www.taka.com.mx
Open in
urlscan Pro
162.214.144.23
Malicious Activity!
Public Scan
Submitted URL: https://www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/
Effective URL: https://www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/user.php
Submission: On November 22 via manual from FR — Scanned from FR
Effective URL: https://www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/user.php
Submission: On November 22 via manual from FR — Scanned from FR
Summary
This website contacted 2 IPs
in 2 countries
across 2 domains to perform 14 HTTP transactions.
The main IP is 162.214.144.23, located in
United States and
belongs to UNIFIEDLAYER-AS-1, US.
The main domain is www.taka.com.mx.
TLS certificate: Issued by R3 on October 12th 2023. Valid for: 3 months.
This is the only time www.taka.com.mx was scanned on urlscan.io!
TLS certificate: Issued by R3 on October 12th 2023. Valid for: 3 months.
This is the only time www.taka.com.mx was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNP Paribas (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 14 | 162.214.144.23 162.214.144.23 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
| 2 | 2a02:26f0:710... 2a02:26f0:7100:98e::4415 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 14 | 2 |
14
162.214.144.23
(United States)
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-271553.taka.com.mx
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-271553.taka.com.mx
| www.taka.com.mx |
2
2a02:26f0:7100:98e::4415
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| nc.bnpparibas.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 14 |
taka.com.mx
2 redirects
www.taka.com.mx |
929 KB |
| 2 |
bnpparibas.net
nc.bnpparibas.net |
2 KB |
| 14 | 2 |
| Domain | Requested by | |
|---|---|---|
| 14 | www.taka.com.mx |
2 redirects
www.taka.com.mx
|
| 2 | nc.bnpparibas.net |
www.taka.com.mx
|
| 14 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| nc.bnpparibas.net |
| www.bnpparibas.nc |
| antilles-guyane.bnpparibas |
| antilles-guyane.bnpparibas.net |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.taka.com.mx R3 |
2023-10-12 - 2024-01-10 |
3 months | crt.sh |
| bnp06s.bnpparibas.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-11-21 - 2024-06-11 |
7 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/user.php
Frame ID: C83BB4199A7A9E25567754F719DBF722
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
BNPPARIBAS NET IDENTIFICATIONPage URL History Show full URLs
-
https://www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/
HTTP 302
https://www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/index.php HTTP 302
https://www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/user.php Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
URL: https://nc.bnpparibas.net/part/fr/idehom.html
Search URL Search Domain Scan URL
URL: https://nc.bnpparibas.net/part/en/idehom.html
Search URL Search Domain Scan URL
URL: https://www.bnpparibas.nc/particuliers/banque-a-distance/#4
Title: Banque distance - NouvelleCaledonie.bnpparibas.nc
Title: Banque distance - NouvelleCaledonie.bnpparibas.nc
Search URL Search Domain Scan URL
URL: http://antilles-guyane.bnpparibas/
Title: Accueil
Title: Accueil
Search URL Search Domain Scan URL
URL: http://antilles-guyane.bnpparibas/aide/aide-connexion-bnpinet/
Title: Aide la connexion ?
Title: Aide la connexion ?
Search URL Search Domain Scan URL
URL: http://antilles-guyane.bnpparibas/convention/
Title: Convention
Title: Convention
Search URL Search Domain Scan URL
URL: https://antilles-guyane.bnpparibas.net/part/fr/cookiesp.html
Title: Politique des Cookies
Title: Politique des Cookies
Search URL Search Domain Scan URL
URL: https://antilles-guyane.bnpparibas/espace-donnees-personnelles/77777777
Title: Espace Donn es Personnelles
Title: Espace Donn es Personnelles
Search URL Search Domain Scan URL
URL: https://antilles-guyane.bnpparibas.net/part/fr/ide1hom.html
Title: Visite guid e
Title: Visite guid e
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/
HTTP 302
https://www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/index.php HTTP 302
https://www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/user.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
user.php
www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/ Redirect Chain
|
16 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dciweb.css
www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/BNPPARIBAS_files/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bnp.css
www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/BNPPARIBAS_files/ |
16 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tools.js.download
www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/BNPPARIBAS_files/ |
42 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
headerBack.jpg
www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/BNPPARIBAS_files/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
francec.gif
nc.bnpparibas.net/part/fr/ |
208 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
greatbrc.gif
nc.bnpparibas.net/part/fr/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
etape1.png
www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/BNPPARIBAS_files/ |
476 B 718 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
etape2.png
www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/BNPPARIBAS_files/ |
567 B 809 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dciweb.png
www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/BNPPARIBAS_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
flecheCorriger.png
www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/BNPPARIBAS_files/ |
538 B 779 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
btn_valider.png
www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/BNPPARIBAS_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
btn_annuler.png
www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/BNPPARIBAS_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
covid19-information.png
www.taka.com.mx/pv/dist/js/pages/chartist/groupbnpparibasnc/app/BNPPARIBAS_files/ |
831 KB 831 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNP Paribas (Banking)88 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| msgErreur function| setselect function| getselect function| setradio function| getradio function| CheckForbiddenCharMessage function| CheckForbiddenChar function| CheckForbiddenCharOld function| ZeroDevant function| CheckRIBAlert function| CheckRIB function| CheckAFB function| CheckAFBAlert function| ReadAmount function| CheckAmount function| CheckAmountAlert function| CheckAmountAlertForHtml5 function| CheckNumber function| CheckAmountCouple function| Today function| ReadDate function| CheckDate function| checkDateMobile function| CheckDateAlert function| CheckDateCouple function| CheckIBAN function| KeyIBAN function| TranslateAlpha2Num function| CheckInt function| CheckIntAlert function| lvtrim function| rvtrim function| vtrim function| ltrim function| rtrim function| trim function| CheckStr function| CheckStrAlert function| TextFormat function| TextTranslate function| pad_right function| CheckTime function| CheckTimeAlert function| CheckEmail number| posX function| getMousePos function| getScrollX function| getScrollY function| AffBulle function| HideBulle function| random function| gen_clavier function| makepwd function| clearpwd function| valdec_form function| check_nbdec function| FormatMonnaie function| ChargerCookie function| FormatChecked function| createXmlHttpRequest function| supZero function| logout function| openPopup function| CheckEndDateAFB160 function| setBorder function| showHideError function| documentWrite function| closeReveal function| isInputTypeSupported function| isAttributeSupported function| isHtml5 function| transcoCodeForCreateBeneficiary function| CheckAFBMobile number| posY object| theBody function| clearParams function| control function| submitform function| key function| pwd_writeM number| CellX number| CellY number| col number| lig object| tabcar number| posX1 number| posY11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.taka.com.mx/ | Name: PHPSESSID Value: 0a3c4437945f29bbe539262f7255b164 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
nc.bnpparibas.net
www.taka.com.mx
162.214.144.23
2a02:26f0:7100:98e::4415
0635d965c9c0bc6b7958c2f4a30fecf1e70f67c68cb8caf520dfa8b910d6b4f0
0da01629c4b396bd5d1433cdc5d901f9f32df0ffcdc8c9703153014e7d36e674
4ede7bb44d8cdb4447d0e9589c5ce0980725605bbb6193f96be49d72fd7b4827
6177af01393759499dd3201f4b469f7a2f276b376a7bfd9736bfa0b5b70cc97d
69613cf59b48e5b3762119469f32715e4546d170725d1675d1fd02a364de7d3a
7e226712937dc5e54e9575ef0cb6ec124dc77aab6bde0cecaa9face4a583f911
8a56cd2b0b8b3fb49bbd0502d7ad0ad6d01e955a0e270b68ccc83bf03dd9d25b
955510e34da1928b4ab68f72385e6281ffdf2e5c4326c70cb73f914579bb9c43
99c5135aa6eed33bf4ad8aa53556a5b3a508e9a0fab486cc25806090831c57cd
9acb35fd1f062dca2710241d1f7ac8cb1b5eb21375f1be5b339172cf17d2e802
a88e26f41f545357457f98016637f8f4311437060f90e1352eb4ed220972b50e
b67681cb230c4d6e1c7635b95fbdc00ddf56a3dcf4bfeb6e94c08336e6534b5a
f266f7e14644c34b42531dc2022dc3bc0b92c09d9c6613d5ff92a0edbe45d40b
f7ac02953144040664d7bbcbe0ef5af6ad2966a546de3846931557852538d5be