cardujour.com Open in urlscan Pro
107.180.50.240 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mail.gbsvoice.com/anfkcm9whap5k7
Effective URL:
http://cardujour.com/--/composer//autil/auth.php?u=358886
Submission: On May 31 via manual (May 31st 2023, 3:57:57 pm UTC) from FR — Scanned from FR

Summary HTTP 18 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 107.180.50.240, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is cardujour.com.

This is the only time cardujour.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Credit Agricole (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1 1	160.153.33.227 160.153.33.227		26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1 18	107.180.50.240 107.180.50.240		26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	2001:df1:7800... 2001:df1:7800:2::21ee		58487 (CRI-AS-AP...) (CRI-AS-AP CV. Rumahweb Indonesia)
18	3

1 160.153.33.227 (United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 227.33.153.160.host.secureserver.net

mail.gbsvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 107.180.50.240 (Ashburn, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 240.50.180.107.host.secureserver.net

cardujour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df1:7800:2::21ee (Indonesia)

ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID)

akp-indonesia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	cardujour.com 1 redirects cardujour.com	884 KB
1	akp-indonesia.com akp-indonesia.com	461 B
1	gbsvoice.com 1 redirects mail.gbsvoice.com	233 B
18	3

	Domain	Requested by
18	cardujour.com	1 redirects cardujour.com
1	akp-indonesia.com	cardujour.com
1	mail.gbsvoice.com	1 redirects
18	3

This site contains no links.

Subject Issuer	Validity	Valid
*.akp-indonesia.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://cardujour.com/--/composer//autil/auth.php?u=358886
Frame ID: 3C9F99E81229244AA872AD94CA6564B8
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Crédit Agricole

Page URL History Show full URLs

http://mail.gbsvoice.com/anfkcm9whap5k7 HTTP 302
http://cardujour.com/--/composer/ HTTP 302
http://cardujour.com/--/composer//autil/auth.php?u=358886 Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*parbase

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

6 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

884 kB
Transfer

2937 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mail.gbsvoice.com/anfkcm9whap5k7 HTTP 302
http://cardujour.com/--/composer/ HTTP 302
http://cardujour.com/--/composer//autil/auth.php?u=358886 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request auth.php Show response cardujour.com/--/composer//autil/ Redirect Chain http://mail.gbsvoice.com/anfkcm9whap5k7 http://cardujour.com/--/composer/ http://cardujour.com/--/composer//autil/auth.php?u=358886	54 KB 12 KB	338ms 338ms	Document text/html	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://cardujour.com/--/composer//autil/auth.php?u=358886 Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / PHP/7.3.33 Resource Hash `17f385ea9760e163bd91f971de8d4a03b3f6d9edd0cf73fa2c95a4f5c03469ce` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Content-Length 11707 Content-Type text/html; charset=UTF-8 Date Wed, 31 May 2023 15:57:52 GMT Keep-Alive timeout=5 Server Apache Vary Accept-Encoding X-Powered-By PHP/7.3.33 Redirect headers Connection Upgrade, Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Wed, 31 May 2023 15:57:51 GMT Keep-Alive timeout=5 Server Apache Upgrade h2,h2c Vary Accept-Encoding X-Powered-By PHP/7.3.33 location http://cardujour.com/--/composer//autil/auth.php?u=358886
GET H/1.1	200 OK	clientlib-part.min.css cardujour.com/--/composer//autil/assets/css/	1 MB 155 KB	133ms 131ms	Stylesheet text/css	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://cardujour.com/--/composer//autil/assets/css/clientlib-part.min.css Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/auth.php?u=358886 Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `6743745bfbd7a498d148ec512c052ac8ecb50f453965be9e4f482bc9830fc342` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/--/composer//autil/auth.php?u=358886 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Content-Encoding gzip Last-Modified Thu, 10 Jun 2021 10:39:52 GMT Server Apache ETag "6d8220f-126a5e-5c46702d8ee00-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5
GET H/1.1	200 OK	clientlibStoreLocatorAccesCRPart.min.css cardujour.com/--/composer//autil/assets/css/	12 KB 4 KB	186ms 96ms	Stylesheet text/css	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://cardujour.com/--/composer//autil/assets/css/clientlibStoreLocatorAccesCRPart.min.css Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/auth.php?u=358886 Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `5309890a72fed0e187ff816cddb21bf9bdf5d8533dd5dca5e2b12fa21ce1034c` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/--/composer//autil/auth.php?u=358886 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Content-Encoding gzip Last-Modified Wed, 24 Mar 2021 16:12:44 GMT Server Apache ETag "6d8220e-2eb4-5be4a91a63700-gzip" Vary Accept-Encoding Upgrade h2,h2c Content-Type text/css Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3273
GET H/1.1	200 OK	icons.css cardujour.com/--/composer//autil/assets/css/	216 KB 34 KB	201ms 110ms	Stylesheet text/css	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://cardujour.com/--/composer//autil/assets/css/icons.css Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/auth.php?u=358886 Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `87fcdc6e9ed13b3fbf16e2a61662467e5a21f53aad06940fe81d25b1b0a8d487` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/--/composer//autil/auth.php?u=358886 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Content-Encoding gzip Last-Modified Sun, 04 Jul 2021 02:02:30 GMT Server Apache ETag "6d821ff-360b1-5c64294ca9980-gzip" Vary Accept-Encoding Upgrade h2,h2c Content-Type text/css Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 34179
GET H/1.1	200 OK	NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg cardujour.com/--/composer//autil/assets/img/	22 KB 22 KB	197ms 103ms	Image image/svg+xml	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://cardujour.com/--/composer//autil/assets/img/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/auth.php?u=358886 Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `5c44321c0ba44a1fa665ba4c928fbebd869a3082c458bd2d20a0d07a4e5fcc24` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/--/composer//autil/auth.php?u=358886 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Last-Modified Wed, 24 Mar 2021 16:12:48 GMT Server Apache ETag "6d80644-580d-5be4a91e34000" Vary Accept-Encoding Upgrade h2,h2c Content-Type image/svg+xml Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 22541
GET H/1.1	200 OK	CA_Logo_seul-1.svg cardujour.com/--/composer//autil/assets/img/	16 KB 16 KB	195ms 101ms	Image image/svg+xml	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://cardujour.com/--/composer//autil/assets/img/CA_Logo_seul-1.svg Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/auth.php?u=358886 Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `4a3b0d2a941677f6fb37a438d20deacc3cea1d6fdc728f72cf3d7ca099cc0ca9` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/--/composer//autil/auth.php?u=358886 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Last-Modified Wed, 24 Mar 2021 16:12:48 GMT Server Apache ETag "6d8052a-3f78-5be4a91e34000" Vary Accept-Encoding Upgrade h2,h2c Content-Type image/svg+xml Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 16248
GET H/1.1	200 OK	099-talk-blank.svg cardujour.com/--/composer//autil/assets/img/	1 KB 1 KB	279ms 94ms	Image image/svg+xml	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://cardujour.com/--/composer//autil/assets/img/099-talk-blank.svg Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/auth.php?u=358886 Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `103b435602a54ae21b2a98fdf02bd705b0f0d62590b927d78fc6bf7cf0a8c557` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/--/composer//autil/auth.php?u=358886 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Last-Modified Wed, 24 Mar 2021 16:12:48 GMT Server Apache ETag "6d8089a-47a-5be4a91e34000" Vary Accept-Encoding Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1146
GET DATA	200 OK	truncated /	539 B 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e916821435c8b42445326c6ef46b6cf98ce6a78a8fab4d59621021654afeadad` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `91f3839e7daf9cb29cfde2b3b6ca3b7aa297469b24ae397dcc16c1b7d96fd8ac` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	494 B 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8b0dbb78a46e52f38372718ae6c82ee0fd6a549124bf95fedb4a39f872081a87` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `66cf4b8d1bdf764863447e41f10595977a9305e8be7797ee07a6f5dd62d5d14a` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4a59f50c779797627231769a08f217274d03d564c26be1a311b2386a46160d52` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `925a04ae24a93e20b927f7239e2fcefa91f0d75d5d81d102c17ccf279dde8826` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3f2ce300d95c203a8655f25e950a6ab004d6c482c75fef97ff8d513e44a337cd` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	angular.min.js Show response cardujour.com/--/composer//autil/assets/js/	172 KB 61 KB	205ms 122ms	Script application/javascript	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://cardujour.com/--/composer//autil/assets/js/angular.min.js Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/auth.php?u=358886 Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `42f2148d4e455055a087b69e1f429de6432665922a74751311678a5086249e74` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/--/composer//autil/auth.php?u=358886 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Content-Encoding gzip Last-Modified Thu, 05 Mar 2020 03:11:16 GMT Server Apache ETag "6d8233c-2b1c8-5a012e3d81d00-gzip" Vary Accept-Encoding Transfer-Encoding chunked Upgrade h2,h2c Content-Type application/javascript Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5
GET H/1.1	200 OK	dirPaginate.js Show response cardujour.com/--/composer//autil/assets/js/	31 KB 7 KB	101ms 99ms	Script application/javascript	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://cardujour.com/--/composer//autil/assets/js/dirPaginate.js Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/auth.php?u=358886 Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `e61051ec0d6e12fc9d8eaf3cd4d15155f3d8de676ffe7d39f84933398875d8c8` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/--/composer//autil/auth.php?u=358886 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Content-Encoding gzip Last-Modified Mon, 16 Nov 2020 01:00:28 GMT Server Apache ETag "6d82342-7b39-5b42ee7712300-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 6745
GET H/1.1	200 OK	jquery.min.js Show response cardujour.com/--/composer//autil/assets/js/	87 KB 31 KB	106ms 106ms	Script application/javascript	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://cardujour.com/--/composer//autil/assets/js/jquery.min.js Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/auth.php?u=358886 Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/--/composer//autil/auth.php?u=358886 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Content-Encoding gzip Last-Modified Sun, 04 Oct 2020 15:46:56 GMT Server Apache ETag "6d8233f-15d84-5b0da46847c00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 30913
GET H/1.1	200 OK	granite.min.js Show response cardujour.com/--/composer//autil/assets/js/	4 KB 2 KB	93ms 93ms	Script application/javascript	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://cardujour.com/--/composer//autil/assets/js/granite.min.js Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/auth.php?u=358886 Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `fcc67ccb9ccabaf563a25d5c8bae57e126a321cf2a79efd334dcb4ead4196938` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/--/composer//autil/auth.php?u=358886 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Content-Encoding gzip Last-Modified Wed, 24 Mar 2021 16:12:44 GMT Server Apache ETag "6d82340-fc6-5be4a91a63700-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1699
GET H/1.1	200 OK	clientlib-bootstrap-jquery.min.js Show response cardujour.com/--/composer//autil/assets/js/	320 KB 101 KB	100ms 100ms	Script application/javascript	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://cardujour.com/--/composer//autil/assets/js/clientlib-bootstrap-jquery.min.js Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/auth.php?u=358886 Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `ed65781dbba3542136dbdb431d3b7196d329ef87779d322e9a7964b1e9ea05d7` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/--/composer//autil/auth.php?u=358886 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Content-Encoding gzip Last-Modified Wed, 24 Mar 2021 16:12:46 GMT Server Apache ETag "6d82341-4ff2f-5be4a91c4bb80-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5
GET H/1.1	200 OK	clientlib-npc-components.min.js Show response cardujour.com/--/composer//autil/assets/js/	529 KB 155 KB	108ms 108ms	Script application/javascript	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://cardujour.com/--/composer//autil/assets/js/clientlib-npc-components.min.js Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/auth.php?u=358886 Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `81d819793fad00f2e9f996d8b6992de5292220433715659c8317ef409317474e` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/--/composer//autil/auth.php?u=358886 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Content-Encoding gzip Last-Modified Sat, 27 Mar 2021 02:38:40 GMT Server Apache ETag "6d8233b-8444a-5be7b8bd80c00-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5
GET H/1.1	200 OK	zdg-securipass-v2-video-4.jpg cardujour.com/--/composer//autil/assets/img/	153 KB 153 KB	98ms 98ms	Image image/jpeg	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://cardujour.com/--/composer//autil/assets/img/zdg-securipass-v2-video-4.jpg Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/auth.php?u=358886 Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `302ad345b1c5de62f31289b72b5c7d1d80094a764a830a56974abd0be9e46c7c` Request headers accept-language fr-FR,fr;q=0.9 Referer http://cardujour.com/--/composer//autil/auth.php?u=358886 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Last-Modified Thu, 25 Mar 2021 08:36:06 GMT Server Apache ETag "6d803dd-2622d-5be584e714980" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 156205
GET H/1.1	200 OK	fontawesome-webfont3e6e.woff2 cardujour.com/--/composer//autil/assets/fonts/	75 KB 76 KB	105ms 104ms	Font font/woff2	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://cardujour.com/--/composer//autil/assets/fonts/fontawesome-webfont3e6e.woff2?v=4.7.0 Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/assets/css/icons.css Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe` Request headers Referer http://cardujour.com/--/composer//autil/assets/css/icons.css Origin http://cardujour.com accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Last-Modified Fri, 18 Jan 2019 14:09:12 GMT Server Apache ETag "6d82337-12d68-57fbc0e2d9200" Vary Accept-Encoding Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 77160
GET H/1.1	200 OK	themify9f24.woff cardujour.com/--/composer//autil/assets/fonts/	55 KB 55 KB	98ms 97ms	Font font/woff	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://cardujour.com/--/composer//autil/assets/fonts/themify9f24.woff Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/assets/css/icons.css Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / Resource Hash `0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7` Request headers Referer http://cardujour.com/--/composer//autil/assets/css/icons.css Origin http://cardujour.com accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:52 GMT Last-Modified Fri, 18 Jan 2019 14:09:22 GMT Server Apache ETag "6d8232b-db2c-57fbc0ec62880" Vary Accept-Encoding Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 56108
GET H/1.1	200 OK	device.php Show response cardujour.com/--/composer//autil/config/	306 B 512 B	118ms 117ms	XHR text/html	107.180.50.240 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://cardujour.com/--/composer//autil/config/device.php Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/assets/js/angular.min.js Protocol HTTP/1.1 Server 107.180.50.240 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 240.50.180.107.host.secureserver.net Software Apache / PHP/7.3.33 Resource Hash `c1913d402b364f80f5410aaf327a1f880b92b26bbaceeb77c1538c6bbdc3ee50` Request headers Accept application/json, text/plain, / Referer http://cardujour.com/--/composer//autil/auth.php?u=358886 accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 31 May 2023 15:57:53 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/7.3.33 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Connection Keep-Alive Keep-Alive timeout=5 Content-Length 259
POST H2	200	insert_line_loads Show response akp-indonesia.com/bit/api_cl/	48 B 461 B	953ms 277ms	XHR text/html	2001:df1:7800:2::21ee CRI-AS-AP CV. Rum...
General Check archive.org Show headers Download Go to Full URL https://akp-indonesia.com/bit/api_cl/insert_line_loads Requested by Host: cardujour.com URL: http://cardujour.com/--/composer//autil/assets/js/angular.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:df1:7800:2::21ee , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID), Reverse DNS Software LiteSpeed / Resource Hash `47220354c49cdd3fd53d217b332cb0c77ab06370092f943bb20357a316517f5b` Request headers Accept application/json, text/plain, / Referer http://cardujour.com/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Wed, 31 May 2023 15:57:53 GMT content-encoding br server LiteSpeed vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 52 expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Credit Agricole (Banking)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| angular function| $ function| jQuery object| Granite object| _g function| logger function| $CQ function| startPlayer object| CommonNPC object| NPC function| sliderRelationalMessage undefined| isConnnecteEnPublish function| SimplePagination function| AccountsList function| gererCookieRS function| disableRS function| getCustomValue function| ca_refreshVideoPlayers function| setSlides function| cloneFooter function| readPlayerVideo function| createLinksPopinLectureZen function| postfbPopinLectureZen undefined| isSNallowed undefined| cancelRedirection function| Color function| Chart object| enquire function| jQueryBridget function| getSize function| EvEmitter function| matchesSelector object| fizzyUIUtils function| Outlayer function| Packery function| Masonry number| countdown

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akp-indonesia.com
cardujour.com
mail.gbsvoice.com
107.180.50.240
160.153.33.227
2001:df1:7800:2::21ee
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
103b435602a54ae21b2a98fdf02bd705b0f0d62590b927d78fc6bf7cf0a8c557
17f385ea9760e163bd91f971de8d4a03b3f6d9edd0cf73fa2c95a4f5c03469ce
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
302ad345b1c5de62f31289b72b5c7d1d80094a764a830a56974abd0be9e46c7c
3f2ce300d95c203a8655f25e950a6ab004d6c482c75fef97ff8d513e44a337cd
42f2148d4e455055a087b69e1f429de6432665922a74751311678a5086249e74
47220354c49cdd3fd53d217b332cb0c77ab06370092f943bb20357a316517f5b
4a3b0d2a941677f6fb37a438d20deacc3cea1d6fdc728f72cf3d7ca099cc0ca9
4a59f50c779797627231769a08f217274d03d564c26be1a311b2386a46160d52
5309890a72fed0e187ff816cddb21bf9bdf5d8533dd5dca5e2b12fa21ce1034c
5c44321c0ba44a1fa665ba4c928fbebd869a3082c458bd2d20a0d07a4e5fcc24
66cf4b8d1bdf764863447e41f10595977a9305e8be7797ee07a6f5dd62d5d14a
6743745bfbd7a498d148ec512c052ac8ecb50f453965be9e4f482bc9830fc342
81d819793fad00f2e9f996d8b6992de5292220433715659c8317ef409317474e
87fcdc6e9ed13b3fbf16e2a61662467e5a21f53aad06940fe81d25b1b0a8d487
8b0dbb78a46e52f38372718ae6c82ee0fd6a549124bf95fedb4a39f872081a87
91f3839e7daf9cb29cfde2b3b6ca3b7aa297469b24ae397dcc16c1b7d96fd8ac
925a04ae24a93e20b927f7239e2fcefa91f0d75d5d81d102c17ccf279dde8826
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
c1913d402b364f80f5410aaf327a1f880b92b26bbaceeb77c1538c6bbdc3ee50
e61051ec0d6e12fc9d8eaf3cd4d15155f3d8de676ffe7d39f84933398875d8c8
e916821435c8b42445326c6ef46b6cf98ce6a78a8fab4d59621021654afeadad
ed65781dbba3542136dbdb431d3b7196d329ef87779d322e9a7964b1e9ea05d7
fcc67ccb9ccabaf563a25d5c8bae57e126a321cf2a79efd334dcb4ead4196938