urlscan.io logo urlscan.io
SecurityTrails logo

generalmillls.com Open in urlscan Pro
45.133.200.3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://generalmillls.com/
Effective URL: https://generalmillls.com/
Submission: On May 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 45.133.200.3, located in Virgin Islands (British) and belongs to INTERNET-IT, VG. The main domain is generalmillls.com.
TLS certificate: Issued by R3 on May 8th 2024. Valid for: 3 months.
This is the only time generalmillls.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger)

Domain & IP information

IP Address AS Autonomous System
5 45.133.200.3 200313 (INTERNET-IT)
6 2
Apex Domain
Subdomains		 Transfer
5 generalmillls.com
generalmillls.com
151 KB
0 whatsapp.com Failed
www.whatsapp.com Failed
6 2
Domain Requested by
5 generalmillls.com generalmillls.com
0 www.whatsapp.com Failed generalmillls.com
6 2
Subject Issuer Validity Valid
mail.generalmillls.com
R3		 2024-05-08 -
2024-08-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://generalmillls.com/
Frame ID: B6ED6DBBF21E15DB9A67BDEE4D6BE727
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WhatsApp Group Invite

Page URL History Show full URLs

  1. http://generalmillls.com/ HTTP 307
    https://generalmillls.com/ Page URL

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

151 kB
Transfer

345 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://generalmillls.com/ HTTP 307
    https://generalmillls.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www-cdn.whatsapp.net/img/v4/whatsapp-logo.svg?v=46fe27fc8 HTTP 302
  • https://www.whatsapp.com/img/v4/whatsapp-logo.svg

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
generalmillls.com/
Redirect Chain
  • http://generalmillls.com/
  • https://generalmillls.com/
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://generalmillls.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.133.200.3 , Virgin Islands (British), ASN200313 (INTERNET-IT, VG),
Reverse DNS
cpanel-host.prohoster.info
Software
nginx / PHP/7.4.33
Resource Hash
e5ce7bd3a21ffeb8025ea90f8e7dbd565eaf1fdfe6ec883db1c57fc64f6c2ce3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 May 2024 02:47:48 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
EXPIRED
x-powered-by
PHP/7.4.33
x-server-powered-by
Engintron
x-xss-protection
1; mode=block

Redirect headers

Location
https://generalmillls.com/
Non-Authoritative-Reason
HttpsUpgrades
style.build35e635e635e6.css
generalmillls.com/css/v4/ 		240 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://generalmillls.com/css/v4/style.build35e635e635e6.css
Requested by
Host: generalmillls.com
URL: https://generalmillls.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.133.200.3 , Virgin Islands (British), ASN200313 (INTERNET-IT, VG),
Reverse DNS
cpanel-host.prohoster.info
Software
nginx /
Resource Hash
5d6ebaa0e5f23c2aafea7f738be1a5c88019121c46f497fe8e6c7af7e5f0db4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://generalmillls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Mon, 17 Jun 2024 02:47:48 GMT
date
Sat, 18 May 2024 02:47:48 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
last-modified
Sun, 01 May 2022 09:31:31 GMT
server
nginx
content-encoding
gzip
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
whatsapp-logo.svg
www.whatsapp.com/img/v4/
Redirect Chain
  • https://www-cdn.whatsapp.net/img/v4/whatsapp-logo.svg?v=46fe27fc8
  • https://www.whatsapp.com/img/v4/whatsapp-logo.svg
0
0
icon-chat.png
generalmillls.com/img/v4/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://generalmillls.com/img/v4/icon-chat.png
Requested by
Host: generalmillls.com
URL: https://generalmillls.com/css/v4/style.build35e635e635e6.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.133.200.3 , Virgin Islands (British), ASN200313 (INTERNET-IT, VG),
Reverse DNS
cpanel-host.prohoster.info
Software
nginx /
Resource Hash
b6b5990665e9b1e7db462f4f74c4d9517e1e6b315403cdc43150bd26084ea4c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://generalmillls.com/css/v4/style.build35e635e635e6.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Jul 2024 02:47:48 GMT
date
Sat, 18 May 2024 02:47:48 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
last-modified
Sun, 01 May 2022 09:31:31 GMT
server
nginx
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
content-length
20384
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
1.jpg
generalmillls.com/img/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://generalmillls.com/img/1.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.133.200.3 , Virgin Islands (British), ASN200313 (INTERNET-IT, VG),
Reverse DNS
cpanel-host.prohoster.info
Software
nginx /
Resource Hash
bdb28df9f9fd14e672b5e7f120c7f0cde7395a2eebda6556c2493bf6f99f31d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://generalmillls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Jul 2024 02:47:48 GMT
date
Sat, 18 May 2024 02:47:48 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
last-modified
Sun, 01 May 2022 09:31:31 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
content-length
77920
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
icon.png
generalmillls.com/img/v4/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://generalmillls.com/img/v4/icon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.133.200.3 , Virgin Islands (British), ASN200313 (INTERNET-IT, VG),
Reverse DNS
cpanel-host.prohoster.info
Software
nginx /
Resource Hash
3899581abcfed9b40b7208bbbca8bdbfe3ae9655980dbf55f04dec9cb3309f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://generalmillls.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Jul 2024 02:47:48 GMT
date
Sat, 18 May 2024 02:47:48 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
last-modified
Sun, 01 May 2022 09:31:31 GMT
server
nginx
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
content-length
2043
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.whatsapp.com
URL
https://www.whatsapp.com/img/v4/whatsapp-logo.svg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block