bnl-alert.com Open in urlscan Pro
45.137.20.38 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bnl-alert.com/
Submission: On November 22 via manual (November 22nd 2021, 9:29:18 am UTC) from IT — Scanned from IT

Summary HTTP 23 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 45.137.20.38, located in Bangladesh and belongs to ROOTLAYERNET, BD. The main domain is bnl-alert.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 21st 2021. Valid for: 3 months.

This is the only time bnl-alert.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

	IP Address	AS Autonomous System
22	45.137.20.38 45.137.20.38	51447 (ROOTLAYERNET) (ROOTLAYERNET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:281::4445	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
23	2

22 45.137.20.38 (Bangladesh)

ASN51447 (ROOTLAYERNET, BD)
PTR: hosted-by.rootlayer.net

bnl-alert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:281::4445 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

banking.bnl.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	bnl-alert.com bnl-alert.com	703 KB
1	bnl.it banking.bnl.it	466 B
23	2

	Domain	Requested by
22	bnl-alert.com	bnl-alert.com
1	banking.bnl.it	bnl-alert.com
23	2

This site contains links to these domains. Also see Links.

Domain
bnl.it
lifebanker.bnl.it
www.facebook.com
twitter.com
hellobank.it
www.acf.consob.it
banking.bnl.it
www.youtube.com
socialwall.bnl.it
x.bnl.it

Subject Issuer	Validity	Valid
bnl-alert.com cPanel, Inc. Certification Authority	`2021-11-21` - `2022-02-19`	3 months	crt.sh
bnl01.bnpparibas.com DigiCert SHA2 Extended Validation Server CA	`2021-09-24` - `2022-09-23`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://bnl-alert.com/
Frame ID: 101F0DE2B2309D83495332E23AC25330
Requests: 21 HTTP requests in this frame

Frame: https://bnl-alert.com/bnl/saved_resource.html
Frame ID: CECB1EC137EA1841603BB07A67DF7372
Requests: 1 HTTP requests in this frame

Frame: https://bnl-alert.com/bnl/saved_resource(1).html
Frame ID: 03BD1DBE692D5D3A3AE7C2BD52403CFD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SMS CODE

Page Statistics

23
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

703 kB
Transfer

699 kB
Size

0
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://bnl.it/it/Individui-e-Famiglie
Title: Individui e Famiglie

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Private-Banking
Title: Private Banking

Search URL Search Domain Scan URL

URL: http://lifebanker.bnl.it/offerta-360/
Title: Life Banker

Search URL Search Domain Scan URL

URL: https://bnl.it/it/financial-banking
Title: Financial Banking

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Professionisti-e-Imprese
Title: Professionisti e Imprese

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Corporate
Title: Corporate

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Pubblica-Amministrazione
Title: Pubblica Amministrazione

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Responsabilita-Sociale
Title: Responsabilita Sociale

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Scopri-BNL
Title: Scopri BNL

Search URL Search Domain Scan URL

URL: https://bnl.it/comunicazione/diventacliente/
Title: Diventa Cliente

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BNLBNPParibas/

Search URL Search Domain Scan URL

URL: https://twitter.com/bnpparibas

Search URL Search Domain Scan URL

URL: https://hellobank.it/it/home

Search URL Search Domain Scan URL

URL: http://lifebanker.bnl.it/

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Trasparenza

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Dati-Societari
Title: DATI SOCIETARI

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Prospetti-Consob
Title: PROSPETTI CONSOB

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Reclami-Ricorsi-Conciliazione
Title: RECLAMI-RICORSI-CONCILIAZIONE

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Richiesta-documenti
Title: RICHIESTA DOCUMENTI

Search URL Search Domain Scan URL

URL: https://www.acf.consob.it/
Title: ARBITRO CONTROVERSIE FINANZIARIE

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Privacy
Title: PRIVACY

Search URL Search Domain Scan URL

URL: https://banking.bnl.it/rsc/SupportingFiles/carta-responsabilita-dati-personali-BNL.pdf
Title: CARTA RESPONSABILITÀ DATI PERSONALI

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Note-Legali
Title: NOTE LEGALI

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/Cookie
Title: COOKIE

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Individui-e-Famiglie/Contatti/Contatti-Istituzionali
Title: CONTATTI ISTITUZIONALI

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Individui-e-Famiglie/Internet-e-Mobile/Navigare-in-sicurezza/PSD2
Title: PSD2

Search URL Search Domain Scan URL

URL: https://bnl.it/it/Footer/DAC6
Title: DAC6

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BNLCHANNEL

Search URL Search Domain Scan URL

URL: http://socialwall.bnl.it/

Search URL Search Domain Scan URL

URL: https://x.bnl.it/
Title: BNL X

Search URL Search Domain Scan URL

URL: https://banking.bnl.it/it/Pubblica-Amministrazione/Finanza-pubblica-e-gestione-dinamica-del-debito
Title: Finanza pubblica e gestione dinamica del debito

Search URL Search Domain Scan URL

URL: https://banking.bnl.it/it/Pubblica-Amministrazione/Investimento-delle-risorse-liquide-degli-Enti
Title: Investimento delle risorse liquide degli Enti

Search URL Search Domain Scan URL

URL: https://banking.bnl.it/it/Pubblica-Amministrazione/Gestione-dei-flussi-finanziari
Title: Gestione dei flussi finanziari

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bnl-alert.com/ 65 KB
66 KB 463ms
39ms Document
text/html 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: c8084a2431bebfd8fcbaa61858f6a808bcbc6b2ef721357c72dd09ae797649fc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

Date: Mon, 22 Nov 2021 09:29:13 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK footer-icons.css
bnl-alert.com/bnl/ 2 B
240 B 49ms
33ms Stylesheet
text/css 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/bnl/footer-icons.css
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: 7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:13 GMT
Last-Modified: Wed, 03 Nov 2021 16:36:04 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2

GET
H/1.1 200
OK style.css
bnl-alert.com/bnl/ 20 KB
20 KB 84ms
34ms Stylesheet
text/css 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/bnl/style.css
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: 77155a2b67996bb206c1a17b0c14d391aa20382fd22bb082a60ffb6df52c253c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:13 GMT
Last-Modified: Wed, 03 Nov 2021 16:36:22 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 20684

GET
H/1.1 200
OK fonts.css
bnl-alert.com/bnl/ 1 KB
2 KB 103ms
33ms Stylesheet
text/css 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/bnl/fonts.css
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: b308f3d1ff36489d21909f085fce0b42f04e3f1f678952d1925c59260cc87ee7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:13 GMT
Last-Modified: Wed, 03 Nov 2021 16:36:22 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1346

GET
H/1.1 200
OK login.css
bnl-alert.com/bnl/ 727 B
968 B 114ms
38ms Stylesheet
text/css 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/bnl/login.css
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: 07b2910875089c0e26dd350388cc8a9831b98a3829df82d394e2c715bf9265d4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:13 GMT
Last-Modified: Wed, 03 Nov 2021 16:36:22 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 727

GET
H/1.1 200
OK hb-login.css
bnl-alert.com/bnl/ 8 KB
8 KB 116ms
40ms Stylesheet
text/css 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/bnl/hb-login.css
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: bbbd69616617f3c71140dc7e0ef55314d3ba950ce6c8e9215e1b2f090114d94e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:13 GMT
Last-Modified: Sat, 06 Nov 2021 04:02:02 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7739

GET
H/1.1 200
OK style(1).css
bnl-alert.com/bnl/ 16 KB
16 KB 119ms
41ms Stylesheet
text/css 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/bnl/style(1).css
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: 34515d6801f083e613188d5f7a3cf88c98320ba995262d712ff4b03ade40f5ac

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:13 GMT
Last-Modified: Wed, 03 Nov 2021 16:36:22 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 16355

GET
H/1.1 200
OK editoriale.css
bnl-alert.com/bnl/ 5 KB
5 KB 118ms
40ms Stylesheet
text/css 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/bnl/editoriale.css
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: 1d0f95d73dc3fffecc000871110fbe80679fa6a8afba15e9ea8370269753ab78

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:13 GMT
Last-Modified: Wed, 03 Nov 2021 16:36:22 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5111

GET
H/1.1 200
OK clientlib-redational-page-login.min.css
bnl-alert.com/bnl/ 436 KB
437 KB 118ms
33ms Stylesheet
text/css 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/bnl/clientlib-redational-page-login.min.css
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: 394246f861115d5faf52619ebff6b05b6c221d1f26cc00bb6f6e9e577625a857

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:13 GMT
Last-Modified: Wed, 03 Nov 2021 20:18:10 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 446792

GET
H/1.1 404
Not Found saved_resource.html Show response
bnl-alert.com/bnl/ Frame CECB 315 B
515 B 134ms
33ms Document
text/html 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/bnl/saved_resource.html
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/

Response headers

Date: Mon, 22 Nov 2021 09:29:14 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found saved_resource(1).html Show response
bnl-alert.com/bnl/ Frame 03BD 315 B
515 B 149ms
38ms Document
text/html 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/bnl/saved_resource(1).html
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/

Response headers

Date: Mon, 22 Nov 2021 09:29:14 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK trasparenza_BNL-1.jpg
bnl-alert.com/bnl/ 19 KB
19 KB 55ms
41ms Image
image/jpeg 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bnl-alert.com/bnl/trasparenza_BNL-1.jpg
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: 24b7fc7a5247a3ccb0216515023889adce611b2ca852efd2223509caeb81b9a9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:14 GMT
Last-Modified: Wed, 03 Nov 2021 16:36:16 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19661

GET
H/1.1 404
Not Found logo.png
bnl-alert.com/gfx/ 315 B
315 B 38ms
38ms Image
text/html 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bnl-alert.com/gfx/logo.png
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/bnl/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/bnl/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK bnl_payoff_transparent.png
banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/ 2 B
466 B 210ms
64ms Image
image/png 2a02:26f0:6c00:281::4445
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/bnl_payoff_transparent.png

Requested by

Host: bnl-alert.com
URL: https://bnl-alert.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::4445 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:14 GMT
Vary: Host
Last-Modified: Mon, 11 Jan 2021 10:52:59 GMT
x-frame-options: SAMEORIGIN
ETag: "2-5b89db59cad5b"
Strict-Transport-Security: max-age=15768000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png;charset=iso-8859-1
Content-Length: 2
x-content-type-options: nosniff

GET
H/1.1 200
OK login-continue.png
bnl-alert.com/bnl/ 837 B
1 KB 40ms
39ms Image
image/png 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bnl-alert.com/bnl/login-continue.png
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/bnl/hb-login.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: 8e07d9c3370e4ee161f73835b937fd0617e67ac0f283726a29b998cd39b095bb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/bnl/hb-login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:14 GMT
Last-Modified: Thu, 04 Nov 2021 10:52:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 837

GET
H/1.1 404
Not Found BNPP_Sans_Light.woff
bnl-alert.com/fonts/ 0
0 39ms
38ms Font
text/html 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/fonts/BNPP_Sans_Light.woff
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/bnl/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash

Request headers

Referer: https://bnl-alert.com/bnl/fonts.css
Origin: https://bnl-alert.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found BNPP_Sans.woff
bnl-alert.com/fonts/ 0
0 33ms
33ms Font
text/html 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/fonts/BNPP_Sans.woff
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/bnl/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash

Request headers

Referer: https://bnl-alert.com/bnl/fonts.css
Origin: https://bnl-alert.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found BNPP_Sans.ttf
bnl-alert.com/fonts/ 0
0 38ms
38ms Font
text/html 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/fonts/BNPP_Sans.ttf
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/bnl/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash

Request headers

Referer: https://bnl-alert.com/bnl/fonts.css
Origin: https://bnl-alert.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK bnl_logo_transparent.png
bnl-alert.com/bnl/ 5 KB
5 KB 39ms
39ms Image
image/png 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bnl-alert.com/bnl/bnl_logo_transparent.png
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/bnl/clientlib-redational-page-login.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: faeb6208e6ea232eee8679854f65caae667c047556cf9fd8e3d5f6ad4bbd58d3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://bnl-alert.com/bnl/clientlib-redational-page-login.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:14 GMT
Last-Modified: Wed, 03 Nov 2021 18:45:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4611

GET
H/1.1 200
OK bnpp-sans-bold.woff
bnl-alert.com/bnl/ 54 KB
54 KB 41ms
41ms Font
font/woff 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/bnl/bnpp-sans-bold.woff
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/bnl/clientlib-redational-page-login.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: 80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e

Request headers

Referer: https://bnl-alert.com/bnl/clientlib-redational-page-login.min.css
Origin: https://bnl-alert.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:14 GMT
Last-Modified: Wed, 03 Nov 2021 18:31:36 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 54984

GET
H/1.1 200
OK bnpp-sans.woff
bnl-alert.com/bnl/ 54 KB
54 KB 36ms
35ms Font
font/woff 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/bnl/bnpp-sans.woff
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/bnl/clientlib-redational-page-login.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: 3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c

Request headers

Referer: https://bnl-alert.com/bnl/clientlib-redational-page-login.min.css
Origin: https://bnl-alert.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:14 GMT
Last-Modified: Wed, 03 Nov 2021 18:31:50 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 54856

GET
H/1.1 200
OK bnlicons.woff
bnl-alert.com/bnl/ 14 KB
14 KB 33ms
33ms Font
font/woff 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/bnl/bnlicons.woff
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/bnl/clientlib-redational-page-login.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash: 0ebd476699d79db6b7502538a5088b68ada39af6638f104ddbd06d32f30f8014

Request headers

Referer: https://bnl-alert.com/bnl/clientlib-redational-page-login.min.css
Origin: https://bnl-alert.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:14 GMT
Last-Modified: Wed, 03 Nov 2021 18:30:58 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 14224

GET
H/1.1 404
Not Found BNPP_Sans_Light.ttf
bnl-alert.com/fonts/ 0
0 38ms
38ms Font
text/html 45.137.20.38
ROOTLAYERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnl-alert.com/fonts/BNPP_Sans_Light.ttf
Requested by: Host: bnl-alert.com
URL: https://bnl-alert.com/bnl/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.20.38 , Bangladesh, ASN51447 (ROOTLAYERNET, BD),
Reverse DNS: hosted-by.rootlayer.net
Software: Apache /
Resource Hash

Request headers

Referer: https://bnl-alert.com/bnl/fonts.css
Origin: https://bnl-alert.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 09:29:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bnl-alert.com/bnl/saved_resource.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bnl-alert.com/bnl/saved_resource(1).html Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bnl-alert.com/fonts/BNPP_Sans.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bnl-alert.com/gfx/logo.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bnl-alert.com/fonts/BNPP_Sans_Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bnl-alert.com/fonts/BNPP_Sans.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bnl-alert.com/fonts/BNPP_Sans_Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banking.bnl.it
bnl-alert.com
2a02:26f0:6c00:281::4445
45.137.20.38
07b2910875089c0e26dd350388cc8a9831b98a3829df82d394e2c715bf9265d4
0ebd476699d79db6b7502538a5088b68ada39af6638f104ddbd06d32f30f8014
1d0f95d73dc3fffecc000871110fbe80679fa6a8afba15e9ea8370269753ab78
24b7fc7a5247a3ccb0216515023889adce611b2ca852efd2223509caeb81b9a9
34515d6801f083e613188d5f7a3cf88c98320ba995262d712ff4b03ade40f5ac
394246f861115d5faf52619ebff6b05b6c221d1f26cc00bb6f6e9e577625a857
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c
77155a2b67996bb206c1a17b0c14d391aa20382fd22bb082a60ffb6df52c253c
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e
8e07d9c3370e4ee161f73835b937fd0617e67ac0f283726a29b998cd39b095bb
b308f3d1ff36489d21909f085fce0b42f04e3f1f678952d1925c59260cc87ee7
bbbd69616617f3c71140dc7e0ef55314d3ba950ce6c8e9215e1b2f090114d94e
c8084a2431bebfd8fcbaa61858f6a808bcbc6b2ef721357c72dd09ae797649fc
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
faeb6208e6ea232eee8679854f65caae667c047556cf9fd8e3d5f6ad4bbd58d3

bnl-alert.com Open in urlscan Pro 45.137.20.38 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

23 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

703 kBTransfer

699 kBSize

0 Cookies

33 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

7 Console Messages

Indicators

bnl-alert.com Open in urlscan Pro
45.137.20.38 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

703 kB
Transfer

699 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!