adsgoogle-server-adsence.sabourin-sorin.fr Open in urlscan Pro
103.198.26.251 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://adsgoogle-server-adsence.sabourin-sorin.fr/signin
Effective URL:
https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/
Submission: On July 08 via api (July 8th 2024, 9:43:29 pm UTC) from US — Scanned from FR

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 8 HTTP transactions. The main IP is 103.198.26.251, located in Cyberjaya, Malaysia and belongs to GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY. The main domain is adsgoogle-server-adsence.sabourin-sorin.fr.
TLS certificate: Issued by R11 on July 6th 2024. Valid for: 3 months.

This is the only time adsgoogle-server-adsence.sabourin-sorin.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
3 7	103.198.26.251 103.198.26.251	132372 (GBNETWORK...) (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd.)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	5

7 103.198.26.251 (Cyberjaya, Malaysia) 3 redirects

ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY)
PTR: leroymerlin.fr

adsgoogle-server-adsence.sabourin-sorin.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	sabourin-sorin.fr 3 redirects adsgoogle-server-adsence.sabourin-sorin.fr	311 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 423	23 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 331	11 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 607	31 KB
8	4

	Domain	Requested by
7	adsgoogle-server-adsence.sabourin-sorin.fr	3 redirects adsgoogle-server-adsence.sabourin-sorin.fr
2	cdn.jsdelivr.net	adsgoogle-server-adsence.sabourin-sorin.fr
1	cdnjs.cloudflare.com	adsgoogle-server-adsence.sabourin-sorin.fr
1	ajax.googleapis.com	adsgoogle-server-adsence.sabourin-sorin.fr
8	4

This site contains no links.

Subject Issuer	Validity	Valid
adsgoogle-server-adsence.sabourin-sorin.fr R11	`2024-07-06` - `2024-10-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/
Frame ID: B3C275D97AE768BDC76B5E44E101DED5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Google Ads – Connexion

Page URL History Show full URLs

http://adsgoogle-server-adsence.sabourin-sorin.fr/signin HTTP 307
https://adsgoogle-server-adsence.sabourin-sorin.fr/signin HTTP 301
https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/ HTTP 302
https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293 HTTP 301
https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/ Page URL

Detected technologies

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

4
Countries

446 kB
Transfer

1106 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://adsgoogle-server-adsence.sabourin-sorin.fr/signin HTTP 307
https://adsgoogle-server-adsence.sabourin-sorin.fr/signin HTTP 301
https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/ HTTP 302
https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293 HTTP 301
https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/
Redirect Chain

http://adsgoogle-server-adsence.sabourin-sorin.fr/signin
https://adsgoogle-server-adsence.sabourin-sorin.fr/signin
https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/
https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293
https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/

826 KB
308 KB

388ms
388ms

Document
text/html

103.198.26.251
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.198.26.251 Cyberjaya, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: leroymerlin.fr
Software: nginx / PleskLin
Resource Hash: cbe5870012d41e2613aef9152e6fd70238c86f3a4150eacb05ebf11f9de00ee6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html
date: Mon, 08 Jul 2024 21:43:24 GMT
etag: W/"668c5d7b-ce9c9"
last-modified: Mon, 08 Jul 2024 21:43:23 GMT
server: nginx
x-powered-by: PleskLin

Redirect headers

content-length: 365
content-type: text/html; charset=iso-8859-1
date: Mon, 08 Jul 2024 21:43:23 GMT
location: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/
server: nginx
x-powered-by: PleskLin

GET
H2 404 spinner.css
adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/assets/dist/css/ 0
0 193ms
193ms Stylesheet
text/html 103.198.26.251
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/assets/dist/css/spinner.css
Requested by: Host: adsgoogle-server-adsence.sabourin-sorin.fr
URL: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.198.26.251 Cyberjaya, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: leroymerlin.fr
Software: nginx /
Resource Hash

Request headers

Referer: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:43:25 GMT
content-encoding: br
last-modified: Sat, 06 Jul 2024 14:12:06 GMT
server: nginx
etag: W/"328-61c94c3ce143f"
content-type: text/html

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 137ms
28ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: adsgoogle-server-adsence.sabourin-sorin.fr
URL: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adsgoogle-server-adsence.sabourin-sorin.fr/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 07:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Jul 2025 07:31:02 GMT

GET
H2 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.net/npm/sweetalert2@7.26.11/dist/ 60 KB
16 KB 127ms
20ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@7.26.11/dist/sweetalert2.all.min.js

Requested by

Host: adsgoogle-server-adsence.sabourin-sorin.fr
URL: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6965c967fe2474e34f024a08618c84e9f995c3482a3c46e793b9eca4b00d82e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://adsgoogle-server-adsence.sabourin-sorin.fr/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 Jul 2024 21:43:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2226256
x-jsd-version: 7.26.11
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15789
x-served-by: cache-fra-eddf8230098-FRA, cache-lcy-eglc8600040-LCY
x-jsd-version-type: version
etag: W/"f0e9-mwT0+YYEiqCevutFnxfidLvDzeY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 sweetalert.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/ 40 KB
11 KB 137ms
32ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js

Requested by

Host: adsgoogle-server-adsence.sabourin-sorin.fr
URL: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://adsgoogle-server-adsence.sabourin-sorin.fr/
Origin: https://adsgoogle-server-adsence.sabourin-sorin.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:43:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 534388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10494
last-modified: Mon, 04 May 2020 16:16:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff8-9f68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VhCx54znS%2F06Naomg7QqusC0LUhHFIuPAGZjc1LTSftsk1n9Ehzx%2FI5xRYxPN%2BW6YKnonH%2Fr0pOkodqGn1hrdM5Ux2AjRykIdLZ0%2Bv%2Fpu6IDtwi9dGeVP3aOcOYJZz7yDoF8goQV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a033fed9fe42a3e-CDG
expires: Sat, 28 Jun 2025 21:43:25 GMT

GET
H2 200 log_fr.js Show response
adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/common/ 786 B
686 B 193ms
192ms Script
text/javascript 103.198.26.251
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/common/log_fr.js
Requested by: Host: adsgoogle-server-adsence.sabourin-sorin.fr
URL: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.198.26.251 Cyberjaya, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: leroymerlin.fr
Software: nginx / PleskLin
Resource Hash: e8fb9be69d600707d73d834e7229b08f3169e36aef56b209f4893073182e6666

Request headers

Referer: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:43:25 GMT
content-encoding: gzip
last-modified: Mon, 08 Jul 2024 21:43:23 GMT
server: nginx
x-accel-version: 0.01
etag: "312-61cc34d6fb9e2-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 474

GET
H2 200 main.js Show response
adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/common/ 2 KB
652 B 193ms
192ms Script
text/javascript 103.198.26.251
GBNETWORK-AS-AP G...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/common/main.js
Requested by: Host: adsgoogle-server-adsence.sabourin-sorin.fr
URL: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.198.26.251 Cyberjaya, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY),
Reverse DNS: leroymerlin.fr
Software: nginx / PleskLin
Resource Hash: ea3de1298711142010314256001c5405bc420925f37d1c1b76bd315cb706f88e

Request headers

Referer: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 21:43:25 GMT
content-encoding: br
last-modified: Mon, 08 Jul 2024 21:43:23 GMT
server: nginx
etag: W/"668c5d7b-7a3"
x-powered-by: PleskLin
content-type: text/javascript

GET
H2 200 disable-devtool@latest Show response
cdn.jsdelivr.net/npm/ 17 KB
7 KB 125ms
20ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/disable-devtool@latest

Requested by

Host: adsgoogle-server-adsence.sabourin-sorin.fr
URL: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://adsgoogle-server-adsence.sabourin-sorin.fr/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 Jul 2024 21:43:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 16579
x-jsd-version: 0.3.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6741
x-served-by: cache-fra-eddf8230055-FRA, cache-lcy-eglc8600040-LCY
x-jsd-version-type: version
etag: W/"4372-w4TGldenTh5CcrE/nVlC0PJNCZ0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 267 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 21 KB
21 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Request headers

Referer
Origin: https://adsgoogle-server-adsence.sabourin-sorin.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Request headers

Referer
Origin: https://adsgoogle-server-adsence.sabourin-sorin.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 21 KB
21 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7

Request headers

Referer
Origin: https://adsgoogle-server-adsence.sabourin-sorin.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Request headers

Referer
Origin: https://adsgoogle-server-adsence.sabourin-sorin.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://adsgoogle-server-adsence.sabourin-sorin.fr/signin/99293/assets/dist/css/spinner.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsgoogle-server-adsence.sabourin-sorin.fr
ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
103.198.26.251
104.17.24.14
2a00:1450:4001:827::200a
2a04:4e42:400::485
2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6965c967fe2474e34f024a08618c84e9f995c3482a3c46e793b9eca4b00d82e2
6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
cbe5870012d41e2613aef9152e6fd70238c86f3a4150eacb05ebf11f9de00ee6
e8fb9be69d600707d73d834e7229b08f3169e36aef56b209f4893073182e6666
ea3de1298711142010314256001c5405bc420925f37d1c1b76bd315cb706f88e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

adsgoogle-server-adsence.sabourin-sorin.fr Open in urlscan Pro 103.198.26.251 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

5 IPs

4 Countries

446 kBTransfer

1106 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

adsgoogle-server-adsence.sabourin-sorin.fr Open in urlscan Pro
103.198.26.251 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

4
Countries

446 kB
Transfer

1106 kB
Size

0
Cookies

8 HTTP transactions
5 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!