banque-socrams-assures.isa-geek.com Open in urlscan Pro
139.64.245.67 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/FHlExnh0MG
Effective URL:
https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9bc87ea0aa3c6c28166ee2...
Submission: On December 01 via automatic, source phishtank (December 1st 2024, 9:35:59 am UTC) — Scanned from DE

Summary HTTP 19 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 139.64.245.67, located in Canada and belongs to DATACITY, CA. The main domain is banque-socrams-assures.isa-geek.com.
TLS certificate: Issued by R10 on November 28th 2024. Valid for: 3 months.

This is the only time banque-socrams-assures.isa-geek.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: FR Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	139.64.245.67 139.64.245.67	31798 (DATACITY) (DATACITY)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	5

1 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 139.64.245.67 (Canada)

ASN31798 (DATACITY, CA)
PTR: c999963756-cloudpro-398857749.cloudatcost.com

banque-socrams-assures.isa-geek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	isa-geek.com banque-socrams-assures.isa-geek.com	115 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	35 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255	14 KB
1	t.co t.co — Cisco Umbrella Rank: 904	894 B
19	4

	Domain	Requested by
15	banque-socrams-assures.isa-geek.com	t.co banque-socrams-assures.isa-geek.com
2	cdnjs.cloudflare.com	banque-socrams-assures.isa-geek.com
1	maxcdn.bootstrapcdn.com	banque-socrams-assures.isa-geek.com
1	t.co
19	4

This site contains links to these domains. Also see Links.

Domain
www.antai.gouv.fr
stationnement.gouv.fr
www.service-public.fr
www.legifrance.gouv.fr

Subject Issuer	Validity	Valid
t.co E6	`2024-11-26` - `2025-02-24`	3 months	crt.sh
banque-socrams-assures.isa-geek.com R10	`2024-11-28` - `2025-02-26`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9bc87ea0aa3c6c28166ee273b3d83cee32b298fe
Frame ID: 418DD9DBD6AD392B82C767D8E68488AC
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Site officiel unique de télépaiement | Amendes.gouv.fr

Page URL History Show full URLs

https://t.co/FHlExnh0MG Page URL
https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9b... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

165 kB
Transfer

444 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.antai.gouv.fr/
Title: ANTAI : Agence nationale de traitement automatisé des infractions

Search URL Search Domain Scan URL

URL: https://stationnement.gouv.fr/
Title: Forfait post-stationnement

Search URL Search Domain Scan URL

URL: https://www.service-public.fr/
Title: Service-public.fr

Search URL Search Domain Scan URL

URL: https://www.legifrance.gouv.fr/
Title: Legifrance.gouv.fr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/FHlExnh0MG Page URL
https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9bc87ea0aa3c6c28166ee273b3d83cee32b298fe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 FHlExnh0MG Show response
t.co/ 630 B
894 B 153ms
134ms Document
text/html 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/FHlExnh0MG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_o /

Resource Hash

e0bd62ecf96b73cd80adc3c0308c6b405293986f25780a2fcb2533f2e19424bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private,max-age=300
cf-cache-status: DYNAMIC
cf-ray: 8eb216faed74dca8-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 01 Dec 2024 09:35:54 GMT
expires: Sun, 01 Dec 2024 09:40:54 GMT
perf: 7402827104
server: cloudflare tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: b6e7b93600f73d9d26ba2c67a710d50a881e5683f9e2765afba6efd5d8c9838c
x-response-time: 110
x-transaction-id: 25fd4eefc533826c
x-xss-protection: 0

GET
H2 200 Primary Request billing.php Show response
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/ 194 KB
38 KB 494ms
267ms Document
text/html 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9bc87ea0aa3c6c28166ee273b3d83cee32b298fe

Requested by

Host: t.co
URL: https://t.co/FHlExnh0MG

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx / PHP/8.3.14 PleskLin

Resource Hash

2cbfac10888dda64489943a931593e8c19ca24264bb1c298f18efea9ec4f5834

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 38422
content-type: text/html; charset=UTF-8
date: Sun, 01 Dec 2024 09:35:54 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-powered-by: PHP/8.3.14 PleskLin

GET
H2 404 open-sans-regular.woff2
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/fonts/open-sans/ 0
0 207ms
207ms Font
text/html 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/fonts/open-sans/open-sans-regular.woff2

Requested by

Host: banque-socrams-assures.isa-geek.com
URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9bc87ea0aa3c6c28166ee273b3d83cee32b298fe

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://banque-socrams-assures.isa-geek.com
Referer: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9bc87ea0aa3c6c28166ee273b3d83cee32b298fe

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
date: Sun, 01 Dec 2024 09:35:54 GMT
etag: W/"328-627fbdd7c7a15"
content-type: text/html
last-modified: Thu, 28 Nov 2024 16:49:26 GMT
server: nginx

GET
H2 404 open-sans-bold.woff2
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/fonts/open-sans/ 0
0 207ms
206ms Font
text/html 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/fonts/open-sans/open-sans-bold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://banque-socrams-assures.isa-geek.com
Referer: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9bc87ea0aa3c6c28166ee273b3d83cee32b298fe

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
date: Sun, 01 Dec 2024 09:35:54 GMT
etag: W/"328-627fbdd7c7a15"
content-type: text/html
last-modified: Thu, 28 Nov 2024 16:49:26 GMT
server: nginx

GET
H2 200 styles.743d51bbe3793bb36c60.css
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ 17 KB
5 KB 207ms
207ms Stylesheet
text/css 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx / PleskLin

Resource Hash

413a62a0485dd260416f82190779c18141b1c82cd404471b1545cd1f1ef4bee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9bc87ea0aa3c6c28166ee273b3d83cee32b298fe

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
etag: W/"650e5478-4583"
date: Sun, 01 Dec 2024 09:35:54 GMT
content-type: text/css
last-modified: Sat, 23 Sep 2023 02:59:04 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 logo-amendes-gouv.svg
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/img/ 23 KB
23 KB 139ms
139ms Image
image/svg+xml 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/img/logo-amendes-gouv.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx / PleskLin

Resource Hash

5932743bf769427d05289e72fb2bdb7cd1a5bc46f01248be159eb820fe27271d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9bc87ea0aa3c6c28166ee273b3d83cee32b298fe

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
etag: "650e544a-5cbd"
accept-ranges: bytes
content-length: 23741
date: Sun, 01 Dec 2024 09:35:54 GMT
content-type: image/svg+xml
last-modified: Sat, 23 Sep 2023 02:58:18 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 404 45c4af5118.js.t%C3%A9l%C3%A9chargement
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/Site%20officiel%20unique%20de%20t%C3%A9l%C3%A9paiement%20_%20Amendes.gouv.fr_files/ 0
0 134ms
133ms Script
text/html 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/Site%20officiel%20unique%20de%20t%C3%A9l%C3%A9paiement%20_%20Amendes.gouv.fr_files/45c4af5118.js.t%C3%A9l%C3%A9chargement

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://banque-socrams-assures.isa-geek.com
Referer: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9bc87ea0aa3c6c28166ee273b3d83cee32b298fe

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
date: Sun, 01 Dec 2024 09:35:54 GMT
etag: W/"328-627fbdd7c7a15"
content-type: text/html
last-modified: Thu, 28 Nov 2024 16:49:26 GMT
server: nginx

GET
H2 404 runtime-es2017.cf3238a554b19a10cb82.js
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/ 0
0 141ms
139ms Script
text/html 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/runtime-es2017.cf3238a554b19a10cb82.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://banque-socrams-assures.isa-geek.com
Referer: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9bc87ea0aa3c6c28166ee273b3d83cee32b298fe

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
date: Sun, 01 Dec 2024 09:35:54 GMT
etag: W/"328-627fbdd7c7a15"
content-type: text/html
last-modified: Thu, 28 Nov 2024 16:49:26 GMT
server: nginx

GET
H2 404 polyfills-es2017.533ebfade82697eddcf6.js
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/ 0
0 134ms
132ms Script
text/html 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/polyfills-es2017.533ebfade82697eddcf6.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://banque-socrams-assures.isa-geek.com
Referer: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9bc87ea0aa3c6c28166ee273b3d83cee32b298fe

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
date: Sun, 01 Dec 2024 09:35:54 GMT
etag: W/"328-627fbdd7c7a15"
content-type: text/html
last-modified: Thu, 28 Nov 2024 16:49:26 GMT
server: nginx

GET
H2 404 main-es2017.3f346dd5d8d0c431d6e2.js
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/ 0
0 138ms
136ms Script
text/html 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/main-es2017.3f346dd5d8d0c431d6e2.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://banque-socrams-assures.isa-geek.com
Referer: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9bc87ea0aa3c6c28166ee273b3d83cee32b298fe

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
date: Sun, 01 Dec 2024 09:35:54 GMT
etag: W/"328-627fbdd7c7a15"
content-type: text/html
last-modified: Thu, 28 Nov 2024 16:49:26 GMT
server: nginx

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.6.1/ 89 KB
28 KB 31ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.6.1/jquery.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://banque-socrams-assures.isa-geek.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec4-164ce"
age: 273018
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FAK%2FhgXpa8Tx6%2BajaNgxayAOEzbncMcWKCdUNZoIZm4Q6NKQlxI9BhJyGrUu42Ob2aApEiP7Vs3ESRG7LhbQX%2F6j1%2FniFSp%2BajGdBvtpTtDEqOcTA0eZJkgHMz%2B0wgshOh1odaiPw%2BUyWW%2FuvpeD5ttN"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 09:35:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 01 Dec 2024 09:35:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:48 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8eb216ffac8a2bcb-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28293
server: cloudflare

GET
H3 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/ 23 KB
7 KB 37ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://banque-socrams-assures.isa-geek.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec2-5a1e"
age: 752407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGAUL2SF6zZKwOUB6POgJQAFgVTx9fWtDXvZriLpVmyZht%2BGSjaJSQzQcQsGBYjmx3kvPOtL8DYGjxRsg9yuVwEkxYEeYcBUZGkAkalzxdFs15rygu7gHaGp%2BPEv7L3JXKgk8GpN7zCajGosiL5vHeyr"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 09:35:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 01 Dec 2024 09:35:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:46 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8eb216ffac8b2bcb-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6638
server: cloudflare

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 39ms
27ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://banque-socrams-assures.isa-geek.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "14d449eb8876fa55e1ef3c2cc52b0c17"
age: 180866
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 01 Dec 2024 09:35:54 GMT
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 11/20/2024 14:11:37
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 22ee951d058bdbb194846a7e3e968d83
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.06
cf-ray: 8eb216ffab028f3c-FRA
access-control-allow-origin: *
cdn-edgestorageid: 1002
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 bg-intro.9630b0c4c57c3d72d3ec.jpg
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ 40 KB
40 KB 118ms
118ms Image
image/jpeg 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/bg-intro.9630b0c4c57c3d72d3ec.jpg

Requested by

Host: banque-socrams-assures.isa-geek.com
URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx / PleskLin

Resource Hash

a1fa2ccd5301b72338e02e3b1955b7c3347a27dcc6617bb1b0fcb1fac7069a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
etag: "650e54d0-9f08"
accept-ranges: bytes
content-length: 40712
date: Sun, 01 Dec 2024 09:35:54 GMT
content-type: image/jpeg
last-modified: Sat, 23 Sep 2023 03:00:32 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 banner.f9855031892baad8a497.svg
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ 6 KB
6 KB 117ms
117ms Image
image/svg+xml 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/banner.f9855031892baad8a497.svg

Requested by

Host: banque-socrams-assures.isa-geek.com
URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx / PleskLin

Resource Hash

7e9f3dfeca57ef07d745b277027de295bab063f6fbab867b10dc6cd519a0a262

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
etag: "650e54a2-1635"
accept-ranges: bytes
content-length: 5685
date: Sun, 01 Dec 2024 09:35:54 GMT
content-type: image/svg+xml
last-modified: Sat, 23 Sep 2023 02:59:46 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 404 lock.d72c3b80536f448a52ed.svg
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ 808 B
808 B 122ms
121ms Image
text/html 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/lock.d72c3b80536f448a52ed.svg

Requested by

Host: banque-socrams-assures.isa-geek.com
URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx /

Resource Hash

b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
date: Sun, 01 Dec 2024 09:35:54 GMT
etag: W/"328-627fbdd7c7a15"
content-type: text/html
last-modified: Thu, 28 Nov 2024 16:49:26 GMT
server: nginx

GET
H2 404 moyen-app.e6b1c8e9e8920b4b6aa6.svg
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ 808 B
808 B 121ms
120ms Image
text/html 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/moyen-app.e6b1c8e9e8920b4b6aa6.svg

Requested by

Host: banque-socrams-assures.isa-geek.com
URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx /

Resource Hash

b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
date: Sun, 01 Dec 2024 09:35:54 GMT
etag: W/"328-627fbdd7c7a15"
content-type: text/html
last-modified: Thu, 28 Nov 2024 16:49:26 GMT
server: nginx

GET
H2 404 moyen-tel.980753f2b4b0302466cb.svg
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ 808 B
808 B 122ms
121ms Image
text/html 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/moyen-tel.980753f2b4b0302466cb.svg

Requested by

Host: banque-socrams-assures.isa-geek.com
URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx /

Resource Hash

b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/styles.743d51bbe3793bb36c60.css

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
date: Sun, 01 Dec 2024 09:35:54 GMT
etag: W/"328-627fbdd7c7a15"
content-type: text/html
last-modified: Thu, 28 Nov 2024 16:49:26 GMT
server: nginx

GET
DATA 200
OK truncated
/ 312 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb329aaa1cb453b411a5da821dab1a6fb3c31bdc236f3fc51828436c8080e9e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 404 favicon.ico
banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/ 808 B
548 B 116ms
116ms Other
text/html 139.64.245.67
DATACITY

General

Check archive.org

Show headers Download Go to

Full URL

https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.64.245.67 , Canada, ASN31798 (DATACITY, CA),

Reverse DNS

c999963756-cloudpro-398857749.cloudatcost.com

Software

nginx /

Resource Hash

b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/billing.php??enc=9bc87ea0aa3c6c28166ee273b3d83cee32b298fe

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
date: Sun, 01 Dec 2024 09:35:54 GMT
etag: W/"328-627fbdd7c7a15"
content-type: text/html
last-modified: Thu, 28 Nov 2024 16:49:26 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: FR Government (Government)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-21 10:54:20	Name: muc Value: e05cffc5-5f7a-4aa4-86fd-ea1143151443
.t.co/	1970-01-21 01:24:07	Name: __cf_bm Value: USVmgg114zuqCCslqB7dgp1UufdhZAj.d4ATSHPpiMw-1733045754-1.0.1.1-sqb5tQR3ilbUUoEN26WC3hh9j9S0bBwDScOCd1cNMWfNSln1pQeQAs2TpjTRpW5nXogOLVHtQbiAKYxzKHOy.g
banque-socrams-assures.isa-geek.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: jqred4n8m780rkrhih5u9bg59s

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/fonts/open-sans/open-sans-regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/fonts/open-sans/open-sans-bold.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/Site%20officiel%20unique%20de%20t%C3%A9l%C3%A9paiement%20_%20Amendes.gouv.fr_files/45c4af5118.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/polyfills-es2017.533ebfade82697eddcf6.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/main-es2017.3f346dd5d8d0c431d6e2.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/runtime-es2017.cf3238a554b19a10cb82.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/moyen-app.e6b1c8e9e8920b4b6aa6.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/moyen-tel.980753f2b4b0302466cb.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/lock.d72c3b80536f448a52ed.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://banque-socrams-assures.isa-geek.com/872fab285cdd172aAmendes.gouv.fre.lectronic.antai.gouv.fr/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banque-socrams-assures.isa-geek.com
cdnjs.cloudflare.com
maxcdn.bootstrapcdn.com
t.co
139.64.245.67
172.66.0.227
2606:4700::6811:180e
2606:4700::6812:bcf
2cbfac10888dda64489943a931593e8c19ca24264bb1c298f18efea9ec4f5834
413a62a0485dd260416f82190779c18141b1c82cd404471b1545cd1f1ef4bee0
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
5932743bf769427d05289e72fb2bdb7cd1a5bc46f01248be159eb820fe27271d
7e9f3dfeca57ef07d745b277027de295bab063f6fbab867b10dc6cd519a0a262
a1fa2ccd5301b72338e02e3b1955b7c3347a27dcc6617bb1b0fcb1fac7069a86
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
cb329aaa1cb453b411a5da821dab1a6fb3c31bdc236f3fc51828436c8080e9e3
e0bd62ecf96b73cd80adc3c0308c6b405293986f25780a2fcb2533f2e19424bd
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

banque-socrams-assures.isa-geek.com Open in urlscan Pro 139.64.245.67 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

165 kBTransfer

444 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

3 Cookies

10 Console Messages

Security Headers

Indicators

banque-socrams-assures.isa-geek.com Open in urlscan Pro
139.64.245.67 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

165 kB
Transfer

444 kB
Size

3
Cookies

19 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!