bnponline.in Open in urlscan Pro
195.133.47.79 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.do/bnp-goonline
Effective URL:
https://bnponline.in/
Submission Tags: 7620731
Submission: On July 26 via api (July 26th 2022, 4:31:36 pm UTC) from NL — Scanned from NL

Summary HTTP 13 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 195.133.47.79, located in Frankfurt am Main, Germany and belongs to RETN-AS, GB. The main domain is bnponline.in.
TLS certificate: Issued by R3 on July 25th 2022. Valid for: 3 months.

This is the only time bnponline.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.83.52.76 54.83.52.76	14618 (AMAZON-AES) (AMAZON-AES)
13	195.133.47.79 195.133.47.79	9002 (RETN-AS) (RETN-AS)
13	1

1 54.83.52.76 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-52-76.compute-1.amazonaws.com

bit.do	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 195.133.47.79 (Frankfurt am Main, Germany)

ASN9002 (RETN-AS, GB)

bnponline.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	bnponline.in bnponline.in	2 MB
1	bit.do 1 redirects bit.do — Cisco Umbrella Rank: 250954	102 B
13	2

	Domain	Requested by
13	bnponline.in	bnponline.in
1	bit.do	1 redirects
13	2

This site contains links to these domains. Also see Links.

Domain
www.bnpparibas.pl
video-chat.bnpparibas.pl

Subject Issuer	Validity	Valid
bnponline.in R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bnponline.in/
Frame ID: 1EB9E82976F94D22F309F94122345CE5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zaloguj się do GOonline | BNP Paribas Bank Polska S.A.

Page URL History Show full URLs

https://bit.do/bnp-goonline HTTP 301
https://bnponline.in/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

1837 kB
Transfer

1841 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bnpparibas.pl/klienci-indywidualni/bankowosc-internetowa/goonline
Title: Poznaj GOonline

Search URL Search Domain Scan URL

URL: https://video-chat.bnpparibas.pl/bnp-video/?mediachannel=4
Title: Masz pytania dotyczące GOonline?

Search URL Search Domain Scan URL

URL: https://www.bnpparibas.pl/o-banku/nagrody-i-wyroznienia
Title: Dowiedz się więcej

Search URL Search Domain Scan URL

URL: https://www.bnpparibas.pl/kontakt/oddzialy-z-obsluga-detaliczna-i-biznesowa?type=department_retail_business
Title: Oddziały

Search URL Search Domain Scan URL

URL: https://www.bnpparibas.pl/bezpieczenstwo
Title: Bezpieczeństwo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.do/bnp-goonline HTTP 301
https://bnponline.in/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
bnponline.in/
Redirect Chain

https://bit.do/bnp-goonline
https://bnponline.in/

11 KB
3 KB

678ms
37ms

Document
text/html

195.133.47.79
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnponline.in/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.133.47.79 Frankfurt am Main, Germany, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

07190af4eda02efe532594fa233710fa42f0dc58cfcf1999ea4d0451a8b592fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Jul 2022 16:31:30 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000;
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

content-length: 301
content-type: text/html; charset=iso-8859-1
date: Tue, 26 Jul 2022 16:31:29 GMT
location: https://bnponline.in/
server: nginx/1.18.0

GET
H/1.1 200
OK the-banker-poland.png
bnponline.in/assets/dynamic/login/ 2 KB
2 KB 31ms
31ms Image
image/png 195.133.47.79
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bnponline.in/assets/dynamic/login/the-banker-poland.png

Requested by

Host: bnponline.in
URL: https://bnponline.in/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.133.47.79 Frankfurt am Main, Germany, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

1ad43cd69ab87d44698b331a63932599e614c77028ff26f4e856588a7700f384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bnponline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 16:31:30 GMT
Last-Modified: Mon, 11 Jul 2022 08:07:38 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62cbda4a-63d"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1597

GET
H/1.1 200
OK retail.df7ebaa258b3adf9.css
bnponline.in/ 1 MB
1 MB 93ms
61ms Stylesheet
text/css 195.133.47.79
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnponline.in/retail.df7ebaa258b3adf9.css

Requested by

Host: bnponline.in
URL: https://bnponline.in/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.133.47.79 Frankfurt am Main, Germany, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3010f803553860aef91fef9275bc0776cba9194b0c8d39c4518a4dc3e6ae6084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bnponline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 16:31:30 GMT
Last-Modified: Mon, 11 Jul 2022 08:04:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62cbd988-1140a2"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1130658

GET
H/1.1 404
Not Found jquery-lib.js
bnponline.in/assets/dynamic/ 0
0 111ms
42ms Script
text/html 195.133.47.79
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bnponline.in/assets/dynamic/jquery-lib.js
Requested by: Host: bnponline.in
URL: https://bnponline.in/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.133.47.79 Frankfurt am Main, Germany, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bnponline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 16:31:30 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK bnp-paribas-logo-full.svg
bnponline.in/assets/theme/retail/ 22 KB
22 KB 34ms
33ms Image
image/svg+xml 195.133.47.79
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bnponline.in/assets/theme/retail/bnp-paribas-logo-full.svg

Requested by

Host: bnponline.in
URL: https://bnponline.in/retail.df7ebaa258b3adf9.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.133.47.79 Frankfurt am Main, Germany, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

99820725d9a0a77e6b22f32f40084174970d2830a10ab2b5895dc4e079bb746e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bnponline.in/retail.df7ebaa258b3adf9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 16:31:30 GMT
Last-Modified: Mon, 11 Jul 2022 08:09:42 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62cbdac6-583f"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22591

GET
H/1.1 200
OK login-bg.jpg
bnponline.in/assets/theme/retail/img/bg/ 490 KB
491 KB 64ms
64ms Image
image/jpeg 195.133.47.79
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bnponline.in/assets/theme/retail/img/bg/login-bg.jpg

Requested by

Host: bnponline.in
URL: https://bnponline.in/retail.df7ebaa258b3adf9.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.133.47.79 Frankfurt am Main, Germany, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

88f2f32e046ea812a5607ebcc895f0bab1561cd09346e5f1b20f90fd813a6268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bnponline.in/retail.df7ebaa258b3adf9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 16:31:30 GMT
Last-Modified: Mon, 11 Jul 2022 08:14:00 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62cbdbc8-7a9c5"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 502213

GET
H/1.1 200
OK flag-pl.svg
bnponline.in/assets/theme/retail/img/svg/ 258 B
555 B 34ms
33ms Image
image/svg+xml 195.133.47.79
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bnponline.in/assets/theme/retail/img/svg/flag-pl.svg

Requested by

Host: bnponline.in
URL: https://bnponline.in/retail.df7ebaa258b3adf9.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.133.47.79 Frankfurt am Main, Germany, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

aa56e04cde5e4ac7964c3e6545ebf1a1232442dcb93fbf8d4d6baf1e365311c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bnponline.in/retail.df7ebaa258b3adf9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 16:31:30 GMT
Last-Modified: Mon, 11 Jul 2022 08:17:16 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62cbdc8c-102"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 258

GET
H/1.1 200
OK norton.png
bnponline.in/assets/theme/retail/img/ 5 KB
5 KB 148ms
37ms Image
image/png 195.133.47.79
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bnponline.in/assets/theme/retail/img/norton.png

Requested by

Host: bnponline.in
URL: https://bnponline.in/retail.df7ebaa258b3adf9.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.133.47.79 Frankfurt am Main, Germany, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

69d0396ad6ad2716e3cb74ef58891ed26896b9704eadda4d2bb325ba2de4feaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bnponline.in/retail.df7ebaa258b3adf9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 16:31:30 GMT
Last-Modified: Mon, 11 Jul 2022 08:13:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62cbdba4-1297"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4759

GET
H/1.1 200
OK bnpp_sans.woff
bnponline.in/assets/theme/retail/fonts/ 54 KB
54 KB 113ms
79ms Font
font/woff 195.133.47.79
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnponline.in/assets/theme/retail/fonts/bnpp_sans.woff

Requested by

Host: bnponline.in
URL: https://bnponline.in/retail.df7ebaa258b3adf9.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.133.47.79 Frankfurt am Main, Germany, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://bnponline.in/retail.df7ebaa258b3adf9.css
Origin: https://bnponline.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 16:31:30 GMT
Last-Modified: Mon, 11 Jul 2022 08:10:56 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "d648-5e3831760e400"
Strict-Transport-Security: max-age=31536000;
Content-Type: font/woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54856

GET
H/1.1 200
OK iconfont.woff
bnponline.in/assets/theme/retail/fonts/icons/ 37 KB
37 KB 82ms
48ms Font
font/woff 195.133.47.79
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnponline.in/assets/theme/retail/fonts/icons/iconfont.woff

Requested by

Host: bnponline.in
URL: https://bnponline.in/retail.df7ebaa258b3adf9.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.133.47.79 Frankfurt am Main, Germany, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

2a61d97d12db2daa170a11a7e283104ff66420d9c689b715b698b20ce9ce5696

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://bnponline.in/retail.df7ebaa258b3adf9.css
Origin: https://bnponline.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 16:31:30 GMT
Last-Modified: Mon, 11 Jul 2022 08:12:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "94a8-5e3831bab8600"
Strict-Transport-Security: max-age=31536000;
Content-Type: font/woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38056

GET
H/1.1 200
OK bnpp_sans_light.woff
bnponline.in/assets/theme/retail/fonts/ 27 KB
27 KB 122ms
35ms Font
font/woff 195.133.47.79
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnponline.in/assets/theme/retail/fonts/bnpp_sans_light.woff

Requested by

Host: bnponline.in
URL: https://bnponline.in/retail.df7ebaa258b3adf9.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.133.47.79 Frankfurt am Main, Germany, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6b819ba1ca6fb58d0838c232a9a9f4de58743ed0112f135cffd73b07475ae77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://bnponline.in/retail.df7ebaa258b3adf9.css
Origin: https://bnponline.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 16:31:30 GMT
Last-Modified: Mon, 11 Jul 2022 08:10:56 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6ca8-5e3831760e400"
Strict-Transport-Security: max-age=31536000;
Content-Type: font/woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27816

GET
H/1.1 200
OK bnpp_sans_condensed_bold.woff
bnponline.in/assets/theme/retail/fonts/ 36 KB
36 KB 164ms
68ms Font
font/woff 195.133.47.79
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnponline.in/assets/theme/retail/fonts/bnpp_sans_condensed_bold.woff

Requested by

Host: bnponline.in
URL: https://bnponline.in/retail.df7ebaa258b3adf9.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.133.47.79 Frankfurt am Main, Germany, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c51282549720e2ef8e9b6d2c2dc535e9cca0e332ceb0fbc21a315dfb3e269224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://bnponline.in/retail.df7ebaa258b3adf9.css
Origin: https://bnponline.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 16:31:30 GMT
Last-Modified: Mon, 11 Jul 2022 08:10:56 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "8f24-5e3831760e400"
Strict-Transport-Security: max-age=31536000;
Content-Type: font/woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36644

GET
H/1.1 200
OK bnpp_sans_bold.woff
bnponline.in/assets/theme/retail/fonts/ 54 KB
54 KB 182ms
72ms Font
font/woff 195.133.47.79
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnponline.in/assets/theme/retail/fonts/bnpp_sans_bold.woff

Requested by

Host: bnponline.in
URL: https://bnponline.in/retail.df7ebaa258b3adf9.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.133.47.79 Frankfurt am Main, Germany, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://bnponline.in/retail.df7ebaa258b3adf9.css
Origin: https://bnponline.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 16:31:30 GMT
Last-Modified: Mon, 11 Jul 2022 08:10:56 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "d6c8-5e3831760e400"
Strict-Transport-Security: max-age=31536000;
Content-Type: font/woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54984

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bnponline.in/assets/dynamic/jquery-lib.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.do
bnponline.in
195.133.47.79
54.83.52.76
07190af4eda02efe532594fa233710fa42f0dc58cfcf1999ea4d0451a8b592fe
1ad43cd69ab87d44698b331a63932599e614c77028ff26f4e856588a7700f384
2a61d97d12db2daa170a11a7e283104ff66420d9c689b715b698b20ce9ce5696
3010f803553860aef91fef9275bc0776cba9194b0c8d39c4518a4dc3e6ae6084
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c
69d0396ad6ad2716e3cb74ef58891ed26896b9704eadda4d2bb325ba2de4feaa
6b819ba1ca6fb58d0838c232a9a9f4de58743ed0112f135cffd73b07475ae77d
80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e
88f2f32e046ea812a5607ebcc895f0bab1561cd09346e5f1b20f90fd813a6268
99820725d9a0a77e6b22f32f40084174970d2830a10ab2b5895dc4e079bb746e
aa56e04cde5e4ac7964c3e6545ebf1a1232442dcb93fbf8d4d6baf1e365311c9
c51282549720e2ef8e9b6d2c2dc535e9cca0e332ceb0fbc21a315dfb3e269224

bnponline.in Open in urlscan Pro 195.133.47.79 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

1837 kBTransfer

1841 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

bnponline.in Open in urlscan Pro
195.133.47.79 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

1837 kB
Transfer

1841 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!