valenciamedicare.com Open in urlscan Pro
192.185.129.96 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://valenciamedicare.com/cgi-etc/login.php
Submission: On May 28 via manual (May 28th 2022, 11:09:08 am UTC) from IN — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 192.185.129.96, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is valenciamedicare.com.
TLS certificate: Issued by R3 on May 21st 2022. Valid for: 3 months.

This is the only time valenciamedicare.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

	IP Address	AS Autonomous System
13	192.185.129.96 192.185.129.96	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 1	2600:9000:215... 2600:9000:2156:3200:10:7abf:f800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
14	2

13 192.185.129.96 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: bh-ht-4.webhostbox.net

valenciamedicare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3200:10:7abf:f800:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.sitepoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

i2.sitepoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	valenciamedicare.com valenciamedicare.com	4 MB
2	sitepoint.com 1 redirects www.sitepoint.com — Cisco Umbrella Rank: 216186 i2.sitepoint.com	6 KB
14	2

	Domain	Requested by
13	valenciamedicare.com	valenciamedicare.com
1	i2.sitepoint.com	valenciamedicare.com
1	www.sitepoint.com	1 redirects
14	3

This site contains no links.

Subject Issuer	Validity	Valid
*.valenciamedicare.com R3	`2022-05-21` - `2022-08-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://valenciamedicare.com/cgi-etc/login.php
Frame ID: 0D6C88E02533D3E1669A791C62A77BE0
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

USAA / Welcome to USAA

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

14
Requests

93 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

4613 kB
Transfer

4616 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js HTTP 301
https://i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login.php Show response valenciamedicare.com/cgi-etc/	5 KB 2 KB	1322ms 724ms	Document text/html	192.185.129.96 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://valenciamedicare.com/cgi-etc/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.129.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS bh-ht-4.webhostbox.net Software Apache / Resource Hash `bd268773838d20c10c43124e1e83721d7fa6ced89c4e9aea2d662b74ec7c2b51` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 1604 content-type text/html; charset=UTF-8 date Sat, 28 May 2022 11:09:02 GMT server Apache vary Accept-Encoding x-server-cache false
GET H2	200	MaskedPassword.js Show response i2.sitepoint.com/examples/password/MaskedPassword/ Redirect Chain https://www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js https://i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js	17 KB 6 KB	159ms 93ms	Script application/javascript	2606:50c0:8001::153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js Requested by Host: valenciamedicare.com URL: https://valenciamedicare.com/cgi-etc/login.php Protocol H2 Server 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US), Reverse DNS Software GitHub.com / Resource Hash `2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825` Request headers accept-language de-DE,de;q=0.9 Referer https://valenciamedicare.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-fastly-request-id 62dbdbd28640531a33179255ca38093e1dd56373 date Sat, 28 May 2022 11:09:03 GMT content-encoding gzip age 0 x-cache MISS content-length 5816 x-served-by cache-fra19165-FRA access-control-allow-origin * last-modified Sun, 18 Oct 2020 23:08:24 GMT server GitHub.com x-github-request-id F0EE:FFBD:103A9B:138079:629202CF x-timer S1653736143.204031,VS0,VE87 etag W/"5f8ccae8-4208" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Sat, 28 May 2022 11:19:03 GMT cache-control max-age=600 accept-ranges bytes x-proxy-cache MISS x-cache-hits 0 Redirect headers date Sat, 28 May 2022 11:09:03 GMT via 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA50-C1 x-cache LambdaGeneratedResponse from cloudfront location https://i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js content-length 0 x-amz-cf-id XfVukJT1s7MvAiQnFgP4hP7ndUF9Z_JmQViqUlXTtdohjbhp_0Iiaw==
GET H2	200	ff1.png valenciamedicare.com/cgi-etc/images/	10 KB 10 KB	134ms 134ms	Image image/png	192.185.129.96 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://valenciamedicare.com/cgi-etc/images/ff1.png Requested by Host: valenciamedicare.com URL: https://valenciamedicare.com/cgi-etc/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.129.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS bh-ht-4.webhostbox.net Software Apache / Resource Hash `7cb975cd0cb1b85ac1bf4440cdf470aca2f3e17d6b129a551929e58e3e41e0ac` Request headers accept-language de-DE,de;q=0.9 Referer https://valenciamedicare.com/cgi-etc/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 11:09:02 GMT last-modified Sun, 03 Sep 2017 23:55:24 GMT server Apache accept-ranges bytes content-length 10460 content-type image/png
GET H2	200	s2.gif valenciamedicare.com/cgi-etc/images/	4 MB 4 MB	135ms 135ms	Image image/gif	192.185.129.96 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://valenciamedicare.com/cgi-etc/images/s2.gif Requested by Host: valenciamedicare.com URL: https://valenciamedicare.com/cgi-etc/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.129.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS bh-ht-4.webhostbox.net Software Apache / Resource Hash `825ad5c3888d1258a089867f52fb5f4e761be17dcda67145e4e63dace1a636df` Request headers accept-language de-DE,de;q=0.9 Referer https://valenciamedicare.com/cgi-etc/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 11:09:03 GMT last-modified Sun, 03 Sep 2017 23:10:02 GMT server Apache accept-ranges bytes content-length 4137841 content-type image/gif
GET H2	200	ff2.png valenciamedicare.com/cgi-etc/images/	255 KB 255 KB	488ms 488ms	Image image/png	192.185.129.96 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://valenciamedicare.com/cgi-etc/images/ff2.png Requested by Host: valenciamedicare.com URL: https://valenciamedicare.com/cgi-etc/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.129.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS bh-ht-4.webhostbox.net Software Apache / Resource Hash `5c6ca93e2b4cb0a42e1bfa3acf3f4d3015b03f3066b2085eb633f6cab42d1c98` Request headers accept-language de-DE,de;q=0.9 Referer https://valenciamedicare.com/cgi-etc/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 11:09:03 GMT last-modified Mon, 04 Sep 2017 00:05:04 GMT server Apache accept-ranges bytes content-length 261402 content-type image/png
GET H2	200	ff3.png valenciamedicare.com/cgi-etc/images/	166 KB 166 KB	487ms 485ms	Image image/png	192.185.129.96 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://valenciamedicare.com/cgi-etc/images/ff3.png Requested by Host: valenciamedicare.com URL: https://valenciamedicare.com/cgi-etc/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.129.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS bh-ht-4.webhostbox.net Software Apache / Resource Hash `a782fce93b7c95c5e36e08b266a52c51b67438823d8c2f384eb340c53f04bbb3` Request headers accept-language de-DE,de;q=0.9 Referer https://valenciamedicare.com/cgi-etc/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 11:09:03 GMT last-modified Mon, 04 Sep 2017 00:04:16 GMT server Apache accept-ranges bytes content-length 169866 content-type image/png
GET H2	200	ff4.png valenciamedicare.com/cgi-etc/images/	16 KB 16 KB	485ms 483ms	Image image/png	192.185.129.96 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://valenciamedicare.com/cgi-etc/images/ff4.png Requested by Host: valenciamedicare.com URL: https://valenciamedicare.com/cgi-etc/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.129.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS bh-ht-4.webhostbox.net Software Apache / Resource Hash `19db4703d53a15d2ca0a6324d874878e1c4e4140e9513ea105a2cb687a9e9dcb` Request headers accept-language de-DE,de;q=0.9 Referer https://valenciamedicare.com/cgi-etc/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 11:09:03 GMT last-modified Sun, 03 Sep 2017 23:57:50 GMT server Apache accept-ranges bytes content-length 16150 content-type image/png
GET H2	200	ff5.png valenciamedicare.com/cgi-etc/images/	22 KB 22 KB	486ms 485ms	Image image/png	192.185.129.96 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://valenciamedicare.com/cgi-etc/images/ff5.png Requested by Host: valenciamedicare.com URL: https://valenciamedicare.com/cgi-etc/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.129.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS bh-ht-4.webhostbox.net Software Apache / Resource Hash `0fdf3bf4d3f4599953b1b9af6dbcf8d84dd59a54d56697cfcc8f470b237be3c1` Request headers accept-language de-DE,de;q=0.9 Referer https://valenciamedicare.com/cgi-etc/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 11:09:03 GMT last-modified Sun, 03 Sep 2017 23:58:28 GMT server Apache accept-ranges bytes content-length 22724 content-type image/png
GET H2	200	ff6.png valenciamedicare.com/cgi-etc/images/	14 KB 14 KB	485ms 484ms	Image image/png	192.185.129.96 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://valenciamedicare.com/cgi-etc/images/ff6.png Requested by Host: valenciamedicare.com URL: https://valenciamedicare.com/cgi-etc/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.129.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS bh-ht-4.webhostbox.net Software Apache / Resource Hash `ba67f7b8ce117086ade4179628b07fde9ff69855c86e0307bd1627865694c099` Request headers accept-language de-DE,de;q=0.9 Referer https://valenciamedicare.com/cgi-etc/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 11:09:03 GMT last-modified Sun, 03 Sep 2017 23:59:06 GMT server Apache accept-ranges bytes content-length 14074 content-type image/png
GET H2	200	ff7.png valenciamedicare.com/cgi-etc/images/	30 KB 30 KB	485ms 484ms	Image image/png	192.185.129.96 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://valenciamedicare.com/cgi-etc/images/ff7.png Requested by Host: valenciamedicare.com URL: https://valenciamedicare.com/cgi-etc/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.129.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS bh-ht-4.webhostbox.net Software Apache / Resource Hash `2a46f92860e27a2ad304168f2e4414726d27f98e8dc693a1749f6ce3ac23f386` Request headers accept-language de-DE,de;q=0.9 Referer https://valenciamedicare.com/cgi-etc/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 11:09:03 GMT last-modified Sun, 03 Sep 2017 23:59:48 GMT server Apache accept-ranges bytes content-length 30825 content-type image/png
GET H2	200	ff8.png valenciamedicare.com/cgi-etc/images/	28 KB 28 KB	485ms 484ms	Image image/png	192.185.129.96 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://valenciamedicare.com/cgi-etc/images/ff8.png Requested by Host: valenciamedicare.com URL: https://valenciamedicare.com/cgi-etc/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.129.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS bh-ht-4.webhostbox.net Software Apache / Resource Hash `89370b5e6b2d98ab3b5daff9692788c644a9167d48d3289a1e8a31c1fe4a1e2a` Request headers accept-language de-DE,de;q=0.9 Referer https://valenciamedicare.com/cgi-etc/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 11:09:03 GMT last-modified Mon, 04 Sep 2017 00:00:16 GMT server Apache accept-ranges bytes content-length 29075 content-type image/png
GET H2	200	ff9.png valenciamedicare.com/cgi-etc/images/	8 KB 8 KB	485ms 484ms	Image image/png	192.185.129.96 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://valenciamedicare.com/cgi-etc/images/ff9.png Requested by Host: valenciamedicare.com URL: https://valenciamedicare.com/cgi-etc/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.129.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS bh-ht-4.webhostbox.net Software Apache / Resource Hash `218274bc3781fa4fa892ba7f4df01bd21710c28c8c642e19b12e004229910cfc` Request headers accept-language de-DE,de;q=0.9 Referer https://valenciamedicare.com/cgi-etc/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 11:09:03 GMT last-modified Mon, 04 Sep 2017 00:00:40 GMT server Apache accept-ranges bytes content-length 7804 content-type image/png
GET H2	200	ff.png valenciamedicare.com/cgi-etc/images/	3 KB 3 KB	485ms 484ms	Image image/png	192.185.129.96 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://valenciamedicare.com/cgi-etc/images/ff.png Requested by Host: valenciamedicare.com URL: https://valenciamedicare.com/cgi-etc/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.129.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS bh-ht-4.webhostbox.net Software Apache / Resource Hash `e5db48339ab4decfc894d8f8d93d07f692809959b5ae49f4da8573b9d3d6c84f` Request headers accept-language de-DE,de;q=0.9 Referer https://valenciamedicare.com/cgi-etc/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 11:09:03 GMT last-modified Sun, 03 Sep 2017 23:29:02 GMT server Apache accept-ranges bytes content-length 3325 content-type image/png
GET H2	200	sgon.png valenciamedicare.com/cgi-etc/images/	2 KB 2 KB	485ms 484ms	Image image/png	192.185.129.96 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://valenciamedicare.com/cgi-etc/images/sgon.png Requested by Host: valenciamedicare.com URL: https://valenciamedicare.com/cgi-etc/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.129.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS bh-ht-4.webhostbox.net Software Apache / Resource Hash `0287688c1a03f9ee32eaec33a3e24be1fbdd039fcf7ef58eb43e4ed21ae5d216` Request headers accept-language de-DE,de;q=0.9 Referer https://valenciamedicare.com/cgi-etc/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 11:09:03 GMT last-modified Wed, 24 May 2017 02:21:18 GMT server Apache accept-ranges bytes content-length 1786 content-type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i2.sitepoint.com
valenciamedicare.com
www.sitepoint.com
192.185.129.96
2600:9000:2156:3200:10:7abf:f800:93a1
2606:50c0:8001::153
0287688c1a03f9ee32eaec33a3e24be1fbdd039fcf7ef58eb43e4ed21ae5d216
0fdf3bf4d3f4599953b1b9af6dbcf8d84dd59a54d56697cfcc8f470b237be3c1
19db4703d53a15d2ca0a6324d874878e1c4e4140e9513ea105a2cb687a9e9dcb
218274bc3781fa4fa892ba7f4df01bd21710c28c8c642e19b12e004229910cfc
2a46f92860e27a2ad304168f2e4414726d27f98e8dc693a1749f6ce3ac23f386
2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825
5c6ca93e2b4cb0a42e1bfa3acf3f4d3015b03f3066b2085eb633f6cab42d1c98
7cb975cd0cb1b85ac1bf4440cdf470aca2f3e17d6b129a551929e58e3e41e0ac
825ad5c3888d1258a089867f52fb5f4e761be17dcda67145e4e63dace1a636df
89370b5e6b2d98ab3b5daff9692788c644a9167d48d3289a1e8a31c1fe4a1e2a
a782fce93b7c95c5e36e08b266a52c51b67438823d8c2f384eb340c53f04bbb3
ba67f7b8ce117086ade4179628b07fde9ff69855c86e0307bd1627865694c099
bd268773838d20c10c43124e1e83721d7fa6ced89c4e9aea2d662b74ec7c2b51
e5db48339ab4decfc894d8f8d93d07f692809959b5ae49f4da8573b9d3d6c84f

valenciamedicare.com Open in urlscan Pro 192.185.129.96 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

67 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

4613 kBTransfer

4616 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

0 Cookies

Indicators

valenciamedicare.com Open in urlscan Pro
192.185.129.96 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

4613 kB
Transfer

4616 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!