milindtech.com
Open in
urlscan Pro
2606:4700:3035::ac43:b878
Malicious Activity!
Public Scan
Effective URL: https://milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/Cart.php
Submission: On December 28 via api from CZ
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2020. Valid for: a year.
This is the only time milindtech.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Assurance Maladie (Healthcare)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 67.199.248.11 67.199.248.11 | 396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD) | |
1 | 148.72.169.17 148.72.169.17 | 30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC) | |
22 | 2606:4700:303... 2606:4700:3035::ac43:b878 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6810:5e41 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:a823 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
27 | 6 |
ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: na-sl-12core-64ram-worker-1.geekbee.com
esparticulares.geekbeesite.io |
ASN15169 (GOOGLE, US)
amelixbalti.blogspot.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
milindtech.com
milindtech.com |
93 KB |
1 |
cloudflare.com
ajax.cloudflare.com |
5 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com |
4 KB |
1 |
blogspot.com
amelixbalti.blogspot.com |
|
1 |
geekbeesite.io
esparticulares.geekbeesite.io |
347 B |
1 |
bit.ly
1 redirects
bit.ly |
163 B |
0 |
fotn-jsimg.com
Failed
fotn-jsimg.com Failed |
|
27 | 7 |
Domain | Requested by | |
---|---|---|
22 | milindtech.com |
milindtech.com
ajax.cloudflare.com static.cloudflareinsights.com |
1 | ajax.cloudflare.com |
milindtech.com
|
1 | static.cloudflareinsights.com |
milindtech.com
|
1 | amelixbalti.blogspot.com |
milindtech.com
|
1 | esparticulares.geekbeesite.io | |
1 | bit.ly | 1 redirects |
0 | fotn-jsimg.com Failed |
milindtech.com
|
27 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.geekbeesite.io Sectigo RSA Domain Validation Secure Server CA |
2020-08-31 - 2021-08-31 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-12 - 2021-07-12 |
a year | crt.sh |
misc-sni.blogspot.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
ajax.cloudflare.com DigiCert ECC Secure Server CA |
2020-08-11 - 2022-08-16 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/Cart.php
Frame ID: E7B8D38CB784D1CA8B39B8F13CE3A0CE
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://bit.ly/34OJQSy
HTTP 301
https://esparticulares.geekbeesite.io/wp-conten/redirect.html Page URL
- https://milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/C... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bit.ly/34OJQSy
HTTP 301
https://esparticulares.geekbeesite.io/wp-conten/redirect.html Page URL
- https://milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/Cart.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://bit.ly/34OJQSy HTTP 301
- https://esparticulares.geekbeesite.io/wp-conten/redirect.html
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
redirect.html
esparticulares.geekbeesite.io/wp-conten/ Redirect Chain
|
152 B 347 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
Cart.php
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/ |
16 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cart,jpg
fotn-jsimg.com/css-js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout.css
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/ |
1 KB 746 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
biblicnam-structure-sans.min.css
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/ |
81 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/ |
414 B 524 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear.css
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
liens.css
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/ |
893 B 680 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forms.css
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boutons.css
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
general.css
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/ |
39 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nav.css
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
colors.css
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/ |
2 KB 943 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/ |
178 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
centrer.css
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window.css
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/ |
402 B 474 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_general.png
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
puce_obligatoire.gif
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/img/ |
101 B 566 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
standard-codigo-de-seguridad.png
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/css/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
amelixbalti.blogspot.com/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beacon.min.js
static.cloudflareinsights.com/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
card.js
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/dist/ |
97 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bib1v_sprite.png
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/images/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menu-separateur.png
milindtech.com/wp/www.ameli.fr/as/porteil/contact/moncompte/fr/services/amelip/appmanager/images/as/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
performance
milindtech.com/cdn-cgi/beacon/ |
0 72 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
performance
milindtech.com/cdn-cgi/beacon/ |
0 32 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fotn-jsimg.com
- URL
- https://fotn-jsimg.com/css-js/cart,jpg
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Assurance Maladie (Healthcare)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| __cfQR function| card function| Payment function| Card boolean| __cfRLUnblockHandlers2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
milindtech.com/ | Name: PHPSESSID Value: 1cec4bab85706ecab228813b93debc5d |
|
.milindtech.com/ | Name: __cfduid Value: dc5976d4934b60a657c9f56d8f1e6d8cc1609163834 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15724800; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.cloudflare.com
amelixbalti.blogspot.com
bit.ly
esparticulares.geekbeesite.io
fotn-jsimg.com
milindtech.com
static.cloudflareinsights.com
fotn-jsimg.com
148.72.169.17
2606:4700:3035::ac43:b878
2606:4700::6810:5e41
2606:4700::6810:a823
2a00:1450:4001:816::2001
67.199.248.11
29946014b302a217011d7b5fb3fdff6dca0cca5fea24e023b26b033c797763c0
3498297c12089ddc4341fde707d5e94697bc0a435640a726aed5121914609a10
38622073b2170e223935c5ae290f98eb63f7007ad5499548a5f2028dc8d2d6e5
4f435ecbc2f3b8d42b1aed02bdf09356908829cc661963af85c4dc6918a930e1
564a025175e43b6d916c34cbdc26e9c7ed2b5ecf2fd88cf2f2261def600d90ed
59a5cf1a9a2ab5fc89de1cd0e0ddaa78ae2e1ab7a928c00c59514a98aaa0785c
66d219f7529ae1499b53b110f5d094c4678cab01e5b27c2f6853c353928058d4
721bfbc6c905623138325dd601145017d9200dd542a3ceb24462a09f624c1d2d
8ace94f1d77dacec95fbdca2f24e1dd5740aa38284bfd74b3473a8d8670f2765
8b67caadd4c2dc9062d42f101c3ee4ecc11aa7049d311026983a1cb8436d8dde
9e16d884ac8f1bbbc50dc0d65834d8463ce146dae6bfb32b561d207a37b292a0
afecefec91cf4517239dd2af5f7b365b800641b292a7fee4b72ef29966f49cb7
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
bc1564f6a4450b4dfd2dad3a37175d680aa4913d33fea243d0e7457a482ac1bb
c3e285de4ffa27370a965adb865756cb95b1c8b9ccb60bc54838cac520b3acd9
ca2bce2c5b0abcccad035b76639deda8f296593c93fb0e6563b87bf21d90a9e2
d2d959c7ba13a6db0e8654f4c17638ef57a6aa85d321ed9be2118f752ea2742a
da0364ccdfe2426368b77807325bf80d1b9f7385b59d28f84809456354b8d204
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a937caaf45a2113512d5accb8b36f7374670053bf1f73ef6934d314b262ff0
ee9fb398d18c04f787ce397c64d3fef162f428b2a7200bb9d38798167738e4a9
f19112caa37a652b22e36499dba1c12c5549b0559716f2d0cacb724e421936e8