www.bglmessagerie.com Open in urlscan Pro
160.153.133.194 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://myinvestvision.com/gtasq/qhazx
Effective URL:
https://www.bglmessagerie.com/connexion-lbg/
Submission: On February 25 via api (February 25th 2020, 12:25:57 pm UTC) from BE

Summary HTTP 2 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 160.153.133.194, located in Scottsdale, United States and belongs to GODADDY-AMS, DE. The main domain is www.bglmessagerie.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on February 24th 2020. Valid for: a year.

This is the only time www.bglmessagerie.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	212.113.150.183 212.113.150.183	29017 (GYRON ====) (GYRON ====)
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 2	160.153.133.194 160.153.133.194	21501 (GODADDY-AMS) (GODADDY-AMS)
2	3

2 212.113.150.183 (United Kingdom) 1 redirects

ASN29017 (GYRON ====, GB)
PTR: uk610.directrouter.com

myinvestvision.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 160.153.133.194 (Scottsdale, United States) 1 redirects

ASN21501 (GODADDY-AMS, DE)
PTR: ip-160-153-133-194.ip.secureserver.net

www.bglmessagerie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	bglmessagerie.com 1 redirects www.bglmessagerie.com	429 KB
2	myinvestvision.com 1 redirects myinvestvision.com	776 B
1	bit.ly 1 redirects bit.ly	357 B
2	3

	Domain	Requested by
2	www.bglmessagerie.com	1 redirects
2	myinvestvision.com	1 redirects
1	bit.ly	1 redirects
2	3

This site contains links to these domains. Also see Links.

Domain
mywealth.bnpparibas.lu
itunes.apple.com
play.google.com
webbanking.bgl.lu
webbanking1.bgl.lu

Subject Issuer	Validity	Valid
bglmessagerie.com Starfield Secure Certificate Authority - G2	`2020-02-24` - `2021-02-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.bglmessagerie.com/connexion-lbg/
Frame ID: 423822B49C30D2F8F07E6580C1D003F5
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://myinvestvision.com/gtasq/qhazx HTTP 301
http://myinvestvision.com/gtasq/qhazx/ Page URL
http://bit.ly/2SWy7vv HTTP 301
https://www.bglmessagerie.com/connexion-lbg HTTP 301
https://www.bglmessagerie.com/connexion-lbg/ Page URL

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

669 kB
Transfer

886 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://mywealth.bnpparibas.lu/
Title: Go to myWealth

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/fr/app/web-banking-bgl-bnp-paribas-luxembourg/id781456280?l=de&mt=8
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=lu.bgl.spm.retail&hl=fr
Title:

Search URL Search Domain Scan URL

URL: https://webbanking.bgl.lu/content/dam/bank/common/luxtrust/connexion-au-web-banking.pdf
Title: Logging on to Web Banking - Instructions

Search URL Search Domain Scan URL

URL: https://webbanking1.bgl.lu/fr/Main.html
Title:

Search URL Search Domain Scan URL

URL: https://webbanking.bgl.lu/content/dam/bank/common/documents/conseil-de-securite/conseils-de-securite.pdf
Title: Read the security advice

Search URL Search Domain Scan URL

URL: https://webbanking.bgl.lu/content/dam/bank/common/documents/conditions-generales/General-Terms-and-Conditions_EN.pdf
Title: General Terms and Conditions

Search URL Search Domain Scan URL

URL: https://webbanking.bgl.lu/content/dam/bank/common/documents/disclaimer/legal-notice.pdf
Title: Legal Notice

Search URL Search Domain Scan URL

URL: https://webbanking.bgl.lu/content/dam/bank/common/documents/cookies/cookies-policy.pdf
Title: Cookies Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://myinvestvision.com/gtasq/qhazx HTTP 301
http://myinvestvision.com/gtasq/qhazx/ Page URL
http://bit.ly/2SWy7vv HTTP 301
https://www.bglmessagerie.com/connexion-lbg HTTP 301
https://www.bglmessagerie.com/connexion-lbg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://myinvestvision.com/gtasq/qhazx HTTP 301
http://myinvestvision.com/gtasq/qhazx/

2 HTTP transactions
10 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ myinvestvision.com/gtasq/qhazx/ Redirect Chain http://myinvestvision.com/gtasq/qhazx http://myinvestvision.com/gtasq/qhazx/	145 B 358 B	21ms 20ms	Document text/html	212.113.150.183 GYRON ====
General Check archive.org Show headers Download Go to Full URL http://myinvestvision.com/gtasq/qhazx/ Protocol HTTP/1.1 Server 212.113.150.183 , United Kingdom, ASN29017 (GYRON ====, GB), Reverse DNS uk610.directrouter.com Software LiteSpeed / Resource Hash Request headers Host myinvestvision.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Connection Keep-Alive Content-Type text/html Last-Modified Tue, 25 Feb 2020 11:09:08 GMT Accept-Ranges bytes Content-Length 145 Date Tue, 25 Feb 2020 12:25:40 GMT Server LiteSpeed Redirect headers Connection Keep-Alive Content-Type text/html Content-Length 705 Date Tue, 25 Feb 2020 12:25:40 GMT Server LiteSpeed Location http://myinvestvision.com/gtasq/qhazx/ Alt-Svc quic=":80"; ma=2592000; v="39,43,46,50", h3-Q039=":80"; ma=2592000, h3-Q043=":80"; ma=2592000, h3-Q046=":80"; ma=2592000, h3-Q050=":80"; ma=2592000, h3-23=":80"; ma=2592000, h3-24=":80"; ma=2592000
GET H2	200	Primary Request / Show response www.bglmessagerie.com/connexion-lbg/ Redirect Chain http://bit.ly/2SWy7vv https://www.bglmessagerie.com/connexion-lbg https://www.bglmessagerie.com/connexion-lbg/	602 KB 429 KB	39ms 38ms	Document text/html	160.153.133.194 GODADDY-AMS
General Check archive.org Show headers Download Go to Full URL https://www.bglmessagerie.com/connexion-lbg/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.133.194 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE), Reverse DNS ip-160-153-133-194.ip.secureserver.net Software Apache / Resource Hash `4aa1672701f43ce61d50516a9c640b953f75de3066de9ee1921f47a1bba17355` Request headers :method GET :authority www.bglmessagerie.com :scheme https :path /connexion-lbg/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer http://myinvestvision.com/gtasq/qhazx/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://myinvestvision.com/gtasq/qhazx/ Response headers status 200 date Tue, 25 Feb 2020 12:25:40 GMT server Apache last-modified Wed, 19 Feb 2020 00:50:34 GMT etag "9fe014e-967bc-59ee32d0aca80-gzip" accept-ranges bytes vary Accept-Encoding,User-Agent content-encoding gzip content-type text/html Redirect headers status 301 date Tue, 25 Feb 2020 12:25:40 GMT server Apache location https://www.bglmessagerie.com/connexion-lbg/ content-length 252 content-type text/html; charset=iso-8859-1
GET DATA	200 OK	truncated /	11 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4dd3349319e6249107b8b8ef6133d7f78bc46f2e1b3b595e5617568c824332af` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	16 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `631e7fd2e9b828f325f82e0e687fb714360a236363d56b083dbaecbb7fb285b5` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	956 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d85f0f149b4390bed6624bc30ca2cbfa37d394f14474fcf81d63363ad363e284` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	18 KB 18 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c` Request headers Origin https://www.bglmessagerie.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	43 KB 43 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `920ccc8dcef30b8769c9028cfe34f753351aa5a25f221ccc0f9feeb65aef657d` Request headers Origin https://www.bglmessagerie.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	54 KB 54 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c` Request headers Origin https://www.bglmessagerie.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	51 KB 51 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `fb43eeaaaf135ab07194f9456ed94ab130747a4aa85823d4da87d4474d7e3e7f` Request headers Origin https://www.bglmessagerie.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	45 KB 45 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `58c0a1cce610560d4cc43a36ac112e2e5a9d2ab456356a263cad07f3d600973b` Request headers Origin https://www.bglmessagerie.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	30 KB 30 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0b95104b1f0f514651bc01ebc8568dd75f2cbac2da57f6f95316965d2add609f` Request headers Origin https://www.bglmessagerie.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	16 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `9da988a1675219bd861a6e96882b0489a3dba96ccf513c7805e9e26c69010c1b` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/jpeg

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
myinvestvision.com
www.bglmessagerie.com
160.153.133.194
212.113.150.183
67.199.248.10
0b95104b1f0f514651bc01ebc8568dd75f2cbac2da57f6f95316965d2add609f
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c
4aa1672701f43ce61d50516a9c640b953f75de3066de9ee1921f47a1bba17355
4dd3349319e6249107b8b8ef6133d7f78bc46f2e1b3b595e5617568c824332af
58c0a1cce610560d4cc43a36ac112e2e5a9d2ab456356a263cad07f3d600973b
631e7fd2e9b828f325f82e0e687fb714360a236363d56b083dbaecbb7fb285b5
920ccc8dcef30b8769c9028cfe34f753351aa5a25f221ccc0f9feeb65aef657d
9da988a1675219bd861a6e96882b0489a3dba96ccf513c7805e9e26c69010c1b
d85f0f149b4390bed6624bc30ca2cbfa37d394f14474fcf81d63363ad363e284
fb43eeaaaf135ab07194f9456ed94ab130747a4aa85823d4da87d4474d7e3e7f
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.bglmessagerie.com Open in urlscan Pro 160.153.133.194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

2 Requests

50 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

669 kBTransfer

886 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

www.bglmessagerie.com Open in urlscan Pro
160.153.133.194 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

669 kB
Transfer

886 kB
Size

0
Cookies

2 HTTP transactions
10 data transactions