www.custompeek.com
Open in
urlscan Pro
45.12.52.151
Malicious Activity!
Public Scan
URL:
https://www.custompeek.com/wp-includes/interactivity-api/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/
Submission: On September 23 via automatic, source phishtank — Scanned from SG
Submission: On September 23 via automatic, source phishtank — Scanned from SG
Summary
This website contacted 4 IPs
in 2 countries
across 3 domains to perform 13 HTTP transactions.
The main IP is 45.12.52.151, located in
Singapore and
belongs to ASN-QUADRANET-GLOBAL, US.
The main domain is www.custompeek.com.
TLS certificate: Issued by R11 on September 16th 2024. Valid for: 3 months.
This is the only time www.custompeek.com was scanned on urlscan.io!
TLS certificate: Issued by R11 on September 16th 2024. Valid for: 3 months.
This is the only time www.custompeek.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: FR Government (Government)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 10 | 45.12.52.151 45.12.52.151 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
| 2 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 13 | 4 |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
custompeek.com
www.custompeek.com |
103 KB |
| 2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220 |
35 KB |
| 1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1111 |
15 KB |
| 13 | 3 |
| Domain | Requested by | |
|---|---|---|
| 10 | www.custompeek.com |
www.custompeek.com
|
| 2 | cdnjs.cloudflare.com |
www.custompeek.com
|
| 1 | maxcdn.bootstrapcdn.com |
www.custompeek.com
|
| 13 | 3 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.antai.gouv.fr |
| stationnement.gouv.fr |
| www.service-public.fr |
| www.legifrance.gouv.fr |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.custompeek.com R11 |
2024-09-16 - 2024-12-15 |
3 months | crt.sh |
| cdnjs.cloudflare.com WE1 |
2024-07-31 - 2024-10-29 |
3 months | crt.sh |
| bootstrapcdn.com WE1 |
2024-09-20 - 2024-12-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.custompeek.com/wp-includes/interactivity-api/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/
Frame ID: 2E45BC65C7C71540995F6C2BC7978434
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Site officiel unique de télépaiement | Amendes.gouv.frDetected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://www.antai.gouv.fr/
Title: ANTAI : Agence nationale de traitement automatisé des infractions
Title: ANTAI : Agence nationale de traitement automatisé des infractions
Search URL Search Domain Scan URL
URL: https://stationnement.gouv.fr/
Title: Forfait post-stationnement
Title: Forfait post-stationnement
Search URL Search Domain Scan URL
URL: https://www.service-public.fr/
Title: Service-public.fr
Title: Service-public.fr
Search URL Search Domain Scan URL
URL: https://www.legifrance.gouv.fr/
Title: Legifrance.gouv.fr
Title: Legifrance.gouv.fr
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.custompeek.com/wp-includes/interactivity-api/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/ |
192 KB 43 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.743d51bbe3793bb36c60.css
www.custompeek.com/wp-includes/interactivity-api/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ |
17 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-amendes-gouv.svg
www.custompeek.com/wp-includes/interactivity-api/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/img/ |
23 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
45c4af5118.js
www.custompeek.com/wp-includes/interactivity-api/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.6.1/ |
89 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ |
48 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bg-intro.9630b0c4c57c3d72d3ec.jpg
www.custompeek.com/wp-includes/interactivity-api/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ |
40 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
banner.f9855031892baad8a497.svg
www.custompeek.com/wp-includes/interactivity-api/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lock.d72c3b80536f448a52ed.svg
www.custompeek.com/wp-includes/interactivity-api/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ |
548 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
moyen-app.e6b1c8e9e8920b4b6aa6.svg
www.custompeek.com/wp-includes/interactivity-api/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ |
548 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
moyen-tel.980753f2b4b0302466cb.svg
www.custompeek.com/wp-includes/interactivity-api/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/css/ |
548 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
312 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
www.custompeek.com/wp-includes/interactivity-api/contraventions.Amendes.gouv.fre.lectronic.antai.gouv.fr/assets/img/ |
2 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: FR Government (Government)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| checkValue function| date_reformat_dd function| $ function| jQuery object| bootstrap0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
maxcdn.bootstrapcdn.com
www.custompeek.com
2606:4700::6811:180e
2606:4700::6812:bcf
45.12.52.151
413a62a0485dd260416f82190779c18141b1c82cd404471b1545cd1f1ef4bee0
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
5932743bf769427d05289e72fb2bdb7cd1a5bc46f01248be159eb820fe27271d
7e9f3dfeca57ef07d745b277027de295bab063f6fbab867b10dc6cd519a0a262
a1fa2ccd5301b72338e02e3b1955b7c3347a27dcc6617bb1b0fcb1fac7069a86
af6f33f0b0e1a14dbdf91cc76461d35f3859e06578b3c6698b7a8c466e1b8477
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
cb329aaa1cb453b411a5da821dab1a6fb3c31bdc236f3fc51828436c8080e9e3
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
dd57f113a2eaa7ba3e6b1c507d22910ecd42437f9fef9577cfb8f4719cde59aa
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b