gbs.sa.com Open in urlscan Pro
173.254.24.40 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u23236098.ct.sendgrid.net/ls/click?upn=u001.Fd7LRWG6CBQ9wgxYQZT8kXElblv-2FkRPGRRTe685sjOXReFr6BGYbrrRq2IBJSEX3O7P82VmqzCfl...
Effective URL:
https://gbs.sa.com/BNP/home/index.html
Submission: On July 19 via manual (July 19th 2024, 12:07:33 pm UTC) from PL — Scanned from PL

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 36 HTTP transactions. The main IP is 173.254.24.40, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is gbs.sa.com.
TLS certificate: Issued by R10 on July 17th 2024. Valid for: 3 months.

This is the only time gbs.sa.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.28 167.89.118.28	11377 (SENDGRID) (SENDGRID)
1 1	34.102.239.211 34.102.239.211	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 30	173.254.24.40 173.254.24.40	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
36	3

1 167.89.118.28 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net

u23236098.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.239.211 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.239.102.34.bc.googleusercontent.com

mgun.mastercard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

bannoupa.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 173.254.24.40 (United States) 2 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: rsb40.rhostbh.com

gbs.sa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	sa.com 2 redirects gbs.sa.com	1 MB
2	pages.dev bannoupa.pages.dev	1 KB
1	mastercard.com 1 redirects mgun.mastercard.com	566 B
1	sendgrid.net 1 redirects u23236098.ct.sendgrid.net	435 B
36	4

	Domain	Requested by
30	gbs.sa.com	2 redirects gbs.sa.com
2	bannoupa.pages.dev
1	mgun.mastercard.com	1 redirects
1	u23236098.ct.sendgrid.net	1 redirects
36	4

This site contains no links.

Subject Issuer	Validity	Valid
bannoupa.pages.dev WE1	`2024-07-18` - `2024-10-16`	3 months	crt.sh
gbs.sa.com R10	`2024-07-17` - `2024-10-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gbs.sa.com/BNP/home/index.html
Frame ID: 1EC38AB77106BD85DB601E158E48F210
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zaloguj się do GOonline | BNP Paribas Bank Polska S.A.

Page URL History Show full URLs

https://u23236098.ct.sendgrid.net/ls/click?upn=u001.Fd7LRWG6CBQ9wgxYQZT8kXElblv-2FkRPGRRTe685sjOXReFr6BGYbrrRq... HTTP 302
http://mgun.mastercard.com/c/eJwkyz1uhTAMAODTJGNkOyQOQ4Yu7x6G2H1I_ERAkdrTV2qHb_xaLWQ5qdeKTBgJGMi_q6IBU2... HTTP 307
https://mgun.mastercard.com/c/eJwkyz1uhTAMAODTJGNkOyQOQ4Yu7x6G2H1I_ERAkdrTV2qHb_xaLWQ5qdeKTBgJGMi_q6IBU2... HTTP 302
https://bannoupa.pages.dev/ Page URL
https://gbs.sa.com/BNP HTTP 301
https://gbs.sa.com/BNP/ HTTP 302
https://gbs.sa.com/BNP/home/index.html Page URL

Page Statistics

36
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

1170 kB
Transfer

2282 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u23236098.ct.sendgrid.net/ls/click?upn=u001.Fd7LRWG6CBQ9wgxYQZT8kXElblv-2FkRPGRRTe685sjOXReFr6BGYbrrRq2IBJSEX3O7P82VmqzCflapuhND-2FHt654fs0nsO7vn3LeKSErM-2FIE9eI-2FU2lv3GPOIz8BX4AskAX3yZhilfGEXmkDMjZXQrfPriWIMbtZ4ZxVnfH2lLtB-2B-2FfKldJtatTb1uYdCpCQtLrw8wVTJgcLcNqdqmAIVaql9R9oCPZXEgNlpdv3QsxwNOkPpLUtWna8I1s6H6Mf8WLI6F-2FYCNcNizYL7r3psHBXXvzTgXQhKNpNepio8zFfkpP4TDYpGHalUrlEjfVEMQ542brd9lOCGPEwZ56H-2BA-3D-3D8gnf_V00zoaAjlp03mI1HKBsH1egO-2BEjj3DyBzNr2Hs-2F27Idxu-2B1lHwqYzWK3y9-2Fl9xw6bKrc2OHfOVeimdERofTkIDluBfUDBomZpzb3Estrx-2FLcpDjt5lgIxnhEE1tN1Zyn2-2F4qAC4YYDYrN5l4PTtsLOcdsuntaXLVJhtzRC44HbhEUWANDI7H0LV0xrHWEPJmL21rAumlPBowOJI9WmMhhw-3D-3D HTTP 302
http://mgun.mastercard.com/c/eJwkyz1uhTAMAODTJGNkOyQOQ4Yu7x6G2H1I_ERAkdrTV2qHb_xaLWQ5qdeKTBgJGMi_q6IBU2xsohizyqjRIrcyTnls2PxSCWgAxoI5FsKgZiUlNgAj5TS7ATa5bj1nOVuYj82v9X3f_XLxw9HL0WuSfT--uoQun3qFpo8_649Oyz83wPfRN1nWv_1U-g0AAP__bVc0VA HTTP 307
https://mgun.mastercard.com/c/eJwkyz1uhTAMAODTJGNkOyQOQ4Yu7x6G2H1I_ERAkdrTV2qHb_xaLWQ5qdeKTBgJGMi_q6IBU2xsohizyqjRIrcyTnls2PxSCWgAxoI5FsKgZiUlNgAj5TS7ATa5bj1nOVuYj82v9X3f_XLxw9HL0WuSfT--uoQun3qFpo8_649Oyz83wPfRN1nWv_1U-g0AAP__bVc0VA HTTP 302
https://bannoupa.pages.dev/ Page URL
https://gbs.sa.com/BNP HTTP 301
https://gbs.sa.com/BNP/ HTTP 302
https://gbs.sa.com/BNP/home/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://u23236098.ct.sendgrid.net/ls/click?upn=u001.Fd7LRWG6CBQ9wgxYQZT8kXElblv-2FkRPGRRTe685sjOXReFr6BGYbrrRq2IBJSEX3O7P82VmqzCflapuhND-2FHt654fs0nsO7vn3LeKSErM-2FIE9eI-2FU2lv3GPOIz8BX4AskAX3yZhilfGEXmkDMjZXQrfPriWIMbtZ4ZxVnfH2lLtB-2B-2FfKldJtatTb1uYdCpCQtLrw8wVTJgcLcNqdqmAIVaql9R9oCPZXEgNlpdv3QsxwNOkPpLUtWna8I1s6H6Mf8WLI6F-2FYCNcNizYL7r3psHBXXvzTgXQhKNpNepio8zFfkpP4TDYpGHalUrlEjfVEMQ542brd9lOCGPEwZ56H-2BA-3D-3D8gnf_V00zoaAjlp03mI1HKBsH1egO-2BEjj3DyBzNr2Hs-2F27Idxu-2B1lHwqYzWK3y9-2Fl9xw6bKrc2OHfOVeimdERofTkIDluBfUDBomZpzb3Estrx-2FLcpDjt5lgIxnhEE1tN1Zyn2-2F4qAC4YYDYrN5l4PTtsLOcdsuntaXLVJhtzRC44HbhEUWANDI7H0LV0xrHWEPJmL21rAumlPBowOJI9WmMhhw-3D-3D HTTP 302
http://mgun.mastercard.com/c/eJwkyz1uhTAMAODTJGNkOyQOQ4Yu7x6G2H1I_ERAkdrTV2qHb_xaLWQ5qdeKTBgJGMi_q6IBU2xsohizyqjRIrcyTnls2PxSCWgAxoI5FsKgZiUlNgAj5TS7ATa5bj1nOVuYj82v9X3f_XLxw9HL0WuSfT--uoQun3qFpo8_649Oyz83wPfRN1nWv_1U-g0AAP__bVc0VA HTTP 307
https://mgun.mastercard.com/c/eJwkyz1uhTAMAODTJGNkOyQOQ4Yu7x6G2H1I_ERAkdrTV2qHb_xaLWQ5qdeKTBgJGMi_q6IBU2xsohizyqjRIrcyTnls2PxSCWgAxoI5FsKgZiUlNgAj5TS7ATa5bj1nOVuYj82v9X3f_XLxw9HL0WuSfT--uoQun3qFpo8_649Oyz83wPfRN1nWv_1U-g0AAP__bVc0VA HTTP 302
https://bannoupa.pages.dev/

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
bannoupa.pages.dev/
Redirect Chain

https://u23236098.ct.sendgrid.net/ls/click?upn=u001.Fd7LRWG6CBQ9wgxYQZT8kXElblv-2FkRPGRRTe685sjOXReFr6BGYbrrRq2IBJSEX3O7P82VmqzCflapuhND-2FHt654fs0nsO7vn3LeKSErM-2FIE9eI-2FU2lv3GPOIz8BX4AskAX3yZhil...
http://mgun.mastercard.com/c/eJwkyz1uhTAMAODTJGNkOyQOQ4Yu7x6G2H1I_ERAkdrTV2qHb_xaLWQ5qdeKTBgJGMi_q6IBU2xsohizyqjRIrcyTnls2PxSCWgAxoI5FsKgZiUlNgAj5TS7ATa5bj1nOVuYj82v9X3f_XLxw9HL0WuSfT--uoQun3qFpo8_...
https://mgun.mastercard.com/c/eJwkyz1uhTAMAODTJGNkOyQOQ4Yu7x6G2H1I_ERAkdrTV2qHb_xaLWQ5qdeKTBgJGMi_q6IBU2xsohizyqjRIrcyTnls2PxSCWgAxoI5FsKgZiUlNgAj5TS7ATa5bj1nOVuYj82v9X3f_XLxw9HL0WuSfT--uoQun3qFpo8...
https://bannoupa.pages.dev/

71 B
546 B

111ms
61ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bannoupa.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceaef2da518e1e91ffc7afb6ad3da650c9ba16923135edebcd2cb34d8f124b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8a5a9752187fc3d6-WAW
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 19 Jul 2024 12:07:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pq9959301nzn1%2FHIOhkBdncwis4JZYZdAYFlii2Dhi7JlIlj1KsfSRbgYTu%2FEm%2FHfRwzwoO4Hn7hfgjVn7yKKdDID2thDMRZPtbENrONEL2tXQ%2FdFfhxzfXDDN6Mtzn892Ep2ME%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-store
content-length: 402
content-type: text/html
date: Fri, 19 Jul 2024 12:07:25 GMT
location: https://bannoupa.pages.dev
x-robots-tag: noindex
x-xss-protection: 1; mode=block

GET
H2

200

Primary Request index.html Show response
gbs.sa.com/BNP/home/
Redirect Chain

https://gbs.sa.com/BNP
https://gbs.sa.com/BNP/
https://gbs.sa.com/BNP/home/index.html

21 KB
6 KB

204ms
204ms

Document
text/html

173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/BNP/home/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache / WP Rocket/3.13.1
Resource Hash: 82e9ab8c924c744eaafee63bbd57d10bd5bbddeb9c26286d9ee3c5b7f9a6acbd

Request headers

Referer: https://bannoupa.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=0, public
content-encoding: gzip
content-length: 6058
content-type: text/html; charset=UTF-8
date: Fri, 19 Jul 2024 12:07:28 GMT
expires: Fri, 19 Jul 2024 12:07:28 GMT
server: Apache
vary: Accept-Encoding,User-Agent
x-powered-by: WP Rocket/3.13.1

Redirect headers

cache-control: max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 19 Jul 2024 12:07:27 GMT
expires: Fri, 19 Jul 2024 12:07:27 GMT
location: ./home/index.html
server: Apache
vary: User-Agent,Accept-Encoding

GET
H3 200 favicon.ico
bannoupa.pages.dev/ 71 B
518 B 83ms
82ms Other
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bannoupa.pages.dev/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bannoupa.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:25 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BhTRObEOni5qCMJxSwj4LgvhuxbcyZWO2XcGc1%2FCAvo74srygidaWrQisELUENVPZX8KeVAqiXcKEUCGgJJYV5W%2BhGW6LipXJi%2Fhvysj8Ve%2FSK4nbQtk5gAdgL28%2Fg8co%2F%2BxOFM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8a5a9752fa3ac3d6-WAW
alt-svc: h3=":443"; ma=86400

GET
H2 200 ruxitagentjs_ICA7NQVfghqrtux_10287240325103108.js Show response
gbs.sa.com/BNP/home/files/ 330 KB
149 KB 603ms
602ms Script
application/javascript 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/BNP/home/files/ruxitagentjs_ICA7NQVfghqrtux_10287240325103108.js
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 6ec4cc226d3b5319a0352579ea5d030363e2afbd9a09f9439c23ae2f59a55f26

Request headers

Referer: https://gbs.sa.com/BNP/home/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2024 21:30:44 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Sat, 19 Jul 2025 12:07:28 GMT

GET
H2 200 base.56fbd2fb8f8744aa.css
gbs.sa.com/BNP/home/files/ 5 KB
1 KB 602ms
601ms Stylesheet
text/css 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/BNP/home/files/base.56fbd2fb8f8744aa.css
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: af397a6b23b41eb5c76384be1e4d75e87f5c7ae179e85ba717d7b47226dd5a55

Request headers

Referer: https://gbs.sa.com/BNP/home/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2024 21:30:44 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1226
expires: Sat, 19 Jul 2025 12:07:28 GMT

GET
H2 200 loader-button.svg
gbs.sa.com/BNP/home/files/ 1 KB
480 B 204ms
204ms Image
image/svg+xml 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbs.sa.com/BNP/home/files/loader-button.svg
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 11f51f48500a3f973838f058f8339b89e83cc4dd8dfea7b16221ec695856695e

Request headers

Referer: https://gbs.sa.com/BNP/home/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
content-encoding: gzip
last-modified: Wed, 19 Jun 2024 11:55:00 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 423
expires: Sat, 16 Nov 2024 12:07:29 GMT

GET
H2 200 the-banker-award.png
gbs.sa.com/BNP/home/files/ 24 KB
24 KB 404ms
403ms Image
image/png 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbs.sa.com/BNP/home/files/the-banker-award.png
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 736f4aee01a82d020b065e97c8d2a3d4d5fe909d507904f222996ca2448c19c0

Request headers

Referer: https://gbs.sa.com/BNP/home/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:28 GMT
last-modified: Tue, 18 Jun 2024 21:30:44 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 24068
expires: Sat, 16 Nov 2024 12:07:28 GMT

GET
H2 200 PBN.png
gbs.sa.com/BNP/home/files/ 15 KB
15 KB 406ms
405ms Image
image/png 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbs.sa.com/BNP/home/files/PBN.png
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 015d486968b743c58114b14d008a2a1053ebffe70337fde68cd6b0c936b38067

Request headers

Referer: https://gbs.sa.com/BNP/home/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:28 GMT
last-modified: Tue, 18 Jun 2024 21:30:44 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 14985
expires: Sat, 16 Nov 2024 12:07:28 GMT

GET
H2 200 norton.png
gbs.sa.com/BNP/home/files/ 5 KB
5 KB 428ms
427ms Image
image/png 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbs.sa.com/BNP/home/files/norton.png
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 69d0396ad6ad2716e3cb74ef58891ed26896b9704eadda4d2bb325ba2de4feaa

Request headers

Referer: https://gbs.sa.com/BNP/home/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:28 GMT
last-modified: Tue, 18 Jun 2024 21:30:44 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 4759
expires: Sat, 16 Nov 2024 12:07:28 GMT

GET
H2 200 bnp-paribas-logo-full.svg
gbs.sa.com/BNP/home/files/ 22 KB
9 KB 554ms
553ms Image
image/svg+xml 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbs.sa.com/BNP/home/files/bnp-paribas-logo-full.svg
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 71eeb5eb5e8cd8099e90c7444607a8d3b58d2b4c5b3de1e5cb52a77ad13518d2

Request headers

Referer: https://gbs.sa.com/BNP/home/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2024 21:30:44 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 8786
expires: Sat, 16 Nov 2024 12:07:29 GMT

GET
H2 200 styles.5299cf64ddabbe0f.css
gbs.sa.com/BNP/home/files/ 1 MB
180 KB 210ms
210ms Stylesheet
text/css 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 210a2f8d27ed4010ac3d4526e32321dd6ec11bebf616669080480131a578c0b3

Request headers

Referer: https://gbs.sa.com/BNP/home/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
content-encoding: gzip
last-modified: Wed, 19 Jun 2024 11:46:10 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Sat, 19 Jul 2025 12:07:29 GMT

GET
H2 404 ruxitagentjs_D_10287240325103108.js
gbs.sa.com/ 54 KB
18 KB 720ms
719ms Other
text/html 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/ruxitagentjs_D_10287240325103108.js
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 85ee45fee32b1ff889dae436cf33c727e9441cc751fea2d7da6fe6fd7ba42106

Request headers

Referer: https://gbs.sa.com/BNP/home/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gbs.sa.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 flag-pl.svg
gbs.sa.com/assets/theme/retail/img/svg/ 54 KB
54 KB 725ms
724ms Image
text/html 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbs.sa.com/assets/theme/retail/img/svg/flag-pl.svg
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: b43a17b137bece16ea29ff868415a91bccefbacb8bd1cc4e5dfc7aa21957de98

Request headers

Referer: https://gbs.sa.com/BNP/home/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gbs.sa.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 bnpp_sans_bold.woff
gbs.sa.com/assets/fonts/ 0
0 702ms
701ms Font
text/html 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/assets/fonts/bnpp_sans_bold.woff
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/base.56fbd2fb8f8744aa.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash

Request headers

Referer: https://gbs.sa.com/BNP/home/files/base.56fbd2fb8f8744aa.css
Origin: https://gbs.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gbs.sa.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 bnpp_sans_light.woff
gbs.sa.com/assets/fonts/ 0
0 1344ms
1344ms Font
text/html 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/assets/fonts/bnpp_sans_light.woff
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/base.56fbd2fb8f8744aa.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash

Request headers

Referer: https://gbs.sa.com/BNP/home/files/base.56fbd2fb8f8744aa.css
Origin: https://gbs.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gbs.sa.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 bnpp_sans.woff
gbs.sa.com/assets/fonts/ 0
0 681ms
680ms Font
text/html 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/assets/fonts/bnpp_sans.woff
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/base.56fbd2fb8f8744aa.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash

Request headers

Referer: https://gbs.sa.com/BNP/home/files/base.56fbd2fb8f8744aa.css
Origin: https://gbs.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gbs.sa.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 bnp-paribas-logo-full.svg
gbs.sa.com/BNP/home/files/assets/theme/retail/ 22 KB
9 KB 207ms
207ms Image
image/svg+xml 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbs.sa.com/BNP/home/files/assets/theme/retail/bnp-paribas-logo-full.svg
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 88f246e3938e92d4b1a93b93cf636c856a302f4ace772ef42591d877ee5ef5d5

Request headers

Referer: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2024 21:29:08 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 8813
expires: Sat, 16 Nov 2024 12:07:29 GMT

GET
H2 200 login-bg.jpg
gbs.sa.com/BNP/home/files/assets/theme/retail/img/bg/ 490 KB
491 KB 210ms
209ms Image
image/jpeg 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbs.sa.com/BNP/home/files/assets/theme/retail/img/bg/login-bg.jpg
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 88f2f32e046ea812a5607ebcc895f0bab1561cd09346e5f1b20f90fd813a6268

Request headers

Referer: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
last-modified: Tue, 18 Jun 2024 21:29:08 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 502213
expires: Sat, 16 Nov 2024 12:07:29 GMT

GET
H2 200 bnpp_sans.woff
gbs.sa.com/BNP/home/files/assets/fonts/ 54 KB
54 KB 401ms
400ms Font
font/woff 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/BNP/home/files/assets/fonts/bnpp_sans.woff
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c

Request headers

Referer: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Origin: https://gbs.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2024 21:29:08 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=10368000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 12:07:29 GMT

GET
H2 200 bnp-icon-basic.ttf
gbs.sa.com/BNP/home/files/assets/fonts/ 11 KB
6 KB 411ms
410ms Font
font/ttf 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/BNP/home/files/assets/fonts/bnp-icon-basic.ttf?5adbdc8e01a9417c03cc91fe65d27f59
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 70d37f12d4398f3313dc4deab65da0f0998f16b15d1bdb8d3436773d79b501ed

Request headers

Referer: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Origin: https://gbs.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2024 21:29:08 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 6355
expires: Sat, 16 Nov 2024 12:07:29 GMT

GET
H2 200 iconfont.woff2
gbs.sa.com/BNP/home/files/assets/fonts/ 31 KB
31 KB 401ms
401ms Font
font/woff2 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/BNP/home/files/assets/fonts/iconfont.woff2
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 3e586d1aa5327b9dcb55a831b26c18baff526112771e933086b7b2d4566eee7a

Request headers

Referer: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Origin: https://gbs.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2024 21:29:08 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=10368000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 12:07:29 GMT

GET
H2 200 bnpp_sans_light.woff
gbs.sa.com/BNP/home/files/assets/fonts/ 27 KB
27 KB 407ms
406ms Font
font/woff 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/BNP/home/files/assets/fonts/bnpp_sans_light.woff
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 6b819ba1ca6fb58d0838c232a9a9f4de58743ed0112f135cffd73b07475ae77d

Request headers

Referer: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Origin: https://gbs.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2024 21:29:08 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=10368000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 12:07:29 GMT

GET bnpp_sans_condensed_bold.woff
gbs.sa.com/BNP/home/files/assets/fonts/ 0
0

GET
H2 200 bnpp_sans_bold.woff
gbs.sa.com/BNP/home/files/assets/fonts/ 54 KB
54 KB 402ms
402ms Font
font/woff 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/BNP/home/files/assets/fonts/bnpp_sans_bold.woff
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e

Request headers

Referer: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Origin: https://gbs.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:29 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2024 21:29:08 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=10368000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 12:07:29 GMT

GET bnpp_sans.woff2
gbs.sa.com/assets/fonts/ 0
0

GET
H2 200 iconfont.woff
gbs.sa.com/BNP/home/files/assets/fonts/ 38 KB
38 KB 205ms
205ms Font
font/woff 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/BNP/home/files/assets/fonts/iconfont.woff
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: a95ef9bb8c436bd249923eb78c12e024bc1f959ae0527c20c0d30cbd21a0be23

Request headers

Referer: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Origin: https://gbs.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:30 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2024 21:29:08 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=10368000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 12:07:30 GMT

GET bnpp_sans_bold.woff2
gbs.sa.com/assets/fonts/ 0
0

GET ruxitagentjs_D_10287240325103108.js
gbs.sa.com/ 0
0

GET bnpp_sans_light.woff2
gbs.sa.com/assets/fonts/ 0
0

GET
H2 404 bnpp_sans_light.ttf
gbs.sa.com/assets/fonts/ 0
0 1692ms
1690ms Font
text/html 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/assets/fonts/bnpp_sans_light.ttf
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/base.56fbd2fb8f8744aa.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash

Request headers

Referer: https://gbs.sa.com/BNP/home/files/base.56fbd2fb8f8744aa.css
Origin: https://gbs.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:30 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gbs.sa.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 bnpp_sans_bold.ttf
gbs.sa.com/assets/fonts/ 0
0 1081ms
1079ms Font
text/html 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/assets/fonts/bnpp_sans_bold.ttf
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/base.56fbd2fb8f8744aa.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash

Request headers

Referer: https://gbs.sa.com/BNP/home/files/base.56fbd2fb8f8744aa.css
Origin: https://gbs.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:30 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gbs.sa.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 bnpp_sans_condensed_bold.woff2
gbs.sa.com/BNP/home/files/assets/fonts/ 0
0 1680ms
1679ms Font
text/html 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/BNP/home/files/assets/fonts/bnpp_sans_condensed_bold.woff2
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash

Request headers

Referer: https://gbs.sa.com/BNP/home/files/styles.5299cf64ddabbe0f.css
Origin: https://gbs.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:30 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gbs.sa.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 bnpp_sans.ttf
gbs.sa.com/assets/fonts/ 0
0 1687ms
1686ms Font
text/html 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/assets/fonts/bnpp_sans.ttf
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/base.56fbd2fb8f8744aa.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash

Request headers

Referer: https://gbs.sa.com/BNP/home/files/base.56fbd2fb8f8744aa.css
Origin: https://gbs.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:07:30 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gbs.sa.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 406 rb_59278947-0198-4282-8d96-98942c532d36 Show response
gbs.sa.com/ 226 B
280 B 205ms
204ms Fetch
text/html 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/rb_59278947-0198-4282-8d96-98942c532d36?type=js3&sn=v_4_srv_-2D68_sn_UUNEO8ICAMSLHFHHH0L9T1A8DRIH1UHP&svrid=-68&flavor=post&vi=ABAARILDTHWTFHMQKMMTJCFFGEFNWRLM-0&modifiedSince=1718622881534&rf=https%3A%2F%2Fgbs.sa.com%2FBNP%2Fhome%2Findex.html&bp=3&app=4f55f664b599dbfd&crc=2067959131&en=2chwizr3&end=1
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/ruxitagentjs_ICA7NQVfghqrtux_10287240325103108.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 80a265bed528211aa708dcd58f7a95db36eeb7f873c6fe4ddab0b3a1dc0973a4

Request headers

Referer: https://gbs.sa.com/BNP/home/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jul 2024 12:07:31 GMT
server: Apache
content-length: 226
content-type: text/html; charset=iso-8859-1

POST
H2 406 rb_59278947-0198-4282-8d96-98942c532d36 Show response
gbs.sa.com/ 226 B
276 B 206ms
205ms Fetch
text/html 173.254.24.40
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://gbs.sa.com/rb_59278947-0198-4282-8d96-98942c532d36?type=js3&sn=v_4_srv_-2D68_sn_UUNEO8ICAMSLHFHHH0L9T1A8DRIH1UHP&svrid=-68&flavor=post&vi=ABAARILDTHWTFHMQKMMTJCFFGEFNWRLM-0&modifiedSince=1718622881534&rf=https%3A%2F%2Fgbs.sa.com%2FBNP%2Fhome%2Findex.html&bp=3&app=4f55f664b599dbfd&crc=3215084897&en=2chwizr3&end=1
Requested by: Host: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/ruxitagentjs_ICA7NQVfghqrtux_10287240325103108.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.24.40 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rsb40.rhostbh.com
Software: Apache /
Resource Hash: 80a265bed528211aa708dcd58f7a95db36eeb7f873c6fe4ddab0b3a1dc0973a4

Request headers

Referer: https://gbs.sa.com/BNP/home/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jul 2024 12:07:32 GMT
server: Apache
content-length: 226
content-type: text/html; charset=iso-8859-1

GET bnpp_sans_condensed_bold.ttf
gbs.sa.com/BNP/home/files/assets/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/assets/fonts/bnpp_sans_condensed_bold.woff

Domain: gbs.sa.com
URL: https://gbs.sa.com/assets/fonts/bnpp_sans.woff2

Domain: gbs.sa.com
URL: https://gbs.sa.com/assets/fonts/bnpp_sans_bold.woff2

Domain: gbs.sa.com
URL: https://gbs.sa.com/ruxitagentjs_D_10287240325103108.js

Domain: gbs.sa.com
URL: https://gbs.sa.com/assets/fonts/bnpp_sans_light.woff2

Domain: gbs.sa.com
URL: https://gbs.sa.com/BNP/home/files/assets/fonts/bnpp_sans_condensed_bold.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gbs.sa.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-2D68_sn_UUNEO8ICAMSLHFHHH0L9T1A8DRIH1UHP
.gbs.sa.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 172139084917605SHRQM5NU7R23441AUU4OAGMLRBD20K
.gbs.sa.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.gbs.sa.com/	1969-12-31 23:59:59	Name: rxvt Value: 1721392650883\|1721390849178
.gbs.sa.com/	1969-12-31 23:59:59	Name: dtPC Value: -68$590849173_226h4vABAARILDTHWTFHMQKMMTJCFFGEFNWRLM-0e0

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gbs.sa.com/assets/fonts/bnpp_sans.woff Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://gbs.sa.com/BNP/home/index.html Message: Failed to decode downloaded font: https://gbs.sa.com/BNP/home/files/assets/fonts/iconfont.woff2
other	warning	URL: https://gbs.sa.com/BNP/home/index.html Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
network	error	URL: https://gbs.sa.com/assets/fonts/bnpp_sans_bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gbs.sa.com/ruxitagentjs_D_10287240325103108.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gbs.sa.com/assets/theme/retail/img/svg/flag-pl.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gbs.sa.com/assets/fonts/bnpp_sans_light.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gbs.sa.com/rb_59278947-0198-4282-8d96-98942c532d36?type=js3&sn=v_4_srv_-2D68_sn_UUNEO8ICAMSLHFHHH0L9T1A8DRIH1UHP&svrid=-68&flavor=post&vi=ABAARILDTHWTFHMQKMMTJCFFGEFNWRLM-0&modifiedSince=1718622881534&rf=https%3A%2F%2Fgbs.sa.com%2FBNP%2Fhome%2Findex.html&bp=3&app=4f55f664b599dbfd&crc=2067959131&en=2chwizr3&end=1 Message: Failed to load resource: the server responded with a status of 406 ()
network	error	URL: https://gbs.sa.com/assets/fonts/bnpp_sans_bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gbs.sa.com/rb_59278947-0198-4282-8d96-98942c532d36?type=js3&sn=v_4_srv_-2D68_sn_UUNEO8ICAMSLHFHHH0L9T1A8DRIH1UHP&svrid=-68&flavor=post&vi=ABAARILDTHWTFHMQKMMTJCFFGEFNWRLM-0&modifiedSince=1718622881534&rf=https%3A%2F%2Fgbs.sa.com%2FBNP%2Fhome%2Findex.html&bp=3&app=4f55f664b599dbfd&crc=3215084897&en=2chwizr3&end=1 Message: Failed to load resource: the server responded with a status of 406 ()
network	error	URL: https://gbs.sa.com/BNP/home/files/assets/fonts/bnpp_sans_condensed_bold.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gbs.sa.com/assets/fonts/bnpp_sans.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gbs.sa.com/assets/fonts/bnpp_sans_light.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bannoupa.pages.dev
gbs.sa.com
mgun.mastercard.com
u23236098.ct.sendgrid.net
gbs.sa.com
167.89.118.28
173.254.24.40
188.114.97.3
34.102.239.211
015d486968b743c58114b14d008a2a1053ebffe70337fde68cd6b0c936b38067
11f51f48500a3f973838f058f8339b89e83cc4dd8dfea7b16221ec695856695e
210a2f8d27ed4010ac3d4526e32321dd6ec11bebf616669080480131a578c0b3
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c
3e586d1aa5327b9dcb55a831b26c18baff526112771e933086b7b2d4566eee7a
69d0396ad6ad2716e3cb74ef58891ed26896b9704eadda4d2bb325ba2de4feaa
6b819ba1ca6fb58d0838c232a9a9f4de58743ed0112f135cffd73b07475ae77d
6ec4cc226d3b5319a0352579ea5d030363e2afbd9a09f9439c23ae2f59a55f26
70d37f12d4398f3313dc4deab65da0f0998f16b15d1bdb8d3436773d79b501ed
71eeb5eb5e8cd8099e90c7444607a8d3b58d2b4c5b3de1e5cb52a77ad13518d2
736f4aee01a82d020b065e97c8d2a3d4d5fe909d507904f222996ca2448c19c0
80a265bed528211aa708dcd58f7a95db36eeb7f873c6fe4ddab0b3a1dc0973a4
80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e
82e9ab8c924c744eaafee63bbd57d10bd5bbddeb9c26286d9ee3c5b7f9a6acbd
85ee45fee32b1ff889dae436cf33c727e9441cc751fea2d7da6fe6fd7ba42106
88f246e3938e92d4b1a93b93cf636c856a302f4ace772ef42591d877ee5ef5d5
88f2f32e046ea812a5607ebcc895f0bab1561cd09346e5f1b20f90fd813a6268
a95ef9bb8c436bd249923eb78c12e024bc1f959ae0527c20c0d30cbd21a0be23
af397a6b23b41eb5c76384be1e4d75e87f5c7ae179e85ba717d7b47226dd5a55
b43a17b137bece16ea29ff868415a91bccefbacb8bd1cc4e5dfc7aa21957de98
ceaef2da518e1e91ffc7afb6ad3da650c9ba16923135edebcd2cb34d8f124b7a

gbs.sa.com Open in urlscan Pro 173.254.24.40 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

36 Requests

83 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

1170 kBTransfer

2282 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gbs.sa.com Open in urlscan Pro
173.254.24.40 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

1170 kB
Transfer

2282 kB
Size

5
Cookies

36 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!