support.assistancedefrance.com Open in urlscan Pro
103.166.185.31  Malicious Activity! Public Scan

URL: https://support.assistancedefrance.com/AM/index2.php
Submission: On September 24 via api from US — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 103.166.185.31, located in Viet Nam and belongs to VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN. The main domain is support.assistancedefrance.com.
TLS certificate: Issued by R10 on September 21st 2024. Valid for: 3 months.
This is the only time support.assistancedefrance.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

IP Address AS Autonomous System
13 103.166.185.31 135905 (VNPT-AS-V...)
7 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:226... 16509 (AMAZON-02)
21 3
Apex Domain
Subdomains
Transfer
13 assistancedefrance.com
support.assistancedefrance.com
112 KB
7 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 451
132 KB
1 amazon.fr
www.amazon.fr — Cisco Umbrella Rank: 49181
11 KB
21 3
Domain Requested by
13 support.assistancedefrance.com support.assistancedefrance.com
7 m.media-amazon.com support.assistancedefrance.com
1 www.amazon.fr support.assistancedefrance.com
21 3

This site contains links to these domains. Also see Links.

Domain
google.com
Subject Issuer Validity Valid
support.assistancedefrance.com
R10
2024-09-21 -
2024-12-20
3 months crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2
2024-01-05 -
2024-12-08
a year crt.sh
www.amazon.fr
DigiCert Global CA G2
2024-04-28 -
2025-04-02
a year crt.sh

This page contains 2 frames:

Primary Page: https://support.assistancedefrance.com/AM/index2.php
Frame ID: 1BF101636D33A229BF7A709BB2F7B6CD
Requests: 18 HTTP requests in this frame

Frame: https://support.assistancedefrance.com/AM/amaz_files/iu3.html
Frame ID: E5043A165D72096BD90376A087DC132A
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Promotions et ventes flash

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

21
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

255 kB
Transfer

503 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index2.php
support.assistancedefrance.com/AM/
32 KB
8 KB
Document
General
Full URL
https://support.assistancedefrance.com/AM/index2.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.166.185.31 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.166.185.31.cloudfly.vn
Software
nginx / PHP/8.3.11 PleskLin
Resource Hash
95aa883097bf56eed7a877c5cc0b8572874ca0a8aa7518bf001b094e2a5b3248

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
8107
content-type
text/html; charset=UTF-8
date
Tue, 24 Sep 2024 21:35:44 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.3.11 PleskLin
11OrJUma5UL._RC_01rXlRztnIL.css,4135ANpE31L.css,21ak7+1wqPL.css,01uNpa0PcLL.css,01NtHviPbnL.css,01L-6KXabGL.css,310ooOGCdhL.css,11o2wHvvdBL.css,01i9N7e-hBL.css,11VHr91CkuL.css,11ADf9L1OdL.css,01IdK...
support.assistancedefrance.com/AM/amaz_files/
153 KB
24 KB
Stylesheet
General
Full URL
https://support.assistancedefrance.com/AM/amaz_files/11OrJUma5UL._RC_01rXlRztnIL.css,4135ANpE31L.css,21ak7+1wqPL.css,01uNpa0PcLL.css,01NtHviPbnL.css,01L-6KXabGL.css,310ooOGCdhL.css,11o2wHvvdBL.css,01i9N7e-hBL.css,11VHr91CkuL.css,11ADf9L1OdL.css,01IdKcBuAdL.css,019pz6QNQ6L.css,01wLsDqViEL.css,018gwG6-KML.css
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/index2.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.166.185.31 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.166.185.31.cloudfly.vn
Software
nginx / PleskLin
Resource Hash
08adb9d5c6167a5c441959768a4715f4454fa70628bf525334f099e881be7049

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/AM/index2.php

Response headers

content-encoding
br
date
Tue, 24 Sep 2024 21:35:45 GMT
etag
W/"608dfc1c-2622b"
content-type
text/css
last-modified
Sun, 02 May 2021 01:10:52 GMT
server
nginx
x-powered-by
PleskLin
314xMGKl-SL._RC_41KBYOkTjIL.css,51zszC1muXL.css_.css
support.assistancedefrance.com/AM/amaz_files/
89 KB
9 KB
Stylesheet
General
Full URL
https://support.assistancedefrance.com/AM/amaz_files/314xMGKl-SL._RC_41KBYOkTjIL.css,51zszC1muXL.css_.css
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/index2.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.166.185.31 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.166.185.31.cloudfly.vn
Software
nginx / PleskLin
Resource Hash
e28d01300dc51f6d955b52b545c4d4df2013ce9f4ed909c275c1a3dbda4f9777

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/AM/index2.php

Response headers

content-encoding
br
date
Tue, 24 Sep 2024 21:35:45 GMT
etag
W/"608dfc1c-16202"
content-type
text/css
last-modified
Sun, 02 May 2021 01:10:52 GMT
server
nginx
x-powered-by
PleskLin
41C6LaLLmFL.css
support.assistancedefrance.com/AM/amaz_files/
17 KB
4 KB
Stylesheet
General
Full URL
https://support.assistancedefrance.com/AM/amaz_files/41C6LaLLmFL.css
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/index2.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.166.185.31 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.166.185.31.cloudfly.vn
Software
nginx / PleskLin
Resource Hash
ee446dc7f1c4724644c8d4b57773fa2a62635521162ccab40021ed70d77e559a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/AM/index2.php

Response headers

content-encoding
br
date
Tue, 24 Sep 2024 21:35:45 GMT
etag
W/"608dfc1c-423d"
content-type
text/css
last-modified
Sun, 02 May 2021 01:10:52 GMT
server
nginx
x-powered-by
PleskLin
01+72+wCC9L.css
support.assistancedefrance.com/AM/amaz_files/
1 KB
468 B
Stylesheet
General
Full URL
https://support.assistancedefrance.com/AM/amaz_files/01+72+wCC9L.css
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/index2.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.166.185.31 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.166.185.31.cloudfly.vn
Software
nginx / PleskLin
Resource Hash
6da4e741f1e44e8a6e60f74ce6d666292135be8a44c5a5d97621a0bd1371e782

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/AM/index2.php

Response headers

content-encoding
br
date
Tue, 24 Sep 2024 21:35:45 GMT
etag
W/"608dfc1c-4a6"
content-type
text/css
last-modified
Sun, 02 May 2021 01:10:52 GMT
server
nginx
x-powered-by
PleskLin
31W7N8gncNL.css
support.assistancedefrance.com/AM/amaz_files/
8 KB
2 KB
Stylesheet
General
Full URL
https://support.assistancedefrance.com/AM/amaz_files/31W7N8gncNL.css
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/index2.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.166.185.31 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.166.185.31.cloudfly.vn
Software
nginx / PleskLin
Resource Hash
fb39b19a5f36fb6c3877a20d8ff04f25dfe4306d80e06693cc0b774151ef5819

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/AM/index2.php

Response headers

content-encoding
br
date
Tue, 24 Sep 2024 21:35:45 GMT
etag
W/"608dfc1c-21fd"
content-type
text/css
last-modified
Sun, 02 May 2021 01:10:52 GMT
server
nginx
x-powered-by
PleskLin
new-nav-sprite-global-1x_blueheaven-account._CB658093860_.png
support.assistancedefrance.com/AM/amaz_files/
10 KB
10 KB
Image
General
Full URL
https://support.assistancedefrance.com/AM/amaz_files/new-nav-sprite-global-1x_blueheaven-account._CB658093860_.png
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/index2.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.166.185.31 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.166.185.31.cloudfly.vn
Software
nginx / PleskLin
Resource Hash
ccd2b4d3291236165abff9fb9aa683bf00eb4fe676e49532f7db78500cfcbe08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/AM/index2.php

Response headers

etag
"608e0b9c-28f2"
accept-ranges
bytes
content-length
10482
date
Tue, 24 Sep 2024 21:35:45 GMT
content-type
image/png
last-modified
Sun, 02 May 2021 02:17:00 GMT
server
nginx
x-powered-by
PleskLin
414z88EjGbL.__AC_SX300_SY300_QL70_FMwebp_.jpg
m.media-amazon.com/images/I/
6 KB
7 KB
Image
General
Full URL
https://m.media-amazon.com/images/I/414z88EjGbL.__AC_SX300_SY300_QL70_FMwebp_.jpg
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:e600:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ba8cc18fb56b5ba69a5ed27ac45504eeeac02c0050e1cd17d40e335a135e40f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/

Response headers

x-amz-ir-id
c4cde0e1-f531-4c5d-abc3-454126fa4c82
surrogate-key
x-cache-090 /images/I/414z88EjGbL
age
1806591
expires
Mon, 29 Aug 2044 23:45:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
43ETGEd5bwX9n8NwvNr3fOJf7sukeHyRrfXUevvEQj7EAmFO1t-kkA==
date
Tue, 03 Sep 2024 23:45:14 GMT
content-type
image/webp
last-modified
Mon, 22 Feb 2021 22:13:06 GMT
x-nginx-cache-status
HIT
edge-cache-tag
x-cache-090,/images/I/414z88EjGbL
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
6604
x-amz-cf-pop
FRA60-P4
server
Server
butt.png
support.assistancedefrance.com/AM/
37 KB
37 KB
Image
General
Full URL
https://support.assistancedefrance.com/AM/butt.png
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/index2.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.166.185.31 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.166.185.31.cloudfly.vn
Software
nginx / PleskLin
Resource Hash
4c1d427921a7d5fc6b15e5cf24497c5de349adf0839467889565af82eefd1dd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/AM/index2.php

Response headers

etag
"6091ba5a-953b"
accept-ranges
bytes
content-length
38203
date
Tue, 24 Sep 2024 21:35:45 GMT
content-type
image/png
last-modified
Tue, 04 May 2021 21:19:22 GMT
server
nginx
x-powered-by
PleskLin
613AVx005lL.__AC_SX300_SY300_QL70_FMwebp_.jpg
m.media-amazon.com/images/I/
4 KB
5 KB
Image
General
Full URL
https://m.media-amazon.com/images/I/613AVx005lL.__AC_SX300_SY300_QL70_FMwebp_.jpg
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:e600:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8d2fb6d25675099a5edcb392a6560e4f6cbb6b184a5b8b8ec1f2670474d0b14d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/

Response headers

x-amz-ir-id
ea0d3008-f0c6-497a-a95f-8f70f9041b8c
surrogate-key
x-cache-141 /images/I/613AVx005lL
age
992152
expires
Mon, 05 Sep 2044 02:58:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
qFSe42Kx4jqg_jn_vpHtTfCDVWX_LJyKTYORNA8w-hwzRQ5K4haeng==
date
Tue, 10 Sep 2024 02:58:10 GMT
content-type
image/webp
last-modified
Thu, 11 Nov 2021 12:54:40 GMT
x-nginx-cache-status
HIT
edge-cache-tag
x-cache-141,/images/I/613AVx005lL
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
4088
x-amz-cf-pop
FRA60-P4
server
Server
61FEWnnhYkL._AC_SX679_.jpg
m.media-amazon.com/images/I/
33 KB
34 KB
Image
General
Full URL
https://m.media-amazon.com/images/I/61FEWnnhYkL._AC_SX679_.jpg
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:e600:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c0a668d36cebb7b48310d2753812df8408284ce50f8a511d681ce42942c42a0c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/

Response headers

x-amz-ir-id
6bf373ec-1324-45cb-af1f-3accf5fc433c
surrogate-key
x-cache-494 /images/I/61FEWnnhYkL
age
653920
expires
Mon, 12 Sep 2044 07:57:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
jEN1FV2KmqeOw7234Is6EG4m4D2cFXoqWzhcLLnLNyenaH0_JM1dYA==
date
Tue, 17 Sep 2024 07:57:07 GMT
content-type
image/jpeg
last-modified
Thu, 28 Feb 2019 05:46:17 GMT
x-nginx-cache-status
MISS
edge-cache-tag
x-cache-494,/images/I/61FEWnnhYkL
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
34199
x-amz-cf-pop
FRA60-P4
server
Server
71NTi82uBEL._AC_UL480_SR480,480_.jpg
support.assistancedefrance.com/AM/amaz_files/
7 KB
7 KB
Image
General
Full URL
https://support.assistancedefrance.com/AM/amaz_files/71NTi82uBEL._AC_UL480_SR480,480_.jpg
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/index2.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.166.185.31 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.166.185.31.cloudfly.vn
Software
nginx / PleskLin
Resource Hash
71d79e36206f9640ce36cc52611f30180596fa755406b61242f41b852db83fc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/AM/index2.php

Response headers

etag
"608dfc1c-1d0f"
accept-ranges
bytes
content-length
7439
date
Tue, 24 Sep 2024 21:35:45 GMT
content-type
image/jpeg
last-modified
Sun, 02 May 2021 01:10:52 GMT
server
nginx
x-powered-by
PleskLin
iu3.html
support.assistancedefrance.com/AM/amaz_files/ Frame E504
808 B
501 B
Document
General
Full URL
https://support.assistancedefrance.com/AM/amaz_files/iu3.html
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/index2.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.166.185.31 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.166.185.31.cloudfly.vn
Software
nginx /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

Referer
https://support.assistancedefrance.com/AM/index2.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html
date
Tue, 24 Sep 2024 21:35:45 GMT
etag
W/"328-6229c2dcf4d78"
last-modified
Sat, 21 Sep 2024 07:33:59 GMT
server
nginx
new-nav-sprite-global-1x_blueheaven-account._CB658093860_.png
www.amazon.fr/images/G/08/gno/sprites/
10 KB
11 KB
Image
General
Full URL
https://www.amazon.fr/images/G/08/gno/sprites/new-nav-sprite-global-1x_blueheaven-account._CB658093860_.png
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:4600:6:f4ed:9994:3b01 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ccd2b4d3291236165abff9fb9aa683bf00eb4fe676e49532f7db78500cfcbe08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/

Response headers

x-amz-ir-id
bcf04857-3daa-42a8-b8f9-8c86e714254a
surrogate-key
x-cache-896 /images/G/08/gno/sprites/new-nav-sprite-global-1x_blueheaven-account
age
305408
x-content-type-options
nosniff
expires
Fri, 16 Sep 2044 04:13:26 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
iY09dUp4Vn6vjWFHG0W97Yb14rlVH6wumERurCHcciTFnguTlE3QCA==
date
Sat, 21 Sep 2024 04:13:26 GMT
content-type
image/png
last-modified
Fri, 12 Mar 2021 21:41:22 GMT
x-nginx-cache-status
HIT
edge-cache-tag
x-cache-896,/images/G/08/gno/sprites/new-nav-sprite-global-1x_blueheaven-account
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.fr
via
1.1 ce14142c16d95e9fc36f4f4a6a56eccc.cloudfront.net (CloudFront), 1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
10482
x-amz-cf-pop
TXL50-P5, TXL50-P4
server
Server
pDxWAF1pBB0dzGB.woff2
m.media-amazon.com/images/S/sash/
16 KB
17 KB
Font
General
Full URL
https://m.media-amazon.com/images/S/sash/pDxWAF1pBB0dzGB.woff2
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/amaz_files/11OrJUma5UL._RC_01rXlRztnIL.css,4135ANpE31L.css,21ak7+1wqPL.css,01uNpa0PcLL.css,01NtHviPbnL.css,01L-6KXabGL.css,310ooOGCdhL.css,11o2wHvvdBL.css,01i9N7e-hBL.css,11VHr91CkuL.css,11ADf9L1OdL.css,01IdKcBuAdL.css,019pz6QNQ6L.css,01wLsDqViEL.css,018gwG6-KML.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:225e:e600:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
cded49f94fc16dc0a14923975e159fbf4b14844593e612c1342c9e34e2f96821

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://support.assistancedefrance.com
Referer
https://support.assistancedefrance.com/

Response headers

x-amz-ir-id
4fdce50e-16ed-42bc-b6f3-3f079f140567
surrogate-key
x-cache-788 /images/S/sash/pDxWAF1pBB0dzGB
age
25834830
expires
Fri, 02 Oct 2043 01:52:43 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
gjUi-CUIKcyiXoBReVukkFVOGQYS4K4HsdYsgIO6j0nwqHHCE_ybTg==
date
Sat, 07 Oct 2023 01:52:43 GMT
content-type
application/font-woff2; charset=utf-8
last-modified
Fri, 30 Oct 2020 21:19:16 GMT
x-nginx-cache-status
HIT
edge-cache-tag
x-cache-788,/images/S/sash/pDxWAF1pBB0dzGB
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
16616
x-amz-cf-pop
FRA60-P4
server
Server
KFPk-9IF4FqAqY-.woff2
m.media-amazon.com/images/S/sash/
16 KB
17 KB
Font
General
Full URL
https://m.media-amazon.com/images/S/sash/KFPk-9IF4FqAqY-.woff2
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/amaz_files/11OrJUma5UL._RC_01rXlRztnIL.css,4135ANpE31L.css,21ak7+1wqPL.css,01uNpa0PcLL.css,01NtHviPbnL.css,01L-6KXabGL.css,310ooOGCdhL.css,11o2wHvvdBL.css,01i9N7e-hBL.css,11VHr91CkuL.css,11ADf9L1OdL.css,01IdKcBuAdL.css,019pz6QNQ6L.css,01wLsDqViEL.css,018gwG6-KML.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:225e:e600:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4065b43ba3db8da5390ba0708555889f78e86483fe0226ef79ea22d07c306b89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://support.assistancedefrance.com
Referer
https://support.assistancedefrance.com/

Response headers

x-amz-ir-id
29d3a6a7-1de1-4b26-a924-6c3f60e02dbf
surrogate-key
x-cache-409 /images/S/sash/KFPk-9IF4FqAqY-
age
676162
expires
Sun, 04 Sep 2044 15:08:17 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
j_Y90LBlLTrdism1ao-oM6NmwK0zb2bj_D3i7o0Fq5jOIsX5zd-_2A==
date
Tue, 17 Sep 2024 21:43:00 GMT
content-type
application/font-woff2; charset=utf-8
last-modified
Fri, 30 Oct 2020 21:19:26 GMT
x-nginx-cache-status
HIT
edge-cache-tag
x-cache-409,/images/S/sash/KFPk-9IF4FqAqY-
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
16460
x-amz-cf-pop
FRA60-P4
server
Server
f9Cwl2OUDVHGXk8.png
m.media-amazon.com/images/S/sash/
35 KB
35 KB
Image
General
Full URL
https://m.media-amazon.com/images/S/sash/f9Cwl2OUDVHGXk8.png
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/amaz_files/11OrJUma5UL._RC_01rXlRztnIL.css,4135ANpE31L.css,21ak7+1wqPL.css,01uNpa0PcLL.css,01NtHviPbnL.css,01L-6KXabGL.css,310ooOGCdhL.css,11o2wHvvdBL.css,01i9N7e-hBL.css,11VHr91CkuL.css,11ADf9L1OdL.css,01IdKcBuAdL.css,019pz6QNQ6L.css,01wLsDqViEL.css,018gwG6-KML.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:e600:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
64ab441391f66f10b9958f370975591a71a0bdd2d3f0f2e3450637e9afbaeef9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/

Response headers

x-amz-ir-id
7970f1f3-cce8-4669-993d-a6c952feb519
surrogate-key
x-cache-445 /images/S/sash/f9Cwl2OUDVHGXk8
age
23220019
expires
Tue, 22 Sep 2043 08:01:56 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
MSWGkuwwA8bvUprd_QjUfyg_q3GzH28q9PFFLgMHMGSfJ8iDH195Ig==
date
Wed, 27 Sep 2023 08:01:56 GMT
content-type
image/png
last-modified
Wed, 11 Nov 2020 23:04:50 GMT
x-nginx-cache-status
HIT
edge-cache-tag
x-cache-445,/images/S/sash/f9Cwl2OUDVHGXk8
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
35458
x-amz-cf-pop
FRA60-P4
server
Server
WOnTLzkiaEccV7F.woff2
m.media-amazon.com/images/S/sash/
17 KB
17 KB
Font
General
Full URL
https://m.media-amazon.com/images/S/sash/WOnTLzkiaEccV7F.woff2
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/amaz_files/11OrJUma5UL._RC_01rXlRztnIL.css,4135ANpE31L.css,21ak7+1wqPL.css,01uNpa0PcLL.css,01NtHviPbnL.css,01L-6KXabGL.css,310ooOGCdhL.css,11o2wHvvdBL.css,01i9N7e-hBL.css,11VHr91CkuL.css,11ADf9L1OdL.css,01IdKcBuAdL.css,019pz6QNQ6L.css,01wLsDqViEL.css,018gwG6-KML.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:225e:e600:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
cb0f25ca005489d2399434c33762f291bd8746714eae3aa72de20aca08edc458

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://support.assistancedefrance.com
Referer
https://support.assistancedefrance.com/

Response headers

x-amz-ir-id
74cc92f0-13ec-4ded-9fe4-1a8b7f23babc
surrogate-key
x-cache-213 /images/S/sash/WOnTLzkiaEccV7F
age
5529531
expires
Wed, 16 Sep 2043 18:23:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
C9tQrvOIIP_5l7E87egHF_YO1O-bACJO5d2rsaZoRJU0bgVv0shKbg==
date
Mon, 22 Jul 2024 21:36:57 GMT
content-type
application/font-woff2; charset=utf-8
vary
Accept-Encoding
x-nginx-cache-status
HIT
last-modified
Fri, 30 Oct 2020 21:19:21 GMT
edge-cache-tag
x-cache-213,/images/S/sash/WOnTLzkiaEccV7F
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
17336
x-amz-cf-pop
FRA60-P4
server
Server
styles.css
support.assistancedefrance.com/error_docs/ Frame E504
3 KB
1 KB
Stylesheet
General
Full URL
https://support.assistancedefrance.com/error_docs/styles.css
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/AM/amaz_files/iu3.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.166.185.31 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.166.185.31.cloudfly.vn
Software
nginx / PleskLin
Resource Hash
6b93df5613a6b28fa3aaa6a34a9d05cdfe7382fd09f52c38b3a29a936edb786c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/AM/amaz_files/iu3.html

Response headers

x-powered-by
PleskLin
content-encoding
gzip
etag
"aa0-6229c2dcf4d78-gzip"
accept-ranges
bytes
content-length
950
date
Tue, 24 Sep 2024 21:35:45 GMT
content-type
text/css
last-modified
Sat, 21 Sep 2024 07:33:59 GMT
server
nginx
vary
Accept-Encoding
server.svg
support.assistancedefrance.com/error_docs/ Frame E504
7 KB
7 KB
Image
General
Full URL
https://support.assistancedefrance.com/error_docs/server.svg
Requested by
Host: support.assistancedefrance.com
URL: https://support.assistancedefrance.com/error_docs/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.166.185.31 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.166.185.31.cloudfly.vn
Software
nginx / PleskLin
Resource Hash
f74b80306280ccf2ddc635eb09f5f36070ee5769365b0a7a53ca3747602eebcb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/error_docs/styles.css

Response headers

etag
"1cf8-6229c2dcf4d78"
accept-ranges
bytes
content-length
7416
date
Tue, 24 Sep 2024 21:35:46 GMT
content-type
image/svg+xml
last-modified
Sat, 21 Sep 2024 07:33:59 GMT
server
nginx
x-powered-by
PleskLin
favicon.ico
support.assistancedefrance.com/
808 B
501 B
Other
General
Full URL
https://support.assistancedefrance.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.166.185.31 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.166.185.31.cloudfly.vn
Software
nginx /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://support.assistancedefrance.com/AM/index2.php

Response headers

content-encoding
br
date
Tue, 24 Sep 2024 21:35:46 GMT
etag
W/"328-6229c2dcf4d78"
content-type
text/html
last-modified
Sat, 21 Sep 2024 07:33:59 GMT
server
nginx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Domain/Path Name / Value
support.assistancedefrance.com/ Name: PHPSESSID
Value: kbievnf3ftp7dr8daar86df1tp

2 Console Messages

Source Level URL
Text
network error URL: https://support.assistancedefrance.com/AM/amaz_files/iu3.html
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://support.assistancedefrance.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

m.media-amazon.com
support.assistancedefrance.com
www.amazon.fr
103.166.185.31
2600:9000:225e:e600:1d:d7f6:39d3:d9e1
2600:9000:2261:4600:6:f4ed:9994:3b01
08adb9d5c6167a5c441959768a4715f4454fa70628bf525334f099e881be7049
4065b43ba3db8da5390ba0708555889f78e86483fe0226ef79ea22d07c306b89
4c1d427921a7d5fc6b15e5cf24497c5de349adf0839467889565af82eefd1dd1
64ab441391f66f10b9958f370975591a71a0bdd2d3f0f2e3450637e9afbaeef9
6b93df5613a6b28fa3aaa6a34a9d05cdfe7382fd09f52c38b3a29a936edb786c
6da4e741f1e44e8a6e60f74ce6d666292135be8a44c5a5d97621a0bd1371e782
71d79e36206f9640ce36cc52611f30180596fa755406b61242f41b852db83fc4
8d2fb6d25675099a5edcb392a6560e4f6cbb6b184a5b8b8ec1f2670474d0b14d
95aa883097bf56eed7a877c5cc0b8572874ca0a8aa7518bf001b094e2a5b3248
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
ba8cc18fb56b5ba69a5ed27ac45504eeeac02c0050e1cd17d40e335a135e40f8
c0a668d36cebb7b48310d2753812df8408284ce50f8a511d681ce42942c42a0c
cb0f25ca005489d2399434c33762f291bd8746714eae3aa72de20aca08edc458
ccd2b4d3291236165abff9fb9aa683bf00eb4fe676e49532f7db78500cfcbe08
cded49f94fc16dc0a14923975e159fbf4b14844593e612c1342c9e34e2f96821
e28d01300dc51f6d955b52b545c4d4df2013ce9f4ed909c275c1a3dbda4f9777
ee446dc7f1c4724644c8d4b57773fa2a62635521162ccab40021ed70d77e559a
f74b80306280ccf2ddc635eb09f5f36070ee5769365b0a7a53ca3747602eebcb
fb39b19a5f36fb6c3877a20d8ff04f25dfe4306d80e06693cc0b774151ef5819