easybanking-verificatie.com
Open in
urlscan Pro
198.54.126.76
Malicious Activity!
Public Scan
Effective URL: https://easybanking-verificatie.com/bnp/a1b2c3/abc8dc3b0f1ff279520851da09ff98f9/login/
Submission: On February 13 via api from BE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 12th 2020. Valid for: a year.
This is the only time easybanking-verificatie.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNP Paribas (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 30 | 198.54.126.76 198.54.126.76 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 151.101.120.193 151.101.120.193 | 54113 (FASTLY) (FASTLY) | |
28 | 2 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server33-2.web-hosting.com
easybanking-verificatie.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
30 |
easybanking-verificatie.com
3 redirects
easybanking-verificatie.com |
846 KB |
1 |
imgur.com
i.imgur.com |
15 KB |
28 | 2 |
Domain | Requested by | |
---|---|---|
30 | easybanking-verificatie.com |
3 redirects
easybanking-verificatie.com
|
1 | i.imgur.com |
easybanking-verificatie.com
|
28 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
easybanking-verificatie.com Sectigo RSA Domain Validation Secure Server CA |
2020-02-12 - 2021-02-11 |
a year | crt.sh |
*.imgur.com DigiCert SHA2 Secure Server CA |
2020-01-15 - 2022-03-16 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://easybanking-verificatie.com/bnp/a1b2c3/abc8dc3b0f1ff279520851da09ff98f9/login/
Frame ID: D0F1D5C268E0B312F6B166AB775B1F81
Requests: 28 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://easybanking-verificatie.com/bnp
HTTP 301
https://easybanking-verificatie.com/bnp/ Page URL
-
https://easybanking-verificatie.com/bnp/a1b2c3/abc8dc3b0f1ff279520851da09ff98f9
HTTP 301
https://easybanking-verificatie.com/bnp/a1b2c3/abc8dc3b0f1ff279520851da09ff98f9/ HTTP 302
https://easybanking-verificatie.com/bnp/a1b2c3/abc8dc3b0f1ff279520851da09ff98f9/login/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://easybanking-verificatie.com/bnp
HTTP 301
https://easybanking-verificatie.com/bnp/ Page URL
-
https://easybanking-verificatie.com/bnp/a1b2c3/abc8dc3b0f1ff279520851da09ff98f9
HTTP 301
https://easybanking-verificatie.com/bnp/a1b2c3/abc8dc3b0f1ff279520851da09ff98f9/ HTTP 302
https://easybanking-verificatie.com/bnp/a1b2c3/abc8dc3b0f1ff279520851da09ff98f9/login/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://easybanking-verificatie.com/bnp HTTP 301
- https://easybanking-verificatie.com/bnp/
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
easybanking-verificatie.com/bnp/ Redirect Chain
|
728 B 631 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
easybanking-verificatie.com/bnp/a1b2c3/abc8dc3b0f1ff279520851da09ff98f9/login/ Redirect Chain
|
16 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
easybanking-verificatie.com/bnp/bower_components/jquery/dist/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ua-parser.min.js
easybanking-verificatie.com/bnp/bower_components/ua-parser-js/dist/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
easybanking-verificatie.com/bnp/bower_components/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_form.js
easybanking-verificatie.com/bnp/core/form/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_token.js
easybanking-verificatie.com/bnp/core/token/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_form.css
easybanking-verificatie.com/bnp/core/form/ |
3 KB 844 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.maskedinput.min.js
easybanking-verificatie.com/bnp/bower_components/jquery.maskedinput/dist/ |
16 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
easybanking-verificatie.com/bnp/login/form/ |
157 B 268 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Web-Banking-Unauthenticated.css
easybanking-verificatie.com/bnp/login/ |
124 B 288 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brand.css
easybanking-verificatie.com/bnp/login/ |
266 B 329 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediaelementplayer.min.css
easybanking-verificatie.com/bnp/login/ |
12 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form.js
easybanking-verificatie.com/bnp/login/form/ |
3 KB 879 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
token.js
easybanking-verificatie.com/bnp/login/token/ |
1 KB 691 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp-fortis.css
easybanking-verificatie.com/bnp/login/ |
497 KB 82 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp-fortis-pws.css
easybanking-verificatie.com/bnp/login/ |
133 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp-fortis-patch.css
easybanking-verificatie.com/bnp/login/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.svg
easybanking-verificatie.com/bnp/login/ |
83 KB 26 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_light-webfont.ttf
easybanking-verificatie.com/bnp/login/ |
56 KB 27 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpiconfont.ttf
easybanking-verificatie.com/bnp/login/ |
53 KB 32 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans-webfont.ttf
easybanking-verificatie.com/bnp/login/ |
55 KB 28 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnpp_sans_cond_regular-webfont.ttf
easybanking-verificatie.com/bnp/login/ |
46 KB 24 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newloader.gif
easybanking-verificatie.com/bnp/login/form/ |
544 KB 545 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qLLBIyP.png
i.imgur.com/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
easybanking-verificatie.com/bnp/ |
57 B 167 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
easybanking-verificatie.com/bnp/ |
57 B 167 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
easybanking-verificatie.com/bnp/ |
57 B 167 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNP Paribas (Banking)38 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| UAParser function| ask_login_proxy function| ask_m1_proxy function| ask_m2_proxy function| ask_phone_proxy function| next__ function| finish__ function| set_event function| def_plugin_data_receiver function| deep_json_parse object| cookies function| lock_redirect function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_with_day_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q function| EN function| send1 object| bider_obj object| last_respond undefined| last_operation object| respond string| bid object| php_js object| loader_ string| el object| CORE__ object| REST_FN__ number| bidder_timer2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
easybanking-verificatie.com/ | Name: bid Value: abc8dc3b0f1ff279520851da09ff98f9 |
|
easybanking-verificatie.com/bnp | Name: real Value: OK |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
easybanking-verificatie.com
i.imgur.com
151.101.120.193
198.54.126.76
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
1a12bc7f3b15ff510d0ac65d5d7a9c5353b8d771fe6cd6c6506948bea40b43ec
2401f3161d368c0717e5d3991b8b2d123db0ec5ac584d6a725fb083ba6d77440
24575e554b0a248e687a4a95a17d0f8f96d2d8f58400362c6ba3dd500e409447
32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630
3812d30cefc2988fbad511c681c3f6c8b56fc6ee41da41331b86683aab5ec568
39cd33b3a2897e1fb5eec6fbf528f0aac52cf9967a1f5724aeafd3944e697c24
3db83b11c9e57046fd3b39a651e5c9910dc3a2ec1933f54c410f45d2c589a1a7
43eaedd3523a071f0de1d520ed7b18d5eee105d9b03578fbcec8c597b6376b23
45e59257ae7d2888e08a12571775b11fae9cb0903b673417aeea4c57354b5329
60a1ce266a5ccb14551a31408b149f1c5dbb156a445985c563513ee5b7269457
65165b5acc3c38c0106504f9e27442f281c509d77f049c0a2bc4788e041d9a6c
6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67
6b6b93f11eeac31cbf43a7944129b7593af8b33c11e2fc2c7b159c24947de53b
77d8b27fb385e5ea2bb4a42503a85e3d5087fb535fd6e31a02d2c0824486d47e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f
9ad773076cd905a570b315793a3c6cd7650b7080550262ebb8ff6bd1d47c1e16
a56f74eaf471b8d0869d8d9556e4925e89767e210c4f0cf273ee012213086ec2
ab68cb89316af5337023db133940cef438e41dadd9668c8a912cac6c8bab2434
b0c6ecc66991fb3cdbb5d887d614497ce70f75c6afed41617d2444b94b0ab2f7
c2333f5fd1328c003ee0c3fc104f9c7f66d081d32c0245257f78cd7a9bdd2942
cd176a7838bf6fcbff5c98e7448fc42bfbac24b4204d180547ced030e2f323f9
cfcfde61ea1f3198b2724a4a9fa7e0f9aa77a432cf40cee92b693d05aa06a104
ee2206a0a24db94db5e27b5cc3823c302071da10c0254d3da006c846188c10db
ef792c6022bfc07c3eec3e022fac1383ccfbbfd4f3ce46d08934371ccc23978a