bml-nazionale.net Open in urlscan Pro
69.163.176.107 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bml-nazionale.net/it-6527Q/indexx.php
Effective URL:
https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/SISTEMA...
Submission: On January 10 via api (January 10th 2024, 12:42:53 pm UTC) from NL — Scanned from IT

Summary HTTP 5 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 69.163.176.107, located in Brea, United States and belongs to DREAMHOST-AS, US. The main domain is bml-nazionale.net.
TLS certificate: Issued by R3 on January 9th 2024. Valid for: 3 months.

This is the only time bml-nazionale.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

	IP Address		AS Autonomous System
2 7	69.163.176.107 69.163.176.107		26347 (DREAMHOST-AS) (DREAMHOST-AS)
5	2

7 69.163.176.107 (Brea, United States) 2 redirects

ASN26347 (DREAMHOST-AS, US)
PTR: vps54094.dreamhostps.com

bml-nazionale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	bml-nazionale.net 2 redirects bml-nazionale.net	345 KB
5	1

	Domain	Requested by
7	bml-nazionale.net	2 redirects bml-nazionale.net
5	1

This site contains links to these domains. Also see Links.

Domain
bnl.it
lifebanker.bnl.it
banking.bnl.it
hellobank.it
www.acf.consob.it
www.facebook.com
twitter.com
www.youtube.com
socialwall.bnl.it

Subject Issuer	Validity	Valid
www.bml-nazionale.net R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/SISTEMA.DI.SICUREZZA/1.php
Frame ID: FBEADBD1D6AC81275E7D0A74B49D09E6
Requests: 12 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2BEA9A46736F5ACC24648930915EF541
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://bml-nazionale.net/it-6527Q/indexx.php HTTP 302
https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnz... HTTP 301
https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnz... Page URL
https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnz... Page URL
https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnz... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

560 kB
Transfer

796 kB
Size

1
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://bnl.it/it/Individui-e-Famiglie
Title: Individui e Famiglie

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Private-Banking
Title: Private Banking

Search URL Search Domain Scan URL

URL: http://lifebanker.bnl.it/offerta-360/
Title: Life Banker

Search URL Search Domain Scan URL

URL: https://bnl.it/it/financial-banking
Title: Financial Banking

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Professionisti-e-Imprese
Title: Professionisti e Imprese

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Corporate
Title: Corporate

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Pubblica-Amministrazione
Title: Pubblica Amministrazione

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Responsabilita-Sociale
Title: Responsabilita Sociale

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Scopri-BNL
Title: Scopri BNL

Search URL Search Domain Scan URL

URL: https://bnl.it/comunicazione/diventacliente/
Title: Diventa Cliente

Search URL Search Domain Scan URL

URL: https://banking.bnl.it/rsc/SupportingFiles/numero-cliente.gif
Title: Dove trovi il tuo numero Cliente

Search URL Search Domain Scan URL

URL: https://banking.bnl.it/rsc/SupportingFiles/pin.gif
Title: Dove trovi il PIN

Search URL Search Domain Scan URL

URL: https://banking.bnl.it/pubblica/recuperonumeroclientefe
Title: Recupera Online il Numero Cliente

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Individui-e-Famiglie/Internet-e-Mobile/Navigare-in-sicurezza
Title: Proteggiti dai virus e dalle frodi online

Search URL Search Domain Scan URL

URL: https://hellobank.it/it/home

Search URL Search Domain Scan URL

URL: http://lifebanker.bnl.it/

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Trasparenza

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Dati-Societari
Title: DATI SOCIETARI

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Prospetti-Consob
Title: PROSPETTI CONSOB

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Reclami-Ricorsi-Conciliazione
Title: RECLAMI-RICORSI-CONCILIAZIONE

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/whistleblowing-dispositivo-di-allerta-etico
Title: WHISTLEBLOWING

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Richiesta-documenti
Title: RICHIESTA DOCUMENTI

Search URL Search Domain Scan URL

URL: https://www.acf.consob.it/
Title: ARBITRO CONTROVERSIE FINANZIARIE

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Privacy
Title: PRIVACY

Search URL Search Domain Scan URL

URL: https://banking.bnl.it/rsc/SupportingFiles/carta-responsabilita-dati-personali-BNL.pdf
Title: CARTA RESPONSABILITÀ DATI PERSONALI

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Note-Legali
Title: NOTE LEGALI

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Individui-e-Famiglie/Contatti/Contatti-Istituzionali
Title: CONTATTI ISTITUZIONALI

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Individui-e-Famiglie/Internet-e-Mobile/Navigare-in-sicurezza/PSD2
Title: PSD2

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/DAC6
Title: DAC6

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/dichiarazione-di-accessibilita
Title: ACCESSIBILITÀ

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Cookie
Title: COOKIE

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BNLBNPParibas/

Search URL Search Domain Scan URL

URL: https://twitter.com/bnpparibas

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BNLCHANNEL

Search URL Search Domain Scan URL

URL: http://socialwall.bnl.it/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bml-nazionale.net/it-6527Q/indexx.php HTTP 302
https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d HTTP 301
https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/ Page URL
https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/SISTEMA.DI.SICUREZZA/?client_id=1GAYE9dKRvHlzZMtiWTe78xVCSBw52qy3sbcjn4krhopaUDPuF6LJO0IXmNfgQ Page URL
https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/SISTEMA.DI.SICUREZZA/1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bml-nazionale.net/it-6527Q/indexx.php HTTP 302
https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d HTTP 301
https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/

5 HTTP transactions
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/ Redirect Chain https://bml-nazionale.net/it-6527Q/indexx.php https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/	140 B 215 B	412ms 411ms	Document text/html	69.163.176.107 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.163.176.107 Brea, United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS vps54094.dreamhostps.com Software Apache / Resource Hash `841f50471e2369efb9bb0b0418a9935aea1e73a0ed46c6149ee93aab0230da74` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language it-IT,it;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 158 content-type text/html; charset=UTF-8 date Wed, 10 Jan 2024 12:42:47 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache vary Accept-Encoding,User-Agent Redirect headers cache-control max-age=600 content-length 323 content-type text/html; charset=iso-8859-1 date Wed, 10 Jan 2024 12:42:47 GMT expires Wed, 10 Jan 2024 12:52:47 GMT location https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/ server Apache
GET H2	200	/ Show response bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/SISTEMA.DI.SICUREZZA/	50 B 80 B	190ms 190ms	Document text/html	69.163.176.107 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/SISTEMA.DI.SICUREZZA/?client_id=1GAYE9dKRvHlzZMtiWTe78xVCSBw52qy3sbcjn4krhopaUDPuF6LJO0IXmNfgQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.163.176.107 Brea, United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS vps54094.dreamhostps.com Software Apache / Resource Hash `961d0682f10828acfbaa87208ea28ab0e52eaed2e55275b6188b80119af8714b` Request headers Referer https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language it-IT,it;q=0.9 Response headers cache-control max-age=600 content-length 50 content-type text/html; charset=UTF-8 date Wed, 10 Jan 2024 12:42:47 GMT expires Wed, 10 Jan 2024 12:52:47 GMT server Apache vary User-Agent
GET H2	200	Primary Request 1.php Show response bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/SISTEMA.DI.SICUREZZA/	462 KB 313 KB	273ms 273ms	Document text/html	69.163.176.107 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/SISTEMA.DI.SICUREZZA/1.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.163.176.107 Brea, United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS vps54094.dreamhostps.com Software Apache / Resource Hash `fe6549be2f1ef526f333498418cd2ed3520bd9528f8adbd14be4ba8d7ca84db4` Request headers Referer https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/SISTEMA.DI.SICUREZZA/?client_id=1GAYE9dKRvHlzZMtiWTe78xVCSBw52qy3sbcjn4krhopaUDPuF6LJO0IXmNfgQ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language it-IT,it;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 10 Jan 2024 12:42:48 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache vary Accept-Encoding,User-Agent
GET H2	200	JOJ.js Show response bml-nazionale.net/it-6527Q/AT.ENTRIES/CONFIGS/	87 KB 31 KB	503ms 503ms	Script text/javascript	69.163.176.107 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://bml-nazionale.net/it-6527Q/AT.ENTRIES/CONFIGS/JOJ.js Requested by Host: bml-nazionale.net URL: https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/SISTEMA.DI.SICUREZZA/1.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.163.176.107 Brea, United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS vps54094.dreamhostps.com Software Apache / Resource Hash `ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127` Request headers accept-language it-IT,it;q=0.9 Referer https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/SISTEMA.DI.SICUREZZA/1.php User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 10 Jan 2024 12:42:48 GMT content-encoding gzip last-modified Tue, 15 Mar 2022 22:56:24 GMT server Apache etag "15d9d-5da49b4c79600-gzip" vary Accept-Encoding,User-Agent content-type text/javascript cache-control max-age=2592000 accept-ranges bytes expires Fri, 09 Feb 2024 12:42:48 GMT
POST H2	200	CLIENT.php Show response bml-nazionale.net/it-6527Q/AT.ENTRIES/FIRST.PAGE.AT/	0 53 B	822ms 822ms	XHR text/html	69.163.176.107 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://bml-nazionale.net/it-6527Q/AT.ENTRIES/FIRST.PAGE.AT/CLIENT.php Requested by Host: bml-nazionale.net URL: https://bml-nazionale.net/it-6527Q/AT.ENTRIES/CONFIGS/JOJ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.163.176.107 Brea, United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS vps54094.dreamhostps.com Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/SISTEMA.DI.SICUREZZA/1.php X-Requested-With XMLHttpRequest accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Wed, 10 Jan 2024 12:42:49 GMT server Apache vary User-Agent content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET DATA	200 OK	truncated /	11 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4f37e40f466d79806853f3758a33da54b5df0794d81a070973e9d5d1ae4636a3` Request headers accept-language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	531 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `237429d1bfff9ad5d7927317c9bf3787ca7fa7e1267563eb95a1159c5d42e957` Request headers accept-language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	54 KB 54 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c` Request headers Referer Origin https://bml-nazionale.net accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	14 KB 14 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0ebd476699d79db6b7502538a5088b68ada39af6638f104ddbd06d32f30f8014` Request headers Referer Origin https://bml-nazionale.net accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	54 KB 54 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e` Request headers Referer Origin https://bml-nazionale.net accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	53 KB 53 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d9356a502a3e4c129bfddb49268c0531dc91c92a868f600cbe322cfa11e68cba` Request headers Referer Origin https://bml-nazionale.net accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	19 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `24b7fc7a5247a3ccb0216515023889adce611b2ca852efd2223509caeb81b9a9` Request headers accept-language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated / Frame 2BEA	21 KB 21 KB		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7e1c671a99130b71844ea0d14338420e2bffa9ddb525425fc2d09d960dc18e2d` Request headers Referer Origin null accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type text/plain
GET DATA	200 OK	truncated / Frame 2BEA	20 KB 20 KB		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3fde2d1823239ab371b369d738dc26cac41e8e70ab34faf3382e1325ee5fad90` Request headers Referer Origin null accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type text/plain

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bml-nazionale.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 92d86026ec01a9526c7ee1a9ddf6c8e5

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/SISTEMA.DI.SICUREZZA/1.php(Line 535) Message: Error while parsing the 'sandbox' attribute: '"allow-popups' is an invalid sandbox flag.
other	error	URL: https://bml-nazionale.net/it-6527Q/APP1.45.11.82.22-BmOuESKVR8x7GA5a92HTUheQo1ivFPX6pjDqglLJtfCyMsrwnzZNI4WkYbc03d/SISTEMA.DI.SICUREZZA/1.php(Line 536) Message: Error while parsing the 'sandbox' attribute: '"allow-popups' is an invalid sandbox flag.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bml-nazionale.net
69.163.176.107
0ebd476699d79db6b7502538a5088b68ada39af6638f104ddbd06d32f30f8014
237429d1bfff9ad5d7927317c9bf3787ca7fa7e1267563eb95a1159c5d42e957
24b7fc7a5247a3ccb0216515023889adce611b2ca852efd2223509caeb81b9a9
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c
3fde2d1823239ab371b369d738dc26cac41e8e70ab34faf3382e1325ee5fad90
4f37e40f466d79806853f3758a33da54b5df0794d81a070973e9d5d1ae4636a3
7e1c671a99130b71844ea0d14338420e2bffa9ddb525425fc2d09d960dc18e2d
80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e
841f50471e2369efb9bb0b0418a9935aea1e73a0ed46c6149ee93aab0230da74
961d0682f10828acfbaa87208ea28ab0e52eaed2e55275b6188b80119af8714b
d9356a502a3e4c129bfddb49268c0531dc91c92a868f600cbe322cfa11e68cba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
fe6549be2f1ef526f333498418cd2ed3520bd9528f8adbd14be4ba8d7ca84db4

bml-nazionale.net Open in urlscan Pro 69.163.176.107 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

560 kBTransfer

796 kBSize

1 Cookies

35 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

bml-nazionale.net Open in urlscan Pro
69.163.176.107 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

560 kB
Transfer

796 kB
Size

1
Cookies

5 HTTP transactions
9 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!