bnponline.in
Open in
urlscan Pro
195.133.47.79
Malicious Activity!
Public Scan
Effective URL: https://bnponline.in/
Submission Tags: 7620731
Submission: On July 26 via api from NL — Scanned from NL
Summary
TLS certificate: Issued by R3 on July 25th 2022. Valid for: 3 months.
This is the only time bnponline.in was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNP Paribas (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.83.52.76 54.83.52.76 | 14618 (AMAZON-AES) (AMAZON-AES) | |
13 | 195.133.47.79 195.133.47.79 | 9002 (RETN-AS) (RETN-AS) | |
13 | 1 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-52-76.compute-1.amazonaws.com
bit.do |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
bnponline.in
bnponline.in |
2 MB |
1 |
bit.do
1 redirects
bit.do — Cisco Umbrella Rank: 250954 |
102 B |
13 | 2 |
Domain | Requested by | |
---|---|---|
13 | bnponline.in |
bnponline.in
|
1 | bit.do | 1 redirects |
13 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bnpparibas.pl |
video-chat.bnpparibas.pl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bnponline.in R3 |
2022-07-25 - 2022-10-23 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bnponline.in/
Frame ID: 1EB9E82976F94D22F309F94122345CE5
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Zaloguj się do GOonline | BNP Paribas Bank Polska S.A.Page URL History Show full URLs
-
https://bit.do/bnp-goonline
HTTP 301
https://bnponline.in/ Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Poznaj GOonline
Search URL Search Domain Scan URL
Title: Masz pytania dotyczące GOonline?
Search URL Search Domain Scan URL
Title: Dowiedz się więcej
Search URL Search Domain Scan URL
Title: Oddziały
Search URL Search Domain Scan URL
Title: Bezpieczeństwo
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bit.do/bnp-goonline
HTTP 301
https://bnponline.in/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
bnponline.in/ Redirect Chain
|
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
the-banker-poland.png
bnponline.in/assets/dynamic/login/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
retail.df7ebaa258b3adf9.css
bnponline.in/ |
1 MB 1 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-lib.js
bnponline.in/assets/dynamic/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnp-paribas-logo-full.svg
bnponline.in/assets/theme/retail/ |
22 KB 22 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-bg.jpg
bnponline.in/assets/theme/retail/img/bg/ |
490 KB 491 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flag-pl.svg
bnponline.in/assets/theme/retail/img/svg/ |
258 B 555 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
norton.png
bnponline.in/assets/theme/retail/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_sans.woff
bnponline.in/assets/theme/retail/fonts/ |
54 KB 54 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iconfont.woff
bnponline.in/assets/theme/retail/fonts/icons/ |
37 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_sans_light.woff
bnponline.in/assets/theme/retail/fonts/ |
27 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_sans_condensed_bold.woff
bnponline.in/assets/theme/retail/fonts/ |
36 KB 36 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_sans_bold.woff
bnponline.in/assets/theme/retail/fonts/ |
54 KB 54 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNP Paribas (Banking)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| applicationBuildVersion string| portalThemeDefault0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.do
bnponline.in
195.133.47.79
54.83.52.76
07190af4eda02efe532594fa233710fa42f0dc58cfcf1999ea4d0451a8b592fe
1ad43cd69ab87d44698b331a63932599e614c77028ff26f4e856588a7700f384
2a61d97d12db2daa170a11a7e283104ff66420d9c689b715b698b20ce9ce5696
3010f803553860aef91fef9275bc0776cba9194b0c8d39c4518a4dc3e6ae6084
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c
69d0396ad6ad2716e3cb74ef58891ed26896b9704eadda4d2bb325ba2de4feaa
6b819ba1ca6fb58d0838c232a9a9f4de58743ed0112f135cffd73b07475ae77d
80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e
88f2f32e046ea812a5607ebcc895f0bab1561cd09346e5f1b20f90fd813a6268
99820725d9a0a77e6b22f32f40084174970d2830a10ab2b5895dc4e079bb746e
aa56e04cde5e4ac7964c3e6545ebf1a1232442dcb93fbf8d4d6baf1e365311c9
c51282549720e2ef8e9b6d2c2dc535e9cca0e332ceb0fbc21a315dfb3e269224