cz47559.tw1.ru Open in urlscan Pro
2a03:6f00:6:1::b972:f7e8  Malicious Activity! Public Scan

URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Submission: On May 08 via automatic, source phishtank — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 20 HTTP transactions. The main IP is 2a03:6f00:6:1::b972:f7e8, located in Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is cz47559.tw1.ru.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on January 11th 2024. Valid for: a year.
This is the only time cz47559.tw1.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banque Postale (Banking)

Domain & IP information

IP Address AS Autonomous System
18 2a03:6f00:6:1... 9123 (TIMEWEB-AS)
20 2
Apex Domain
Subdomains
Transfer
18 tw1.ru
cz47559.tw1.ru
58 KB
0 labanquepostale.fr Failed
transverse.labanquepostale.fr Failed
20 2
Domain Requested by
18 cz47559.tw1.ru cz47559.tw1.ru
0 transverse.labanquepostale.fr Failed cz47559.tw1.ru
20 2

This site contains no links.

Subject Issuer Validity Valid
*.tw1.ru
GlobalSign GCC R3 DV TLS CA 2020
2024-01-11 -
2025-02-11
a year crt.sh

This page contains 1 frames:

Primary Page: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Frame ID: D01A1A4D89D910C653135547595466BE
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Identification - La Banque Postale

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

90 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

58 kB
Transfer

138 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request loginform3ad6.php
cz47559.tw1.ru/particulier/
8 KB
2 KB
Document
General
Full URL
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
aa91dcc4401777babcb006bb0fe2251fc9bbef4da196e1b55dd7874109c0ec75

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 May 2024 00:31:12 GMT
server
nginx/1.24.0
vary
Accept-Encoding
cvs_all.css
cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/css/cvs_all.css
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
caf97e8b9d3e9d958538bf52868c1639c2dd70f52ed9f32d9dc9f9bb87f96b30

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 06:25:37 GMT
server
nginx/1.24.0
etag
W/"663877e1-1a7d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Thu, 08 May 2025 00:31:12 GMT
loader.css
cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/css/
810 B
988 B
Stylesheet
General
Full URL
https://cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/css/loader.css
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3ebf05fee61aec7ad4bcc656d1b40e37b6d4a5388ee63cf078d96199af7138c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
last-modified
Mon, 06 May 2024 06:25:38 GMT
server
nginx/1.24.0
etag
"663877e2-32a"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
810
expires
Thu, 08 May 2025 00:31:12 GMT
cvs_portable.css
cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/css/
1 KB
594 B
Stylesheet
General
Full URL
https://cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/css/cvs_portable.css
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
02883dd10cd1709d5773c4effc89848a2d29426bee60c365c8baa9a9657bc27e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 06:25:36 GMT
server
nginx/1.24.0
etag
W/"663877e0-438"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Thu, 08 May 2025 00:31:12 GMT
rules.js
cz47559.tw1.ru/particulier/
561 B
751 B
Script
General
Full URL
https://cz47559.tw1.ru/particulier/rules.js
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
c9e9f10534273e765961461834fb1282944c2a254691254642bd3fe124fb390d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
last-modified
Mon, 06 May 2024 06:25:27 GMT
server
nginx/1.24.0
etag
"663877d7-231"
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
561
expires
Thu, 08 May 2025 00:31:12 GMT
tranc.png
cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/
494 B
673 B
Image
General
Full URL
https://cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/tranc.png
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
74988285d000f33dad0757df8e3bbf4d31db7da2408368b8e908c04252f6ca3a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
last-modified
Mon, 06 May 2024 06:25:43 GMT
server
nginx/1.24.0
etag
"663877e7-1ee"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
494
expires
Thu, 08 May 2025 00:31:12 GMT
5.png
cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/
1 KB
1 KB
Image
General
Full URL
https://cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/5.png
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
3091e6f5b9c5ee69083c5a8ba66c2fedad3486999fe9453c27935210febf90a6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
last-modified
Mon, 06 May 2024 06:25:44 GMT
server
nginx/1.24.0
etag
"663877e8-49e"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1182
expires
Thu, 08 May 2025 00:31:12 GMT
7.png
cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/
1 KB
1 KB
Image
General
Full URL
https://cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/7.png
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
057064a54ac1ed336ed8f843abcff4ca46f029a66e672a84de60ef05f474ac80

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
last-modified
Mon, 06 May 2024 06:25:43 GMT
server
nginx/1.24.0
etag
"663877e7-446"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1094
expires
Thu, 08 May 2025 00:31:12 GMT
0.png
cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/
1 KB
2 KB
Image
General
Full URL
https://cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/0.png
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e7b45a69007e01a040ab454d322323af7451cb90c33cb1dffa3895e41c04c274

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
last-modified
Mon, 06 May 2024 06:25:45 GMT
server
nginx/1.24.0
etag
"663877e9-59f"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1439
expires
Thu, 08 May 2025 00:31:12 GMT
2.png
cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/
1 KB
1 KB
Image
General
Full URL
https://cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/2.png
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
6b0ca7c31f26738bca7a92cbe07d337f4983f6a622e9282dc099189554f86ae8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
last-modified
Mon, 06 May 2024 06:25:44 GMT
server
nginx/1.24.0
etag
"663877e8-4ec"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1260
expires
Thu, 08 May 2025 00:31:12 GMT
9.png
cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/
1 KB
2 KB
Image
General
Full URL
https://cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/9.png
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
d311a2001ac60f378bb930c00513147f072f1db94d0701e3298d82ee6486f7e2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
last-modified
Mon, 06 May 2024 06:25:42 GMT
server
nginx/1.24.0
etag
"663877e6-5f2"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1522
expires
Thu, 08 May 2025 00:31:12 GMT
1.png
cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/
790 B
970 B
Image
General
Full URL
https://cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/1.png
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
31ee6139cb80e639cbdd0a9a348a50378d724b9f9eeb88b7aa765fc52cec6d74

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
last-modified
Mon, 06 May 2024 06:25:45 GMT
server
nginx/1.24.0
etag
"663877e9-316"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
expires
Thu, 08 May 2025 00:31:12 GMT
3.png
cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/
1 KB
2 KB
Image
General
Full URL
https://cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/3.png
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
14e385767e24fd46944b524844d81ef51ee5f158c39f30ce328650576fef909b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
last-modified
Mon, 06 May 2024 06:25:45 GMT
server
nginx/1.24.0
etag
"663877e9-563"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1379
expires
Thu, 08 May 2025 00:31:12 GMT
6.png
cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/
2 KB
2 KB
Image
General
Full URL
https://cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/6.png
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
3429cde5d5bb36841853012564be5c95d0a43bd011c7be2de2a3e46c47e35512

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
last-modified
Mon, 06 May 2024 06:25:44 GMT
server
nginx/1.24.0
etag
"663877e8-600"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1536
expires
Thu, 08 May 2025 00:31:12 GMT
4.png
cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/
995 B
1 KB
Image
General
Full URL
https://cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/4.png
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
a3290264f1b3d6900a218ccee4022e13f99c7924e85848b14b1f589a90640eeb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
last-modified
Mon, 06 May 2024 06:25:43 GMT
server
nginx/1.24.0
etag
"663877e7-3e3"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
995
expires
Thu, 08 May 2025 00:31:12 GMT
8.png
cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/
2 KB
2 KB
Image
General
Full URL
https://cz47559.tw1.ru/particulier/assets/xo_/09_08_01.000/cvvs/img/8.png
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
25644920b3b2c4939b6526500429c055622e7e1de66ba3c94564f4087266b389

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
last-modified
Mon, 06 May 2024 06:25:42 GMT
server
nginx/1.24.0
etag
"663877e6-631"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1585
expires
Thu, 08 May 2025 00:31:12 GMT
jquery-1.11.1.min.js
cz47559.tw1.ru/particulier/assets/cdn/js/
108 KB
37 KB
Script
General
Full URL
https://cz47559.tw1.ru/particulier/assets/cdn/js/jquery-1.11.1.min.js
Requested by
Host: cz47559.tw1.ru
URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
628b85ea38adb4029144de607437f3ae81792594d408a0864312def765198e78

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 06:25:36 GMT
server
nginx/1.24.0
etag
W/"663877e0-1ae13"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
expires
Thu, 08 May 2025 00:31:12 GMT
cvs_ie.js
transverse.labanquepostale.fr/xo_/09_08_01.000/cvvs/js/
0
0

message.html
transverse.labanquepostale.fr/xo_/messages/
0
0

favicon.ico
cz47559.tw1.ru/
196 B
278 B
Other
General
Full URL
https://cz47559.tw1.ru/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::b972:f7e8 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cz47559.tw1.ru/particulier/loginform3ad6.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 00:31:12 GMT
server
nginx/1.24.0
content-length
196
content-type
text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
transverse.labanquepostale.fr
URL
https://transverse.labanquepostale.fr/xo_/09_08_01.000/cvvs/js/cvs_ie.js
Domain
transverse.labanquepostale.fr
URL
https://transverse.labanquepostale.fr/xo_/messages/message.html?param=0x13212070&v=2&origin=undefined&url_retour=http%3A%2F%2Fvoscomptesenligne.labanquepostale.fr%2Fwsost%2FOstBrokerWeb%2Floginform%3FTAM_OP%3Dlogin%26ERROR_CODE%3D0x00000000%26URL%3D%2Fvoscomptes%2FcanalXHTML%2Fidentif.ea%3Forigin%3Dparticuliers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banque Postale (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| vide1 function| addCode string| OST_origin string| OST_flash string| OST_audio5 string| OST_audioOgg string| OST_action string| PATH_STATIQUE string| IMG_ALL function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
.labanquepostale.fr/ Name: lbp_csid
Value: imWwE6gbbmYNvJ6cXjIfXNQ7N2jSHClDtRS1Cm1AX7U=

3 Console Messages

Source Level URL
Text
other warning URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
recommendation warning URL: https://cz47559.tw1.ru/particulier/loginform3ad6.php
Message:
[DOM] Found 3 elements with non-unique id #val_cel_0: (More info: https://goo.gl/9p2vKq) %o %o %o
network error URL: https://cz47559.tw1.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()