bnppraibas.com Open in urlscan Pro
2606:4700:3030::6815:44f9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bnppraibas.com/
Effective URL:
https://bnppraibas.com/
Submission: On January 31 via api (January 31st 2023, 10:03:27 am UTC) from JP — Scanned from JP

Summary HTTP 25 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3030::6815:44f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is bnppraibas.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 28th 2023. Valid for: a year.

This is the only time bnppraibas.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:c885	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2606:4700:303... 2606:4700:3030::6815:44f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.11.44 104.21.11.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2

1 2606:4700:3034::ac43:c885 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bnppraibas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:3030::6815:44f9 (United States)

ASN13335 (CLOUDFLARENET, US)

bnppraibas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.11.44 (None, )

ASN13335 (CLOUDFLARENET, US)

api.cdnmetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	bnppraibas.com 1 redirects bnppraibas.com	931 KB
1	cdnmetric.com api.cdnmetric.com — Cisco Umbrella Rank: 506870	758 B
25	2

	Domain	Requested by
25	bnppraibas.com	1 redirects bnppraibas.com
1	api.cdnmetric.com	bnppraibas.com
25	2

This site contains links to these domains. Also see Links.

Domain
www.bnpparibas.pl
video-chat.bnpparibas.pl
goonline.bnpparibas.pl

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-28` - `2024-01-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bnppraibas.com/
Frame ID: 5E404356E9E84090C66D3BB14841D1A9
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zaloguj się do GOonline | BNP Paribas Bank Polska S.A.

Page URL History Show full URLs

http://bnppraibas.com/ HTTP 301
https://bnppraibas.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

931 kB
Transfer

2329 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bnpparibas.pl/klienci-indywidualni/bankowosc-internetowa/goonline
Title: Poznaj GOonline

Search URL Search Domain Scan URL

URL: https://video-chat.bnpparibas.pl/bnp-video/?mediachannel=4
Title: Masz pytania dotyczące GOonline?

Search URL Search Domain Scan URL

URL: https://www.bnpparibas.pl/o-banku/nagrody-i-wyroznienia
Title: Dowiedz się więcej

Search URL Search Domain Scan URL

URL: https://www.bnpparibas.pl/kontakt/oddzialy-z-obsluga-detaliczna-i-biznesowa?type=department_retail_business
Title: Oddziały

Search URL Search Domain Scan URL

URL: https://www.bnpparibas.pl/bezpieczenstwo
Title: Bezpieczeństwo

Search URL Search Domain Scan URL

URL: https://goonline.bnpparibas.pl/gateway/api/auth/new-user
Title: Nie mam loginu

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bnppraibas.com/ HTTP 301
https://bnppraibas.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bnppraibas.com/ Redirect Chain http://bnppraibas.com/ https://bnppraibas.com/	30 KB 7 KB	287ms 279ms	Document text/html	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.33 Resource Hash `2aa921e4cdde00a7f6ee1e44de14700102829094a8486cb5d7748359388a9825` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 79219decdb44268e-NRT content-encoding br content-type text/html; charset=UTF-8 date Tue, 31 Jan 2023 10:03:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caKjdtVdyLsh69C22yJYgC8fHD8%2F3ZXu%2FF4uyJV7TKG%2FirS5FsLF6U9U5o5qGWcaal8%2FsyOWZLY6s0zFzGJaiaVSWBJeXuFZ65roBTv3l%2BhTMknxjzUnEGVuEMF9rJO%2FI%2B9h1P%2F0qtWxDiVrSw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.33 Redirect headers CF-RAY 79219decbeb3afa9-NRT Cache-Control max-age=3600 Connection keep-alive Date Tue, 31 Jan 2023 10:03:20 GMT Expires Tue, 31 Jan 2023 11:03:20 GMT Location https://bnppraibas.com/ NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GbWfH0fZPryWoDP5TWaegVb0h684NZme3N8l1T0pCu%2FwdurWKKAXYGrXzYud2sBC%2FbVANcoUEugx%2FcmOQoBuyLDhTCKXQCu4mf5c%2BfJozIlKzK902QvTRDpoQpVFA5tqBldkpHYylndcBp9EA%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	style.min.css bnppraibas.com/	30 KB 6 KB	13ms 8ms	Stylesheet text/html	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/style.min.css Requested by Host: bnppraibas.com URL: https://bnppraibas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.33 Resource Hash `2aa921e4cdde00a7f6ee1e44de14700102829094a8486cb5d7748359388a9825` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT content-encoding br cf-cache-status HIT last-modified Tue, 31 Jan 2023 09:15:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2848 x-powered-by PHP/7.3.33 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xx7TR4UYmwKVLSqmpd5AwmifR74W5oqnrnWS45T8Carw5n%2Fm0tUUm0L6%2BLg7V%2BAUFaDq3c1ucQXUObXR9p6NK3zDIhseAuI49BeAczQnBGfWFOTwtbfarFu3ONcGB%2Fyxiz%2BdOivg3AQXajJaUg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 79219deead62268e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery-3.3.1.min.js Show response bnppraibas.com/	30 KB 6 KB	15ms 10ms	Script text/html	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/jquery-3.3.1.min.js Requested by Host: bnppraibas.com URL: https://bnppraibas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.33 Resource Hash `2aa921e4cdde00a7f6ee1e44de14700102829094a8486cb5d7748359388a9825` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT content-encoding br cf-cache-status HIT last-modified Tue, 31 Jan 2023 09:15:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2848 x-powered-by PHP/7.3.33 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPmpIs4YAgkBYfcVDEIiQ16CnjKQEtORvfiN1iDM%2FCKNxOE1c4Th9btULUxTQFvV1I04oL1RNy8XzlEAq0YZO6D7m%2BIjCNQF0hD9r5ouseV2KDghn0QViqtU%2Ft7OSo%2BJO6zqOttF9PJ%2BpJcLyQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 79219deead6d268e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	site.js Show response bnppraibas.com/login_files/js/	30 KB 6 KB	17ms 12ms	Script text/html	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/login_files/js/site.js Requested by Host: bnppraibas.com URL: https://bnppraibas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.33 Resource Hash `2aa921e4cdde00a7f6ee1e44de14700102829094a8486cb5d7748359388a9825` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT content-encoding br cf-cache-status HIT last-modified Tue, 31 Jan 2023 09:15:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2848 x-powered-by PHP/7.3.33 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6FA42iMJq%2FBskIzNPC%2BULtooZ1o4dzhoVXEgNAnd7aNhlhUC5ZeQ8wjFuH2Dgo8v1%2FP9OlEZKGDz1cpo3RihF8YZwD0bumb8UiCd3akqMN8ziZ2sVqgMyWfqQ2YerfyQvOaVqSVEd4lFkVpWA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 79219deead6e268e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	preloder.css bnppraibas.com/	30 KB 6 KB	14ms 9ms	Stylesheet text/html	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/preloder.css Requested by Host: bnppraibas.com URL: https://bnppraibas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.33 Resource Hash `2aa921e4cdde00a7f6ee1e44de14700102829094a8486cb5d7748359388a9825` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT content-encoding br cf-cache-status HIT last-modified Tue, 31 Jan 2023 09:15:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2848 x-powered-by PHP/7.3.33 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwhn5o3faF8AsPB7ktyJtWi1yz6iPMHp5mq4iXvmIVzaqZpoL5M3BlkTMgXqS86ADL4gFwt4asM31yp7IvN7I%2BKg2YDLe%2B7u2aXgmOteC%2BCI3DIx0PveB%2BYc9pkHkRH1qn6zdiSgBGR5Hrlw1A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 79219deead65268e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	preloadinator.js Show response bnppraibas.com/	30 KB 6 KB	15ms 10ms	Script text/html	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/preloadinator.js Requested by Host: bnppraibas.com URL: https://bnppraibas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.33 Resource Hash `2aa921e4cdde00a7f6ee1e44de14700102829094a8486cb5d7748359388a9825` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT content-encoding br cf-cache-status HIT last-modified Tue, 31 Jan 2023 09:15:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2848 x-powered-by PHP/7.3.33 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yj7MIFEF49Ce0%2BQ5YfC9zkGYQHNKiJLzTzFaTCXV6NxN0x1jVJ9PK3Yv6MOdObfqYPMMCHsoH1jKkz06ayVZTQGJv%2FNt6BsEvY%2B1AIYAkRK7uUuujBEOx2gq8wDzsYGOny1u5Pqpuuk%2BQM2bJg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 79219deead6f268e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	site.js Show response bnppraibas.com/js/	230 B 515 B	14ms 9ms	Script application/javascript	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/js/site.js Requested by Host: bnppraibas.com URL: https://bnppraibas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `33f35692fd57e7407f9a7a650fcc5cc12b828824f44f8f2c4d133323d87b3c11` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT content-encoding br cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:01:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2848 etag W/"63d51c98-e6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FIzUReaZZiQax%2BV3POYCKSqLfadFFTx6NxZopq3g1vPmkH21tYD0DJmYCYK5%2B6UoY%2F%2B7M99tRCRFxhEKVSbcWeCHaNA1CPSlfcFQqGgrt4MQo8d%2FD6tT8tuVlSocOQhQYNw%2BysGvojd0x7NpQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 79219deead70268e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	style.min.css bnppraibas.com/css/	1 KB 815 B	16ms 11ms	Stylesheet text/css	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/css/style.min.css Requested by Host: bnppraibas.com URL: https://bnppraibas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6330d16589cfc01bfb8b11c4a333a42f77e21d063bbec6050401fc2e12fb871c` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT content-encoding br cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:00:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2848 etag W/"63d51c85-58d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YtCejzw59BncPEztXO1YHe6ZNVtAg65y%2Btv7uLPT1OSr5EivlGfZ0xxwvFRaTqFIKEComcxg45pOlPHyN6Z5ZJ%2FLqi1a7cpC1M%2BxwYjodVaLxZXKrXMsjOUerdCx4HckxHPGshJJxbfDCueNg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 79219deead67268e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	main.css bnppraibas.com/css/	46 KB 8 KB	17ms 13ms	Stylesheet text/css	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/css/main.css Requested by Host: bnppraibas.com URL: https://bnppraibas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `18da57936636bd1ceed01e814ace9fce4e25205a6573e2655566fad25e0239ca` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT content-encoding br cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:00:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2848 etag W/"63d51c83-b85f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QUnG%2FQ4WBqhD%2BWE1M7orCg4d7e5%2BV9lzC2SF%2B96oDGTxN5AnJrg%2FWs7PwDK1xM%2BidgsX0Y4gBatOyyOjKtVeblUrXnqxvkcHouXBcmXTFk8h79J9OFMk5R8oJqBhbcQJpAKQ%2FROck58ltCnpw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 79219deead68268e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	preloder.css bnppraibas.com/css/	1 KB 752 B	18ms 14ms	Stylesheet text/css	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/css/preloder.css Requested by Host: bnppraibas.com URL: https://bnppraibas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f79d9b40598a91960754751f5c8060152dda9c544e111e0a9c71fbf48e0fdbf7` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT content-encoding br cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:00:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2848 etag W/"63d51c84-40e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lj8FnqNfyYFbLur6z%2FnTD8PR27dm4vpbFMqCJRO2t7bW0mvf8IVMM%2FvUUBkIjb0oy%2BoYrCkpCmbIdCQwPBzOCJ9r6GsaTOOpuf9DqvLlTj33%2F%2FkTkMW5jEnyqnpgybAIuGHWM5ELk5JoohSsFw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 79219deead69268e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	retail.83b99448ac7488de.css bnppraibas.com/css/	1 MB 132 KB	18ms 14ms	Stylesheet text/css	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/css/retail.83b99448ac7488de.css Requested by Host: bnppraibas.com URL: https://bnppraibas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0b845adf649796dbb22912346c3c2404ae07205dd43527d4a1cd609fd576f73f` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT content-encoding br cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:00:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2848 etag W/"63d51c85-14091e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZ39KyENKu6gohrZiJ2XWEgK1lL%2Fr752aevP%2FWNfAfBv5%2B8RsCGTuM1Ds%2BPbYYceK9hJPkFmXC1YJsNlT2qtgkD%2B9ulgyLu7kq3U4F7DpwC8WVNGnF9P5YJeJPijHYDJIp6oCoE9sO08gQBNzg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 79219deead6b268e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	dialog-alert.css bnppraibas.com/css/	3 KB 1 KB	16ms 12ms	Stylesheet text/css	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/css/dialog-alert.css Requested by Host: bnppraibas.com URL: https://bnppraibas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `03eacc806e8934b328a200f885462096d651e818c5bee542512d9abcae6e1103` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT content-encoding br cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:00:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2848 etag W/"63d51c83-ce8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCV%2Frd%2F5XwSS9hXujpdsJNvHpL8n1bNZOWBYlFdI%2B5CX0DZS1IkNgBTy74174rjF%2FaWNKhyVYSejNrYqJ%2FI25E5luT9q9gwhnVf62AZOdl4iQaq9RNvNFpIB4JBGKPt8CKaTFZPKhE5iOwsmzA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 79219deead6c268e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	15.jpg bnppraibas.com/images/	7 KB 8 KB	9ms 8ms	Image image/jpeg	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bnppraibas.com/images/15.jpg Requested by Host: bnppraibas.com URL: https://bnppraibas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9ed4e7b9c94d02d02993dbf0f8264f5bbc9fc67ce162bb0dfdf4208b4f0a2f6e` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2848 etag "63d51c93-1ccb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1OLMocyBW1ZE72mXO4jM6AcLnllAHkNqRsXpfsu4%2BNRcX%2ByHz6ZJzHyrkHLI6IvB36T2V6SmO6BJWV1oEe9lbzGTuwTYtLOtcaNMJ3%2BSd2XXMzwcgkj7d0W0Ovz6VCX91Oc6BS7Yg%2Bi8mzd9A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 79219deecf11af3d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7371
GET H3	200	the-banker-poland.png bnppraibas.com/images/	2 KB 2 KB	9ms 9ms	Image image/png	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bnppraibas.com/images/the-banker-poland.png Requested by Host: bnppraibas.com URL: https://bnppraibas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1ad43cd69ab87d44698b331a63932599e614c77028ff26f4e856588a7700f384` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:01:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2848 etag "63d51c95-63d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FX3%2Fav5cONYHODB8kzUazvxOmnIlliRVPsp9Y8Ar%2Ff96KDUzIzgwJYAtaKMhesxX4GFhCMAVKAHlFRZnG4%2B7qlFBm7Q57NSi8S9WV%2B0VyZfkAV3bxy%2Btwollr6rGHrxveLwevVBLJ8YxpWs8Gw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 79219deecf12af3d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1597
GET H3	200	bnp-paribas-logo-full.svg bnppraibas.com/fonts/	22 KB 8 KB	10ms 10ms	Image image/svg+xml	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bnppraibas.com/fonts/bnp-paribas-logo-full.svg Requested by Host: bnppraibas.com URL: https://bnppraibas.com/css/retail.83b99448ac7488de.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `88f246e3938e92d4b1a93b93cf636c856a302f4ace772ef42591d877ee5ef5d5` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/css/retail.83b99448ac7488de.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT content-encoding br cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:00:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2847 etag W/"63d51c88-57fc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1pEyUQL5P8CEd3o1XqWDz%2Fhz%2BfD3D9u%2B%2BmSaR8Opoy6hPnspCHDgTld%2Ba7Hbw8BtnrDLce2976WmE6C%2Fk%2FznSHkqLdDMJWwOrq4%2FOxG9RhTTsIRDL4vTQ3efD9JBxvAHEGYvH%2FuJ6ox58lcRQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 79219deeff46af3d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	login-bg.jpg bnppraibas.com/images/	490 KB 491 KB	12ms 12ms	Image image/jpeg	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bnppraibas.com/images/login-bg.jpg Requested by Host: bnppraibas.com URL: https://bnppraibas.com/css/retail.83b99448ac7488de.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `88f2f32e046ea812a5607ebcc895f0bab1561cd09346e5f1b20f90fd813a6268` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/css/retail.83b99448ac7488de.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2847 etag "63d51c93-7a9c5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAPPK%2BsMsLepCFTn4%2Fk5jxY9uE4GWhuj9Rvi1e4NVaQpf8GiFsT%2BY3qtESFW9s4arzOQLv0%2FEeN61yj%2BE4ZiKWoF9KRMAvSe5BmDS9ZGfJfSBuwAOkpRPSfcfNf7D4E0N08UJ5jUc6pbIh2iLw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 79219deeff4faf3d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 502213
GET H3	200	bnpp_sans_light.woff bnppraibas.com/fonts/	27 KB 28 KB	11ms 10ms	Font font/woff	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/fonts/bnpp_sans_light.woff Requested by Host: bnppraibas.com URL: https://bnppraibas.com/css/retail.83b99448ac7488de.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6b819ba1ca6fb58d0838c232a9a9f4de58743ed0112f135cffd73b07475ae77d` Request headers Referer https://bnppraibas.com/css/retail.83b99448ac7488de.css Origin https://bnppraibas.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:01:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2847 etag "63d51c8e-6ca8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pka4y0k7MKWvlse5j5vyozA52bQiWVv0f%2Bw3Q3qBkwDjLe%2BHunhr39Uu54%2BUZqYuIAEw9sxpLgXTGZbRnTMEbhW4WP5%2B0eVmx0a2beS9j31PIZpNXFmRy2dqZL2958W3dKHdwHotkyb6d3oHZQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 79219deeff52af3d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27816
GET H3	200	bnpp_sans_bold.woff bnppraibas.com/fonts/	54 KB 54 KB	9ms 8ms	Font font/woff	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/fonts/bnpp_sans_bold.woff Requested by Host: bnppraibas.com URL: https://bnppraibas.com/css/retail.83b99448ac7488de.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e` Request headers Referer https://bnppraibas.com/css/retail.83b99448ac7488de.css Origin https://bnppraibas.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:00:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2847 etag "63d51c8a-d6c8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0slwJZE1mmyO2wgaBz7fP4OH72%2BT3UMsgJYvS9thcwIm2sHFbe5kAPcPqadlwyCQvQy7jKIeyJYVv8m2BylsBdF8zLTFFJxjTxcWh0xJOIys0htswOkJVPHeOH6uH0I7kIrluQh0ZSx951NTg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 79219deeff55af3d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 54984
GET H3	200	iconfont.woff2 bnppraibas.com/fonts/	31 KB 31 KB	20ms 20ms	Font font/woff2	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/fonts/iconfont.woff2 Requested by Host: bnppraibas.com URL: https://bnppraibas.com/css/retail.83b99448ac7488de.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0a8b9451b8de67589fa2e8caa96cd7aee975b208815adad986ce256f060b490e` Request headers Referer https://bnppraibas.com/css/retail.83b99448ac7488de.css Origin https://bnppraibas.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:01:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2847 etag "63d51c90-7b38" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bifZmBMVOG7LYEa6T6%2BP4bsl%2B0XM807ZwRx0b24E7GfOEZi%2BhV7CUTAQ1txuCrsVSi%2BUjBlA4lnnZ%2F9l0SbfxzPxIN3%2FUQtBcJI95PpQdol1unNmn6wIZMHPwyIBoiWgHaKK9MgSinAueFz4wg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 79219deeff58af3d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 31544
GET H3	200	bnpp_sans.woff bnppraibas.com/fonts/	54 KB 54 KB	20ms 20ms	Font font/woff	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/fonts/bnpp_sans.woff Requested by Host: bnppraibas.com URL: https://bnppraibas.com/css/retail.83b99448ac7488de.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c` Request headers Referer https://bnppraibas.com/css/retail.83b99448ac7488de.css Origin https://bnppraibas.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:00:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2847 etag "63d51c89-d648" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTyyQYyM797ENBhC%2BrKOGBfZtXgE5nc7CfwDvB9lVP676zP8YmaQr4lRIXcHEOO7EBqoksjWJxswwknBz%2FXITemZovyMQk6USF%2BbQbo6rBVhJqKb4vbl4QT03Zh2iRlK5JXkX8RGnACGoW9k3Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 79219deeff5baf3d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 54856
GET H3	200	jquery-3.3.1.min.js Show response bnppraibas.com/js/	85 KB 31 KB	9ms 9ms	Script application/javascript	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/js/jquery-3.3.1.min.js Requested by Host: bnppraibas.com URL: https://bnppraibas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b5f60af4c84b83c7d58a362f6a618801cb1ccad91c59231dbbce29f0556e3eca` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT content-encoding br cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:01:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2848 etag W/"63d51c97-15572" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcI89GmEgo8yUsjbTWgBuDx8OTD%2FyO%2BPX3v3iz4NNEl9BY2Qh2j4oakx%2F6FxTyfNSJdxv1QFtt8hEWeVDRDLueEKtEBC9imIJPfUOwCL5XpW0j9BvDzJBgPHKeXmBpJhHD3idpn%2B%2FeiorIqdWQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 79219def6fd9af3d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	flag-pl.svg bnppraibas.com/fonts/	252 B 671 B	7ms 7ms	Image image/svg+xml	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bnppraibas.com/fonts/flag-pl.svg Requested by Host: bnppraibas.com URL: https://bnppraibas.com/css/retail.83b99448ac7488de.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ce198ebb9d21b8485609a5cb1c46c625e8070f2e1c2404134dc4c16ddc9f4327` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/css/retail.83b99448ac7488de.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT content-encoding br cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:01:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2847 etag W/"63d51c8f-fc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2B4QU0j09p0t68WQD8N9FOiE9phL9SxHZarS23fKd%2B72E3lnZ0eaSG%2FOHzmhgm3RD%2B2S5emEW8rw4rsC7BK0l7Kyr%2BEeRuSGe5R3EV6YjcOG4pmdJJwjb5SiBZ6wfAhMYM%2B2oHmfBNdBtrOYbg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 79219def8ffdaf3d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	norton.png bnppraibas.com/images/	5 KB 5 KB	9ms 9ms	Image image/png	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bnppraibas.com/images/norton.png Requested by Host: bnppraibas.com URL: https://bnppraibas.com/css/retail.83b99448ac7488de.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `69d0396ad6ad2716e3cb74ef58891ed26896b9704eadda4d2bb325ba2de4feaa` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/css/retail.83b99448ac7488de.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:01:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2847 etag "63d51c94-1297" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhLUYJ9rgezaMle8vqQwK1OvXCkLU2oylYOCN8hKbhlJStlOTpCh3soTFlPnMFXzIjqRoYFyT11UJGGbDnKPUGSJCzehFDAJa2rSwupkoWG%2FYyZXpKep74U9pBghBGgSY2cNyJMe3l2jtXd3vg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 79219def8fffaf3d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4759
GET H3	200	bnpp_sans_condensed_bold.woff bnppraibas.com/fonts/	36 KB 36 KB	8ms 8ms	Font font/woff	2606:4700:3030::6815:44f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bnppraibas.com/fonts/bnpp_sans_condensed_bold.woff Requested by Host: bnppraibas.com URL: https://bnppraibas.com/css/retail.83b99448ac7488de.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:44f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c51282549720e2ef8e9b6d2c2dc535e9cca0e332ceb0fbc21a315dfb3e269224` Request headers Referer https://bnppraibas.com/css/retail.83b99448ac7488de.css Origin https://bnppraibas.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:20 GMT cf-cache-status HIT last-modified Sat, 28 Jan 2023 13:01:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2847 etag "63d51c8c-8f24" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwJkp1J2h6ipxfC7QAcQwNHSqJMhsZigYS4UAkyXO%2BYuLFv4%2Bs%2FH0soVGdgtQbOrvp%2FoiZGSVRvZ1ZT4T3tQY2rpMQzz7V7JciHfOx0IQD8sBHGic5%2Bxnd2MvYoCwrwA5hq7ZRPBNt2lnQUEXg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 79219def8800af3d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 36644
GET H2	200	static.js Show response api.cdnmetric.com/get/	198 B 758 B	1053ms 555ms	Script text/html	104.21.11.44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.cdnmetric.com/get/static.js?referrer=https://bnppraibas.com/ Requested by Host: bnppraibas.com URL: https://bnppraibas.com/js/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.44 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.21 Resource Hash `7edef5bb27d7a718c4311701a224afadc64ed7f614e49cb958b4827386f73480` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bnppraibas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 10:03:22 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.21 vary Accept-Encoding access-control-allow-methods GET, POST content-type text/html; charset=utf-8 access-control-allow-origin https://bnppraibas.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsJJwZrAy85wHCsk5xHr9mEJamld7QT3BCJ6jbEOa%2BM2gwzk9AjMrjFw6bIo7ZJ6IYyvgU4p5kpIxXuF5Qn9vJARpAID1hXilWLWimot0oSS73sMpt6BV8JqS8krHEgE8NJZYg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 79219df8ec19af61-NRT access-control-allow-headers X-Requested-With,content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bnppraibas.com/	1970-01-20 09:19:59	Name: PHPREFS Value: full

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://bnppraibas.com/ Message: The resource https://bnppraibas.com/jquery-3.3.1.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://bnppraibas.com/ Message: The resource https://bnppraibas.com/preloder.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://bnppraibas.com/ Message: The resource https://bnppraibas.com/login_files/js/site.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://bnppraibas.com/ Message: The resource https://bnppraibas.com/preloadinator.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://bnppraibas.com/ Message: The resource https://bnppraibas.com/style.min.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cdnmetric.com
bnppraibas.com
104.21.11.44
2606:4700:3030::6815:44f9
2606:4700:3034::ac43:c885
03eacc806e8934b328a200f885462096d651e818c5bee542512d9abcae6e1103
0a8b9451b8de67589fa2e8caa96cd7aee975b208815adad986ce256f060b490e
0b845adf649796dbb22912346c3c2404ae07205dd43527d4a1cd609fd576f73f
18da57936636bd1ceed01e814ace9fce4e25205a6573e2655566fad25e0239ca
1ad43cd69ab87d44698b331a63932599e614c77028ff26f4e856588a7700f384
2aa921e4cdde00a7f6ee1e44de14700102829094a8486cb5d7748359388a9825
33f35692fd57e7407f9a7a650fcc5cc12b828824f44f8f2c4d133323d87b3c11
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c
6330d16589cfc01bfb8b11c4a333a42f77e21d063bbec6050401fc2e12fb871c
69d0396ad6ad2716e3cb74ef58891ed26896b9704eadda4d2bb325ba2de4feaa
6b819ba1ca6fb58d0838c232a9a9f4de58743ed0112f135cffd73b07475ae77d
7edef5bb27d7a718c4311701a224afadc64ed7f614e49cb958b4827386f73480
80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e
88f246e3938e92d4b1a93b93cf636c856a302f4ace772ef42591d877ee5ef5d5
88f2f32e046ea812a5607ebcc895f0bab1561cd09346e5f1b20f90fd813a6268
9ed4e7b9c94d02d02993dbf0f8264f5bbc9fc67ce162bb0dfdf4208b4f0a2f6e
b5f60af4c84b83c7d58a362f6a618801cb1ccad91c59231dbbce29f0556e3eca
c51282549720e2ef8e9b6d2c2dc535e9cca0e332ceb0fbc21a315dfb3e269224
ce198ebb9d21b8485609a5cb1c46c625e8070f2e1c2404134dc4c16ddc9f4327
f79d9b40598a91960754751f5c8060152dda9c544e111e0a9c71fbf48e0fdbf7

bnppraibas.com Open in urlscan Pro 2606:4700:3030::6815:44f9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

67 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

931 kBTransfer

2329 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

1 Cookies

5 Console Messages

bnppraibas.com Open in urlscan Pro
2606:4700:3030::6815:44f9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

931 kB
Transfer

2329 kB
Size

1
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!