fortisbnpbe.firebaseapp.com
Open in
urlscan Pro
151.101.65.195
Malicious Activity!
Public Scan
Submission: On February 13 via api from BE
Summary
TLS certificate: Issued by GTS CA 1O1 on October 28th 2019. Valid for: a year.
This is the only time fortisbnpbe.firebaseapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNP Paribas (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 151.101.65.195 151.101.65.195 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 193.58.4.82 193.58.4.82 | 25215 (BNP-PARIB...) (BNP-PARIBAS France) | |
1 | 2606:4700:10:... 2606:4700:10::6814:3e7a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 2600:1901:0:9... 2600:1901:0:94b6:: | 15169 (GOOGLE) (GOOGLE) | |
34 | 5 |
ASN15169 (GOOGLE, US)
cotro-be.firebaseio.com | |
s-usc1c-nss-269.firebaseio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
firebaseapp.com
fortisbnpbe.firebaseapp.com |
710 KB |
8 |
firebaseio.com
cotro-be.firebaseio.com s-usc1c-nss-269.firebaseio.com |
4 KB |
3 |
bnpparibasfortis.be
www.bnpparibasfortis.be |
107 KB |
1 |
ipgeolocation.io
api.ipgeolocation.io |
844 B |
1 |
googleapis.com
ajax.googleapis.com |
30 KB |
34 | 5 |
Domain | Requested by | |
---|---|---|
21 | fortisbnpbe.firebaseapp.com |
fortisbnpbe.firebaseapp.com
|
7 | s-usc1c-nss-269.firebaseio.com |
fortisbnpbe.firebaseapp.com
|
3 | www.bnpparibasfortis.be |
fortisbnpbe.firebaseapp.com
|
1 | cotro-be.firebaseio.com |
fortisbnpbe.firebaseapp.com
|
1 | api.ipgeolocation.io |
ajax.googleapis.com
|
1 | ajax.googleapis.com |
fortisbnpbe.firebaseapp.com
|
34 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
vimeo.com |
www.itsme.be |
easybankingbusiness.bnpparibasfortis.be |
www.cardstop.be |
twitter.com |
www.facebook.com |
www.linkedin.com |
www.youtube.com |
fr.community.bnpparibasfortis.be |
www.becommerce.be |
Subject Issuer | Validity | Valid | |
---|---|---|---|
firebaseapp.com GTS CA 1O1 |
2019-10-28 - 2020-10-26 |
a year | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-01-29 - 2020-04-22 |
3 months | crt.sh |
www.bnpparibasfortis.be Entrust Certification Authority - L1M |
2020-01-14 - 2022-01-22 |
2 years | crt.sh |
ssl876516.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-12-03 - 2020-06-10 |
6 months | crt.sh |
firebaseio.com GTS CA 1O1 |
2019-03-13 - 2020-03-11 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://fortisbnpbe.firebaseapp.com/
Frame ID: EF43F6C95E83B0B9957A765D3F5CBFB1
Requests: 26 HTTP requests in this frame
Frame:
https://cotro-be.firebaseio.com/.lp?start=t&ser=15312788&cb=1&v=5
Frame ID: 054524658B1BE63322B6FA3CB3E3A30A
Requests: 7 HTTP requests in this frame
Frame:
https://s-usc1c-nss-269.firebaseio.com/.lp?dframe=t&id=2432288&pw=QNHKsXJJHm&ns=cotro-be
Frame ID: D4EEE29EC2483498FE571AC8CC5BA649
Requests: 1 HTTP requests in this frame
11 Outgoing links
These are links going to different origins than the main page.
Title: nos instructions pour une première connexion
Search URL Search Domain Scan URL
Title: ce film
Search URL Search Domain Scan URL
Title: leur site web
Search URL Search Domain Scan URL
Title: Easy Banking Business
Search URL Search Domain Scan URL
Title: Card Stop
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
fortisbnpbe.firebaseapp.com/ |
88 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Web-Banking-Unauthenticated.css
fortisbnpbe.firebaseapp.com/iwov-resources/fixed-layout/ |
88 KB 13 KB |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brand.css
fortisbnpbe.firebaseapp.com/static/css/ |
268 B 281 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediaelementplayer.min.css
fortisbnpbe.firebaseapp.com/static/css/ |
12 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.0/ |
86 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.cdede159570c3a64ab5edb0b7d3ff55b.css
fortisbnpbe.firebaseapp.com/static/css/ |
92 B 217 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stopcard.png
fortisbnpbe.firebaseapp.com/rsc/contrib/image/footer/ |
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
be_commerce.png
fortisbnpbe.firebaseapp.com/rsc/contrib/image/footer/ |
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.2ae2e69a05c33dfc65f8.js
fortisbnpbe.firebaseapp.com/static/js/ |
857 B 628 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.e2907021bf281451670c.js
fortisbnpbe.firebaseapp.com/static/js/ |
1 MB 339 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.4d4d4c6a48764a8b83e2.js
fortisbnpbe.firebaseapp.com/static/js/ |
30 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp-fortis.css
fortisbnpbe.firebaseapp.com/static/css/ |
456 KB 74 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp-fortis-pws.css
fortisbnpbe.firebaseapp.com/static/css/ |
125 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp-fortis-patch.css
fortisbnpbe.firebaseapp.com/static/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite.svg
www.bnpparibasfortis.be/rsc/contrib/graphicaltheme/bnpp-fortis/images/ |
83 KB 84 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print_logo.png
www.bnpparibasfortis.be/rsc/contrib/graphicaltheme/bnpp-fortis/images/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hello_icon.png
www.bnpparibasfortis.be/rsc/contrib/graphicaltheme/bnpp-fortis/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpiconfont.ttf
fortisbnpbe.firebaseapp.com/static/css/ |
156 B 255 B |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans-webfont.ttf
fortisbnpbe.firebaseapp.com/static/css/ |
156 B 255 B |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_light-webfont.ttf
fortisbnpbe.firebaseapp.com/static/css/ |
156 B 264 B |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ipgeo
api.ipgeolocation.io/ |
757 B 844 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_cond_regular-webfont.ttf
fortisbnpbe.firebaseapp.com/static/css/ |
156 B 256 B |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_light-webfont.woff
fortisbnpbe.firebaseapp.com/static/css/ |
27 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpiconfont.woff
fortisbnpbe.firebaseapp.com/static/css/ |
53 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans-webfont.woff
fortisbnpbe.firebaseapp.com/static/css/ |
27 KB 28 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_cond_regular-webfont.woff
fortisbnpbe.firebaseapp.com/static/css/ |
24 KB 24 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
cotro-be.firebaseio.com/ Frame 0545 |
422 B 664 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-269.firebaseio.com/ Frame D4EE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-269.firebaseio.com/ Frame 0545 |
15 B 256 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-269.firebaseio.com/ Frame 0545 |
58 B 299 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-269.firebaseio.com/ Frame 0545 |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-269.firebaseio.com/ Frame 0545 |
102 B 344 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-269.firebaseio.com/ Frame 0545 |
47 B 288 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-269.firebaseio.com/ Frame 0545 |
38 B 279 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNP Paribas (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| webpackJsonp object| __core-js_shared__ object| core object| loge object| key function| pLPCommand1 function| pRTLPCB10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
api.ipgeolocation.io
cotro-be.firebaseio.com
fortisbnpbe.firebaseapp.com
s-usc1c-nss-269.firebaseio.com
www.bnpparibasfortis.be
151.101.65.195
193.58.4.82
2600:1901:0:94b6::
2606:4700:10::6814:3e7a
2a00:1450:4001:816::200a
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0bd8bac7550e699b6cf2e371b566cd52a285a49e58142c1ee3aa81c17efed8f5
118834664625506c47a61ce9e6745ca5da358d02140758d6050c30de6653c7c2
301fb78556c0e004e1e35efb8c9ecbb261d2b0be44727b2e8b73da9f840a976d
328a9702c2daeeb22d4379f7dbe4c02fa4f90e45e4b19f3baf509a2c78ab2012
3d14e96bd08692f39b357173c908dcb0b21ee11d0bdb29b963ce7fcc836eb4fd
3f6b3048f077663998d7fead9734892be93db35b1c64b94092a932175bfb44e2
431270143e9fb062562e977b4e3a627d721bfd1a97e45e87794e2515425f3f60
45bb7e057cad35c12895482c819a6437dc51011ae59da47e9faffefc6812593d
5acd07b6ba34bba4f5d0141462e5a61292bb9a3afbcf9afe0038080a163113c6
60c66ef11a2ffcca4a7e1df90b3fcedac69dc8671eb7a5391ed7a046d660f6a9
6296f92dd77169261b9179e4b4ded95f651aa7553337acc5ad99dfdce99c7c54
6489d95cc8213efb13fa9c7ac26d57c09b9c895ddee14f31e357bf3ec5e45f61
67e1089820ea2c0d78a1387c0397d9a06f00b19569ca3a348b39d7931a1f15eb
77d8b27fb385e5ea2bb4a42503a85e3d5087fb535fd6e31a02d2c0824486d47e
7e6b30e73ff23860ed442056d0bd2e6798cfdecf896fc1eaa6370f62f74037db
8a00095fa6b74d3d3fa18dff20b9e67d1e72a19f4f171bf5ad7df9289dc73406
8e9bd0e2d3d483ebc55071a08a6b569aac5da3a6b7d473c4dd7f0288030f8dae
acad8c233b9c9c3aa515312f2d8e5bf52119899c084940abc96b9dabfa92d7db
b3da6a69d865280145fab80f0a540da70fbcaffb09e131ab4494b71d16d4d1d9
b5b5895c9d4f12ab4cc1c9ca588a0d451e5b1d053d7487bc15f3d3e3d974893e
bcee240785160d2d972bd3f075c0dcb88f47d89b3610b829914b96f7786d0e1d
c4071ff8d0159e2801c2a0918320b7e6946971f8ef047a9672e17e2459ea5533
c48cb154d913fed893b4920867fd6a57b96e495b13e9765a8b1c1365d833e36a
d414b80e539a45c4c5b318d37543f524d2cfcc69c92256879afb2f1dd980fdd1
dba7f5fc5e1dc1bb5397dd9e94a29ef2ba594de485bcedd03da7a9e09fc31292
e0486eb718675e3b7f58c3f90c09ef9bcf15f13e77d80c1a3734d89f8f2f216e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef824052cc54e24358011a6d1f363813e99264883d6a019f5c98f75e43f78dc9
fa1f201faca683b3520f0413ea029b33b6fef801ee55aab0216b12839a7da735
fae16a6a3c08a4a95ec5329ee5e75a63a5e1d9d12285cf6c59d07b0f2738bbc1