u554642sw3.ha003.t.justns.ru
Open in
urlscan Pro
2a00:b700::2f
Malicious Activity!
Public Scan
Effective URL: http://u554642sw3.ha003.t.justns.ru/01/
Submission: On December 25 via api from BE
Summary
This is the only time u554642sw3.ha003.t.justns.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Credit Agricole (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 25 | 213.186.33.2 213.186.33.2 | 16276 (OVH) (OVH) | |
2 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1b | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
9 | 2a00:1450:400... 2a00:1450:4001:809::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2606:4700::68... 2606:4700::6811:4104 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 217.182.76.191 217.182.76.191 | 16276 (OVH) (OVH) | |
1 | 185.199.108.153 185.199.108.153 | 54113 (FASTLY) (FASTLY - Fastly) | |
2 | 2a00:1450:400... 2a00:1450:4001:815::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:821::2001 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:b700::2f 2a00:b700::2f | 51659 (ASBAXET) (ASBAXET) | |
17 | 158.191.152.141 158.191.152.141 | 9159 (Credit Ag...) (Credit Agricole) | |
1 | 158.191.153.82 158.191.153.82 | 9159 (Credit Ag...) (Credit Agricole) | |
66 | 13 |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com |
ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com | |
adservice.google.de | |
googleads.g.doubleclick.net | |
www.googletagservices.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com |
ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com |
ASN9159 (Credit Agricole, FR)
www.normandie-seine-g3-enligne.credit-agricole.fr |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
l1nk.top
1 redirects
l1nk.top |
204 KB |
18 |
credit-agricole.fr
www.normand-g3-enligne.credit-agricole.fr www.normandie-seine-g3-enligne.credit-agricole.fr |
300 KB |
6 |
googlesyndication.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
139 KB |
3 |
doubleclick.net
googleads.g.doubleclick.net |
|
3 |
cloudflare.com
cdnjs.cloudflare.com |
14 KB |
2 |
justns.ru
u554642sw3.ha003.t.justns.ru |
18 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
70 KB |
1 |
googletagservices.com
www.googletagservices.com |
29 KB |
1 |
google.com
adservice.google.com |
249 B |
1 |
google.de
adservice.google.de |
778 B |
1 |
github.io
malsup.github.io |
13 KB |
1 |
webthumbnail.org
api.webthumbnail.org |
119 KB |
0 |
ca-normandie.fr
Failed
www.ca-normandie.fr Failed |
|
66 | 14 |
Domain | Requested by | |
---|---|---|
25 | l1nk.top |
1 redirects
l1nk.top
pagead2.googlesyndication.com |
17 | www.normand-g3-enligne.credit-agricole.fr |
u554642sw3.ha003.t.justns.ru
|
4 | pagead2.googlesyndication.com |
l1nk.top
pagead2.googlesyndication.com |
3 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
3 | cdnjs.cloudflare.com |
l1nk.top
|
2 | u554642sw3.ha003.t.justns.ru |
l1nk.top
u554642sw3.ha003.t.justns.ru |
2 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
2 | www.google-analytics.com |
l1nk.top
|
2 | maxcdn.bootstrapcdn.com |
l1nk.top
pagead2.googlesyndication.com |
1 | www.normandie-seine-g3-enligne.credit-agricole.fr |
u554642sw3.ha003.t.justns.ru
|
1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
1 | adservice.google.com |
pagead2.googlesyndication.com
|
1 | adservice.google.de |
pagead2.googlesyndication.com
|
1 | malsup.github.io |
l1nk.top
|
1 | api.webthumbnail.org |
l1nk.top
|
0 | www.ca-normandie.fr Failed |
u554642sw3.ha003.t.justns.ru
|
66 | 16 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-12-05 - 2020-06-12 |
6 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
www.normand-g3-enligne.credit-agricole.fr Sectigo RSA Extended Validation Secure Server CA |
2019-12-06 - 2020-12-05 |
a year | crt.sh |
www.normandie-seine-g3-enligne.credit-agricole.fr COMODO RSA Extended Validation Secure Server CA |
2019-01-07 - 2020-01-07 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
http://u554642sw3.ha003.t.justns.ru/01/
Frame ID: BE59D23E57D53C55A1578B498F6E7EB6
Requests: 62 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Frame ID: 54A553FEECF188C66F9FB54F32739646
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8977915741338427&output=html&adk=293675617&adf=814277786&lmt=1577262618&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fl1nk.top%2FrFFm8&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1577262618566&bpp=20&bdt=144&fdt=79&idt=79&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2778329174895&frm=20&pv=2&ga_vid=725023868.1577262619&ga_sid=1577262619&ga_hid=146382235&ga_fc=0&iag=0&icsg=2473697749759&dssz=27&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C21065306%2C26835105&oid=3&pvsid=1676477688436071&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=95
Frame ID: 66836E9DD014165306A4F660F63ED688
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8977915741338427&output=html&h=90&slotname=2606115196&adk=3002246398&adf=544870902&w=728&lmt=1577262618&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fl1nk.top%2FrFFm8&flash=0&wgl=1&adsid=NT&dt=1577262618594&bpp=7&bdt=173&fdt=108&idt=108&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2778329174895&frm=20&pv=1&ga_vid=725023868.1577262619&ga_sid=1577262619&ga_hid=146382235&ga_fc=0&iag=0&icsg=11269790771967&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C21065306%2C26835105&oid=3&pvsid=1676477688436071&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iqjnnULniv&p=http%3A//l1nk.top&dtd=113
Frame ID: 1DF145D42626F4CBB2A83273400FD3DB
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/205/runner.html
Frame ID: DE2C9D28918CBE6B211E5B0D7DD0C156
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://l1nk.top/rFFm8 Page URL
- http://u554642sw3.ha003.t.justns.ru/01/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://l1nk.top/rFFm8 Page URL
- http://u554642sw3.ha003.t.justns.ru/01/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- http://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0 HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0
- http://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1 HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1
- http://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17 HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
- http://l1nk.top/rFFm8/i HTTP 302
- http://api.webthumbnail.org/?width=800&height=600&screen=1024&url=http%3A%2F%2Fu554642sw3.ha003.t.justns.ru%2F01%2F
- http://www.google-analytics.com/analytics.js HTTP 307
- https://www.google-analytics.com/analytics.js
- http://www.google-analytics.com/r/collect?v=1&_v=j79&a=146382235&t=pageview&_s=1&dl=http%3A%2F%2Fl1nk.top%2FrFFm8&ul=en-us&de=UTF-8&dt=AUTH%20-%20L1nk%20-%20URL%202.0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1986755515&gjid=1238029208&cid=725023868.1577262619&tid=UA-50186798-8&_gid=2108294567.1577262619&_r=1&z=1586161024 HTTP 307
- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=146382235&t=pageview&_s=1&dl=http%3A%2F%2Fl1nk.top%2FrFFm8&ul=en-us&de=UTF-8&dt=AUTH%20-%20L1nk%20-%20URL%202.0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1986755515&gjid=1238029208&cid=725023868.1577262619&tid=UA-50186798-8&_gid=2108294567.1577262619&_r=1&z=1586161024
66 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
rFFm8
l1nk.top/ |
14 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
l1nk.top/themes/light4/static/css/ |
120 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.css
l1nk.top/themes/light4/static/css/ |
29 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dropzone.css
l1nk.top/themes/light4/static/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dropzone.js
l1nk.top/themes/light4/static/js/ |
44 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
components.min.css
l1nk.top/themes/light4/static/css/ |
41 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
animate.min.css
l1nk.top/themes/light4/static/css/ |
41 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
l1nk.top/themes/light4/ |
77 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
l1nk.top/themes/light4/static/js/ |
83 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
l1nk.top/themes/light4/static/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lucid.js
l1nk.top/themes/light4/static/js/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
light.js
l1nk.top/themes/light4/static/js/ |
68 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application.fn.js
l1nk.top/static/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application.js
l1nk.top/static/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
104 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chosen.jquery.min.js
cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/ Redirect Chain
|
26 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icheck.min.js
cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/ Redirect Chain
|
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pace.js
cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/ Redirect Chain
|
25 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
auto_site_logo.png
l1nk.top/content/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api.webthumbnail.org/ Redirect Chain
|
119 KB 119 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TweenLite.min.js
l1nk.top/themes/light4/static/js/ |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EasePack.min.js
l1nk.top/themes/light4/static/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
toastr.min.js
l1nk.top/themes/light4/static/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
server.js
l1nk.top/themes/light4/static/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.form.js
malsup.github.io/ |
43 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Redirect Chain
|
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 778 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 249 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/ |
245 KB 90 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook.png
l1nk.top/themes/light4/img/social/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
twitter.png
l1nk.top/themes/light4/img/social/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
googleplus.png
l1nk.top/themes/light4/img/social/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instagram.png
l1nk.top/themes/light4/img/social/ |
382 B 715 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ |
64 KB 64 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/ Frame 54A5 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blue.png
l1nk.top/themes/light4/static/css/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 6683 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
78 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ Redirect Chain
|
35 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 1DF1 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
7 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/205/ Frame DE2C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
u554642sw3.ha003.t.justns.ru/01/ |
26 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
antiquus.css
www.normand-g3-enligne.credit-agricole.fr/web/bam/tech/allmedia/stb/commun/styles/ |
28 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
antiquus.css
www.normand-g3-enligne.credit-agricole.fr/web/bam/appli/web/commun/styles/ |
28 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
www.normand-g3-enligne.credit-agricole.fr/web/bam/tech/allmedia/stb/commun/styles/ |
93 KB 94 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
www.normand-g3-enligne.credit-agricole.fr/web/bam/appli/web/commun/styles/ |
94 KB 94 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles-mod.css
www.normand-g3-enligne.credit-agricole.fr/web/bam/tech/allmedia/stb/commun/styles/ |
17 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles-mod.css
www.normand-g3-enligne.credit-agricole.fr/web/bam/appli/web/commun/styles/ |
17 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stb.css
www.normand-g3-enligne.credit-agricole.fr/web/bam/tech/allmedia/stb/commun/styles/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
infosbulle.js
www.normand-g3-enligne.credit-agricole.fr/web/bam/tech/allmedia/stb/commun/js/ |
12 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_883.png
u554642sw3.ha003.t.justns.ru/01/img/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.ca-normandie.fr/bam-information-bis-image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
point_transp.gif
www.normand-g3-enligne.credit-agricole.fr/web/bam/tech/allmedia/stb/commun/picts/ |
87 B 429 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_repeat.png
www.normand-g3-enligne.credit-agricole.fr/web/bam/appli/web/commun/img/ |
107 B 450 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
entete_light.png
www.normand-g3-enligne.credit-agricole.fr/web/bam/appli/web/commun/img/ |
411 B 755 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
entete_light.png
www.normandie-seine-g3-enligne.credit-agricole.fr/img/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_haut.png
www.normand-g3-enligne.credit-agricole.fr/web/bam/appli/web/commun/img/ |
143 B 486 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
picto_aide.png
www.normand-g3-enligne.credit-agricole.fr/web/bam/appli/web/commun/img/ |
267 B 611 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bloc_arrond_bas.png
www.normand-g3-enligne.credit-agricole.fr/web/bam/appli/web/commun/img/ |
244 B 587 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bloc_arrond_haut.png
www.normand-g3-enligne.credit-agricole.fr/web/bam/appli/web/commun/img/ |
244 B 587 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
thead.png
www.normand-g3-enligne.credit-agricole.fr/web/bam/appli/web/commun/img/ |
122 B 465 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_form.png
www.normand-g3-enligne.credit-agricole.fr/web/bam/appli/web/commun/img/ |
85 B 427 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.ca-normandie.fr
- URL
- https://www.ca-normandie.fr/bam-information-bis-image/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Credit Agricole (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: IDE Value: AHWqTUko0_HgOj0tHptg6V7VEhMTpFh1cY5JNM7FKAlghx7SUxGy84Flhu0BNOXR |
|
.l1nk.top/ | Name: _gat Value: 1 |
|
.l1nk.top/ | Name: _ga Value: GA1.2.725023868.1577262619 |
|
l1nk.top/ | Name: background Value: 3 |
|
l1nk.top/ | Name: short_rFFm8 Value: 1 |
|
l1nk.top/ | Name: PHPSESSID Value: 8b980d50716b01de025eb9a86a027ca8 |
|
.l1nk.top/ | Name: _gid Value: GA1.2.2108294567.1577262619 |
|
l1nk.top/ | Name: SERVERID102297 Value: 24050 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
api.webthumbnail.org
cdnjs.cloudflare.com
googleads.g.doubleclick.net
l1nk.top
malsup.github.io
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
u554642sw3.ha003.t.justns.ru
www.ca-normandie.fr
www.google-analytics.com
www.googletagservices.com
www.normand-g3-enligne.credit-agricole.fr
www.normandie-seine-g3-enligne.credit-agricole.fr
www.ca-normandie.fr
158.191.152.141
158.191.153.82
185.199.108.153
2001:4de0:ac19::1:b:1b
213.186.33.2
217.182.76.191
2606:4700::6811:4104
2a00:1450:4001:809::2002
2a00:1450:4001:815::200e
2a00:1450:4001:821::2001
2a00:1450:4001:825::2002
2a00:b700::2f
0263f68cf4717e0ce2612fcb5e626a95675cc6074786d090f51dd49492c2f492
040692b97e8d969d843a94711017ef59523b570d05c09754be172d1fea24f431
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0509403f3036007c22bec206e971fadf32fdc00c65cb49a9c9fe8992647c3dbd
05a623766696fb71f5b7d5204f3d383d70b0a10e55b23672255d289a7b773ad4
069448820234b3d4a8a6546db608c74011eb8ba8823e7276594aab7440c099f0
0e821461774bfea1a8260ef8a6c6d3953180ecdd9f9c8732a4701eb9ed57f635
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
10a2ddfbe4bb0e830d0a2eb3d5c36d442df3dccfdcef9ae602c9e9f76e029040
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1a66a3a0a02be7364b7adb00ae798279a5e64da9d674d59bab801a2a11adc685
2424d4d0676494244257b830643c905eac8254d373e00bc0cf6a13158626921b
30bc440874884211acf7f762bc5e75ee568d78ea014d0f7c11158956505c1d8f
30cf6b41791099f795d4de303d305384902c72a20712908c7e07799e3212852e
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
37a6d4195fd57df81de35cf4cf23d73c7cb85847460b743173e8129f8857d260
3a16fd80d67008f1c947cf93ebb20e2af2ed1a6317e194d35ed15046076c4211
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4ba765f846f401bd692cd86c8e2e2e5c748224f634a9f8112226f9e208b18cbe
4d5ee871dc60f3599493b8d435b087fbaf9d842e97d01ebd8c43732e34348c87
5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee
5d30e39309923dfbd5e04218cf454cdedd9c76933128252b05fe0813014d4537
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
62e9a8e0cf902518e757207fd55127d43bde4805516a25023cee96cef5365df4
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
64a15a10a35bd4d82d52b050fce87a5290a8b15ef3bdb48aafaa75ab0600754a
68415e2bdf84a7d58793e4ced7c8f29bc92d30054617c4b8e2eca4ad8d6642a4
79d0948d68f47cf0e88b6a1482e95206c702335581034bca65ac13b0fbd5f0d9
7a1a0dc539a9129f3ce1a26e7598a54217d8c8c0291f1a267976dcdad89bbe57
81600e06167f85e9876eb41fb5f84f6f422ff50dc3d061d8b37d48ec52c04732
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85eadff8f23f3c65ad724a1d6f45354b92017285cde3596b6e9a8567bbb64861
8715cca4f9748171f0dfe4e397ac8f33a46d100a4f30856ef966dfda7d7916ff
894e9af27a2fb1ba8637c49a1d3c5bb34a261d5d1efe0c8dae3f7cd7df87def8
95bdce8d448949845f3b2f08986beb018a75d9a7b0d71fec16cb4ff355f91162
9fcab327f6ceaf3b22cde395516929fa4a054ce134c67d0c0788b07a240e38ff
a294fb8bca0e3cd0eb2e1b0cb2c7dbb9c939098c8ef8ba572e16e6d7a6752814
a2eb88c7477797a9b9def43f46470d22a52895fdcca59dc5d42f679f44cc055a
a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72
acd4dcf96c8b5f8b2ff506897cbc8f07ba0d30248b6f19b58c66d5a70f132821
b2152d9384b190d2ef82447d2523ec0be08864ae25bcfad0a318948dbee686f3
b62bdaec6cfaf753d0071507a728fe3f004cc26243ecce05ed4f7f6b419e4cf6
b782add013fc2ec29b67e83585dd20ec21d87e35c08eedb30182969188ab8a70
b8692bbd0e03bc7c70751bed4bd75c0ed9f36157e952f3497375893c9124c627
c05cb129a179ee26269c2e53dc502bad4179a6e1e3892483cac32313ca1ef2ef
c2eb575af2dd8cbf678afc27903c39d00e4083a82f2f340e6e7eaebb2c6b7131
c52d0ca224fc79e01f6760fb9167e209b251c0bf6756ab76c07c3de9752dd659
cbee44cddeeabeb3d03ce0aac32a623dc01dc5ecc4054fdd54f9f83db638fcbf
d1b68c05b19c101d32f1555ab1b493fc450b958011de86f43b4a5aa60028a2a2
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dbf9466336aebb13f647df6ec0351d4ab230e438f530a2a0d72be73550a550d7
e332fbe193fd91565a8d3b2348df8e7faabe18f9ac832fb79cc6014d376e3540
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e738b530e9dbcc1b78938c58fa15fffadb47d5dc677338d21b4b92957902b303
ecf6ced202b5f85277dd616b6b7e0b994be5cae4f2d1ea44d4f0d9bed8c81e00
f1e61393cfaee8ca11e6b4359b028bf1db14dad7e1508c5b1801ab7f1a3e1561
f260315cda4e4943a9432fcd3d3f55da96ecc5c9c4244256f96c8e00f7a7b088
f8cd711862ded984c4d8dfb70d8f0f890a1cc8037e883288a0a459d7524b3d42