www.mabanque-bnp-paribas.com
Open in
urlscan Pro
47.74.214.119
Malicious Activity!
Public Scan
Submitted URL: https://www.mabanque-bnp-paribas.com/
Effective URL: https://www.mabanque-bnp-paribas.com/login/
Submission: On September 20 via automatic, source certstream-suspicious
Effective URL: https://www.mabanque-bnp-paribas.com/login/
Submission: On September 20 via automatic, source certstream-suspicious
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 20 HTTP transactions.
The main IP is 47.74.214.119, located in
Singapore, Singapore and
belongs to CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN.
The main domain is www.mabanque-bnp-paribas.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 19th 2019. Valid for: 3 months.
This is the only time www.mabanque-bnp-paribas.com was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on September 19th 2019. Valid for: 3 months.
This is the only time www.mabanque-bnp-paribas.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNP Paribas (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 21 | 47.74.214.119 47.74.214.119 | 45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.) | |
| 20 | 1 |
21
47.74.214.119
(Singapore, Singapore)
ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
| www.mabanque-bnp-paribas.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 21 |
mabanque-bnp-paribas.com
1 redirects
www.mabanque-bnp-paribas.com |
583 KB |
| 20 | 1 |
| Domain | Requested by | |
|---|---|---|
| 21 | www.mabanque-bnp-paribas.com |
1 redirects
www.mabanque-bnp-paribas.com
|
| 20 | 1 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| mabanque-bnp-paribas.com Let's Encrypt Authority X3 |
2019-09-19 - 2019-12-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.mabanque-bnp-paribas.com/login/
Frame ID: 388B919ADD045CF265317BA4C837436B
Requests: 20 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.mabanque-bnp-paribas.com/
HTTP 302
https://www.mabanque-bnp-paribas.com/login/ Page URL
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
AngularJS
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /angular.*\.js/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.mabanque-bnp-paribas.com/
HTTP 302
https://www.mabanque-bnp-paribas.com/login/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
www.mabanque-bnp-paribas.com/login/ Redirect Chain
|
49 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.css
www.mabanque-bnp-paribas.com/login/ |
802 KB 114 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
www.mabanque-bnp-paribas.com/bower_components/jquery/dist/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
angular.min.js
www.mabanque-bnp-paribas.com/bower_components/angular/ |
165 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font-awesome.min.css
www.mabanque-bnp-paribas.com/bower_components/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css.css
www.mabanque-bnp-paribas.com/login/ |
0 272 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
form.js
www.mabanque-bnp-paribas.com/login/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ng.js
www.mabanque-bnp-paribas.com/login/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bnp-alone.png
www.mabanque-bnp-paribas.com/login/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sprite-header.png
www.mabanque-bnp-paribas.com/login/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon-print.png
www.mabanque-bnp-paribas.com/login/ |
686 B 963 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bnpp_type_regular_v2-webfont.woff
www.mabanque-bnp-paribas.com/login/ |
32 KB 32 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sprite-form.png
www.mabanque-bnp-paribas.com/login/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo2.jpg
www.mabanque-bnp-paribas.com/login/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loupe_part.png
www.mabanque-bnp-paribas.com/login/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ident_pictos.jpg
www.mabanque-bnp-paribas.com/login/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bnpp_sans-webfont.woff2
www.mabanque-bnp-paribas.com/login/ |
21 KB 21 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bnpp_sans_cond_light_v2-webfont.woff
www.mabanque-bnp-paribas.com/login/ |
22 KB 23 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bnpp_type_bold_v2-webfont.woff
www.mabanque-bnp-paribas.com/login/ |
24 KB 24 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
iconbnp.woff
www.mabanque-bnp-paribas.com/login/ |
175 KB 175 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNP Paribas (Banking)30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| angular string| link string| bb_link string| query string| full_url string| home string| dir_url string| bid object| texts string| lng object| device function| next__ function| finish__ object| cookies function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q object| loader_ function| send1 object| app object| sc_0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.mabanque-bnp-paribas.com
47.74.214.119
35e17008258c1797319098895e59b018880fb56b35df28b97b95be28ea743399
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
5cfcd47c763f59b765edf88bf251164a95e5e1dbcb5ad4e031a6460a2409d73c
661cf54776694fa0f0ee2bc0b294d5ab348eb6cfd8f078c00742b363c1fd35b5
6c5d6811eac74f21a4130472bf1e806350f0ea9ee3a293d06aa7cddadd47c1a8
6c74dbc524effb3bca7a40c9d09acd95a79bd57a8764ad14a75ab6e287557f66
7765b30f55d23c1e9b5da76e6b4bb7129665b9fb7e0ff1f949f51d74a22f93be
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a5914aa91aff6db50981ac794d68b868dfecf6909305ab6c568466faa49d366
8c45964eb3e4966a48a853fe547d2ca274245a13b040330d1081ce46c2f94c4d
957cd0660080db493db86fec7c263227ddaebf10172c3c0fc8da3f2cc9149f4e
989083c4d211ad5e8a61cf9ec6af880854ca0e13ab19da92d7b1d8e752096d37
9be4e951e7efa7691ff602cae10e1ac266533e70cdbb521c5e9effd692ec0be2
a0d34b998a9cf5f420ae2eef60f7600e346bc93f57865385af1cc60c1b223ee2
c51d5fe50b0312de525e0455413daad54125854ec4d3caa43d399584a8491775
cb7e58a5a13ebe53dd05272703ba47132b65aa33d29b373d33de116cb82fdb21
ccf8a6ae83a3d8fbbd59d83df5526fcda27064892dabead96e08496555449016
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f369aafad7dd64145e15972462e84dbf18ddebf193e594345debcfc8d40c30e8