cs86859.tw1.ru
Open in
urlscan Pro
2a03:6f00:6:1::b972:f5e8
Malicious Activity!
Public Scan
Effective URL: http://cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/index.php
Submission: On March 14 via api from US — Scanned from US
Summary
This is the only time cs86859.tw1.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Credit Agricole (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 30 | 2a03:6f00:6:1... 2a03:6f00:6:1::b972:f5e8 | 9123 (TIMEWEB-AS) (TIMEWEB-AS) | |
6 | 185.114.245.232 185.114.245.232 | 9123 (TIMEWEB-AS) (TIMEWEB-AS) | |
35 | 2 |
ASN9123 (TIMEWEB-AS, RU)
PTR: premium60.timeweb.ru
cs86859.tw1.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
36 |
tw1.ru
1 redirects
cs86859.tw1.ru |
560 KB |
35 | 1 |
Domain | Requested by | |
---|---|---|
36 | cs86859.tw1.ru |
1 redirects
cs86859.tw1.ru
|
35 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/index.php
Frame ID: 0175D255F22C3B29B54B466A8DE5E0E4
Requests: 35 HTTP requests in this frame
Screenshot
Page Title
Accès CR - Crédit Agricole Alpes ProvencePage URL History Show full URLs
-
http://cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/
HTTP 302
http://cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/index.php Page URL
Detected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- <div class="[^"]*parbase
PHP (Programming Languages) Expand
Detected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/
HTTP 302
http://cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/index.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/ Redirect Chain
|
40 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
44e2d3d23713b8f105d11461742c9db9.css
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/ |
1 MB 191 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
24105c3ab333bb9871953d755011f366.css
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
44ceddaeff0713d395ac2359d79d0db9.css
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d0196ccb8ef0f95d3990b3da0665b235.css
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ddd3469fd6c3f8f331e0d3b3d56134c3.css
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_caap.png
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_CAAP_216x40.png
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/img/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_ca.png
cs86859.tw1.ru/content/dam/assetsca/npc/logos/ |
196 B 196 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jq.js
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/res/ |
287 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
menu.png
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
270 B 581 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
par.png
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
552 B 863 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serch.png
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
817 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
map.png
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
706 B 1017 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
contact.png
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
606 B 917 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
user.png
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
select.png
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
506 B 817 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
acces_cr_part_carre.jpg
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/img/ |
238 KB 239 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gotham-Book.woff2
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gotham-Medium.woff2
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gotham-Bold.woff2
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
npcicons-crunchy-r2302.woff2
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/clientlib-resources/resources/fonts/npcicons-crunchy/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gotham-Black.woff2
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gotham-Book.woff
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gotham-Medium.woff
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gotham-Bold.woff
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gotham-Black.woff
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
npcicons-crunchy-r2302.woff
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/clientlib-resources/resources/fonts/npcicons-crunchy/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gotham-Book.otf
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/clientlib-resources/resources/fonts/gotham/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gotham-Medium.otf
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/clientlib-resources/resources/fonts/gotham/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gotham-Bold.otf
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/clientlib-resources/resources/fonts/gotham/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gotham-Black.otf
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/clientlib-resources/resources/fonts/gotham/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
npcicons-crunchy-r2302.ttf
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/app/css/clientlib-resources/resources/fonts/npcicons-crunchy/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
fetch.php
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/panel/ |
1 B 162 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
fetch.php
cs86859.tw1.ru/agri-service/98b2a4ad720e003feca92158f5d3f4c5/panel/ |
1 B 162 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Credit Agricole (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery string| cd1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
cs86859.tw1.ru/ | Name: PHPSESSID Value: 75854d3e43225259d8bfe7db863139d5 |
16 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cs86859.tw1.ru
185.114.245.232
2a03:6f00:6:1::b972:f5e8
00d24ef301ad1c659faa1a0bbdbc9c16675624efb99e02240d28b8f81496347a
04af3329fe1c592de8e357a29bd804580c0af97ca13959b84d59aaaf43fb850d
0775513a58624d11e22cf814d9080e3d08d4b43885dc4ac2218a5c5229c281ee
2f567c96dc68fa7c4af43a25ac2b8d0c50625ee62f095849c53ce8ecad1ca8e6
34a33c04f0f49a1033f59492f426980cd50ada2b58677f0fd2b5bef0fa8dbda5
433f3f4f69279c6383401ed8d35544eb4ce9ec1f9cec22ade72f979a0ff2a94b
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
7243191d7f8681c61b55d853784be4df1caeff96024bb21a92355b992b55ad3a
7e8db8ac96a4e9d946296cc8fd8678e61cd8754b55f10056d6e2676c84af4ee4
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
90e31a25b6f4ca04108ac1524e62193688d25bb6fa277e48f1ad31179760534b
9945dd2378190b04503fd2a6904bb90ec544322714f15273e2e8e8add70c40dd
9d02ee01919145c20b03ee9d3013af7118793dedf5d2c0696a773af90066c953
ae30b166c9c1ad108c0f152948b8e75da03163a134890ab1a3a3ef963975d392
afcd95d6a93cf22327e11b782c929b3d188812421d26d6f9be117927b9ad8ead
c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8
dfb92bcabb9af680c7968392de39fc99ecea78d9cadfe4758028cc0e69ab65ba
e3948486256659b7654da8f3af1c2b3a1bb03120502e4377f4db0cb303bc7bc1
eeba24b4c4c1ef75664ee677c64ae60dc4a2c536a4ba6a4921c27cf02a894dd6