www.kartzu.co.in Open in urlscan Pro
137.59.55.28  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request sms.html Show response www.kartzu.co.in/finance/	79 KB 79 KB	641ms 378ms	Document text/html	137.59.55.28 EMAXGLOBAL-AS EMA...
General Check archive.org Show headers Download Go to Full URL http://www.kartzu.co.in/finance/sms.html Protocol HTTP/1.1 Server 137.59.55.28 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN), Reverse DNS frayd.i-therace.co.uk Software Apache / Resource Hash 09853de924f26248babaeb91e2d35cd2c21a7ec51b188454dccf160594f5e36e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 80425 Content-Type text/html Date Thu, 11 Jan 2024 15:46:33 GMT Keep-Alive timeout=5, max=100 Last-Modified Tue, 26 Dec 2023 16:03:46 GMT Server Apache
GET H/1.1	200 OK	styles.4d537a0973f14efc.css www.kartzu.co.in/finance/	214 KB 214 KB	306ms 306ms	Stylesheet text/css	137.59.55.28 EMAXGLOBAL-AS EMA...
General Check archive.org Show headers Download Go to Full URL http://www.kartzu.co.in/finance/styles.4d537a0973f14efc.css Requested by Host: www.kartzu.co.in URL: http://www.kartzu.co.in/finance/sms.html Protocol HTTP/1.1 Server 137.59.55.28 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN), Reverse DNS frayd.i-therace.co.uk Software Apache / Resource Hash 60de40428f43963bb85cf9b14046012ff91e4b392d672bb79dc83368f40ceac3 Request headers accept-language en-US,en;q=0.9 Referer http://www.kartzu.co.in/finance/sms.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 15:46:33 GMT Last-Modified Tue, 26 Dec 2023 13:35:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 218983
GET H/1.1	404 Not Found	visitor.js www.kartzu.co.in/ap/ga/ub/	0 0	644ms 231ms	Script text/html	137.59.55.28 EMAXGLOBAL-AS EMA...
General Check archive.org Show headers Download Go to Full URL http://www.kartzu.co.in/ap/ga/ub/visitor.js?x-unblu-apikey=MZsy5sFESYqU7MawXZgR_w Requested by Host: www.kartzu.co.in URL: http://www.kartzu.co.in/finance/sms.html Protocol HTTP/1.1 Server 137.59.55.28 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN), Reverse DNS frayd.i-therace.co.uk Software Apache / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://www.kartzu.co.in/finance/sms.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 15:46:34 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	Initializer.min.js Show response www.postfinance.ch/ap/ga/ub/static/js/wp/xmd1703267636152/	7 KB 4 KB	709ms 142ms	Script application/javascript	2a00:17c9:0:8103::20c CH-POSTNETZ Post ...
General Check archive.org Show headers Download Go to Full URL https://www.postfinance.ch/ap/ga/ub/static/js/wp/xmd1703267636152/Initializer.min.js Requested by Host: www.kartzu.co.in URL: http://www.kartzu.co.in/finance/sms.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:17c9:0:8103::20c , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH), Reverse DNS Software Apache / Resource Hash 7cf7825c4360c4faf04d7203f332303a48e419cf461c3260bc6ad68344e39133 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://www.kartzu.co.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 15:46:35 GMT Content-encoding gzip X-content-type-options nosniff Strict-transport-security max-age=31536000; includeSubDomains; preload X_OK_TRID 2602ffc802104-2e921f-15ac0e51-18cf9342c94-00bd6b62-57786 Connection Keep-Alive Content-Length 2732 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-modified Tue, 25 Jul 2023 19:13:10 GMT Server Apache Expect-CT enforce,max-age=2592000,report-uri="https://universal.postfinance.ch/report" X-Frame-Options SAMEORIGIN Content-Type application/javascript;charset=utf-8 Cache-control max-age=315619200,public Accept-ranges bytes Keep-Alive timeout=5, max=50 Expires Wed, 11 Jan 2034 12:41:40 GMT
GET H/1.1	200 OK	SiteIntegrationLazyMain.cfg Show response www.postfinance.ch/ap/ga/ub/config/xmd1703599784232/all/fr/null/fr-FR/https$www.postfinance.ch/MZsy5sFESYqU7MawXZgR_w/null/null/fipo-chat-conversation/	19 KB 5 KB	243ms 194ms	Script application/javascript	2a00:17c9:0:8103::20c CH-POSTNETZ Post ...
General Check archive.org Show headers Download Go to Full URL https://www.postfinance.ch/ap/ga/ub/config/xmd1703599784232/all/fr/null/fr-FR/https$www.postfinance.ch/MZsy5sFESYqU7MawXZgR_w/null/null/fipo-chat-conversation/SiteIntegrationLazyMain.cfg Requested by Host: www.kartzu.co.in URL: http://www.kartzu.co.in/finance/sms.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:17c9:0:8103::20c , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH), Reverse DNS Software Apache / Resource Hash 34248c7985c5f79d13e01812bd6965021571a010dc8be687e96dc1bb9d61cfaa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://www.kartzu.co.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 15:46:35 GMT Content-encoding gzip X-content-type-options nosniff Strict-transport-security max-age=31536000; includeSubDomains; preload X_OK_TRID 2602ffc802104-2e921f-15ac0e51-18cf9342d24-00bd6b6b-57786 Connection Keep-Alive Content-Length 4502 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-modified Tue, 09 Jan 2024 07:08:05 GMT Server Apache Expect-CT enforce,max-age=2592000,report-uri="https://universal.postfinance.ch/report" X-Frame-Options SAMEORIGIN Content-Type application/javascript;charset=utf-8 Cache-control max-age=315619200,private Keep-Alive timeout=5, max=49 Expires Wed, 11 Jan 2034 15:46:35 GMT
GET H/1.1	200 OK	SiteIntegrationLazyMain.min.js Show response www.postfinance.ch/ap/ga/ub/static/js/wp/xmd1703267636152/	588 KB 158 KB	367ms 144ms	Script application/javascript	2a00:17c9:0:8103::20c CH-POSTNETZ Post ...
General Check archive.org Show headers Download Go to Full URL https://www.postfinance.ch/ap/ga/ub/static/js/wp/xmd1703267636152/SiteIntegrationLazyMain.min.js Requested by Host: www.kartzu.co.in URL: http://www.kartzu.co.in/finance/sms.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:17c9:0:8103::20c , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH), Reverse DNS Software Apache / Resource Hash ff2d4788ab5e3fef46e66d718255252b2b3118240138236e7937081f380513a7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://www.kartzu.co.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 15:46:35 GMT Content-encoding gzip X-content-type-options nosniff Strict-transport-security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked X_OK_TRID 2602ffc802104-2e921f-15ac0e51-18cf9342dd7-00bd6b78-57792 Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-modified Tue, 25 Jul 2023 19:13:10 GMT Server Apache Expect-CT enforce,max-age=2592000,report-uri="https://universal.postfinance.ch/report" X-Frame-Options SAMEORIGIN Content-Type application/javascript;charset=utf-8 Cache-control max-age=315619200,public Keep-Alive timeout=5, max=50 Expires Wed, 11 Jan 2034 04:42:48 GMT
GET H/1.1	404 Not Found	unblu.interceptor.min.js www.kartzu.co.in/ap/ga/ub/pfstatic/js/	0 0	371ms 280ms	Script text/html	137.59.55.28 EMAXGLOBAL-AS EMA...
General Check archive.org Show headers Download Go to Full URL http://www.kartzu.co.in/ap/ga/ub/pfstatic/js/unblu.interceptor.min.js Requested by Host: www.kartzu.co.in URL: http://www.kartzu.co.in/finance/sms.html Protocol HTTP/1.1 Server 137.59.55.28 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN), Reverse DNS frayd.i-therace.co.uk Software Apache / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://www.kartzu.co.in/finance/sms.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 15:46:34 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	runtime.2055978daa40b83f.js www.kartzu.co.in/finance/	0 0	309ms 270ms	Script text/html	137.59.55.28 EMAXGLOBAL-AS EMA...
General Check archive.org Show headers Download Go to Full URL http://www.kartzu.co.in/finance/runtime.2055978daa40b83f.js Requested by Host: www.kartzu.co.in URL: http://www.kartzu.co.in/finance/sms.html Protocol HTTP/1.1 Server 137.59.55.28 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN), Reverse DNS frayd.i-therace.co.uk Software Apache / Resource Hash Request headers Referer http://www.kartzu.co.in/finance/sms.html Origin http://www.kartzu.co.in accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 15:46:34 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	polyfills.ad5804804459cb7b.js www.kartzu.co.in/finance/	0 0	423ms 281ms	Script text/html	137.59.55.28 EMAXGLOBAL-AS EMA...
General Check archive.org Show headers Download Go to Full URL http://www.kartzu.co.in/finance/polyfills.ad5804804459cb7b.js Requested by Host: www.kartzu.co.in URL: http://www.kartzu.co.in/finance/sms.html Protocol HTTP/1.1 Server 137.59.55.28 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN), Reverse DNS frayd.i-therace.co.uk Software Apache / Resource Hash Request headers Referer http://www.kartzu.co.in/finance/sms.html Origin http://www.kartzu.co.in accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 15:46:34 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	main.63fd6b417bb7757f.js www.kartzu.co.in/finance/	0 0	458ms 229ms	Script text/html	137.59.55.28 EMAXGLOBAL-AS EMA...
General Check archive.org Show headers Download Go to Full URL http://www.kartzu.co.in/finance/main.63fd6b417bb7757f.js Requested by Host: www.kartzu.co.in URL: http://www.kartzu.co.in/finance/sms.html Protocol HTTP/1.1 Server 137.59.55.28 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN), Reverse DNS frayd.i-therace.co.uk Software Apache / Resource Hash Request headers Referer http://www.kartzu.co.in/finance/sms.html Origin http://www.kartzu.co.in accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 15:46:34 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	menu.5ef24d4af24cf22423d2.svg www.kartzu.co.in/finance/	62 KB 63 KB	302ms 302ms	Other image/svg+xml	137.59.55.28 EMAXGLOBAL-AS EMA...
General Check archive.org Show headers Download Go to Full URL http://www.kartzu.co.in/finance/menu.5ef24d4af24cf22423d2.svg Requested by Host: www.kartzu.co.in URL: http://www.kartzu.co.in/finance/sms.html Protocol HTTP/1.1 Server 137.59.55.28 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN), Reverse DNS frayd.i-therace.co.uk Software Apache / Resource Hash c75261d22e60b06d4f14f0a6eb41dea8cdfa30b7a0004932de579487755e979a Request headers accept-language en-US,en;q=0.9 Referer http://www.kartzu.co.in/finance/sms.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 15:46:35 GMT Last-Modified Tue, 26 Dec 2023 14:21:52 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 63998
GET H/1.1	404 Not Found	menu.5ef24d4af24cf22423d2.svg www.kartzu.co.in/finance/sprites/	0 0	229ms 229ms	Other text/html	137.59.55.28 EMAXGLOBAL-AS EMA...
General Check archive.org Show headers Download Go to Full URL http://www.kartzu.co.in/finance/sprites/menu.5ef24d4af24cf22423d2.svg Requested by Host: www.kartzu.co.in URL: http://www.kartzu.co.in/finance/sms.html Protocol HTTP/1.1 Server 137.59.55.28 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN), Reverse DNS frayd.i-therace.co.uk Software Apache / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://www.kartzu.co.in/finance/sms.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 15:46:35 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	FrutigerNeueLTW06-Light.23770ae90a0ac3d5.woff2 www.kartzu.co.in/finance/	42 KB 42 KB	278ms 278ms	Font font/woff2	137.59.55.28 EMAXGLOBAL-AS EMA...
General Check archive.org Show headers Download Go to Full URL http://www.kartzu.co.in/finance/FrutigerNeueLTW06-Light.23770ae90a0ac3d5.woff2 Requested by Host: www.kartzu.co.in URL: http://www.kartzu.co.in/finance/styles.4d537a0973f14efc.css Protocol HTTP/1.1 Server 137.59.55.28 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN), Reverse DNS frayd.i-therace.co.uk Software Apache / Resource Hash d57f0454f106eff11c18b45792a1be05ca0cd79ea653a201a37939e8235eff73 Request headers Referer http://www.kartzu.co.in/finance/styles.4d537a0973f14efc.css Origin http://www.kartzu.co.in accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 15:46:35 GMT Last-Modified Tue, 26 Dec 2023 13:01:03 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 42920

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PostFinance (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| csrfRegisterAjax function| updateQueryStringParameter function| csrfRegisterOpen function| csrfCheckDomain function| relativeCheck function| csrfModifyLinks object| _unblu_572F594F_21AA_4D30_8081_40F2793592AF object| webpackChunkcom_unblu_meta_server_webpack

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.kartzu.co.in/ap/ga/ub/pfstatic/js/unblu.interceptor.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.kartzu.co.in/ap/ga/ub/visitor.js?x-unblu-apikey=MZsy5sFESYqU7MawXZgR_w Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.kartzu.co.in/finance/runtime.2055978daa40b83f.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.kartzu.co.in/finance/polyfills.ad5804804459cb7b.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.kartzu.co.in/finance/main.63fd6b417bb7757f.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.kartzu.co.in/finance/sprites/menu.5ef24d4af24cf22423d2.svg#ico_profileSettings_24 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.kartzu.co.in
www.postfinance.ch
137.59.55.28
2a00:17c9:0:8103::20c
09853de924f26248babaeb91e2d35cd2c21a7ec51b188454dccf160594f5e36e
34248c7985c5f79d13e01812bd6965021571a010dc8be687e96dc1bb9d61cfaa
60de40428f43963bb85cf9b14046012ff91e4b392d672bb79dc83368f40ceac3
7cf7825c4360c4faf04d7203f332303a48e419cf461c3260bc6ad68344e39133
c75261d22e60b06d4f14f0a6eb41dea8cdfa30b7a0004932de579487755e979a
d57f0454f106eff11c18b45792a1be05ca0cd79ea653a201a37939e8235eff73
ff2d4788ab5e3fef46e66d718255252b2b3118240138236e7937081f380513a7