bnpparibas-connection.codeanyapp.com
Open in
urlscan Pro
45.55.112.74
Malicious Activity!
Public Scan
Effective URL: https://bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/main.php
Submission: On April 30 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 19th 2024. Valid for: 3 months.
This is the only time bnpparibas-connection.codeanyapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNP Paribas (Banking)Live information
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 172.67.154.102 172.67.154.102 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 27 | 45.55.112.74 45.55.112.74 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
2 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2620:1ec:22::14 2620:1ec:22::14 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
30 | 4 |
ASN14061 (DIGITALOCEAN-ASN, US)
bnpparibas-connection.codeanyapp.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
codeanyapp.com
1 redirects
bnpparibas-connection.codeanyapp.com |
789 KB |
2 |
linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 328 |
876 B |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231 |
31 KB |
1 |
smp-international.de
1 redirects
www.smp-international.de |
582 B |
30 | 4 |
Domain | Requested by | |
---|---|---|
27 | bnpparibas-connection.codeanyapp.com |
1 redirects
bnpparibas-connection.codeanyapp.com
|
2 | px.ads.linkedin.com |
bnpparibas-connection.codeanyapp.com
|
2 | cdnjs.cloudflare.com |
bnpparibas-connection.codeanyapp.com
|
1 | www.smp-international.de | 1 redirects |
30 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
codeanyapp.com R3 |
2024-04-19 - 2024-07-18 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
www.linkedin.com DigiCert SHA2 Secure Server CA |
2024-01-30 - 2024-07-30 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/main.php
Frame ID: 08E71228CDE70E3527AFC5CFE2225F39
Requests: 32 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.smp-international.de/b_/o4vqn6ptf6skgvfaqec48q
HTTP 302
https://bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/ HTTP 302
https://bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/main.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.smp-international.de/b_/o4vqn6ptf6skgvfaqec48q
HTTP 302
https://bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/ HTTP 302
https://bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/main.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
main.php
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/ Redirect Chain
|
17 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bk-coretag.js
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
51 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
194 KB 195 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
48 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-grid.min.css
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
501 B 508 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
489 KB 65 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tinymce.css
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
501 B 508 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brand-isolated.css
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
156 B 305 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Application.css
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
131 B 299 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iscroll.js
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
50 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
164 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors-main.js
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
137 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pagebus.js
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.mask.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp-fortis-isolated.css
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
547 KB 89 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp-fortis-pws-isolated.css
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
128 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ia-overrides.css
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px.ads.linkedin.com/ |
0 533 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
px.ads.linkedin.com/wa/ |
0 343 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Applicationwebbanking.css
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
51 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Applicationwebbankingbrand_F.css
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/ |
285 B 373 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnppf-logo-sprite.svg
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/images/common/ |
57 KB 57 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-icons.ttf
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/fonts/ |
42 KB 42 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BNPPSansRegular-webfont.woff
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/fonts/bnppf-sans-new/ |
28 KB 28 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BNPPSansLight-webfont.woff
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/fonts/bnppf-sans-new/ |
26 KB 27 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_cond_regular-webfont.ttf
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/fonts/ |
46 KB 46 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpiconfont.woff
bnpparibas-connection.codeanyapp.com/be-n1e2rt3y3u5u6s8r6ta2d6r/app/xxx_files/fonts/ |
57 KB 57 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animgif.gif
bnpparibas-connection.codeanyapp.com/resources/ebw-portal/themes/fortis-portal/images/ |
361 B 361 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNP Paribas (Banking)61 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut function| lintrk boolean| _already_called_lintrk object| google_tag_manager object| google_tag_data object| dataLayer object| ORIBILI function| IScroll function| getCookie function| setCookie function| setCookieParam object| distributorId object| secure string| href string| hostname undefined| sfSiteId undefined| portal object| axes object| matches undefined| langUrl undefined| brand undefined| lang undefined| audience undefined| sfAxes1 undefined| sfAxes2 undefined| sfAxes3 undefined| sfAxes4 undefined| onePortalURL undefined| main object| webpackChunkebb_migration_ui function| log boolean| wlChatLoaded boolean| wlChatNeedsToOpen boolean| wlfirstload boolean| wlscriptsloaded object| digitalData object| adobeDataLayer object| OpenAjax function| _badParm function| _valPub function| _valSub function| _cacheIt function| _TopicMatcher function| _isCaching function| _copy object| PageBus function| $ function| jQuery object| $jscomp string| feedbackvalue5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bnpparibas-connection.codeanyapp.com/ | Name: PHPSESSID Value: kgvoqqgbejrtopqlnmf1deimf6 |
|
.linkedin.com/ | Name: bcookie Value: "v=2&875871d1-9ed7-4659-89b7-cb53a1adacf7" |
|
.linkedin.com/ | Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3221:u=1:x=1:i=1714480511:t=1714566911:v=2:sig=AQE1zhBMtzaRWPvoWIglR0_PxZmquuAg" |
|
.linkedin.com/ | Name: li_gc Value: MTswOzE3MTQ0ODA1MTI7MjswMjFzPCNr0885A5dNYxAp0RLkCl8mHcgzWunQq2IBFkKjcQ== |
|
bnpparibas-connection.codeanyapp.com/ | Name: axes Value: null |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bnpparibas-connection.codeanyapp.com
cdnjs.cloudflare.com
px.ads.linkedin.com
www.smp-international.de
104.17.24.14
172.67.154.102
2620:1ec:22::14
45.55.112.74
0593c61a42ecc69ed4f92bc9f92f7d929dc3b575f025a192317d95c5f4eb16f1
05ba4f2d42ade1413142e9fec8a2b644e2a3e177525a4c0506d6374935779e56
08cd690f860049417f3084336b86565ec55c3c880298ce6e8fa5cb81adc0677c
0a148cc3629679417dcc9e6ab4a0013f4073132fbfaf54335b82226e82c87c73
0ee78676ba6b6bee827b5e89bda4fc3efdbf83ec287f2ad4a57beb66f2ed5072
19cbdee225381f76649b0850bbd3d1aeb76d8f53e78feed041f5050b1bf68972
1b3b5cca85067dd8f61a992aa3fabf21be5c6df82e6175a26b978a994c695453
21bf515370156d437cb84e5e3fe487fa4c9b11ca01209d0e759e6594575b7895
2204bd69d3721b82b7b1ce780f9bf1dfab7ba0240804bd5c3d910942836a7e62
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
2fb2b7fcb467754175ef56c7adad9c21548ea6f0ecbb94bf7321476c73caa354
40daf3da1ce21ff663c7e80d6ef4e9e391913863ef5183ea621121c4239022ac
4492470a3331c34a57c97b37085dd2d8f32d292b616d950f64f925c64b6d9941
4d0ac5ea4df3106d69a03116158777cd3302eec58de91b632ca4b96a5b79da01
52cea700a3c7266fdcf8d5689b09965c6bbff0cc17295dd9213a8087bf7a3c39
59b9e7d5486906f1164e4a6bdd70fa77ea8f743df92625bb9b75bfd207debe2f
6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984
7c5b73bb0d8493214832bc99553ddc1cd2279c8687c4bac5844e92509ecba70f
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
9bb8201cc4007630864b1a645eb103b0ab89ac7f3466da5779e1a6a86a056aff
a56f74eaf471b8d0869d8d9556e4925e89767e210c4f0cf273ee012213086ec2
c08a0dd8800f9582aec90be9b9215aea5b58782e2fd6f961ec67220f75576f76
c2018396e7954aa8ff683896b662e5ebda3e861b7b7bd7bee90e1509534f5c4a
d704d237c38374bd74c01946bd55e92686c98eeef54319622648514e9761101a
dbee075ee4370f69cfc15334d6dc1242c4aeb6a280e85616a8ee649329d5eb03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ccfa174e2afeeeea33a77db39e1dfacd731e74aff380cbee38fe85f287b93d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5c986e27f68a589776557a6377c8985884bf2242a0ad5dae1f11269a531312
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a