bnl-alert.com
Open in
urlscan Pro
45.137.20.38
Malicious Activity!
Public Scan
Submission: On November 22 via manual from IT — Scanned from IT
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 21st 2021. Valid for: 3 months.
This is the only time bnl-alert.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNP Paribas (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 45.137.20.38 45.137.20.38 | 51447 (ROOTLAYERNET) (ROOTLAYERNET) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00:281::4445 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
23 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
bnl-alert.com
bnl-alert.com |
703 KB |
1 |
bnl.it
banking.bnl.it |
466 B |
23 | 2 |
Domain | Requested by | |
---|---|---|
22 | bnl-alert.com |
bnl-alert.com
|
1 | banking.bnl.it |
bnl-alert.com
|
23 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
bnl.it |
lifebanker.bnl.it |
www.facebook.com |
twitter.com |
hellobank.it |
www.acf.consob.it |
banking.bnl.it |
www.youtube.com |
socialwall.bnl.it |
x.bnl.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bnl-alert.com cPanel, Inc. Certification Authority |
2021-11-21 - 2022-02-19 |
3 months | crt.sh |
bnl01.bnpparibas.com DigiCert SHA2 Extended Validation Server CA |
2021-09-24 - 2022-09-23 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://bnl-alert.com/
Frame ID: 101F0DE2B2309D83495332E23AC25330
Requests: 21 HTTP requests in this frame
Frame:
https://bnl-alert.com/bnl/saved_resource.html
Frame ID: CECB1EC137EA1841603BB07A67DF7372
Requests: 1 HTTP requests in this frame
Frame:
https://bnl-alert.com/bnl/saved_resource(1).html
Frame ID: 03BD1DBE692D5D3A3AE7C2BD52403CFD
Requests: 1 HTTP requests in this frame
33 Outgoing links
These are links going to different origins than the main page.
Title: Individui e Famiglie
Search URL Search Domain Scan URL
Title: Private Banking
Search URL Search Domain Scan URL
Title: Life Banker
Search URL Search Domain Scan URL
Title: Financial Banking
Search URL Search Domain Scan URL
Title: Professionisti e Imprese
Search URL Search Domain Scan URL
Title: Corporate
Search URL Search Domain Scan URL
Title: Pubblica Amministrazione
Search URL Search Domain Scan URL
Title: Responsabilita Sociale
Search URL Search Domain Scan URL
Title: Scopri BNL
Search URL Search Domain Scan URL
Title: Diventa Cliente
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: DATI SOCIETARI
Search URL Search Domain Scan URL
Title: PROSPETTI CONSOB
Search URL Search Domain Scan URL
Title: RECLAMI-RICORSI-CONCILIAZIONE
Search URL Search Domain Scan URL
Title: RICHIESTA DOCUMENTI
Search URL Search Domain Scan URL
Title: ARBITRO CONTROVERSIE FINANZIARIE
Search URL Search Domain Scan URL
Title: PRIVACY
Search URL Search Domain Scan URL
Title: CARTA RESPONSABILITÀ DATI PERSONALI
Search URL Search Domain Scan URL
Title: NOTE LEGALI
Search URL Search Domain Scan URL
Title: COOKIE
Search URL Search Domain Scan URL
Title: CONTATTI ISTITUZIONALI
Search URL Search Domain Scan URL
Title: PSD2
Search URL Search Domain Scan URL
Title: DAC6
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: BNL X
Search URL Search Domain Scan URL
Title: Finanza pubblica e gestione dinamica del debito
Search URL Search Domain Scan URL
Title: Investimento delle risorse liquide degli Enti
Search URL Search Domain Scan URL
Title: Gestione dei flussi finanziari
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
bnl-alert.com/ |
65 KB 66 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-icons.css
bnl-alert.com/bnl/ |
2 B 240 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
bnl-alert.com/bnl/ |
20 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
bnl-alert.com/bnl/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
bnl-alert.com/bnl/ |
727 B 968 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hb-login.css
bnl-alert.com/bnl/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style(1).css
bnl-alert.com/bnl/ |
16 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
editoriale.css
bnl-alert.com/bnl/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-redational-page-login.min.css
bnl-alert.com/bnl/ |
436 KB 437 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource.html
bnl-alert.com/bnl/ Frame CECB |
315 B 515 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(1).html
bnl-alert.com/bnl/ Frame 03BD |
315 B 515 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trasparenza_BNL-1.jpg
bnl-alert.com/bnl/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
bnl-alert.com/gfx/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnl_payoff_transparent.png
banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/ |
2 B 466 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-continue.png
bnl-alert.com/bnl/ |
837 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BNPP_Sans_Light.woff
bnl-alert.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BNPP_Sans.woff
bnl-alert.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BNPP_Sans.ttf
bnl-alert.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnl_logo_transparent.png
bnl-alert.com/bnl/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp-sans-bold.woff
bnl-alert.com/bnl/ |
54 KB 54 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp-sans.woff
bnl-alert.com/bnl/ |
54 KB 54 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnlicons.woff
bnl-alert.com/bnl/ |
14 KB 14 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BNPP_Sans_Light.ttf
bnl-alert.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNP Paribas (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
banking.bnl.it
bnl-alert.com
2a02:26f0:6c00:281::4445
45.137.20.38
07b2910875089c0e26dd350388cc8a9831b98a3829df82d394e2c715bf9265d4
0ebd476699d79db6b7502538a5088b68ada39af6638f104ddbd06d32f30f8014
1d0f95d73dc3fffecc000871110fbe80679fa6a8afba15e9ea8370269753ab78
24b7fc7a5247a3ccb0216515023889adce611b2ca852efd2223509caeb81b9a9
34515d6801f083e613188d5f7a3cf88c98320ba995262d712ff4b03ade40f5ac
394246f861115d5faf52619ebff6b05b6c221d1f26cc00bb6f6e9e577625a857
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c
77155a2b67996bb206c1a17b0c14d391aa20382fd22bb082a60ffb6df52c253c
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e
8e07d9c3370e4ee161f73835b937fd0617e67ac0f283726a29b998cd39b095bb
b308f3d1ff36489d21909f085fce0b42f04e3f1f678952d1925c59260cc87ee7
bbbd69616617f3c71140dc7e0ef55314d3ba950ce6c8e9215e1b2f090114d94e
c8084a2431bebfd8fcbaa61858f6a808bcbc6b2ef721357c72dd09ae797649fc
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
faeb6208e6ea232eee8679854f65caae667c047556cf9fd8e3d5f6ad4bbd58d3