gouv-services.com Open in urlscan Pro
91.208.197.216 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gouv-services.com/
Effective URL:
https://gouv-services.com/home/
Submission: On October 14 via automatic, source certstream-suspicious (October 14th 2023, 9:54:25 pm UTC) — Scanned from DE

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 91.208.197.216, located in Moldova and belongs to ALEXHOST, MD. The main domain is gouv-services.com.
TLS certificate: Issued by R3 on October 14th 2023. Valid for: 3 months.

This is the only time gouv-services.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: FR Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 14	91.208.197.216 91.208.197.216	200019 (ALEXHOST) (ALEXHOST)
3	90.102.115.80 90.102.115.80	3215 (France Te...) (France Telecom - Orange)
16	3

14 91.208.197.216 (Moldova) 1 redirects

ASN200019 (ALEXHOST, MD)
PTR: azerty.rty

gouv-services.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 90.102.115.80 (Rennes, France)

ASN3215 (France Telecom - Orange, FR)

www.amendes.gouv.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	gouv-services.com 1 redirects gouv-services.com	121 KB
3	amendes.gouv.fr www.amendes.gouv.fr	46 KB
16	2

	Domain	Requested by
14	gouv-services.com	1 redirects gouv-services.com
3	www.amendes.gouv.fr	gouv-services.com
16	2

This site contains links to these domains. Also see Links.

Domain
www.amendes.gouv.fr

Subject Issuer	Validity	Valid
gouv-services.com R3	`2023-10-14` - `2024-01-12`	3 months	crt.sh
www.amendes.gouv.fr Certigna Services CA	`2022-11-21` - `2023-11-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gouv-services.com/home/
Frame ID: 7039AEDD19909B97C9D6A917C5B7E7AE
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Site officiel unique de télépaiement | Amendes.gouv.fr

Page URL History Show full URLs

https://gouv-services.com/ HTTP 302
https://gouv-services.com/home/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

167 kB
Transfer

319 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amendes.gouv.fr/tai

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gouv-services.com/ HTTP 302
https://gouv-services.com/home/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response gouv-services.com/home/ Redirect Chain https://gouv-services.com/ https://gouv-services.com/home/	630 B 517 B	74ms 73ms	Document text/html	91.208.197.216 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://gouv-services.com/home/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.208.197.216 , Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS azerty.rty Software nginx / PHP/8.0.30 PleskLin Resource Hash `6bba80da447274240c4f644dd9852a6a42567e86b2a817d90bf36a880b015570` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 370 content-type text/html; charset=UTF-8 date Sat, 14 Oct 2023 21:54:20 GMT server nginx vary Accept-Encoding x-powered-by PHP/8.0.30 PleskLin Redirect headers cache-control no-store, no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Sat, 14 Oct 2023 21:54:20 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location /home/ pragma no-cache server nginx x-powered-by PHP/8.0.30 PleskLin
GET H2	200	1.css gouv-services.com/home/assets/	62 KB 10 KB	221ms 220ms	Stylesheet text/css	91.208.197.216 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://gouv-services.com/home/assets/1.css Requested by Host: gouv-services.com URL: https://gouv-services.com/home/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.208.197.216 , Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS azerty.rty Software nginx / PleskLin Resource Hash `af1bdebbb9dc5b5b22d6d0ab6c1b0307e4939df2220ff356fc57fc4749e603c6` Request headers accept-language de-DE,de;q=0.9 Referer https://gouv-services.com/home/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 21:54:20 GMT content-encoding br last-modified Thu, 17 Aug 2023 13:16:38 GMT server nginx etag W/"64de1db6-f8f7" x-powered-by PleskLin content-type text/css
GET H2	200	jquery-3.5.1.min.js Show response gouv-services.com/home/assets/	87 KB 30 KB	159ms 158ms	Script application/javascript	91.208.197.216 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://gouv-services.com/home/assets/jquery-3.5.1.min.js Requested by Host: gouv-services.com URL: https://gouv-services.com/home/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.208.197.216 , Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS azerty.rty Software nginx / PleskLin Resource Hash `f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d` Request headers accept-language de-DE,de;q=0.9 Referer https://gouv-services.com/home/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 21:54:20 GMT content-encoding br last-modified Wed, 15 Mar 2023 22:31:46 GMT server nginx etag W/"64124752-15d84" x-powered-by PleskLin content-type application/javascript
GET H2	200	jquery.mask.js Show response gouv-services.com/home/assets/	23 KB 6 KB	221ms 221ms	Script application/javascript	91.208.197.216 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://gouv-services.com/home/assets/jquery.mask.js Requested by Host: gouv-services.com URL: https://gouv-services.com/home/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.208.197.216 , Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS azerty.rty Software nginx / PleskLin Resource Hash `a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8` Request headers accept-language de-DE,de;q=0.9 Referer https://gouv-services.com/home/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 21:54:20 GMT content-encoding br last-modified Wed, 15 Mar 2023 22:31:46 GMT server nginx etag W/"64124752-5a88" x-powered-by PleskLin content-type application/javascript
GET H2	200	hexeris.js Show response gouv-services.com/home/assets/	8 KB 2 KB	222ms 221ms	Script application/javascript	91.208.197.216 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://gouv-services.com/home/assets/hexeris.js Requested by Host: gouv-services.com URL: https://gouv-services.com/home/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.208.197.216 , Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS azerty.rty Software nginx / PleskLin Resource Hash `086d8398653d689548be253a76e62200bb642ad9227f8ada6c30ce0ef9bb0849` Request headers accept-language de-DE,de;q=0.9 Referer https://gouv-services.com/home/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 21:54:20 GMT content-encoding br last-modified Thu, 17 Aug 2023 13:34:00 GMT server nginx etag W/"64de21c8-2029" x-powered-by PleskLin content-type application/javascript
GET H2	200	1.php Show response gouv-services.com/home/src/	5 KB 2 KB	314ms 312ms	XHR text/html	91.208.197.216 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://gouv-services.com/home/src/1.php Requested by Host: gouv-services.com URL: https://gouv-services.com/home/assets/hexeris.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.208.197.216 , Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS azerty.rty Software nginx / PHP/8.0.30, PleskLin Resource Hash `f9a7c749fe0220bb53df6ea3eb54789d840d58725376d35be0864d21c10e6efb` Request headers accept-language de-DE,de;q=0.9 Referer https://gouv-services.com/home/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 21:54:21 GMT content-encoding gzip server nginx x-powered-by PHP/8.0.30, PleskLin vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate content-length 1682 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	2.php Show response gouv-services.com/home/src/	6 KB 2 KB	312ms 310ms	XHR text/html	91.208.197.216 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://gouv-services.com/home/src/2.php Requested by Host: gouv-services.com URL: https://gouv-services.com/home/assets/hexeris.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.208.197.216 , Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS azerty.rty Software nginx / PHP/8.0.30, PleskLin Resource Hash `0fe67cd545f7655fd445b177b8e946bc6ef450259bd389f66f5aed264545d944` Request headers accept-language de-DE,de;q=0.9 Referer https://gouv-services.com/home/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 21:54:21 GMT content-encoding gzip server nginx x-powered-by PHP/8.0.30, PleskLin vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate content-length 1682 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	3.php Show response gouv-services.com/home/src/	6 KB 2 KB	307ms 306ms	XHR text/html	91.208.197.216 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://gouv-services.com/home/src/3.php Requested by Host: gouv-services.com URL: https://gouv-services.com/home/assets/hexeris.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.208.197.216 , Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS azerty.rty Software nginx / PHP/8.0.30, PleskLin Resource Hash `0b63a3bfb0ac81e995f9df6385fa9211b229272329bf410824fe037fe9b5417c` Request headers accept-language de-DE,de;q=0.9 Referer https://gouv-services.com/home/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 21:54:21 GMT content-encoding gzip server nginx x-powered-by PHP/8.0.30, PleskLin vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate content-length 1686 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	4.php Show response gouv-services.com/home/src/	5 KB 2 KB	304ms 303ms	XHR text/html	91.208.197.216 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://gouv-services.com/home/src/4.php Requested by Host: gouv-services.com URL: https://gouv-services.com/home/assets/hexeris.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.208.197.216 , Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS azerty.rty Software nginx / PHP/8.0.30, PleskLin Resource Hash `1863a579c163e3d070077d2edf371d3d51c586df4e20f0f236f5f8a99b9586ee` Request headers accept-language de-DE,de;q=0.9 Referer https://gouv-services.com/home/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 21:54:21 GMT content-encoding gzip server nginx x-powered-by PHP/8.0.30, PleskLin vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate content-length 1640 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	5.php Show response gouv-services.com/home/src/	5 KB 2 KB	308ms 307ms	XHR text/html	91.208.197.216 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://gouv-services.com/home/src/5.php Requested by Host: gouv-services.com URL: https://gouv-services.com/home/assets/hexeris.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.208.197.216 , Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS azerty.rty Software nginx / PHP/8.0.30, PleskLin Resource Hash `9ce1731db9a025f5508db540c0f9802d876e090da07317bfa0e42981b4dc8ed0` Request headers accept-language de-DE,de;q=0.9 Referer https://gouv-services.com/home/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 21:54:21 GMT content-encoding gzip server nginx x-powered-by PHP/8.0.30, PleskLin vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate content-length 1596 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	load.php Show response gouv-services.com/home/src/	573 B 559 B	310ms 309ms	XHR text/html	91.208.197.216 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://gouv-services.com/home/src/load.php Requested by Host: gouv-services.com URL: https://gouv-services.com/home/assets/hexeris.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.208.197.216 , Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS azerty.rty Software nginx / PHP/8.0.30, PleskLin Resource Hash `fa690c13ae3030f8f045318993b667d75e4b7e36719e0eec9435ff50db58d5c5` Request headers accept-language de-DE,de;q=0.9 Referer https://gouv-services.com/home/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 21:54:21 GMT content-encoding gzip server nginx x-powered-by PHP/8.0.30, PleskLin vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate content-length 331 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	logo-amendes-gouv.svg gouv-services.com/home/assets/	23 KB 23 KB	74ms 74ms	Image image/svg+xml	91.208.197.216 ALEXHOST
General Check archive.org Show headers Download Go to Show image Full URL https://gouv-services.com/home/assets/logo-amendes-gouv.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.208.197.216 , Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS azerty.rty Software nginx / PleskLin Resource Hash `5932743bf769427d05289e72fb2bdb7cd1a5bc46f01248be159eb820fe27271d` Request headers accept-language de-DE,de;q=0.9 Referer https://gouv-services.com/home/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 21:54:21 GMT last-modified Mon, 24 Apr 2023 01:00:40 GMT server nginx etag "6445d4b8-5cbd" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 23741
GET H2	200	bg-intro.9630b0c4c57c3d72d3ec.jpg www.amendes.gouv.fr/	40 KB 40 KB	195ms 44ms	Image image/jpeg	90.102.115.80 Orange
General Check archive.org Show headers Download Go to Show image Full URL https://www.amendes.gouv.fr/bg-intro.9630b0c4c57c3d72d3ec.jpg Requested by Host: gouv-services.com URL: https://gouv-services.com/home/assets/1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 90.102.115.80 Rennes, France, ASN3215 (France Telecom - Orange, FR), Reverse DNS Software nginx / Resource Hash `a1fa2ccd5301b72338e02e3b1955b7c3347a27dcc6617bb1b0fcb1fac7069a86` Request headers accept-language de-DE,de;q=0.9 Referer https://gouv-services.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 21:54:21 GMT last-modified Thu, 27 Apr 2023 14:57:32 GMT server nginx etag "644a8d5c-9f08" content-type image/jpeg cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 accept-ranges bytes content-length 40712
GET H2	200	banner.f9855031892baad8a497.svg www.amendes.gouv.fr/	6 KB 6 KB	217ms 67ms	Image image/svg+xml	90.102.115.80 Orange
General Check archive.org Show headers Download Go to Show image Full URL https://www.amendes.gouv.fr/banner.f9855031892baad8a497.svg Requested by Host: gouv-services.com URL: https://gouv-services.com/home/assets/1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 90.102.115.80 Rennes, France, ASN3215 (France Telecom - Orange, FR), Reverse DNS Software nginx / Resource Hash `7e9f3dfeca57ef07d745b277027de295bab063f6fbab867b10dc6cd519a0a262` Request headers accept-language de-DE,de;q=0.9 Referer https://gouv-services.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 21:54:21 GMT last-modified Thu, 27 Apr 2023 14:57:32 GMT server nginx etag "644a8d5c-1635" content-type image/svg+xml cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 accept-ranges bytes content-length 5685
GET H2	200	lock.d72c3b80536f448a52ed.svg www.amendes.gouv.fr/	364 B 546 B	216ms 67ms	Image image/svg+xml	90.102.115.80 Orange
General Check archive.org Show headers Download Go to Show image Full URL https://www.amendes.gouv.fr/lock.d72c3b80536f448a52ed.svg Requested by Host: gouv-services.com URL: https://gouv-services.com/home/assets/1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 90.102.115.80 Rennes, France, ASN3215 (France Telecom - Orange, FR), Reverse DNS Software nginx / Resource Hash `cd3b3531417ed9f2290c79f7ee98f9848883309b0f7aeaa4684a96a4d1018795` Request headers accept-language de-DE,de;q=0.9 Referer https://gouv-services.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 21:54:21 GMT last-modified Thu, 27 Apr 2023 14:57:32 GMT server nginx etag "644a8d5c-16c" content-type image/svg+xml cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 accept-ranges bytes content-length 364
GET DATA	200 OK	truncated /	312 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `cb329aaa1cb453b411a5da821dab1a6fb3c31bdc236f3fc51828436c8080e9e3` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	font.woff2 gouv-services.com/home/assets/	40 KB 41 KB	72ms 71ms	Font font/woff2	91.208.197.216 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://gouv-services.com/home/assets/font.woff2 Requested by Host: gouv-services.com URL: https://gouv-services.com/home/assets/1.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.208.197.216 , Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS azerty.rty Software nginx / PleskLin Resource Hash `8552f936573ad445ef3ebea08e9dfc40ea72f5afa1e55f67f6052b6ce8e306ec` Request headers Referer https://gouv-services.com/home/assets/1.css Origin https://gouv-services.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 21:54:21 GMT last-modified Thu, 23 Mar 2023 20:01:58 GMT server nginx etag "641cb036-a14c" x-powered-by PleskLin content-type font/woff2 accept-ranges bytes content-length 41292

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: FR Government (Government)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gouv-services.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 48feoh8fvf5kmeu5me7t5vp912

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gouv-services.com
www.amendes.gouv.fr
90.102.115.80
91.208.197.216
086d8398653d689548be253a76e62200bb642ad9227f8ada6c30ce0ef9bb0849
0b63a3bfb0ac81e995f9df6385fa9211b229272329bf410824fe037fe9b5417c
0fe67cd545f7655fd445b177b8e946bc6ef450259bd389f66f5aed264545d944
1863a579c163e3d070077d2edf371d3d51c586df4e20f0f236f5f8a99b9586ee
5932743bf769427d05289e72fb2bdb7cd1a5bc46f01248be159eb820fe27271d
6bba80da447274240c4f644dd9852a6a42567e86b2a817d90bf36a880b015570
7e9f3dfeca57ef07d745b277027de295bab063f6fbab867b10dc6cd519a0a262
8552f936573ad445ef3ebea08e9dfc40ea72f5afa1e55f67f6052b6ce8e306ec
9ce1731db9a025f5508db540c0f9802d876e090da07317bfa0e42981b4dc8ed0
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
a1fa2ccd5301b72338e02e3b1955b7c3347a27dcc6617bb1b0fcb1fac7069a86
af1bdebbb9dc5b5b22d6d0ab6c1b0307e4939df2220ff356fc57fc4749e603c6
cb329aaa1cb453b411a5da821dab1a6fb3c31bdc236f3fc51828436c8080e9e3
cd3b3531417ed9f2290c79f7ee98f9848883309b0f7aeaa4684a96a4d1018795
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9a7c749fe0220bb53df6ea3eb54789d840d58725376d35be0864d21c10e6efb
fa690c13ae3030f8f045318993b667d75e4b7e36719e0eec9435ff50db58d5c5

gouv-services.com Open in urlscan Pro 91.208.197.216 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

167 kBTransfer

319 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

1 Cookies

Indicators

gouv-services.com Open in urlscan Pro
91.208.197.216 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

167 kB
Transfer

319 kB
Size

1
Cookies

16 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!