URL: https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/?dispatch=fRtArKICQUFFQek2XgQHdxN4wtrrorbEjFeLpWnfR3VHhfKfwA
Submission: On March 15 via automatic , source openphish

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions.
The main IP is 137.74.195.25, located in France and belongs to OVH, FR. The main domain is artdufil.fr.
The TLS certificate was issued by Let's Encrypt Authority X3 on March 7th 2019 with a validity of 3 months.
This is the first time this domain was scanned on urlscan.io!
Potentially malicious content or behaviour on this page! Show Details
Phishing detected — Impersonating PayPal (Financial)

Domain & IP information

IP Address AS Autonomous System
5 137.74.195.25 16276 (OVH)
5 1
Domain
Subdomains
Transfer
5 artdufil.fr
177 KB
5 1
Domain Requested by
5 artdufil.fr artdufil.fr
5 1

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
artdufil.fr
Let's Encrypt Authority X3
2019-03-07 -
2019-06-05
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set ?dispatch=fRtArKICQUFFQek2XgQHdxN4wtrrorbEjFeLpWnfR3VHhfKfwA
/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2
4 KB
4 KB
Document
General
Full URL
https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/?dispatch=fRtArKICQUFFQek2XgQHdxN4wtrrorbEjFeLpWnfR3VHhfKfwA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.74.195.25 , France, ASN16276 (OVH, FR),
Reverse DNS
25.ip-137-74-195.eu
Software
nginx / PHP/5.6.40 PleskLin
Resource Hash
d1392fa12aac3ca18b4affae5bafbaf45c40ea904d3852343e58244dadfd6290

Request headers

Host
artdufil.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Fri, 15 Mar 2019 03:10:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.40 PleskLin
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=hv386n9q70ukl598pcq461dej3; path=/
gs_login.css
/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/css
73 KB
73 KB
Stylesheet
General
Full URL
https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/css/gs_login.css
Requested by
Host: artdufil.fr
URL: https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/?dispatch=fRtArKICQUFFQek2XgQHdxN4wtrrorbEjFeLpWnfR3VHhfKfwA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.74.195.25 , France, ASN16276 (OVH, FR),
Reverse DNS
25.ip-137-74-195.eu
Software
nginx / PleskLin
Resource Hash
80a154d4d2c0d0f52dd5e5f112c4bd4dd84a8330a06322a97024c511b4c311ff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
artdufil.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/?dispatch=fRtArKICQUFFQek2XgQHdxN4wtrrorbEjFeLpWnfR3VHhfKfwA
Cookie
PHPSESSID=hv386n9q70ukl598pcq461dej3
Connection
keep-alive
Cache-Control
no-cache
Referer
https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/?dispatch=fRtArKICQUFFQek2XgQHdxN4wtrrorbEjFeLpWnfR3VHhfKfwA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 15 Mar 2019 03:10:38 GMT
Last-Modified
Fri, 15 Mar 2019 01:29:09 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74372
Expires
Fri, 22 Mar 2019 03:10:38 GMT
jquery.js
/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/js
94 KB
94 KB
Script
General
Full URL
https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/js/jquery.js
Requested by
Host: artdufil.fr
URL: https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/?dispatch=fRtArKICQUFFQek2XgQHdxN4wtrrorbEjFeLpWnfR3VHhfKfwA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.74.195.25 , France, ASN16276 (OVH, FR),
Reverse DNS
25.ip-137-74-195.eu
Software
nginx / PleskLin
Resource Hash
161ddce728615bd31a9c34fbb1cd047a4fe165e30cb86f826d1c856a956016ca

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
artdufil.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/?dispatch=fRtArKICQUFFQek2XgQHdxN4wtrrorbEjFeLpWnfR3VHhfKfwA
Cookie
PHPSESSID=hv386n9q70ukl598pcq461dej3
Connection
keep-alive
Cache-Control
no-cache
Referer
https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/?dispatch=fRtArKICQUFFQek2XgQHdxN4wtrrorbEjFeLpWnfR3VHhfKfwA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 15 Mar 2019 03:10:38 GMT
Last-Modified
Fri, 15 Mar 2019 01:29:09 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95825
Expires
Fri, 22 Mar 2019 03:10:38 GMT
login.js
/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/js
696 B
1006 B
Script
General
Full URL
https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/js/login.js
Requested by
Host: artdufil.fr
URL: https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/?dispatch=fRtArKICQUFFQek2XgQHdxN4wtrrorbEjFeLpWnfR3VHhfKfwA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.74.195.25 , France, ASN16276 (OVH, FR),
Reverse DNS
25.ip-137-74-195.eu
Software
nginx / PleskLin
Resource Hash
e11af7d139a5662450db6a0c86ae436be08a7cf86ada8c7d038e9edb955f1ce4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
artdufil.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/?dispatch=fRtArKICQUFFQek2XgQHdxN4wtrrorbEjFeLpWnfR3VHhfKfwA
Cookie
PHPSESSID=hv386n9q70ukl598pcq461dej3
Connection
keep-alive
Cache-Control
no-cache
Referer
https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/?dispatch=fRtArKICQUFFQek2XgQHdxN4wtrrorbEjFeLpWnfR3VHhfKfwA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 15 Mar 2019 03:10:38 GMT
Last-Modified
Fri, 15 Mar 2019 01:29:09 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
696
Expires
Fri, 22 Mar 2019 03:10:38 GMT
paypal-logo-129x32.svg
/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/images
5 KB
5 KB
Image
General
Full URL
https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/images/paypal-logo-129x32.svg
Requested by
Host: artdufil.fr
URL: https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/?dispatch=fRtArKICQUFFQek2XgQHdxN4wtrrorbEjFeLpWnfR3VHhfKfwA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.74.195.25 , France, ASN16276 (OVH, FR),
Reverse DNS
25.ip-137-74-195.eu
Software
nginx / PleskLin
Resource Hash
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
artdufil.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/css/gs_login.css
Cookie
PHPSESSID=hv386n9q70ukl598pcq461dej3
Connection
keep-alive
Cache-Control
no-cache
Referer
https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/css/gs_login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 15 Mar 2019 03:10:38 GMT
Last-Modified
Fri, 15 Mar 2019 01:29:09 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4945
Expires
Sat, 14 Mar 2020 03:10:38 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Malicious behaviour and content

Google Safe Browsing

There was 1 malicious URLs contacted according to Google Safe Browsing! See report

SOCIAL_ENGINEERING https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/images/paypal-logo-129x32.svg

Openphish submission Was submitted from known phishing list

Type: url
Value: https://artdufil.fr/bankID/gs_gen/gs75fc50b5864745273a6b204d86d48cc2/?dispatch=fRtArKICQUFFQek2XgQHdxN4wtrrorbEjFeLpWnfR3VHhfKfwA (Main page)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| IsEmail function| Nextgs function| change

1 Cookies

Domain/Path Name / Value
artdufil.fr/ Name: PHPSESSID
Value: hv386n9q70ukl598pcq461dej3