serveurft.bpx-france.net
Open in
urlscan Pro
83.206.70.13
Malicious Activity!
Public Scan
Effective URL: https://serveurft.bpx-france.net/p/824772969/B8BFE8778966F2C
Submission: On June 14 via api from BE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 11th 2019. Valid for: 2 years.
This is the only time serveurft.bpx-france.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 91.192.43.151 91.192.43.151 | 15960 (GLOBALACCESS) (GLOBALACCESS) | |
14 | 83.206.70.13 83.206.70.13 | 3215 (France Te...) (France Telecom - Orange) | |
14 | 1 |
ASN3215 (France Telecom - Orange, FR)
PTR: 13-70.206-83.static-ip.oleane.fr
serveurft.bpx-france.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
bpx-france.net
serveurft.bpx-france.net |
475 KB |
1 |
bonprix-fl.be
1 redirects
info.bonprix-fl.be |
169 B |
14 | 2 |
Domain | Requested by | |
---|---|---|
14 | serveurft.bpx-france.net |
serveurft.bpx-france.net
|
1 | info.bonprix-fl.be | 1 redirects |
14 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bonprix-fl.be |
Subject Issuer | Validity | Valid | |
---|---|---|---|
serveurft.bonprix.fr DigiCert SHA2 Secure Server CA |
2019-11-11 - 2021-11-10 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://serveurft.bpx-france.net/p/824772969/B8BFE8778966F2C
Frame ID: E2EE3570F38EFE18809496CE874C962C
Requests: 14 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://info.bonprix-fl.be/re?l=BD4Ie41nswI494l9v0Ikpwd91vhI0&u=https://serveurft.bpx-france.net/p/8247...
HTTP 302
https://serveurft.bpx-france.net/p/824772969/B8BFE8778966F2C Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: mijn bonprix
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://info.bonprix-fl.be/re?l=BD4Ie41nswI494l9v0Ikpwd91vhI0&u=https://serveurft.bpx-france.net/p/824772969/B8BFE8778966F2C&s=KFBCICFGPMIGEPED
HTTP 302
https://serveurft.bpx-france.net/p/824772969/B8BFE8778966F2C Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
B8BFE8778966F2C
serveurft.bpx-france.net/p/824772969/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
knacss.css
serveurft.bpx-france.net/css/ |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
serveurft.bpx-france.net/fw/font-awesome-4.2.0/css/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
serveurft.bpx-france.net/css/paymentLink/ |
1 KB 864 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.1.3.min.js
serveurft.bpx-france.net/js/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
less.min.js
serveurft.bpx-france.net/js/ |
130 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bonprix-logo.png
serveurft.bpx-france.net/img/logo/96/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BC_logo_ORGNL_RGB.PNG
serveurft.bpx-france.net/img/pmtLnk/ |
60 KB 60 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-cb-1.jpg
serveurft.bpx-france.net/img/pmtLnk/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-visa-1.png
serveurft.bpx-france.net/img/pmtLnk/ |
73 KB 73 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mc_vrt_opt_pos_46_3x.png
serveurft.bpx-france.net/img/pmtLnk/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BNP-Paribas-logo.jpg
serveurft.bpx-france.net/img/pmtLnk/ |
173 KB 174 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_payment_ingenico_french.png
serveurft.bpx-france.net/img/pmtLnk/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vippng.com-past-due-png-582323.png
serveurft.bpx-france.net/img/pmtLnk/ |
33 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| less string| basePath1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
serveurft.bpx-france.net/ | Name: PHPSESSID Value: r2sivl1lhe7le098r7sbnf5jr4 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
info.bonprix-fl.be
serveurft.bpx-france.net
83.206.70.13
91.192.43.151
0a1957b52a75a86b84ff5b6d542aaf8bc304756f094eaa32fd9572b1c8f04d85
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
1066671c4a8726b242d829f16e3a3c28ff193743896bdbb63aed375031f089ef
2107cd3ebee227c9b8a4724778fc4d2f67c9fb836fd97f3ed877ffb5f5895d85
3465fcb90687ce8de1a86d4a1045c983b25fbc7ad267210395515d651b200e17
550f730c219c972437a9d8d93c9a5208d1be0975bad2a1927cff3ab417deaf61
6c8092237dde33d0a8d1458efda2c012ee0d2e2335b8c72ff93aee82471e0ec4
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9b4e80d3611311a9c1c136110fb5ec2dc221f47f839b456d8177875bc9dd1f56
a0ce7698c8d5dd19e5c200673c7522e707baee876a5622111dd0e8ecf4043167
a2079c0917b341e9f620c7f45bbc91e2fe6b345b74d22f929e56d7d45845863c
a513f940c3af82636774e756e785c3e98952e84b8d4f5011e843aa91f0ed33bc
b2940f82cbd390defdac78230fa50b48fa27b410b27564fc9afe521e75166e7c
d17984cb96a959440435de9f0a3bad52dd7bd228b46fa588d728352343dd2691