assuranc10.temp.swtest.ru Open in urlscan Pro
77.222.40.223 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/
Submission: On December 18 via api (December 18th 2022, 3:09:16 pm UTC) from US — Scanned from US

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 77.222.40.223, located in Russian Federation and belongs to SWEB-AS, RU. The main domain is assuranc10.temp.swtest.ru.

This is the only time assuranc10.temp.swtest.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caisse d'Epargne (Banking)

Domain & IP information

	IP Address	AS Autonomous System
15	77.222.40.223 77.222.40.223	44112 (SWEB-AS) (SWEB-AS)
1	2600:9000:21d... 2600:9000:21dd:c200:c:1f44:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
20	3

15 77.222.40.223 (Russian Federation)

ASN44112 (SWEB-AS, RU)
PTR: vh292.sweb.ru

assuranc10.temp.swtest.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:c200:c:1f44:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.caisse-epargne.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	swtest.ru assuranc10.temp.swtest.ru	536 KB
1	caisse-epargne.fr www.caisse-epargne.fr — Cisco Umbrella Rank: 384503	178 KB
0	kameleoon.eu Failed eu-tlp03.kameleoon.eu Failed eu-tlp06.kameleoon.eu Failed
20	3

	Domain	Requested by
15	assuranc10.temp.swtest.ru	assuranc10.temp.swtest.ru
1	www.caisse-epargne.fr	assuranc10.temp.swtest.ru
0	eu-tlp06.kameleoon.eu Failed	assuranc10.temp.swtest.ru
0	eu-tlp03.kameleoon.eu Failed	assuranc10.temp.swtest.ru
20	4

This site contains links to these domains. Also see Links.

Domain
www.caisse-epargne.fr

Subject Issuer	Validity	Valid
www.caisse-epargne.fr GlobalSign Extended Validation CA - SHA256 - G3	`2022-05-23` - `2023-06-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/
Frame ID: 273031AACB1428C86A6382C6E609B092
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Connexion à votre espace personnel

Page Statistics

20
Requests

5 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

715 kB
Transfer

1555 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.caisse-epargne.fr/particuliers/au-quotidien/toujours-a-vos-cotes/bons-reflexes-adopter
Title: Plus d'informations

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/	258 KB 30 KB	278ms 151ms	Document text/html	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `252c02a0f75f2f626f70476d5b51341b49847b610db932dda84b54b893d156f8` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 18 Dec 2022 15:09:07 GMT ETag W/"6e89f01-40787-5eff814eb6874" Keep-Alive timeout=10 Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	styles.28c41c111c9099382590.css assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/	117 KB 15 KB	233ms 122ms	Stylesheet text/css	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/styles.28c41c111c9099382590.css Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `e9ad3969adcaeeaea2ab20be21135e17d05b7e3c21f58f51bed126177b59ab47` Request headers accept-language en-US,en;q=0.9 Referer http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sun, 18 Dec 2022 15:09:07 GMT Content-Encoding gzip Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 ETag W/"6e89f52-1d41d-5eff814edba34" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive Keep-Alive timeout=10
GET H/1.1	200 OK	22-es2015.2d47e35ab3c651e07494.js.download Show response assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/	1 KB 1005 B	250ms 127ms	Script application/x-javascript	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/22-es2015.2d47e35ab3c651e07494.js.download Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `69df405c16277c6560147a63386fffc0888c00094cfcd297309dc6b2ed230eab` Request headers accept-language en-US,en;q=0.9 Referer http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sun, 18 Dec 2022 15:09:07 GMT Content-Encoding gzip Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 ETag W/"6e89f5f-45f-5eff814edc204" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript Connection keep-alive Keep-Alive timeout=10
GET H/1.1	200 OK	14-es2015.82e975830e78d4958a50.js.download Show response assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/	81 KB 12 KB	264ms 137ms	Script application/x-javascript	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/14-es2015.82e975830e78d4958a50.js.download Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `7723b8d9ee6a5c4c486d95c779e77eed7c7d962b45f9257e757e5177dc508449` Request headers accept-language en-US,en;q=0.9 Referer http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sun, 18 Dec 2022 15:09:07 GMT Content-Encoding gzip Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 ETag W/"6e89f51-145ef-5eff814edba34" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript Connection keep-alive Keep-Alive timeout=10
GET H/1.1	200 OK	activex.js.download Show response assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/	0 286 B	130ms 129ms	Script application/x-javascript	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/activex.js.download Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sun, 18 Dec 2022 15:09:08 GMT Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 ETag "6e89f5a-0-5eff814edbe1c" Content-Type application/x-javascript Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=10 Content-Length 0
GET H/1.1	200 OK	folding.js.download Show response assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/	0 286 B	136ms 136ms	Script application/x-javascript	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/folding.js.download Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sun, 18 Dec 2022 15:09:08 GMT Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 ETag "6e89f5e-0-5eff814edc204" Content-Type application/x-javascript Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=10 Content-Length 0
GET H/1.1	200 OK	kameleoon.js.download Show response assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/	443 KB 72 KB	136ms 131ms	Script application/x-javascript	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/kameleoon.js.download Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `6dc6efeb298ebe4a777be9ebbffdafeb7209c25ebe8bd33e48af224ed70d010b` Request headers accept-language en-US,en;q=0.9 Referer http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sun, 18 Dec 2022 15:09:08 GMT Content-Encoding gzip Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 ETag W/"6e89f53-6ecad-5eff814edbe1c" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript Connection keep-alive Keep-Alive timeout=10
GET H/1.1	200 OK	utag.5.js.download Show response assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/	59 KB 20 KB	142ms 138ms	Script application/x-javascript	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/utag.5.js.download Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `e99b34598abbd184e7724ca78506d64a97e20a5ae85ce3a237983718458207a9` Request headers accept-language en-US,en;q=0.9 Referer http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sun, 18 Dec 2022 15:09:08 GMT Content-Encoding gzip Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 ETag W/"6e89f5b-ecba-5eff814edc204" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript Connection keep-alive Keep-Alive timeout=10
GET H/1.1	200 OK	logo.svg assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/	2 KB 1 KB	387ms 119ms	Image image/svg+xml	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/logo.svg Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `9579283d865020b650ec1910dbed8920930b370e3232b13f3b64004d31ff45b9` Request headers accept-language en-US,en;q=0.9 Referer http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sun, 18 Dec 2022 15:09:08 GMT Content-Encoding gzip Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 ETag W/"6e89f2f-993-5eff814eb7814" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/svg+xml Connection keep-alive Keep-Alive timeout=10
GET H/1.1	200 OK	graphisme-jo-ce.svg assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/	51 KB 18 KB	406ms 136ms	Image image/svg+xml	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/graphisme-jo-ce.svg Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `a0d362b4a44054a106d8fef5baed68ba784b1bacff8a32fec5c1225907a48648` Request headers accept-language en-US,en;q=0.9 Referer http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sun, 18 Dec 2022 15:09:08 GMT Content-Encoding gzip Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 ETag W/"6e89f31-ca37-5eff814eb7bfc" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/svg+xml Connection keep-alive Keep-Alive timeout=10
GET H/1.1	200 OK	small.png assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/	454 B 454 B	193ms 193ms	Image image/png	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/index_files/small.png Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sun, 18 Dec 2022 15:09:08 GMT Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 ETag "6e89f55-1c6-5eff814edbe1c" Content-Type image/png Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=10 Content-Length 454
GET H2	200	background_startup_ce_default.jpg www.caisse-epargne.fr/ria/accessecurite/assets/	178 KB 178 KB	35ms 11ms	Image image/jpeg	2600:9000:21dd:c200:c:1f44:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.caisse-epargne.fr/ria/accessecurite/assets/background_startup_ce_default.jpg Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21dd:c200:c:1f44:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash `f6af520b48ebe4bd7a0536db19f54cc87c4ce49348f34e25efcd1ad18c8dbf71` Request headers accept-language en-US,en;q=0.9 Referer http://assuranc10.temp.swtest.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sun, 18 Dec 2022 15:06:57 GMT via 1.1 2ef71b29bcfbfc8755cad5f92a3c329a.cloudfront.net (CloudFront) last-modified Wed, 07 Jul 2021 02:57:13 GMT x-amz-cf-pop EWR53-C2 age 131 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=3600 accept-ranges bytes content-length 182135 x-amz-cf-id wxLUnASuG-71mADtx2QyzZ2w4gXxjgqetks3z55O9WkyaWOnwLdohQ== expires Sun, 18 Dec 2022 16:06:57 GMT
GET H/1.1	200 OK	ubuntu11-regular.15d81a570ae64db0056e.woff2 assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/	124 KB 124 KB	238ms 144ms	Font application/octet-stream	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ubuntu11-regular.15d81a570ae64db0056e.woff2 Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `160eccbcc89ad2d3f76f84cfaa5832912ef605a2a363cc78236c8c87b7009493` Request headers Referer http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Origin http://assuranc10.temp.swtest.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sun, 18 Dec 2022 15:09:08 GMT Content-Encoding gzip Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 ETag W/"6e89ee3-1ef30-5eff814eb58d4" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/plain Connection keep-alive Keep-Alive timeout=10
GET H/1.1	200 OK	ubuntu11-500.725395e324d9c31a33c6.woff2 assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/	116 KB 116 KB	273ms 158ms	Font application/octet-stream	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ubuntu11-500.725395e324d9c31a33c6.woff2 Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `bff860e6321ac94c3365c40746917c919de50a557743608a50779d0bc8c4874a` Request headers Referer http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Origin http://assuranc10.temp.swtest.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sun, 18 Dec 2022 15:09:08 GMT Content-Encoding gzip Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 ETag W/"6e89f2b-1cf78-5eff814eb7814" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/plain Connection keep-alive Keep-Alive timeout=10
GET H/1.1	200 OK	89c3-icons.3cab455a0b69a85b97dc.woff2 assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/	12 KB 12 KB	275ms 157ms	Font application/octet-stream	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/89c3-icons.3cab455a0b69a85b97dc.woff2 Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `9bf694e2491d56f12bc0ff2d41d39298218b9d94b90ff0f2b0ac33355b8e897c` Request headers Referer http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Origin http://assuranc10.temp.swtest.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sun, 18 Dec 2022 15:09:08 GMT Content-Encoding gzip Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 ETag W/"6e89f2a-2e18-5eff814eb7814" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/plain Connection keep-alive Keep-Alive timeout=10
GET H/1.1	200 OK	ubuntu11-700.f56f21725c70d49fff72.woff2 assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/	113 KB 113 KB	286ms 164ms	Font application/octet-stream	77.222.40.223 SWEB-AS
General Check archive.org Show headers Download Go to Full URL http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ubuntu11-700.f56f21725c70d49fff72.woff2 Requested by Host: assuranc10.temp.swtest.ru URL: http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Protocol HTTP/1.1 Server 77.222.40.223 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh292.sweb.ru Software nginx/1.19.1 / Resource Hash `d5c6a843cd8c9bdff0a4b3ab6e45452f599fde24bf1bd7db9e167068a0e31cd6` Request headers Referer http://assuranc10.temp.swtest.ru/caisse%20nk/bde851bbb883b04/ Origin http://assuranc10.temp.swtest.ru accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sun, 18 Dec 2022 15:09:08 GMT Content-Encoding gzip Last-Modified Fri, 16 Dec 2022 20:47:45 GMT Server nginx/1.19.1 ETag W/"6e89f66-1c3bc-5eff814edc204" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/plain Connection keep-alive Keep-Alive timeout=10
GET		ip.gif eu-tlp03.kameleoon.eu/	0 0

GET		visit.gif eu-tlp06.kameleoon.eu/	0 0

GET		visit.gif eu-tlp06.kameleoon.eu/	0 0

GET		visit.gif eu-tlp06.kameleoon.eu/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eu-tlp03.kameleoon.eu
URL: http://eu-tlp03.kameleoon.eu/ip.gif

Domain: eu-tlp06.kameleoon.eu
URL: http://eu-tlp06.kameleoon.eu/visit.gif?lp=2&spt=1615462042093&p=c2l0ZUNvZGU9ZWh2YmNzY294dCZ2aXNpdG9yQ29kZT0yZmxyNXBoaXR1ZHoxY3c1JnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9QkE2MzhBMDA5RUFDODFFMiZldmVudFR5cGU9cGFnZSZ0aW1lPTE2NzEzNzYxNDgzODImaHJlZj1odHRwJTNBJTJGJTJGYXNzdXJhbmMxMC50ZW1wLnN3dGVzdC5ydSUyRmNhaXNzZSUyMG5rJTJGYmRlODUxYmJiODgzYjA0JTJGJnRpdGxlPUNvbm5leGlvbiUyMCVDMyVBMCUyMHZvdHJlJTIwZXNwYWNlJTIwcGVyc29ubmVsJmtleVBhZ2VzPSU1Qm51bGwlNUQmcmVmZXJyZXJzPSU1Qm51bGwlNUQ%3D

Domain: eu-tlp06.kameleoon.eu
URL: http://eu-tlp06.kameleoon.eu/visit.gif?lp=2&spt=1615462042093&p=c2l0ZUNvZGU9ZWh2YmNzY294dCZ2aXNpdG9yQ29kZT0yZmxyNXBoaXR1ZHoxY3c1JnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9Mjc0QjJBNjNGMjY0MTUxQyZldmVudFR5cGU9c3RhdGljRGF0YSZ0aW1lPTE2NzEzNzYxNDgzODMmdGltZVNpbmNlUHJldmlvdXNWaXNpdD0wJmxhbmRpbmdQYWdlSHJlZj1odHRwJTNBJTJGJTJGYXNzdXJhbmMxMC50ZW1wLnN3dGVzdC5ydSUyRmNhaXNzZSUyMG5rJTJGYmRlODUxYmJiODgzYjA0JTJGJmxhbmRpbmdQYWdlVGl0bGU9Q29ubmV4aW9uJTIwJUMzJUEwJTIwdm90cmUlMjBlc3BhY2UlMjBwZXJzb25uZWwmbGFuZGluZ1BhZ2VzPSU1Qm51bGwlNUQmZmlyc3RSZWZlcnJlckhyZWY9bnVsbCZmaXJzdFJlZmVycmVycz0lNUJudWxsJTVEJmxhbmd1YWdlPW51bGwmYnJvd3Nlcj0wJmJyb3dzZXJWZXJzaW9uPTEwOCZtb2JpbGVCcm93c2VyPWZhbHNlJm9zPTAmd2luZG93V2lkdGg9MTYwMCZ3aW5kb3dIZWlnaHQ9MTIwMCZzY3JlZW5XaWR0aD0xNjAwJnNjcmVlbkhlaWdodD0xMjAwJmphdmFFbmFibGVkPWZhbHNlJnRpbWVab25lSWQ9RXRjJTJGVW5rbm93biZsb2NhbGVMYW5ndWFnZVRhZz1lbi1VUyZkZXZpY2VUeXBlPURFU0tUT1AmYnJvd3Nlck5hbWU9Q2hyb21lJm9zTmFtZT1XaW5kb3dzJnRpbWVab25lR3JvdXBzPSU1Qm51bGwlNUQmdmlzaXROdW1iZXI9MA%3D%3D

Domain: eu-tlp06.kameleoon.eu
URL: http://eu-tlp06.kameleoon.eu/visit.gif?lp=2&spt=1615462042093&p=c2l0ZUNvZGU9ZWh2YmNzY294dCZ2aXNpdG9yQ29kZT0yZmxyNXBoaXR1ZHoxY3c1JnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9RUIyMDM1RTIwMjRCNUNBMyZldmVudFR5cGU9YWN0aXZpdHkmdGltZT0xNjcxMzc2MTQ4Mzg1JmFjdGl2ZT10cnVlJm51bWJlckNsaWNrcz0wJnRhYkNvdW50PTA%3D

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caisse d'Epargne (Banking)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.swtest.ru/	1970-01-20 17:23:28	Name: kameleoonVisitorCode Value: _js_2flr5phitudz1cw5

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://eu-tlp03.kameleoon.eu/ip.gif Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: http://eu-tlp06.kameleoon.eu/visit.gif?lp=2&spt=1615462042093&p=c2l0ZUNvZGU9ZWh2YmNzY294dCZ2aXNpdG9yQ29kZT0yZmxyNXBoaXR1ZHoxY3c1JnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9QkE2MzhBMDA5RUFDODFFMiZldmVudFR5cGU9cGFnZSZ0aW1lPTE2NzEzNzYxNDgzODImaHJlZj1odHRwJTNBJTJGJTJGYXNzdXJhbmMxMC50ZW1wLnN3dGVzdC5ydSUyRmNhaXNzZSUyMG5rJTJGYmRlODUxYmJiODgzYjA0JTJGJnRpdGxlPUNvbm5leGlvbiUyMCVDMyVBMCUyMHZvdHJlJTIwZXNwYWNlJTIwcGVyc29ubmVsJmtleVBhZ2VzPSU1Qm51bGwlNUQmcmVmZXJyZXJzPSU1Qm51bGwlNUQ%3D Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: http://eu-tlp06.kameleoon.eu/visit.gif?lp=2&spt=1615462042093&p=c2l0ZUNvZGU9ZWh2YmNzY294dCZ2aXNpdG9yQ29kZT0yZmxyNXBoaXR1ZHoxY3c1JnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9Mjc0QjJBNjNGMjY0MTUxQyZldmVudFR5cGU9c3RhdGljRGF0YSZ0aW1lPTE2NzEzNzYxNDgzODMmdGltZVNpbmNlUHJldmlvdXNWaXNpdD0wJmxhbmRpbmdQYWdlSHJlZj1odHRwJTNBJTJGJTJGYXNzdXJhbmMxMC50ZW1wLnN3dGVzdC5ydSUyRmNhaXNzZSUyMG5rJTJGYmRlODUxYmJiODgzYjA0JTJGJmxhbmRpbmdQYWdlVGl0bGU9Q29ubmV4aW9uJTIwJUMzJUEwJTIwdm90cmUlMjBlc3BhY2UlMjBwZXJzb25uZWwmbGFuZGluZ1BhZ2VzPSU1Qm51bGwlNUQmZmlyc3RSZWZlcnJlckhyZWY9bnVsbCZmaXJzdFJlZmVycmVycz0lNUJudWxsJTVEJmxhbmd1YWdlPW51bGwmYnJvd3Nlcj0wJmJyb3dzZXJWZXJzaW9uPTEwOCZtb2JpbGVCcm93c2VyPWZhbHNlJm9zPTAmd2luZG93V2lkdGg9MTYwMCZ3aW5kb3dIZWlnaHQ9MTIwMCZzY3JlZW5XaWR0aD0xNjAwJnNjcmVlbkhlaWdodD0xMjAwJmphdmFFbmFibGVkPWZhbHNlJnRpbWVab25lSWQ9RXRjJTJGVW5rbm93biZsb2NhbGVMYW5ndWFnZVRhZz1lbi1VUyZkZXZpY2VUeXBlPURFU0tUT1AmYnJvd3Nlck5hbWU9Q2hyb21lJm9zTmFtZT1XaW5kb3dzJnRpbWVab25lR3JvdXBzPSU1Qm51bGwlNUQmdmlzaXROdW1iZXI9MA%3D%3D Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: http://eu-tlp06.kameleoon.eu/visit.gif?lp=2&spt=1615462042093&p=c2l0ZUNvZGU9ZWh2YmNzY294dCZ2aXNpdG9yQ29kZT0yZmxyNXBoaXR1ZHoxY3c1JnN0YXJ0T2ZWaXNpdD10cnVlJnNjcmlwdFZlcnNpb249MjAxOTAxMTUmbm9uY2U9RUIyMDM1RTIwMjRCNUNBMyZldmVudFR5cGU9YWN0aXZpdHkmdGltZT0xNjcxMzc2MTQ4Mzg1JmFjdGl2ZT10cnVlJm51bWJlckNsaWNrcz0wJnRhYkNvdW50PTA%3D Message: Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assuranc10.temp.swtest.ru
eu-tlp03.kameleoon.eu
eu-tlp06.kameleoon.eu
www.caisse-epargne.fr
eu-tlp03.kameleoon.eu
eu-tlp06.kameleoon.eu
2600:9000:21dd:c200:c:1f44:1080:93a1
77.222.40.223
160eccbcc89ad2d3f76f84cfaa5832912ef605a2a363cc78236c8c87b7009493
252c02a0f75f2f626f70476d5b51341b49847b610db932dda84b54b893d156f8
69df405c16277c6560147a63386fffc0888c00094cfcd297309dc6b2ed230eab
6dc6efeb298ebe4a777be9ebbffdafeb7209c25ebe8bd33e48af224ed70d010b
7723b8d9ee6a5c4c486d95c779e77eed7c7d962b45f9257e757e5177dc508449
9579283d865020b650ec1910dbed8920930b370e3232b13f3b64004d31ff45b9
9bf694e2491d56f12bc0ff2d41d39298218b9d94b90ff0f2b0ac33355b8e897c
a0d362b4a44054a106d8fef5baed68ba784b1bacff8a32fec5c1225907a48648
bff860e6321ac94c3365c40746917c919de50a557743608a50779d0bc8c4874a
d5c6a843cd8c9bdff0a4b3ab6e45452f599fde24bf1bd7db9e167068a0e31cd6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99b34598abbd184e7724ca78506d64a97e20a5ae85ce3a237983718458207a9
e9ad3969adcaeeaea2ab20be21135e17d05b7e3c21f58f51bed126177b59ab47
f6af520b48ebe4bd7a0536db19f54cc87c4ce49348f34e25efcd1ad18c8dbf71

assuranc10.temp.swtest.ru Open in urlscan Pro 77.222.40.223 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

20 Requests

5 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

715 kBTransfer

1555 kBSize

1 Cookies

1 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

1 Cookies

4 Console Messages

Indicators

assuranc10.temp.swtest.ru Open in urlscan Pro
77.222.40.223 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

5 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

715 kB
Transfer

1555 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!