app.carrefour.es.dairyfreedips.com
Open in
urlscan Pro
198.251.81.49
Malicious Activity!
Public Scan
Effective URL: https://app.carrefour.es.dairyfreedips.com/zona/portal/dokhol.php?verification
Submission: On April 19 via manual from ES — Scanned from ES
Summary
TLS certificate: Issued by R3 on April 15th 2024. Valid for: 3 months.
This is the only time app.carrefour.es.dairyfreedips.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Carrefour (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 103.120.176.21 103.120.176.21 | 141004 (QTIME-AS-...) (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED) | |
2 14 | 198.251.81.49 198.251.81.49 | 53667 (PONYNET) (PONYNET) | |
3 | 104.16.89.20 104.16.89.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 151.101.130.137 151.101.130.137 | 54113 (FASTLY) (FASTLY) | |
2 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 4 |
ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN)
PTR: windows21.hostingraja.org
strmasala.com |
ASN53667 (PONYNET, US)
PTR: d2mail49.my-control-panel.com
app.carrefour.es.dairyfreedips.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
dairyfreedips.com
2 redirects
app.carrefour.es.dairyfreedips.com |
793 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320 |
75 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231 |
166 KB |
2 |
strmasala.com
2 redirects
strmasala.com |
489 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 767 |
30 KB |
18 | 5 |
Domain | Requested by | |
---|---|---|
14 | app.carrefour.es.dairyfreedips.com |
2 redirects
app.carrefour.es.dairyfreedips.com
|
3 | cdn.jsdelivr.net |
app.carrefour.es.dairyfreedips.com
|
2 | cdnjs.cloudflare.com |
app.carrefour.es.dairyfreedips.com
cdnjs.cloudflare.com |
2 | strmasala.com | 2 redirects |
1 | code.jquery.com |
app.carrefour.es.dairyfreedips.com
|
18 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
dairyfreedips.com R3 |
2024-04-15 - 2024-07-14 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://app.carrefour.es.dairyfreedips.com/zona/portal/dokhol.php?verification
Frame ID: 6E92581F46FF09E08FAAC19584FF7C47
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Carrefour PASS- Acceso Zona Clientes✔️Page URL History Show full URLs
-
https://strmasala.com/scss?data=JkM2-6qcW6N1vHY6lZ3pxW3gGWsM7TfSSNW7J7D8x2tY07HW5mSGrv6XDbkdW8n3Kb...
HTTP 301
https://strmasala.com/scss/?data=JkM2-6qcW6N1vHY6lZ3pxW3gGWsM7TfSSNW7J7D8x2tY07HW5mSGrv6XDbkdW8n3K... HTTP 302
https://app.carrefour.es.dairyfreedips.com/zona?pwd=home HTTP 301
https://app.carrefour.es.dairyfreedips.com/zona/?pwd=home HTTP 302
https://app.carrefour.es.dairyfreedips.com/zona/portal/dokhol.php?verification Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://strmasala.com/scss?data=JkM2-6qcW6N1vHY6lZ3pxW3gGWsM7TfSSNW7J7D8x2tY07HW5mSGrv6XDbkdW8n3Kbp8_Q5mhW6ZxX258Wn_hbW1M9nCb7TtkPdW3jd8ZN11KcK0W7kxfd28n_0X3W3lyw7b76-JKYW96GFV14VhyPPW4BjtxL1GBygMVbGWB47SFsTZW8Xt3F05XPXVSW4BtKmQ6xVW3_W6sg_M745N8YfW35b2Pz2XhZHmVyThZy3vmvR4W5c59Cv6YMQtgW7hCVVl3CyjDzW9dhhZz2j10gpV3nTJZ7bmX-pW6CD56q3-tBDpf727Sgj04
HTTP 301
https://strmasala.com/scss/?data=JkM2-6qcW6N1vHY6lZ3pxW3gGWsM7TfSSNW7J7D8x2tY07HW5mSGrv6XDbkdW8n3Kbp8_Q5mhW6ZxX258Wn_hbW1M9nCb7TtkPdW3jd8ZN11KcK0W7kxfd28n_0X3W3lyw7b76-JKYW96GFV14VhyPPW4BjtxL1GBygMVbGWB47SFsTZW8Xt3F05XPXVSW4BtKmQ6xVW3_W6sg_M745N8YfW35b2Pz2XhZHmVyThZy3vmvR4W5c59Cv6YMQtgW7hCVVl3CyjDzW9dhhZz2j10gpV3nTJZ7bmX-pW6CD56q3-tBDpf727Sgj04 HTTP 302
https://app.carrefour.es.dairyfreedips.com/zona?pwd=home HTTP 301
https://app.carrefour.es.dairyfreedips.com/zona/?pwd=home HTTP 302
https://app.carrefour.es.dairyfreedips.com/zona/portal/dokhol.php?verification Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
dokhol.php
app.carrefour.es.dairyfreedips.com/zona/portal/ Redirect Chain
|
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ |
227 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
app.carrefour.es.dairyfreedips.com/zona/portal/layout/css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ |
100 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.svg
app.carrefour.es.dairyfreedips.com/zona/portal/layout/img/ |
15 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lakart.webp
app.carrefour.es.dairyfreedips.com/zona/portal/layout/img/ |
10 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
warning.png
app.carrefour.es.dairyfreedips.com/zona/portal/layout/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ |
59 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ |
79 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.js
app.carrefour.es.dairyfreedips.com/zona/portal/layout/js/ |
127 B 199 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
desktop.png
app.carrefour.es.dairyfreedips.com/zona/portal/layout/img/ |
379 KB 379 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Ubuntu-Bold.ttf
app.carrefour.es.dairyfreedips.com/zona/portal/layout/fonts/ |
264 KB 117 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OpenSans-Regular.ttf
app.carrefour.es.dairyfreedips.com/zona/portal/layout/fonts/ |
128 KB 73 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ |
147 KB 147 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Ubuntu-Medium.ttf
app.carrefour.es.dairyfreedips.com/zona/portal/layout/fonts/ |
278 KB 124 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OpenSans-Bold.ttf
app.carrefour.es.dairyfreedips.com/zona/portal/layout/fonts/ |
128 KB 71 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
app.carrefour.es.dairyfreedips.com/zona/portal/layout/img/ |
4 KB 854 B |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Carrefour (Financial)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| elem function| appendPlacecholder object| elem1 function| appendPlaceholder number| uidEvent object| bootstrap function| validatesms1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
app.carrefour.es.dairyfreedips.com/ | Name: PHPSESSID Value: kcidkd6uv8k1saetsu5kt4mfo6 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.carrefour.es.dairyfreedips.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
strmasala.com
103.120.176.21
104.16.89.20
104.17.24.14
151.101.130.137
198.251.81.49
0d685f51c3bc394f02c8c218565ba423972cfb35c2542871e0a4ac0c3a0c16a6
19f5a73bfe675fff93b78311d91c22c7e3dac43e8ef1ec972bf4108868bf8d2a
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
3a4667ec404b5d4824f88baf71b47527e6cc9d88eda999697990910cab4dae45
572c281577b8bdd3e038fc7932c67b41b614fb9a77b41611b881785e8db68b9c
60c6bec0033a424572cfdf7da1d5fb94f4719286006a7f2cb9e76ee24d99babf
6530480277da62efde047eb26e78a7e532d1cfaeec91603e68d63876b9669f0d
6dbcce3fdd846f3aebc7e1890b5ccca234806cbd84763785f7ced043a99e8268
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
804c40b2d0b936488b0010625c9adf70024a09be3412f5544fc1c3a13881474e
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
92e571b612e668e75081a1417d210e3abb4edae8d7025b29ad904089536ae26f
9f69e9f23b6f537c0268b29ba433bf04feb6180988e9c184377fd3a4154b10d2
b4fe62639dceb1ab793412f119b3221fc0a07d12a240be01460cac084c24a1db
bc73c45e5810a0971ebeaef4eb6c35dec84607dbe02da6757f9f43d958b6da5f
fb8177ef6d51eeed2b036af06f95e97db80acbfd442d0de4d37556fad56dfeb6
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e