amendes-infraction-routiere.com Open in urlscan Pro
37.72.168.222 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://amendes-infraction-routiere.com/
Effective URL:
https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V
Submission: On January 31 via api (January 31st 2024, 7:32:29 pm UTC) from US — Scanned from FR

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 16 HTTP transactions. The main IP is 37.72.168.222, located in Chicago, United States and belongs to HVC-AS, US. The main domain is amendes-infraction-routiere.com.
TLS certificate: Issued by R3 on January 31st 2024. Valid for: 3 months.

This is the only time amendes-infraction-routiere.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: FR Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
2 17	37.72.168.222 37.72.168.222	29802 (HVC-AS) (HVC-AS)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2

17 37.72.168.222 (Chicago, United States) 2 redirects

ASN29802 (HVC-AS, US)
PTR: 37-72-168-222.static.hvvc.us

amendes-infraction-routiere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	amendes-infraction-routiere.com 2 redirects amendes-infraction-routiere.com	174 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	4 KB
16	2

	Domain	Requested by
17	amendes-infraction-routiere.com	2 redirects amendes-infraction-routiere.com
1	cdnjs.cloudflare.com	amendes-infraction-routiere.com
16	2

This site contains no links.

Subject Issuer	Validity	Valid
amendes-infraction-routiere.com R3	`2024-01-31` - `2024-04-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V
Frame ID: 0DB797591AEAB8AA04312D50095D1CB1
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Espace client

Page URL History Show full URLs

https://amendes-infraction-routiere.com/ HTTP 302
https://amendes-infraction-routiere.com/DUVzTTavlOw/?redirection=msg HTTP 302
https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

177 kB
Transfer

474 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://amendes-infraction-routiere.com/ HTTP 302
https://amendes-infraction-routiere.com/DUVzTTavlOw/?redirection=msg HTTP 302
https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Wnht9jp8Fm87oLgvKskjY85V Show response
amendes-infraction-routiere.com/DUVzTTavlOw/
Redirect Chain

https://amendes-infraction-routiere.com/
https://amendes-infraction-routiere.com/DUVzTTavlOw/?redirection=msg
https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

7 KB
2 KB

120ms
120ms

Document
text/html

37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PHP/8.2.15 PleskLin

Resource Hash

9a7e27b89a07864e05ece37b49ccc62b71a8b59d37555f08f7f7e11382ad3b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 2089
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 19:32:24 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-powered-by: PHP/8.2.15 PleskLin

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 19:32:24 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: Wnht9jp8Fm87oLgvKskjY85V?
pragma: no-cache
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.2.15 PleskLin

GET
H2 200 bootstrap.css
amendes-infraction-routiere.com/DUVzTTavlOw//media/css/ 188 KB
21 KB 381ms
378ms Stylesheet
text/css 37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw//media/css/bootstrap.css

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PleskLin

Resource Hash

0c159070e198b7ed2a9162d6c9751f5914ff62803914d8512d60b1f5ffde4334

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:24 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Wed, 29 Nov 2023 19:11:32 GMT
server: nginx
etag: W/"65678ce4-2f1f7"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 style.css
amendes-infraction-routiere.com/DUVzTTavlOw//media/css/ 2 KB
899 B 381ms
379ms Stylesheet
text/css 37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw//media/css/style.css

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PleskLin

Resource Hash

0e01a80bedd5d4daafc92066fb2081e32ce8b29f835a3f6e3bbaa07973fadbb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:24 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Wed, 29 Nov 2023 19:11:32 GMT
server: nginx
etag: W/"65678ce4-877"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 logo.svg
amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/ 23 KB
23 KB 380ms
378ms Image
image/svg+xml 37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/logo.svg

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PleskLin

Resource Hash

5932743bf769427d05289e72fb2bdb7cd1a5bc46f01248be159eb820fe27271d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:24 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Wed, 29 Nov 2023 19:11:32 GMT
server: nginx
etag: "65678ce4-5cbd"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 23741

GET
H2 200 tai.png
amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/ 30 KB
31 KB 271ms
269ms Image
image/png 37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/tai.png

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PleskLin

Resource Hash

e9cb9ecb4db45a10041acfa23de651d3e1f35d08feb2fd5d8dc71991f7c1ee23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:24 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Wed, 29 Nov 2023 19:11:32 GMT
server: nginx
etag: "65678ce4-79b7"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 31159

GET
H2 200 lock.svg
amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/ 364 B
583 B 158ms
156ms Image
image/svg+xml 37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/lock.svg

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PleskLin

Resource Hash

cd3b3531417ed9f2290c79f7ee98f9848883309b0f7aeaa4684a96a4d1018795

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:24 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Wed, 29 Nov 2023 19:11:32 GMT
server: nginx
x-accel-version: 0.01
etag: "16c-60b4f4d920100"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 364

GET
H2 200 step.png
amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/ 239 B
453 B 380ms
379ms Image
image/png 37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/step.png

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PleskLin

Resource Hash

1a8a39a9ad8212feeb6c07e8120b673dd1a1edf5cb71b1b64c160b98c063d1ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:24 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Wed, 29 Nov 2023 19:11:32 GMT
server: nginx
x-accel-version: 0.01
etag: "ef-60b4f4d920100"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 239

GET
H2 200 app.png
amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/ 1018 B
1 KB 380ms
379ms Image
image/png 37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/app.png

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PleskLin

Resource Hash

9beeb30d4e9732d21f6a12b15c69d2fdd74c8c6b42f8cd95c3fb2b8903bec1f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:24 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Wed, 29 Nov 2023 19:11:32 GMT
server: nginx
x-accel-version: 0.01
etag: "3fa-60b4f4d920100"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 1018

GET
H2 200 phone.png
amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/ 1 KB
1 KB 380ms
379ms Image
image/png 37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/phone.png

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PleskLin

Resource Hash

d6ad7c13e0c250357707cbebdf68def97578f856eac4b8a0bf2f50549bee8306

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:24 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Wed, 29 Nov 2023 19:11:30 GMT
server: nginx
etag: "65678ce2-4f2"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 1266

GET
H2 200 ft.svg
amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/ 312 B
531 B 380ms
380ms Image
image/svg+xml 37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/ft.svg

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PleskLin

Resource Hash

cb329aaa1cb453b411a5da821dab1a6fb3c31bdc236f3fc51828436c8080e9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:24 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Wed, 29 Nov 2023 19:11:32 GMT
server: nginx
x-accel-version: 0.01
etag: "138-60b4f4d920100"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 312

GET
H2 200 jquery-3.5.1.min.js Show response
amendes-infraction-routiere.com/DUVzTTavlOw//media/js/ 87 KB
30 KB 375ms
373ms Script
application/javascript 37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw//media/js/jquery-3.5.1.min.js

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PleskLin

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:24 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Wed, 29 Nov 2023 19:11:32 GMT
server: nginx
etag: W/"65678ce4-15d84"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 bootstrap.min.js Show response
amendes-infraction-routiere.com/DUVzTTavlOw//media/js/ 61 KB
15 KB 380ms
378ms Script
application/javascript 37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw//media/js/bootstrap.min.js

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PleskLin

Resource Hash

2909d4fa86cf09191e768576e1a6eab7f2635a2627549c45d29595ffac9c0da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:24 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Wed, 29 Nov 2023 19:11:32 GMT
server: nginx
etag: W/"65678ce4-f3cb"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery.mask.js Show response
amendes-infraction-routiere.com/DUVzTTavlOw//media/js/ 23 KB
6 KB 156ms
155ms Script
application/javascript 37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw//media/js/jquery.mask.js

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PleskLin

Resource Hash

a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:24 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Wed, 29 Nov 2023 19:11:32 GMT
server: nginx
etag: W/"65678ce4-5a88"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery.mask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ 8 KB
4 KB 74ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7225891
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3074
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-2087"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2B1cO96Yi%2FOWIQYjToNYc47fvMjIZrR1zE%2BGpgZcZwycLcSIPjKyGUk7T6zmpcSLDqyWRhrG5%2F%2BcsTuvOdT2ChoAaCMuQWmR1%2FoJfauv%2F5dAD8wkwg4sP15pnESiPi9OWbBp8bGr4wNnpw%2FExsd3A28T"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84e461666bd92a2c-CDG
expires: Mon, 20 Jan 2025 19:32:24 GMT

GET
H2 200 js.js Show response
amendes-infraction-routiere.com/DUVzTTavlOw//media/js/ 577 B
503 B 372ms
371ms Script
application/javascript 37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw//media/js/js.js

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PleskLin

Resource Hash

e13ee01a34b969e7675991778c73f395e1d0c00a118cf1f7cf5a76a4fcd4fae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/DUVzTTavlOw/Wnht9jp8Fm87oLgvKskjY85V?
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:24 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Wed, 29 Nov 2023 19:11:32 GMT
server: nginx
x-accel-version: 0.01
etag: "241-60b4f4d920100-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 241

GET
H2 200 back.jpg
amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/ 40 KB
40 KB 119ms
119ms Image
image/jpeg 37.72.168.222
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amendes-infraction-routiere.com/DUVzTTavlOw//media/imgs/back.jpg

Requested by

Host: amendes-infraction-routiere.com
URL: https://amendes-infraction-routiere.com/DUVzTTavlOw//media/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.72.168.222 Chicago, United States, ASN29802 (HVC-AS, US),

Reverse DNS

37-72-168-222.static.hvvc.us

Software

nginx / PleskLin

Resource Hash

a1fa2ccd5301b72338e02e3b1955b7c3347a27dcc6617bb1b0fcb1fac7069a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://amendes-infraction-routiere.com/DUVzTTavlOw//media/css/style.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 31 Jan 2024 19:32:25 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Wed, 29 Nov 2023 19:11:32 GMT
server: nginx
etag: "65678ce4-9f08"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 40712

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: FR Government (Government)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			amendes-infraction-routiere.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: k0lrqqae3pledqpu2tq204ktdb

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amendes-infraction-routiere.com
cdnjs.cloudflare.com
2606:4700::6811:190e
37.72.168.222
0c159070e198b7ed2a9162d6c9751f5914ff62803914d8512d60b1f5ffde4334
0e01a80bedd5d4daafc92066fb2081e32ce8b29f835a3f6e3bbaa07973fadbb2
1a8a39a9ad8212feeb6c07e8120b673dd1a1edf5cb71b1b64c160b98c063d1ad
2909d4fa86cf09191e768576e1a6eab7f2635a2627549c45d29595ffac9c0da9
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
5932743bf769427d05289e72fb2bdb7cd1a5bc46f01248be159eb820fe27271d
9a7e27b89a07864e05ece37b49ccc62b71a8b59d37555f08f7f7e11382ad3b87
9beeb30d4e9732d21f6a12b15c69d2fdd74c8c6b42f8cd95c3fb2b8903bec1f6
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
a1fa2ccd5301b72338e02e3b1955b7c3347a27dcc6617bb1b0fcb1fac7069a86
cb329aaa1cb453b411a5da821dab1a6fb3c31bdc236f3fc51828436c8080e9e3
cd3b3531417ed9f2290c79f7ee98f9848883309b0f7aeaa4684a96a4d1018795
d6ad7c13e0c250357707cbebdf68def97578f856eac4b8a0bf2f50549bee8306
e13ee01a34b969e7675991778c73f395e1d0c00a118cf1f7cf5a76a4fcd4fae5
e9cb9ecb4db45a10041acfa23de651d3e1f35d08feb2fd5d8dc71991f7c1ee23
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

amendes-infraction-routiere.com Open in urlscan Pro 37.72.168.222 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

177 kBTransfer

474 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

amendes-infraction-routiere.com Open in urlscan Pro
37.72.168.222 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

177 kB
Transfer

474 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!