ixiresidences.fr Open in urlscan Pro
5.44.160.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614
Submission Tags: #phishing @atomspam Search All
Submission: On October 26 via api (October 26th 2022, 7:38:31 am UTC) from FI — Scanned from FR

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 5.44.160.3, located in France and belongs to SYSTONIC-AS, FR. The main domain is ixiresidences.fr.
TLS certificate: Issued by R3 on August 26th 2022. Valid for: 3 months.

This is the only time ixiresidences.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Credit Agricole (Banking)

Domain & IP information

	IP Address		AS Autonomous System
12	5.44.160.3 5.44.160.3		38926 (SYSTONIC-AS) (SYSTONIC-AS)
12	2

12 5.44.160.3 (France)

ASN38926 (SYSTONIC-AS, FR)
PTR: antispam3.sys1.fr

ixiresidences.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	ixiresidences.fr ixiresidences.fr	584 KB
12	1

	Domain	Requested by
12	ixiresidences.fr	ixiresidences.fr
12	1

This site contains no links.

Subject Issuer	Validity	Valid
ixiresidences.fr R3	`2022-08-26` - `2022-11-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614
Frame ID: 72263D4A190A4AAC63C0DA3075F4C3ED
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*parbase

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

584 kB
Transfer

1770 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request a6635011.php Show response ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/	13 KB 4 KB	129ms 31ms	Document text/html	5.44.160.3 SYSTONIC-AS
General Check archive.org Show headers Download Go to Full URL https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.44.160.3 , France, ASN38926 (SYSTONIC-AS, FR), Reverse DNS antispam3.sys1.fr Software Apache / PHP/7.2.33 Resource Hash `606330e77628b45d4da203816f474d8f05cf7587d01885c59b31ba841cbeb4c5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 3354 Content-Type text/html; charset-UTF-8;charset=UTF-8 Date Wed, 26 Oct 2022 07:38:24 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=15, max=100 Pragma no-cache Server Apache Vary Accept-Encoding X-Powered-By PHP/7.2.33
GET H/1.1	200 OK	6997f510.css ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/	1 MB 169 KB	46ms 45ms	Stylesheet text/css	5.44.160.3 SYSTONIC-AS
General Check archive.org Show headers Download Go to Full URL https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/6997f510.css Requested by Host: ixiresidences.fr URL: https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.44.160.3 , France, ASN38926 (SYSTONIC-AS, FR), Reverse DNS antispam3.sys1.fr Software Apache / Resource Hash `74a3ce7b4b1c07d85bfb5aeb0ec7c32914f348e7262e236271e135a991a61c3a` Request headers accept-language fr-FR,fr;q=0.9 Referer https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 07:38:25 GMT Content-Encoding gzip Last-Modified Tue, 25 Oct 2022 17:52:55 GMT Server Apache ETag "143120-5ebdf93ec08a0-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=99
GET H/1.1	200 OK	1f61aaac.css ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/	15 KB 4 KB	94ms 28ms	Stylesheet text/css	5.44.160.3 SYSTONIC-AS
General Check archive.org Show headers Download Go to Full URL https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/1f61aaac.css Requested by Host: ixiresidences.fr URL: https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.44.160.3 , France, ASN38926 (SYSTONIC-AS, FR), Reverse DNS antispam3.sys1.fr Software Apache / Resource Hash `91f03ca0626fae8c1f0ed8db8eb4df4b927071bc2f1f5cff4fbe1a97a2babfc3` Request headers accept-language fr-FR,fr;q=0.9 Referer https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 07:38:25 GMT Content-Encoding gzip Last-Modified Tue, 25 Oct 2022 17:52:55 GMT Server Apache ETag "3dcc-5ebdf93ebe960-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 4067
GET H/1.1	200 OK	3d681eff.css ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/	19 KB 5 KB	94ms 29ms	Stylesheet text/css	5.44.160.3 SYSTONIC-AS
General Check archive.org Show headers Download Go to Full URL https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/3d681eff.css Requested by Host: ixiresidences.fr URL: https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.44.160.3 , France, ASN38926 (SYSTONIC-AS, FR), Reverse DNS antispam3.sys1.fr Software Apache / Resource Hash `0093bc28c850f155462b7c8892fe1f840b4da40590a45fcab97e962ddb624606` Request headers accept-language fr-FR,fr;q=0.9 Referer https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 07:38:25 GMT Content-Encoding gzip Last-Modified Tue, 25 Oct 2022 17:52:55 GMT Server Apache ETag "4b32-5ebdf93ebe960-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 4648
GET H/1.1	200 OK	d41d8cd9.css ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/	0 265 B	91ms 27ms	Stylesheet text/css	5.44.160.3 SYSTONIC-AS
General Check archive.org Show headers Download Go to Full URL https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/d41d8cd9.css Requested by Host: ixiresidences.fr URL: https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.44.160.3 , France, ASN38926 (SYSTONIC-AS, FR), Reverse DNS antispam3.sys1.fr Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language fr-FR,fr;q=0.9 Referer https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 07:38:25 GMT Last-Modified Tue, 25 Oct 2022 17:52:55 GMT Server Apache ETag "0-5ebdf93ec08a0" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 0
GET H/1.1	200 OK	CA_Logo_seul-1.svg ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/imgs//	16 KB 5 KB	36ms 27ms	Image image/svg+xml	5.44.160.3 SYSTONIC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/imgs//CA_Logo_seul-1.svg Requested by Host: ixiresidences.fr URL: https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.44.160.3 , France, ASN38926 (SYSTONIC-AS, FR), Reverse DNS antispam3.sys1.fr Software Apache / Resource Hash `4a3b0d2a941677f6fb37a438d20deacc3cea1d6fdc728f72cf3d7ca099cc0ca9` Request headers accept-language fr-FR,fr;q=0.9 Referer https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 07:38:25 GMT Content-Encoding gzip Last-Modified Tue, 25 Oct 2022 17:52:55 GMT Server Apache ETag "3f78-5ebdf93ec1840-gzip" Vary Accept-Encoding Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=99 Content-Length 4738
GET DATA	200 OK	truncated /	901 B 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `76155584344103aa0faa76819ed842f16b3ddb62f37d90b36549ac738404721b` Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type image/jpeg
GET H/1.1	200 OK	acces_cr_part_carre.jpg ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/imgs//	238 KB 220 KB	30ms 29ms	Image image/jpeg	5.44.160.3 SYSTONIC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/imgs//acces_cr_part_carre.jpg Requested by Host: ixiresidences.fr URL: https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.44.160.3 , France, ASN38926 (SYSTONIC-AS, FR), Reverse DNS antispam3.sys1.fr Software Apache / Resource Hash `c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8` Request headers accept-language fr-FR,fr;q=0.9 Referer https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/a6635011.php?id=59719614 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 07:38:25 GMT Content-Encoding gzip Last-Modified Tue, 25 Oct 2022 17:52:55 GMT Server Apache ETag "3b8cf-5ebdf93ec1840-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=98
GET H/1.1	200 OK	npcicons-crunchy.woff2 ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/clientlib-resources/resources/fonts/npcicons-crunchy/	16 KB 16 KB	28ms 27ms	Font font/woff2	5.44.160.3 SYSTONIC-AS
General Check archive.org Show headers Download Go to Full URL https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff2 Requested by Host: ixiresidences.fr URL: https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/6997f510.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.44.160.3 , France, ASN38926 (SYSTONIC-AS, FR), Reverse DNS antispam3.sys1.fr Software Apache / Resource Hash `2b4f1630e7cc5b5f4b6dd7b74888509cf60f756f29f3b4405cd0310c10155361` Request headers Referer https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/6997f510.css Origin https://ixiresidences.fr accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 07:38:25 GMT Content-Encoding gzip Last-Modified Tue, 25 Oct 2022 17:52:55 GMT Server Apache ETag "3efc-5ebdf93ec08a0-gzip" Vary Accept-Encoding Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=98 Content-Length 16147
GET H/1.1	200 OK	Gotham-Book.woff2 ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/clientlib-resources/resources/fonts/gotham/	41 KB 41 KB	29ms 28ms	Font font/woff2	5.44.160.3 SYSTONIC-AS
General Check archive.org Show headers Download Go to Full URL https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/clientlib-resources/resources/fonts/gotham/Gotham-Book.woff2 Requested by Host: ixiresidences.fr URL: https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/6997f510.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.44.160.3 , France, ASN38926 (SYSTONIC-AS, FR), Reverse DNS antispam3.sys1.fr Software Apache / Resource Hash `3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e` Request headers Referer https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/6997f510.css Origin https://ixiresidences.fr accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 07:38:25 GMT Content-Encoding gzip Last-Modified Tue, 25 Oct 2022 17:52:55 GMT Server Apache ETag "a300-5ebdf93ec08a0-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=99
GET H/1.1	200 OK	Gotham-Bold.woff2 ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/clientlib-resources/resources/fonts/gotham/	38 KB 39 KB	28ms 28ms	Font font/woff2	5.44.160.3 SYSTONIC-AS
General Check archive.org Show headers Download Go to Full URL https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/clientlib-resources/resources/fonts/gotham/Gotham-Bold.woff2 Requested by Host: ixiresidences.fr URL: https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/6997f510.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.44.160.3 , France, ASN38926 (SYSTONIC-AS, FR), Reverse DNS antispam3.sys1.fr Software Apache / Resource Hash `319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1` Request headers Referer https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/6997f510.css Origin https://ixiresidences.fr accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 07:38:25 GMT Content-Encoding gzip Last-Modified Tue, 25 Oct 2022 17:52:55 GMT Server Apache ETag "9960-5ebdf93ec08a0-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=99
GET H/1.1	200 OK	Gotham-Medium.woff2 ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/clientlib-resources/resources/fonts/gotham/	41 KB 41 KB	29ms 29ms	Font font/woff2	5.44.160.3 SYSTONIC-AS
General Check archive.org Show headers Download Go to Full URL https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/clientlib-resources/resources/fonts/gotham/Gotham-Medium.woff2 Requested by Host: ixiresidences.fr URL: https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/6997f510.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.44.160.3 , France, ASN38926 (SYSTONIC-AS, FR), Reverse DNS antispam3.sys1.fr Software Apache / Resource Hash `ba17f8257b1f710aa0e7136f4bd4b91a9a7db4f9cac2c409caf8708a64787303` Request headers Referer https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/6997f510.css Origin https://ixiresidences.fr accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 07:38:25 GMT Content-Encoding gzip Last-Modified Tue, 25 Oct 2022 17:52:55 GMT Server Apache ETag "a210-5ebdf93ec08a0-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100
GET H/1.1	200 OK	Gotham-Light.woff2 ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/clientlib-resources/resources/fonts/gotham/	39 KB 40 KB	79ms 27ms	Font font/woff2	5.44.160.3 SYSTONIC-AS
General Check archive.org Show headers Download Go to Full URL https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/clientlib-resources/resources/fonts/gotham/Gotham-Light.woff2 Requested by Host: ixiresidences.fr URL: https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/6997f510.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.44.160.3 , France, ASN38926 (SYSTONIC-AS, FR), Reverse DNS antispam3.sys1.fr Software Apache / Resource Hash `e266d1f2bcf1da0faff6964637fdcd9a4e47c50a7a56be74424f409f30c83c5e` Request headers Referer https://ixiresidences.fr/Agricole/unzip/newee/newee/newee/new/q99550/layouts/css/6997f510.css Origin https://ixiresidences.fr accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 07:38:25 GMT Content-Encoding gzip Last-Modified Tue, 25 Oct 2022 17:52:55 GMT Server Apache ETag "9d58-5ebdf93ec08a0-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=97

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Credit Agricole (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ixiresidences.fr/	1969-12-31 23:59:59	Name: PHPSESSID Value: 03d88e3aa3c9e9f911db1f1a64fb9c70

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ixiresidences.fr
5.44.160.3
0093bc28c850f155462b7c8892fe1f840b4da40590a45fcab97e962ddb624606
2b4f1630e7cc5b5f4b6dd7b74888509cf60f756f29f3b4405cd0310c10155361
319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1
3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e
4a3b0d2a941677f6fb37a438d20deacc3cea1d6fdc728f72cf3d7ca099cc0ca9
606330e77628b45d4da203816f474d8f05cf7587d01885c59b31ba841cbeb4c5
74a3ce7b4b1c07d85bfb5aeb0ec7c32914f348e7262e236271e135a991a61c3a
76155584344103aa0faa76819ed842f16b3ddb62f37d90b36549ac738404721b
91f03ca0626fae8c1f0ed8db8eb4df4b927071bc2f1f5cff4fbe1a97a2babfc3
ba17f8257b1f710aa0e7136f4bd4b91a9a7db4f9cac2c409caf8708a64787303
c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8
e266d1f2bcf1da0faff6964637fdcd9a4e47c50a7a56be74424f409f30c83c5e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ixiresidences.fr Open in urlscan Pro 5.44.160.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

584 kBTransfer

1770 kBSize

1 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

1 Cookies

Indicators

ixiresidences.fr Open in urlscan Pro
5.44.160.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

584 kB
Transfer

1770 kB
Size

1
Cookies

12 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!