gbs.sa.com
Open in
urlscan Pro
173.254.24.40
Malicious Activity!
Public Scan
Effective URL: https://gbs.sa.com/BNP/home/index.html
Submission: On July 19 via manual from PL — Scanned from PL
Summary
TLS certificate: Issued by R10 on July 17th 2024. Valid for: 3 months.
This is the only time gbs.sa.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNP Paribas (Banking) Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.89.115.58 167.89.115.58 | 11377 (SENDGRID) (SENDGRID) | |
1 1 | 34.110.180.34 34.110.180.34 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 7 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 41 | 173.254.24.40 173.254.24.40 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
45 | 2 |
ASN11377 (SENDGRID, US)
PTR: o16789115x58.outbound-mail.sendgrid.net
u23236098.ct.sendgrid.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.180.110.34.bc.googleusercontent.com
mgun.mastercard.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
41 |
sa.com
2 redirects
gbs.sa.com |
1 MB |
7 |
pages.dev
1 redirects
bannoupa.pages.dev |
9 KB |
1 |
mastercard.com
1 redirects
mgun.mastercard.com |
566 B |
1 |
sendgrid.net
1 redirects
u23236098.ct.sendgrid.net |
435 B |
45 | 4 |
Domain | Requested by | |
---|---|---|
41 | gbs.sa.com |
2 redirects
gbs.sa.com
|
7 | bannoupa.pages.dev |
1 redirects
bannoupa.pages.dev
|
1 | mgun.mastercard.com | 1 redirects |
1 | u23236098.ct.sendgrid.net | 1 redirects |
45 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bannoupa.pages.dev WE1 |
2024-07-18 - 2024-10-16 |
3 months | crt.sh |
gbs.sa.com R10 |
2024-07-17 - 2024-10-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://gbs.sa.com/BNP/home/index.html
Frame ID: D965EDF8ABBFAAF2C0983BF1CFEDC0FE
Requests: 45 HTTP requests in this frame
Screenshot
Page Title
Zaloguj siÄ™ do GOonline | BNP Paribas Bank Polska S.A.Page URL History Show full URLs
-
https://u23236098.ct.sendgrid.net/ls/click?upn=u001.Fd7LRWG6CBQ9wgxYQZT8kXElblv-2FkRPGRRTe685sjOXReFr6BGYbrrRq...
HTTP 302
http://mgun.mastercard.com/c/eJwkyz1uhTAMAODTJGNkOyQOQ4Yu7x6G2H1I_ERAkdrTV2qHb_xaLWQ5qdeKTBgJGMi_q6IBU2... HTTP 307
https://mgun.mastercard.com/c/eJwkyz1uhTAMAODTJGNkOyQOQ4Yu7x6G2H1I_ERAkdrTV2qHb_xaLWQ5qdeKTBgJGMi_q6IBU2... HTTP 302
https://bannoupa.pages.dev/ Page URL
-
https://bannoupa.pages.dev/cdn-cgi/phish-bypass?atok=wIXbY_A5fQJUQHXYWGE1AOYbmA.hEnKVQ8nWL_2DwEo-172139...
HTTP 301
https://bannoupa.pages.dev/ Page URL
-
https://gbs.sa.com/BNP
HTTP 301
https://gbs.sa.com/BNP/ HTTP 302
https://gbs.sa.com/BNP/home/index.html Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://u23236098.ct.sendgrid.net/ls/click?upn=u001.Fd7LRWG6CBQ9wgxYQZT8kXElblv-2FkRPGRRTe685sjOXReFr6BGYbrrRq2IBJSEX3O7P82VmqzCflapuhND-2FHt654fs0nsO7vn3LeKSErM-2FIE9eI-2FU2lv3GPOIz8BX4AskAX3yZhilfGEXmkDMjZXQrfPriWIMbtZ4ZxVnfH2lLtB-2B-2FfKldJtatTb1uYdCpCQtLrw8wVTJgcLcNqdqmAIVaql9R9oCPZXEgNlpdv3QsxwNOkPpLUtWna8I1s6H6Mf8WLI6F-2FYCNcNizYL7r3psHBXXvzTgXQhKNpNepio8zFfkpP4TDYpGHalUrlEjfVEMQ542brd9lOCGPEwZ56H-2BA-3D-3D3Lxw_Cj8FaZCckqEn2o8YKDArDqbRDQ-2FZrE98uLHfzwrVJlZrhX-2FBPxDG8d8IBNL6lFtTSurG8Nx8-2BvB8Zg0MhyGUxWD2XYEwQLZDyNWHj2A-2BYpY1VRAofF5v4xxtMlOhGzTTFgV44az8NPH9TrJfdh-2BjzjuwVFsnCML3ZWDsT6DbN3mMWyEFTt2KjiqvRTp8AxHc
HTTP 302
http://mgun.mastercard.com/c/eJwkyz1uhTAMAODTJGNkOyQOQ4Yu7x6G2H1I_ERAkdrTV2qHb_xaLWQ5qdeKTBgJGMi_q6IBU2xsohizyqjRIrcyTnls2PxSCWgAxoI5FsKgZiUlNgAj5TS7ATa5bj1nOVuYj82v9X3f_XLxw9HL0WuSfT--uoQun3qFpo8_649Oyz83wPfRN1nWv_1U-g0AAP__bVc0VA HTTP 307
https://mgun.mastercard.com/c/eJwkyz1uhTAMAODTJGNkOyQOQ4Yu7x6G2H1I_ERAkdrTV2qHb_xaLWQ5qdeKTBgJGMi_q6IBU2xsohizyqjRIrcyTnls2PxSCWgAxoI5FsKgZiUlNgAj5TS7ATa5bj1nOVuYj82v9X3f_XLxw9HL0WuSfT--uoQun3qFpo8_649Oyz83wPfRN1nWv_1U-g0AAP__bVc0VA HTTP 302
https://bannoupa.pages.dev/ Page URL
-
https://bannoupa.pages.dev/cdn-cgi/phish-bypass?atok=wIXbY_A5fQJUQHXYWGE1AOYbmA.hEnKVQ8nWL_2DwEo-1721393741-0.0.1.1-%2F
HTTP 301
https://bannoupa.pages.dev/ Page URL
-
https://gbs.sa.com/BNP
HTTP 301
https://gbs.sa.com/BNP/ HTTP 302
https://gbs.sa.com/BNP/home/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://u23236098.ct.sendgrid.net/ls/click?upn=u001.Fd7LRWG6CBQ9wgxYQZT8kXElblv-2FkRPGRRTe685sjOXReFr6BGYbrrRq2IBJSEX3O7P82VmqzCflapuhND-2FHt654fs0nsO7vn3LeKSErM-2FIE9eI-2FU2lv3GPOIz8BX4AskAX3yZhilfGEXmkDMjZXQrfPriWIMbtZ4ZxVnfH2lLtB-2B-2FfKldJtatTb1uYdCpCQtLrw8wVTJgcLcNqdqmAIVaql9R9oCPZXEgNlpdv3QsxwNOkPpLUtWna8I1s6H6Mf8WLI6F-2FYCNcNizYL7r3psHBXXvzTgXQhKNpNepio8zFfkpP4TDYpGHalUrlEjfVEMQ542brd9lOCGPEwZ56H-2BA-3D-3D3Lxw_Cj8FaZCckqEn2o8YKDArDqbRDQ-2FZrE98uLHfzwrVJlZrhX-2FBPxDG8d8IBNL6lFtTSurG8Nx8-2BvB8Zg0MhyGUxWD2XYEwQLZDyNWHj2A-2BYpY1VRAofF5v4xxtMlOhGzTTFgV44az8NPH9TrJfdh-2BjzjuwVFsnCML3ZWDsT6DbN3mMWyEFTt2KjiqvRTp8AxHc HTTP 302
- http://mgun.mastercard.com/c/eJwkyz1uhTAMAODTJGNkOyQOQ4Yu7x6G2H1I_ERAkdrTV2qHb_xaLWQ5qdeKTBgJGMi_q6IBU2xsohizyqjRIrcyTnls2PxSCWgAxoI5FsKgZiUlNgAj5TS7ATa5bj1nOVuYj82v9X3f_XLxw9HL0WuSfT--uoQun3qFpo8_649Oyz83wPfRN1nWv_1U-g0AAP__bVc0VA HTTP 307
- https://mgun.mastercard.com/c/eJwkyz1uhTAMAODTJGNkOyQOQ4Yu7x6G2H1I_ERAkdrTV2qHb_xaLWQ5qdeKTBgJGMi_q6IBU2xsohizyqjRIrcyTnls2PxSCWgAxoI5FsKgZiUlNgAj5TS7ATa5bj1nOVuYj82v9X3f_XLxw9HL0WuSfT--uoQun3qFpo8_649Oyz83wPfRN1nWv_1U-g0AAP__bVc0VA HTTP 302
- https://bannoupa.pages.dev/
- https://bannoupa.pages.dev/cdn-cgi/phish-bypass?atok=wIXbY_A5fQJUQHXYWGE1AOYbmA.hEnKVQ8nWL_2DwEo-1721393741-0.0.1.1-%2F HTTP 301
- https://bannoupa.pages.dev/
45 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
bannoupa.pages.dev/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
bannoupa.pages.dev/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
bannoupa.pages.dev/cdn-cgi/images/ |
452 B 635 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
bannoupa.pages.dev/ |
71 B 509 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
bannoupa.pages.dev/ Redirect Chain
|
71 B 508 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.html
gbs.sa.com/BNP/home/ Redirect Chain
|
21 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
bannoupa.pages.dev/ |
71 B 515 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_ICA7NQVfghqrtux_10287240325103108.js
gbs.sa.com/BNP/home/files/ |
330 KB 149 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.56fbd2fb8f8744aa.css
gbs.sa.com/BNP/home/files/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader-button.svg
gbs.sa.com/BNP/home/files/ |
1 KB 480 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
the-banker-award.png
gbs.sa.com/BNP/home/files/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PBN.png
gbs.sa.com/BNP/home/files/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
norton.png
gbs.sa.com/BNP/home/files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnp-paribas-logo-full.svg
gbs.sa.com/BNP/home/files/ |
22 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.5299cf64ddabbe0f.css
gbs.sa.com/BNP/home/files/ |
1 MB 180 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_D_10287240325103108.js
gbs.sa.com/ |
54 KB 18 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag-pl.svg
gbs.sa.com/assets/theme/retail/img/svg/ |
54 KB 54 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_bold.woff
gbs.sa.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_light.woff
gbs.sa.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans.woff
gbs.sa.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnp-paribas-logo-full.svg
gbs.sa.com/BNP/home/files/assets/theme/retail/ |
22 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-bg.jpg
gbs.sa.com/BNP/home/files/assets/theme/retail/img/bg/ |
490 KB 491 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans.woff
gbs.sa.com/BNP/home/files/assets/fonts/ |
54 KB 53 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnp-icon-basic.ttf
gbs.sa.com/BNP/home/files/assets/fonts/ |
11 KB 6 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconfont.woff2
gbs.sa.com/BNP/home/files/assets/fonts/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_light.woff
gbs.sa.com/BNP/home/files/assets/fonts/ |
27 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_condensed_bold.woff
gbs.sa.com/BNP/home/files/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_bold.woff
gbs.sa.com/BNP/home/files/assets/fonts/ |
54 KB 54 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_light.woff2
gbs.sa.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_bold.woff2
gbs.sa.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans.woff2
gbs.sa.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconfont.woff
gbs.sa.com/BNP/home/files/assets/fonts/ |
38 KB 38 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_D_10287240325103108.js
gbs.sa.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_condensed_bold.woff2
gbs.sa.com/BNP/home/files/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_bold.ttf
gbs.sa.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans.ttf
gbs.sa.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_light.ttf
gbs.sa.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rb_59278947-0198-4282-8d96-98942c532d36
gbs.sa.com/ |
226 B 257 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_condensed_bold.ttf
gbs.sa.com/BNP/home/files/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_condensed_bold.woff
gbs.sa.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
gbs.sa.com/BNP/home/files/ |
1 KB 621 B |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_condensed_bold.woff2
gbs.sa.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rb_59278947-0198-4282-8d96-98942c532d36
gbs.sa.com/ |
226 B 253 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_condensed_bold.ttf
gbs.sa.com/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rb_59278947-0198-4282-8d96-98942c532d36
gbs.sa.com/ |
226 B 276 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNP Paribas (Banking) Generic Cloudflare (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| dT_ object| dtrum object| dynatrace string| applicationBuildVersion string| portalThemeDefault6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bannoupa.pages.dev/ | Name: __cf_mw_byp Value: wIXbY_A5fQJUQHXYWGE1AOYbmA.hEnKVQ8nWL_2DwEo-1721393741-0.0.1.1-/ |
|
.gbs.sa.com/ | Name: dtCookie Value: v_4_srv_-2D69_sn_OU25Q7M7B3R0ICOK4Q117SGMR46CD1VJ |
|
.gbs.sa.com/ | Name: rxVisitor Value: 1721393749706G0MTCKH5SUCQ012NQSC5IKD40JD21HD2 |
|
.gbs.sa.com/ | Name: dtSa Value: - |
|
.gbs.sa.com/ | Name: rxvt Value: 1721395552719|1721393749708 |
|
.gbs.sa.com/ | Name: dtPC Value: -69$593749701_81h-vQWHMRHTEERMWKMSOQCLDFDVVCCMTTAHR-0e0 |
23 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bannoupa.pages.dev
gbs.sa.com
mgun.mastercard.com
u23236098.ct.sendgrid.net
167.89.115.58
173.254.24.40
188.114.97.3
34.110.180.34
015d486968b743c58114b14d008a2a1053ebffe70337fde68cd6b0c936b38067
11f51f48500a3f973838f058f8339b89e83cc4dd8dfea7b16221ec695856695e
210a2f8d27ed4010ac3d4526e32321dd6ec11bebf616669080480131a578c0b3
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c
3e586d1aa5327b9dcb55a831b26c18baff526112771e933086b7b2d4566eee7a
416e243c79c25d63c0874c5b6d72b567b5cb8e410b51dd68de6400effc53edd7
69d0396ad6ad2716e3cb74ef58891ed26896b9704eadda4d2bb325ba2de4feaa
6b819ba1ca6fb58d0838c232a9a9f4de58743ed0112f135cffd73b07475ae77d
6ec4cc226d3b5319a0352579ea5d030363e2afbd9a09f9439c23ae2f59a55f26
70d37f12d4398f3313dc4deab65da0f0998f16b15d1bdb8d3436773d79b501ed
71eeb5eb5e8cd8099e90c7444607a8d3b58d2b4c5b3de1e5cb52a77ad13518d2
736f4aee01a82d020b065e97c8d2a3d4d5fe909d507904f222996ca2448c19c0
80a265bed528211aa708dcd58f7a95db36eeb7f873c6fe4ddab0b3a1dc0973a4
80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e
82e9ab8c924c744eaafee63bbd57d10bd5bbddeb9c26286d9ee3c5b7f9a6acbd
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
85ee45fee32b1ff889dae436cf33c727e9441cc751fea2d7da6fe6fd7ba42106
88f246e3938e92d4b1a93b93cf636c856a302f4ace772ef42591d877ee5ef5d5
88f2f32e046ea812a5607ebcc895f0bab1561cd09346e5f1b20f90fd813a6268
8fd594227ac056acc44537195e008dcd838ba5146dd171715bba737abee765ee
a95ef9bb8c436bd249923eb78c12e024bc1f959ae0527c20c0d30cbd21a0be23
af397a6b23b41eb5c76384be1e4d75e87f5c7ae179e85ba717d7b47226dd5a55
b43a17b137bece16ea29ff868415a91bccefbacb8bd1cc4e5dfc7aa21957de98
ceaef2da518e1e91ffc7afb6ad3da650c9ba16923135edebcd2cb34d8f124b7a
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016