robot.wizlink.eu
Open in
urlscan Pro
85.128.138.250
Malicious Activity!
Public Scan
Effective URL: https://robot.wizlink.eu/wp-admin/user/fr/
Submission: On October 23 via manual from FR — Scanned from FR
Summary
TLS certificate: Issued by nazwaSSL on April 28th 2023. Valid for: a year.
This is the only time robot.wizlink.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: FR Government (Government) Impots Gouv (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 7 | 2606:4700:20:... 2606:4700:20::681a:ed | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:809::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a04:4e42::649 2a04:4e42::649 | 54113 (FASTLY) (FASTLY) | |
2 | 2a00:1450:400... 2a00:1450:4001:811::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2008 | 15169 (GOOGLE) (GOOGLE) | |
8 | 2a00:1450:400... 2a00:1450:4001:810::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 85.128.138.250 85.128.138.250 | 15967 (NAZWA) (NAZWA) | |
8 | 2a00:1450:400... 2a00:1450:4001:803::2003 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
14 | 2a00:1450:400... 2a00:1450:4001:80b::2001 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:813::2002 | 15169 (GOOGLE) (GOOGLE) | |
58 | 15 |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
partner.googleadservices.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 |
299 KB |
8 |
gstatic.com
www.gstatic.com |
48 KB |
8 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 |
136 KB |
7 |
appurl.io
1 redirects
appurl.io — Cisco Umbrella Rank: 872164 |
39 KB |
4 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49 |
5 KB |
3 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223 |
118 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250 |
21 KB |
2 |
wizlink.eu
1 redirects
robot.wizlink.eu |
154 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1183 |
26 KB |
1 |
googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200 |
597 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56 |
82 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 925 |
23 KB |
58 | 12 |
Domain | Requested by | |
---|---|---|
14 | tpc.googlesyndication.com |
googleads.g.doubleclick.net
|
8 | www.gstatic.com |
googleads.g.doubleclick.net
|
8 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
googleads.g.doubleclick.net |
7 | appurl.io |
1 redirects
appurl.io
|
4 | fonts.googleapis.com |
googleads.g.doubleclick.net
|
3 | www.googletagservices.com |
googleads.g.doubleclick.net
|
3 | pagead2.googlesyndication.com |
appurl.io
pagead2.googlesyndication.com www.googletagservices.com |
2 | robot.wizlink.eu |
1 redirects
appurl.io
|
2 | www.google-analytics.com |
appurl.io
www.google-analytics.com |
2 | maxcdn.bootstrapcdn.com |
appurl.io
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.google-analytics.com
|
1 | code.jquery.com |
appurl.io
|
58 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.impots.gouv.fr |
browsehappy.com |
www.accepterlescookies.com |
play.test.google.com |
app.franceconnect.gouv.fr |
www.telepaiement.dgfip.finances.gouv.fr |
cfspart.impots.gouv.fr |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-24 - 2024-04-23 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
*.wizlink.eu nazwaSSL |
2023-04-28 - 2024-04-27 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
This page contains 11 frames:
Primary Page:
https://robot.wizlink.eu/wp-admin/user/fr/
Frame ID: 5DA13B09BD30B904341641B10E03FBC6
Requests: 25 HTTP requests in this frame
Frame:
https://appurl.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Frame ID: BA272C46B0BF8231951B6EB943EF16D1
Requests: 2 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup.html
Frame ID: B98E200B416E19FDA9654B907F2B2C1B
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1697543950&rafmt=1&format=660x280&url=https%3A%2F%2Fappurl.io%2Fauw7TFkmL_&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698049206846&bpp=10&bdt=464&idt=253&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&correlator=2240197252143&frm=20&pv=2&ga_vid=2093564061.1698049207&ga_sid=1698049207&ga_hid=1830112199&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=470&ady=590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C42532334%2C44795921%2C44805112%2C44805533%2C44805680%2C44805918%2C44805934%2C31078301%2C44800659&oid=2&pvsid=2489309812890847&tmod=1971440708&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QyKYmY54jp&p=https%3A//appurl.io&dtd=276
Frame ID: DADBBD330E97FE323438C4D3FFAFC55A
Requests: 13 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&adk=1812271804&adf=3025194257&lmt=1697543950&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fappurl.io%2Fauw7TFkmL_&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698049206885&bpp=4&bdt=503&idt=248&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=660x280&nras=1&correlator=2240197252143&frm=20&pv=1&ga_vid=2093564061.1698049207&ga_sid=1698049207&ga_hid=1830112199&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C42532334%2C44795921%2C44805112%2C44805533%2C44805680%2C44805918%2C44805934%2C31078301%2C44800659&oid=2&pvsid=2489309812890847&tmod=1971440708&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=269
Frame ID: 6B0865EF4C40201FA483E396C44670F7
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1
Frame ID: FD95581E73123C227A3336BCBE9E53A2
Requests: 6 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8A46BADEC246FD98E9A6D9F3E55862A3
Requests: 10 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 266573DDBB959A3339FEC39C35927CA4
Requests: 7 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Frame ID: C9293487841D60AD7BEE0FC34ABA28E2
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Frame ID: 33927BA44088339D7E2E4BC1465C4387
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Frame ID: 99BF740398B79B3C6A343D12F51F41CE
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Particuliers | authentificationPage URL History Show full URLs
- https://appurl.io/auw7TFkmL_ Page URL
-
https://robot.wizlink.eu/wp-admin/user/fr
HTTP 301
https://robot.wizlink.eu/wp-admin/user/fr/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: celle requise par la DGFiP
Search URL Search Domain Scan URL
Title: une version plus récente ou un autre navigateur
Search URL Search Domain Scan URL
Title: accepter les cookies.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Accueil impots.gouv.FR
Search URL Search Domain Scan URL
Title: Qu'est-ce que FranceConnect?
Search URL Search Domain Scan URL
Title: Payer en ligne
Search URL Search Domain Scan URL
Title: ou sur vos avis
Search URL Search Domain Scan URL
Title: centre des Finances publiques .
Search URL Search Domain Scan URL
Title: centre des Finances publiques .
Search URL Search Domain Scan URL
Title: centre des Finances publiques .
Search URL Search Domain Scan URL
Title: impots.gouv.fr
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://appurl.io/auw7TFkmL_ Page URL
-
https://robot.wizlink.eu/wp-admin/user/fr
HTTP 301
https://robot.wizlink.eu/wp-admin/user/fr/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://appurl.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://appurl.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
58 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
auw7TFkmL_
appurl.io/ |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
145 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appurl-logo.png
appurl.io/images/ |
23 KB 24 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.1.1.slim.min.js
code.jquery.com/ |
68 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ua-parser-min.js
appurl.io/javascripts/vendor/min/ |
10 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect-min.js
appurl.io/javascripts/min/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
appurl.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/ Frame BA27 Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
15 B 217 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
81a88f129faa0222
appurl.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame BA27 |
0 456 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
230 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/ |
394 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/ Frame B98E |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 250 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
385 B 597 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame DADB |
127 KB 42 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 6B08 |
360 KB 81 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
robot.wizlink.eu/wp-admin/user/fr/ Redirect Chain
|
423 KB 154 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/ |
159 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/ Frame FD95 |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/ Frame 8A46 |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame DADB |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f9452dcf4f221a00d49f3197c484e17d.js
www.gstatic.com/mysidia/ Frame DADB |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame DADB |
14 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame DADB |
2 KB 859 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame DADB |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame DADB |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame DADB |
20 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DADB |
187 KB 59 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame DADB |
35 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ Frame FD95 |
4 KB 744 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FD95 |
205 B 294 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FD95 |
604 B 920 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame FD95 |
15 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame FD95 |
20 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame 8A46 |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f9452dcf4f221a00d49f3197c484e17d.js
www.gstatic.com/mysidia/ Frame 8A46 |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 8A46 |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 8A46 |
2 KB 879 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 8A46 |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 8A46 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 8A46 |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8A46 |
187 KB 59 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame 8A46 |
35 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2071387388487622185
tpc.googlesyndication.com/simgad/ Frame DADB |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 2665 |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 2665 |
2 KB 825 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 2665 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s
googleads.g.doubleclick.net/pagead/drt/ Frame C929 |
143 B 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 2665 |
3 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 2665 |
20 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2665 |
187 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame 2665 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3392 |
143 B 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s
googleads.g.doubleclick.net/pagead/drt/ Frame 99BF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame DADB |
219 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
activeview
pagead2.googlesyndication.com/pcs/ Frame DADB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
19 KB 19 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
92 KB 92 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- tpc.googlesyndication.com
- URL
- https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
- Domain
- www.gstatic.com
- URL
- https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
- Domain
- pagead2.googlesyndication.com
- URL
- https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuG5ZYq_8xycJvShdEQiiXXlPPBcOzvN19KPtULTuX1aqQOzbDGm9YX0BP0tHwlw-fUSTk7f1YFJ_DIo5xaSn-K3IASd5m0aBNTgUPC47MzhNGPI2bLq3lprWIN2z8l5Lv5kKMU2IpJRKFx&sai=AMfl-YQGjBD0_NjSA4bmMynUCLa0_Xi358BR2xOJnj0vPq2ecCwlAiQVOLHReSsrLzOy8m_u9ss_s_udhXgWeVDt11cIKzRc5n7UrzyuqrzkAC56Uvoa0cYpiqT1gHsNXdbu8n17chwwcL_MJC1Y&sig=Cg0ArKJSzOoC7XE7nt_GEAE&cid=CAQSSwDICaaN0IXppMAeboyKWYhSJ0JnfkSEkYrwQ7tbrShzK0l3ueWfwxWJMRtnFAIZ1HVB9MyrPkNj_ZOIR9oKORyCcRdPEKRnibLNwhgB&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231018&bin=7&avms=ns&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=646328967&rs=2&la=0&cr=0&vs=2&r=b&rst=1698049207125&ec=1&wmsd=2&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: FR Government (Government) Impots Gouv (Government)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 function| savepage_ShadowLoader function| validateAndLimit8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.appurl.io/ | Name: _ga Value: GA1.2.2093564061.1698049207 |
|
.appurl.io/ | Name: _gid Value: GA1.2.1977254086.1698049207 |
|
.appurl.io/ | Name: _gat Value: 1 |
|
.appurl.io/ | Name: cf_clearance Value: K6uiSNHX1Oj5U.v3zvoVgZcxYZ4hU_AGdwyNKe17UWk-1698049206-0-1-da449493.85816766.8d45cb73-0.2.1698049206 |
|
.appurl.io/ | Name: _ga_L4PYPET04L Value: GS1.2.1698049206.1.0.1698049206.0.0.0 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.appurl.io/ | Name: __gads Value: ID=f81c10ba1d594b77:T=1698049207:RT=1698049207:S=ALNI_MYOQBliVPbXUQrZaRG_RDegidbm_Q |
|
.appurl.io/ | Name: __gpi Value: UID=00000ca0408b15b7:T=1698049207:RT=1698049207:S=ALNI_Mbp079e7ali66pckANdfuMGGnUqTg |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
appurl.io
code.jquery.com
fonts.googleapis.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
robot.wizlink.eu
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.gstatic.com
2001:4860:4802:34::36
2606:4700:20::681a:ed
2606:4700::6812:acf
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:831::200a
2a04:4e42::649
85.128.138.250
0284492d7ed7c4b3aa4caddde43e07d08cccc51bc25b11c8d20d515d3769d55a
254798574aeb4e94ef4b45f271e804f0b63eb45def80468d9af516213ebe13dd
2be11b4cf348ebdb13674d8cf0d1938df9c71f0f64fb0fb70fa08ed40830f684
3ab011001346bd304410728fefe89a669df4051948f73ff836290fd78c6d6591
434c00e8f522092a173a70f7f6e95747cf8c2b75328bdf76c6ed1e4b2039cbbc
57a484c41d2eda21a624d52faaea57d7c380e64137d456efc943870baffb860c
5e41a7428c89d172ea125c6b0bd7a3e04250d8a949f82a4dd7d8f84586192aa8
7275c9d3e3664554c1a415d72fd8f03862cb4ee051c43bf810ae8b56864fd01b
83b3125e5d4dc104ef156609151808f8a5dcb3ce4b04a688cf32385bef1938f4
880cbec4f5672334414f9b979a09ad51f7158c92a694bbabfc8a83538c8e0e2e
90d8552964c8e804a6dea1870bfd34d3114389e6c28b725bcdec63808b75c8a6
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b5dfbd0e4ddbacabba423425819e239c8ae4d2105b7fcba6df5c824c3ede2809
c4502e1bffc9155988eeb261ae88885e93211e73cad60005d710ba19ac860b5e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfcae6bf0ca22253e333881e0bf7eb42d14057eb00024a5bd19943b04cbb95ec
e0cca353da10587986b5da53a4ed0391880809af5c1101f3047b5fc5e3383742
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a1e8dfe89632088e1ec8147765e5a1faf08f7414ede4c9f3cce701f8b85b2f
f38f88db94a67b5fcc8f90965a6623a509e35cb81b6b252f0c9d7fdd29ff1a88
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8e703adf731c76be52f8ed94756940446a493cfb92f14a5432c33db5b2a7a36
fbfbeba2efbe209c8b67b37fdc325b572d728eb77ce7d1084e25fe15f489e744
fd222b36abfc87a406283b8da0b180e22adeb7e9327ac0a41c6cd5514574b217