bnppirabas.pl
bnppirabas.pl
2 MB
2 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 7357
55 KB
20 2
Domain Requested by
19 bnppirabas.pl bnppirabas.pl
2 cdn.mouseflow.com 1 redirects bnppirabas.pl
20 2

This site contains links to these domains. Also see Links.

Domain
www.bnpparibas.pl
video-chat.bnpparibas.pl
goonline.bnpparibas.pl
Subject Issuer Validity Valid
bnppirabas.pl
ZeroSSL RSA Domain Secure Site CA
2023-06-08 -
2023-09-06
3 months crt.sh

This page contains 1 frames:

Primary Page: https://bnppirabas.pl/
Frame ID: BD08C7200F8C82427DE3AE26D7C9CC48
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Zaloguj się do GOonline | BNP Paribas Bank Polska S.A.

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2362 kB
Transfer

2502 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://cdn.mouseflow.com/projects/fbdfaa95-7e3c-4d8f-9231-665e8d0604ee.js HTTP 301
  • https://cdn.mouseflow.com/projects/fbdfaa95-7e3c-4d8f-9231-665e8d0604ee_eu.js

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bnppirabas.pl/
16 KB
5 KB
Document
General
Full URL
https://bnppirabas.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fd49b7012e100ab8dcc3d6cc5d6427d3b511c363365f2d7ae10356efc9c45efc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Date
Fri, 09 Jun 2023 02:34:21 GMT
Referrer-Policy
same-origin
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Cookie
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
style.min.css
bnppirabas.pl/static/css/
1 KB
2 KB
Stylesheet
General
Full URL
https://bnppirabas.pl/static/css/style.min.css
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6330d16589cfc01bfb8b11c4a333a42f77e21d063bbec6050401fc2e12fb871c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bnppirabas.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:21 GMT
Last-Modified
Sat, 03 Jun 2023 13:49:57 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="style.min.css"
Content-Length
1421
Content-Type
text/css
jquery-3.3.1.min.js
bnppirabas.pl/static/js/
85 KB
85 KB
Script
General
Full URL
https://bnppirabas.pl/static/js/jquery-3.3.1.min.js
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bnppirabas.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:21 GMT
Last-Modified
Sat, 03 Jun 2023 13:50:06 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="jquery-3.3.1.min.js"
Content-Length
86927
Content-Type
text/javascript
site.js
bnppirabas.pl/static/js/
230 B
488 B
Script
General
Full URL
https://bnppirabas.pl/static/js/site.js
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
33f35692fd57e7407f9a7a650fcc5cc12b828824f44f8f2c4d133323d87b3c11

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bnppirabas.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:21 GMT
Last-Modified
Sat, 03 Jun 2023 13:50:06 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="site.js"
Content-Length
230
Content-Type
text/javascript
preloder.css
bnppirabas.pl/static/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://bnppirabas.pl/static/css/preloder.css
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f79d9b40598a91960754751f5c8060152dda9c544e111e0a9c71fbf48e0fdbf7

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bnppirabas.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:21 GMT
Last-Modified
Tue, 06 Jun 2023 17:42:18 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="preloder.css"
Content-Length
1038
Content-Type
text/css
preloadinator.js
bnppirabas.pl/static/js/
2 KB
2 KB
Script
General
Full URL
https://bnppirabas.pl/static/js/preloadinator.js
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
64207e28237841b1b76168e0fc1d30527afedd17722c9fb0e1956c039cf8a1b3

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bnppirabas.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:21 GMT
Last-Modified
Sat, 03 Jun 2023 13:50:06 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="preloadinator.js"
Content-Length
1703
Content-Type
text/javascript
main.css
bnppirabas.pl/static/css/
46 KB
46 KB
Stylesheet
General
Full URL
https://bnppirabas.pl/static/css/main.css
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3941ca5704046af7f9ca877b714d6203ff6edc2753b738d75b935d0557007b55

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bnppirabas.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:21 GMT
Last-Modified
Sat, 03 Jun 2023 13:49:56 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="main.css"
Content-Length
47192
Content-Type
text/css
logo.png
bnppirabas.pl/static/img/
160 KB
161 KB
Image
General
Full URL
https://bnppirabas.pl/static/img/logo.png
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
07f2efdd0a170a4dfa9e9911e25e2e3087dc1fbeab18d9c88bd2c26fc03ff87a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bnppirabas.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:21 GMT
Last-Modified
Sat, 03 Jun 2023 13:50:04 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="logo.png"
Content-Length
164249
Content-Type
image/png
the-banker-poland.png
bnppirabas.pl/static/img/
2 KB
2 KB
Image
General
Full URL
https://bnppirabas.pl/static/img/the-banker-poland.png
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1ad43cd69ab87d44698b331a63932599e614c77028ff26f4e856588a7700f384

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bnppirabas.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:21 GMT
Last-Modified
Sat, 03 Jun 2023 13:50:04 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="the-banker-poland.png"
Content-Length
1597
Content-Type
image/png
retail.83b99448ac7488de.css
bnppirabas.pl/static/css/
1 MB
1 MB
Stylesheet
General
Full URL
https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f02d4862e9e9a8290315b25e7513277604f9c86ca0b0654573177cfa14f382f3

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bnppirabas.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:21 GMT
Last-Modified
Tue, 06 Jun 2023 17:47:41 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="retail.83b99448ac7488de.css"
Content-Length
1312934
Content-Type
text/css
bnp-paribas-logo-full.svg
bnppirabas.pl/static/img/
22 KB
22 KB
Image
General
Full URL
https://bnppirabas.pl/static/img/bnp-paribas-logo-full.svg
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
88f246e3938e92d4b1a93b93cf636c856a302f4ace772ef42591d877ee5ef5d5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:22 GMT
Last-Modified
Sat, 03 Jun 2023 13:49:59 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="bnp-paribas-logo-full.svg"
Content-Length
22524
Content-Type
image/svg+xml
login-bg.jpg
bnppirabas.pl/static/img/
490 KB
491 KB
Image
General
Full URL
https://bnppirabas.pl/static/img/login-bg.jpg
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
88f2f32e046ea812a5607ebcc895f0bab1561cd09346e5f1b20f90fd813a6268

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:22 GMT
Last-Modified
Sat, 03 Jun 2023 13:50:04 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="login-bg.jpg"
Content-Length
502213
Content-Type
image/jpeg
flag-pl.svg
bnppirabas.pl/static/img/
252 B
512 B
Image
General
Full URL
https://bnppirabas.pl/static/img/flag-pl.svg
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ce198ebb9d21b8485609a5cb1c46c625e8070f2e1c2404134dc4c16ddc9f4327

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:22 GMT
Last-Modified
Sat, 03 Jun 2023 13:50:03 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="flag-pl.svg"
Content-Length
252
Content-Type
image/svg+xml
norton.png
bnppirabas.pl/static/img/
5 KB
5 KB
Image
General
Full URL
https://bnppirabas.pl/static/img/norton.png
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69d0396ad6ad2716e3cb74ef58891ed26896b9704eadda4d2bb325ba2de4feaa

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:22 GMT
Last-Modified
Sat, 03 Jun 2023 13:50:04 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="norton.png"
Content-Length
4759
Content-Type
image/png
bnpp_sans.woff
bnppirabas.pl/static/img/
54 KB
54 KB
Font
General
Full URL
https://bnppirabas.pl/static/img/bnpp_sans.woff
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c

Request headers

Referer
https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Origin
https://bnppirabas.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:22 GMT
Last-Modified
Sat, 03 Jun 2023 13:49:59 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="bnpp_sans.woff"
Content-Length
54856
Content-Type
font/woff
iconfont.woff2
bnppirabas.pl/static/img/
31 KB
31 KB
Font
General
Full URL
https://bnppirabas.pl/static/img/iconfont.woff2
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0a8b9451b8de67589fa2e8caa96cd7aee975b208815adad986ce256f060b490e

Request headers

Referer
https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Origin
https://bnppirabas.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:22 GMT
Last-Modified
Sat, 03 Jun 2023 13:50:03 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="iconfont.woff2"
Content-Length
31544
Content-Type
font/woff2
bnpp_sans_light.woff
bnppirabas.pl/static/img/
27 KB
27 KB
Font
General
Full URL
https://bnppirabas.pl/static/img/bnpp_sans_light.woff
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6b819ba1ca6fb58d0838c232a9a9f4de58743ed0112f135cffd73b07475ae77d

Request headers

Referer
https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Origin
https://bnppirabas.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:22 GMT
Last-Modified
Sat, 03 Jun 2023 13:50:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="bnpp_sans_light.woff"
Content-Length
27816
Content-Type
font/woff
bnpp_sans_condensed_bold.woff
bnppirabas.pl/static/img/
36 KB
36 KB
Font
General
Full URL
https://bnppirabas.pl/static/img/bnpp_sans_condensed_bold.woff
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c51282549720e2ef8e9b6d2c2dc535e9cca0e332ceb0fbc21a315dfb3e269224

Request headers

Referer
https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Origin
https://bnppirabas.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:22 GMT
Last-Modified
Sat, 03 Jun 2023 13:50:01 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="bnpp_sans_condensed_bold.woff"
Content-Length
36644
Content-Type
font/woff
bnpp_sans_bold.woff
bnppirabas.pl/static/img/
54 KB
54 KB
Font
General
Full URL
https://bnppirabas.pl/static/img/bnpp_sans_bold.woff
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.91.68.201 Helsinki, Finland, ASN203727 (ALTAWK, UA),
Reverse DNS
vps3609.altawk.network
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e

Request headers

Referer
https://bnppirabas.pl/static/css/retail.83b99448ac7488de.css
Origin
https://bnppirabas.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 02:34:22 GMT
Last-Modified
Sat, 03 Jun 2023 13:50:00 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Disposition
inline; filename="bnpp_sans_bold.woff"
Content-Length
54984
Content-Type
font/woff
fbdfaa95-7e3c-4d8f-9231-665e8d0604ee_eu.js
cdn.mouseflow.com/projects/
Redirect Chain
  • https://cdn.mouseflow.com/projects/fbdfaa95-7e3c-4d8f-9231-665e8d0604ee.js
  • https://cdn.mouseflow.com/projects/fbdfaa95-7e3c-4d8f-9231-665e8d0604ee_eu.js
188 KB
55 KB
Script
General
Full URL
https://cdn.mouseflow.com/projects/fbdfaa95-7e3c-4d8f-9231-665e8d0604ee_eu.js
Requested by
Host: bnppirabas.pl
URL: https://bnppirabas.pl/
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Mouseflow /
Resource Hash
fae90ce181ce1fa69a9f715cd0d8a72ab0b1a8ef6a83ac9c70388e0eebf0e78f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 02:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Sun, 12 Feb 2023 23:02:30 GMT
server
Mouseflow
etag
W/"5e775515363fd91:0"
x-cache-status
MISS
x-hw
1686278062.cds210.wa1.hn,1686278062.cds210.wa1.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
55812

Redirect headers

date
Fri, 09 Jun 2023 02:34:22 GMT
x-hw
1686278062.cds210.wa1.hn,1686278062.cds209.wa1.c
location
https://cdn.mouseflow.com/projects/fbdfaa95-7e3c-4d8f-9231-665e8d0604ee_eu.js
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-hw-loc
https://cdn.mouseflow.com/projects/fbdfaa95-7e3c-4d8f-9231-665e8d0604ee.js
content-length
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| _mfq boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| mouseflow

1 Cookies

Domain/Path Name / Value
bnppirabas.pl/ Name: csrftoken
Value: g1zcHTHfx07FPzGFA825cCzsKIcfdTgw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bnppirabas.pl
cdn.mouseflow.com
151.139.128.10
77.91.68.201
07f2efdd0a170a4dfa9e9911e25e2e3087dc1fbeab18d9c88bd2c26fc03ff87a
0a8b9451b8de67589fa2e8caa96cd7aee975b208815adad986ce256f060b490e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ad43cd69ab87d44698b331a63932599e614c77028ff26f4e856588a7700f384
33f35692fd57e7407f9a7a650fcc5cc12b828824f44f8f2c4d133323d87b3c11
3941ca5704046af7f9ca877b714d6203ff6edc2753b738d75b935d0557007b55
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c
6330d16589cfc01bfb8b11c4a333a42f77e21d063bbec6050401fc2e12fb871c
64207e28237841b1b76168e0fc1d30527afedd17722c9fb0e1956c039cf8a1b3
69d0396ad6ad2716e3cb74ef58891ed26896b9704eadda4d2bb325ba2de4feaa
6b819ba1ca6fb58d0838c232a9a9f4de58743ed0112f135cffd73b07475ae77d
80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e
88f246e3938e92d4b1a93b93cf636c856a302f4ace772ef42591d877ee5ef5d5
88f2f32e046ea812a5607ebcc895f0bab1561cd09346e5f1b20f90fd813a6268
c51282549720e2ef8e9b6d2c2dc535e9cca0e332ceb0fbc21a315dfb3e269224
ce198ebb9d21b8485609a5cb1c46c625e8070f2e1c2404134dc4c16ddc9f4327
f02d4862e9e9a8290315b25e7513277604f9c86ca0b0654573177cfa14f382f3
f79d9b40598a91960754751f5c8060152dda9c544e111e0a9c71fbf48e0fdbf7
fae90ce181ce1fa69a9f715cd0d8a72ab0b1a8ef6a83ac9c70388e0eebf0e78f
fd49b7012e100ab8dcc3d6cc5d6427d3b511c363365f2d7ae10356efc9c45efc