urlscan.io logo urlscan.io
SecurityTrails logo

groupe-profiles.codeanyapp.com Open in urlscan Pro
45.55.112.74  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.gasexpresscr.com/
Effective URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Submission: On July 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 45.55.112.74, located in San Francisco, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is groupe-profiles.codeanyapp.com.
TLS certificate: Issued by R3 on April 19th 2024. Valid for: 3 months.
This is the only time groupe-profiles.codeanyapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: FR Government (Government)

Domain & IP information

IP Address AS Autonomous System
1 2a02:4780:1:1... 47583 (AS-HOSTINGER)
1 15 45.55.112.74 14061 (DIGITALOC...)
1 185.8.53.118 47957 (ING-AS)
16 4
Domain Requested by
15 groupe-profiles.codeanyapp.com 1 redirects www.gasexpresscr.com
groupe-profiles.codeanyapp.com
1 www.amendes.gouv.fr groupe-profiles.codeanyapp.com
1 www.gasexpresscr.com
16 3
Subject Issuer Validity Valid
gasexpresscr.com
ZeroSSL RSA Domain Secure Site CA		 2024-06-07 -
2024-09-05		 3 months crt.sh
codeanyapp.com
R3		 2024-04-19 -
2024-07-18		 3 months crt.sh
www.amendes.gouv.fr
Certigna Services CA		 2024-03-21 -
2024-11-18		 8 months crt.sh

This page contains 1 frames:

Primary Page: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Frame ID: 53161333A063AC68C2681FFB0154B859
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Site officiel unique de télépaiement | Amendes.gouv.fr

Page URL History Show full URLs

  1. http://www.gasexpresscr.com/ HTTP 307
    https://www.gasexpresscr.com/ Page URL
  2. https://groupe-profiles.codeanyapp.com/get-ID/antai/ HTTP 302
    https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

16
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

91 kB
Transfer

167 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.gasexpresscr.com/ HTTP 307
    https://www.gasexpresscr.com/ Page URL
  2. https://groupe-profiles.codeanyapp.com/get-ID/antai/ HTTP 302
    https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.gasexpresscr.com/ HTTP 307
  • https://www.gasexpresscr.com/

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.gasexpresscr.com/
Redirect Chain
  • http://www.gasexpresscr.com/
  • https://www.gasexpresscr.com/
182 B
485 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gasexpresscr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:1:1382:0:2fec:ff3d:d Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.1.28
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
168
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 02 Jul 2024 07:13:32 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.1.28

Redirect headers

Location
https://www.gasexpresscr.com/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request connexion.php
groupe-profiles.codeanyapp.com/get-ID/antai/
Redirect Chain
  • https://groupe-profiles.codeanyapp.com/get-ID/antai/
  • https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
76 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Requested by
Host: www.gasexpresscr.com
URL: https://www.gasexpresscr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
9bc32d01f109232494dcc3717ef700c3412103dbadbafdc2fd252f3a0167d371

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.gasexpresscr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-length
10888
content-type
text/html; charset=UTF-8
date
Tue, 02 Jul 2024 06:26:25 GMT
server
openresty
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
73
content-type
text/html; charset=UTF-8
date
Tue, 02 Jul 2024 06:26:24 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
connexion.php
pragma
no-cache
server
openresty
open-sans-regular.html
groupe-profiles.codeanyapp.com/get-ID/antai/assets/fonts/open-sans/ 		808 B
641 B 		Font
General
Check archive.org
Download Go to
Full URL
https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/fonts/open-sans/open-sans-regular.html
Requested by
Host: groupe-profiles.codeanyapp.com
URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Origin
https://groupe-profiles.codeanyapp.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:26:25 GMT
content-encoding
gzip
last-modified
Tue, 02 Jul 2024 02:15:57 GMT
server
openresty
etag
"328-61c3a4b54e055-gzip"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
456
open-sans-bold.html
groupe-profiles.codeanyapp.com/get-ID/antai/assets/fonts/open-sans/ 		808 B
641 B 		Font
General
Check archive.org
Download Go to
Full URL
https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/fonts/open-sans/open-sans-bold.html
Requested by
Host: groupe-profiles.codeanyapp.com
URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Origin
https://groupe-profiles.codeanyapp.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:26:25 GMT
content-encoding
gzip
last-modified
Tue, 02 Jul 2024 02:15:57 GMT
server
openresty
etag
"328-61c3a4b531f1e-gzip"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
456
styles.743d51bbe3793bb36c60.css
groupe-profiles.codeanyapp.com/get-ID/antai/assets/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/styles.743d51bbe3793bb36c60.css
Requested by
Host: groupe-profiles.codeanyapp.com
URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
413a62a0485dd260416f82190779c18141b1c82cd404471b1545cd1f1ef4bee0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:26:25 GMT
content-encoding
gzip
last-modified
Tue, 02 Jul 2024 02:16:02 GMT
server
openresty
etag
"4583-61c3a4b96a058-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
5128
logo-amendes-gouv.svg
www.amendes.gouv.fr/assets/img/design/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.amendes.gouv.fr/assets/img/design/logo-amendes-gouv.svg
Requested by
Host: groupe-profiles.codeanyapp.com
URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.8.53.118 , France, ASN47957 (ING-AS, FR),
Reverse DNS
Software
/
Resource Hash
5932743bf769427d05289e72fb2bdb7cd1a5bc46f01248be159eb820fe27271d
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://groupe-profiles.codeanyapp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 07:13:33 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
last-modified
Wed, 24 Apr 2024 12:54:37 GMT
etag
"6629010d-5cbd"
content-type
image/svg+xml
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
23741
45c4af5118.js
groupe-profiles.codeanyapp.com/kit.fontawesome.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://groupe-profiles.codeanyapp.com/kit.fontawesome.com/45c4af5118.js
Requested by
Host: groupe-profiles.codeanyapp.com
URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Origin
https://groupe-profiles.codeanyapp.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:26:25 GMT
server
openresty
content-length
328
content-type
text/html; charset=iso-8859-1
runtime-es2017.cf3238a554b19a10cb82.html
groupe-profiles.codeanyapp.com/get-ID/antai/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://groupe-profiles.codeanyapp.com/get-ID/antai/runtime-es2017.cf3238a554b19a10cb82.html
Requested by
Host: groupe-profiles.codeanyapp.com
URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Origin
https://groupe-profiles.codeanyapp.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:26:25 GMT
server
openresty
content-length
348
content-type
text/html; charset=iso-8859-1
polyfills-es2017.533ebfade82697eddcf6.html
groupe-profiles.codeanyapp.com/get-ID/antai/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://groupe-profiles.codeanyapp.com/get-ID/antai/polyfills-es2017.533ebfade82697eddcf6.html
Requested by
Host: groupe-profiles.codeanyapp.com
URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Origin
https://groupe-profiles.codeanyapp.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:26:25 GMT
server
openresty
content-length
350
content-type
text/html; charset=iso-8859-1
main-es2017.3f346dd5d8d0c431d6e2.html
groupe-profiles.codeanyapp.com/get-ID/antai/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://groupe-profiles.codeanyapp.com/get-ID/antai/main-es2017.3f346dd5d8d0c431d6e2.html
Requested by
Host: groupe-profiles.codeanyapp.com
URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Origin
https://groupe-profiles.codeanyapp.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:26:25 GMT
server
openresty
content-length
345
content-type
text/html; charset=iso-8859-1
bg-intro.9630b0c4c57c3d72d3ec.jpg
groupe-profiles.codeanyapp.com/get-ID/antai/assets/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/bg-intro.9630b0c4c57c3d72d3ec.jpg
Requested by
Host: groupe-profiles.codeanyapp.com
URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/styles.743d51bbe3793bb36c60.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
a1fa2ccd5301b72338e02e3b1955b7c3347a27dcc6617bb1b0fcb1fac7069a86

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/styles.743d51bbe3793bb36c60.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:26:25 GMT
last-modified
Tue, 02 Jul 2024 02:15:57 GMT
server
openresty
accept-ranges
bytes
etag
"9f08-61c3a4b5351e5"
content-length
40712
content-type
image/jpeg
banner.f9855031892baad8a497.svg
groupe-profiles.codeanyapp.com/get-ID/antai/assets/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/banner.f9855031892baad8a497.svg
Requested by
Host: groupe-profiles.codeanyapp.com
URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/styles.743d51bbe3793bb36c60.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
7e9f3dfeca57ef07d745b277027de295bab063f6fbab867b10dc6cd519a0a262

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/styles.743d51bbe3793bb36c60.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:26:25 GMT
last-modified
Tue, 02 Jul 2024 02:15:56 GMT
server
openresty
accept-ranges
bytes
etag
"1635-61c3a4b45b19f"
content-length
5685
content-type
image/svg+xml
lock.d72c3b80536f448a52ed.svg
groupe-profiles.codeanyapp.com/get-ID/antai/assets/ 		364 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/lock.d72c3b80536f448a52ed.svg
Requested by
Host: groupe-profiles.codeanyapp.com
URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/styles.743d51bbe3793bb36c60.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
cd3b3531417ed9f2290c79f7ee98f9848883309b0f7aeaa4684a96a4d1018795

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/styles.743d51bbe3793bb36c60.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:26:25 GMT
last-modified
Tue, 02 Jul 2024 02:16:00 GMT
server
openresty
accept-ranges
bytes
etag
"16c-61c3a4b7fefc2"
content-length
364
content-type
image/svg+xml
moyen-app.e6b1c8e9e8920b4b6aa6.svg
groupe-profiles.codeanyapp.com/get-ID/antai/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/moyen-app.e6b1c8e9e8920b4b6aa6.svg
Requested by
Host: groupe-profiles.codeanyapp.com
URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/styles.743d51bbe3793bb36c60.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
2621f5b43c8de1a78e51e82e862ee48a034025da57e124c84c0f3246ed824714

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/styles.743d51bbe3793bb36c60.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:26:25 GMT
last-modified
Tue, 02 Jul 2024 02:16:00 GMT
server
openresty
accept-ranges
bytes
etag
"62c-61c3a4b841e11"
content-length
1580
content-type
image/svg+xml
moyen-tel.980753f2b4b0302466cb.svg
groupe-profiles.codeanyapp.com/get-ID/antai/assets/ 		971 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/moyen-tel.980753f2b4b0302466cb.svg
Requested by
Host: groupe-profiles.codeanyapp.com
URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/styles.743d51bbe3793bb36c60.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
dc05212122fca7f6b0ff3937b9e14885d69a5c8b42dbbe347d2ad52b0b5e4c6d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/styles.743d51bbe3793bb36c60.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:26:25 GMT
last-modified
Tue, 02 Jul 2024 02:16:01 GMT
server
openresty
accept-ranges
bytes
etag
"3cb-61c3a4b87f289"
content-length
971
content-type
image/svg+xml
truncated
/ 		312 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb329aaa1cb453b411a5da821dab1a6fb3c31bdc236f3fc51828436c8080e9e3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.html
groupe-profiles.codeanyapp.com/get-ID/antai/ 		320 B
409 B 		Other
General
Check archive.org
Download Go to
Full URL
https://groupe-profiles.codeanyapp.com/get-ID/antai/favicon.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
765e4b5f908267136549175e38a71ba10c5536bc139a2b2b27c1e6368ec6bffc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:26:25 GMT
server
openresty
content-length
320
content-type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: FR Government (Government)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| checkValue function| date_reformat_dd

1 Cookies

Domain/Path Name / Value
groupe-profiles.codeanyapp.com/ Name: PHPSESSID
Value: 974p6fc9cnr0l636hfg0e2i4db

13 Console Messages

Source Level URL
Text
other warning URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Message:
Failed to decode downloaded font: https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/fonts/open-sans/open-sans-regular.html
other warning URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Message:
OTS parsing error: invalid sfntVersion: 1008813135
other warning URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Message:
Failed to decode downloaded font: https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/fonts/open-sans/open-sans-bold.html
other warning URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Message:
OTS parsing error: invalid sfntVersion: 1008813135
network error URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/runtime-es2017.cf3238a554b19a10cb82.html
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/main-es2017.3f346dd5d8d0c431d6e2.html
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://groupe-profiles.codeanyapp.com/kit.fontawesome.com/45c4af5118.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/polyfills-es2017.533ebfade82697eddcf6.html
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Message:
Failed to decode downloaded font: https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/fonts/open-sans/open-sans-regular.html
other warning URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Message:
OTS parsing error: invalid sfntVersion: 1008813135
other warning URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Message:
Failed to decode downloaded font: https://groupe-profiles.codeanyapp.com/get-ID/antai/assets/fonts/open-sans/open-sans-bold.html
other warning URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/connexion.php
Message:
OTS parsing error: invalid sfntVersion: 1008813135
network error URL: https://groupe-profiles.codeanyapp.com/get-ID/antai/favicon.html
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests