e-office.in.th
Open in
urlscan Pro
61.19.247.67
Malicious Activity!
Public Scan
Effective URL: http://e-office.in.th/assure/portailameli/my_pass/?log.x=?orderid=VO1BU9A4SZ703C8DJKN5QX6RWYMI2HFETPGL=&order_time=Fri...
Submission: On April 27 via manual from FR
Summary
This is the only time e-office.in.th was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Assurance Maladie (Healthcare)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 160.153.129.226 160.153.129.226 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
1 3 | 61.19.247.67 61.19.247.67 | 9931 (CAT-AP Th...) (CAT-AP The Communication Authoity of Thailand) | |
19 | 93.174.145.36 93.174.145.36 | 48703 (CNAMTS-AS...) (CNAMTS-AS CNAMTS - AS de la Caisse Nationale Assurance Maladie) | |
43 | 4 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-160-153-129-226.ip.secureserver.net
www.watchista.com |
ASN9931 (CAT-AP The Communication Authoity of Thailand, CAT, TH)
PTR: cns67.unlimithost.com
e-office.in.th |
ASN48703 (CNAMTS-AS CNAMTS - AS de la Caisse Nationale Assurance Maladie, FR)
PTR: assure.ameli.fr
assure.ameli.fr |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
ameli.fr
assure.ameli.fr |
103 KB |
3 |
e-office.in.th
1 redirects
e-office.in.th |
8 KB |
1 |
watchista.com
www.watchista.com |
369 B |
0 |
thannam.net
Failed
www.thannam.net Failed |
|
43 | 4 |
Domain | Requested by | |
---|---|---|
19 | assure.ameli.fr |
e-office.in.th
|
3 | e-office.in.th | 1 redirects |
1 | www.watchista.com | |
0 | www.thannam.net Failed |
e-office.in.th
|
43 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://e-office.in.th/assure/portailameli/my_pass/?log.x=?orderid=VO1BU9A4SZ703C8DJKN5QX6RWYMI2HFETPGL=&order_time=Fri,Apr,27,2018-9:48pm
Frame ID: F252160764816367239ACC1318BA742F
Requests: 43 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://www.watchista.com/wp-admin/ameli.php?redirect_to=https://ameli.fr Page URL
- http://e-office.in.th/assure/portailameli/ Page URL
-
http://e-office.in.th/assure/portailameli/reffer?orderid=Y1NIDAH38RQF64XGUE5OS70WCPTMLKJ2V9ZB=&ord...
HTTP 302
http://e-office.in.th/assure/portailameli/my_pass/?log.x=?orderid=VO1BU9A4SZ703C8DJKN5QX6RWYMI2HFE... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://www.watchista.com/wp-admin/ameli.php?redirect_to=https://ameli.fr Page URL
- http://e-office.in.th/assure/portailameli/ Page URL
-
http://e-office.in.th/assure/portailameli/reffer?orderid=Y1NIDAH38RQF64XGUE5OS70WCPTMLKJ2V9ZB=&order_time=Fri,Apr,27,2018-2:48pm
HTTP 302
http://e-office.in.th/assure/portailameli/my_pass/?log.x=?orderid=VO1BU9A4SZ703C8DJKN5QX6RWYMI2HFETPGL=&order_time=Fri,Apr,27,2018-9:48pm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
43 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
ameli.php
www.watchista.com/wp-admin/ |
90 B 369 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
e-office.in.th/assure/portailameli/ |
174 B 627 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
e-office.in.th/assure/portailameli/my_pass/ Redirect Chain
|
33 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout.css
assure.ameli.fr/PortailAS/framework/skeletons/assure/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
buttons.js
assure.ameli.fr/PortailAS/framework/skeletons/bighorn/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
util.js
assure.ameli.fr/PortailAS/framework/skeletons/bighorn/js/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
biblicnam-structure-sans.min.css
assure.ameli.fr/PortailAS/biblicnam/css/ |
81 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
381 B 805 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
liens.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
835 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
forms.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boutons.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
general.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
37 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
colors.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
169 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
biblicnam-standalone.min.js
assure.ameli.fr/PortailAS/biblicnam/js/ |
60 KB 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fenetre.js
assure.ameli.fr/PortailAS/framework/skins/assure/js/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
afficheElement.js
assure.ameli.fr/PortailAS/framework/skins/assure/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenPopup.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
952 B 871 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
validation.js
assure.ameli.fr/PortailAS/framework/skins/assure/js/ |
34 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
calendar.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
calendar-setup.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
calendar-fr.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
AideSaisie.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
refonte_biblicnam.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
questionnaireSatisfaction.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
blocs.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
invalidite.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
paiement.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
informationsPerso.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
questionnaireNotationEtoile.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
dmp.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
window.css
assure.ameli.fr/PortailAS/framework/skins/bighorn/borderless/css/ |
402 B 826 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
logo_regime_general
assure.ameli.fr/PortailAS/ShowProperty/WLP%20Repository/images/logosRegimes/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
tetiere_regime_general.png
assure.ameli.fr/PortailAS/framework/skins/assure/images/refonte/header/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
placeholders.polyfill.min.js
assure.ameli.fr/PortailAS/biblicnam/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
xtcore.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
logo_cb.png
www.thannam.net/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
visa.png
www.thannam.net/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
tarjeta-mastercard.png
www.thannam.net/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
aide.gif
www.thannam.net/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
croix_fermeture.gif
assure.ameli.fr/PortailAS/ShowProperty/WLP%20Repository/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/calendar.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/calendar-setup.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/calendar-fr.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/AideSaisie.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/refonte_biblicnam.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/questionnaireSatisfaction.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/blocs.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/invalidite.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/paiement.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/informationsPerso.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/questionnaireNotationEtoile.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/dmp.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/ShowProperty/WLP%20Repository/images/logosRegimes/logo_regime_general
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/framework/skins/assure/images/refonte/header/tetiere_regime_general.png
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/biblicnam/js/placeholders.polyfill.min.js
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/js/fr/cnamts/as/xtcore.js
- Domain
- www.thannam.net
- URL
- http://www.thannam.net/img/logo_cb.png
- Domain
- www.thannam.net
- URL
- http://www.thannam.net/img/visa.png
- Domain
- www.thannam.net
- URL
- http://www.thannam.net/img/tarjeta-mastercard.png
- Domain
- www.thannam.net
- URL
- http://www.thannam.net/img/aide.gif
- Domain
- assure.ameli.fr
- URL
- https://assure.ameli.fr/PortailAS/ShowProperty/WLP%20Repository/images/croix_fermeture.gif
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Assurance Maladie (Healthcare)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assure.ameli.fr
e-office.in.th
www.thannam.net
www.watchista.com
assure.ameli.fr
www.thannam.net
160.153.129.226
61.19.247.67
93.174.145.36
10278f9ee1b9967587828e23312e732d138deaf1c5bb244fb45f98af40655cbb
12ea71e710b66878d4d250568f9102de3125e04fd8a816b420c0a98aae8ff420
22cb8f08cd56e07d7558a59ab587ba212c821ec5d7e7edaaed28851b2f75ad31
368ff2c254f046fee2a3d057718e4c9d7ff49cd2ebfe51c740e8071c7bd01b33
3859c73d3cdaadf6d0b5776a39739d97d0f02face8ebbb0e5c588906a986b6e4
3de68e2fd0d58b09c9ef2824ac02b9d45c2caa17345f346d2b944228fd985305
40f9e260ca56e461d11be5ef13392295ff1a2dcfbf3ec85b9fb7d695082953fc
5db7a3ee4fd66e7af2353a08f5c94e9233e541f9f51d59d0218b090427d4f34e
6710ee0a27741bb181e9ed785bf689d786351453f82d9f3d705f62d68212ed62
6971f512bb696fad6ca153d694381b86f42afbfd55f6d19f65cd3f8f7bfe9c27
721bfbc6c905623138325dd601145017d9200dd542a3ceb24462a09f624c1d2d
835d32c01eb5ee3a7ff629bf2734c39e75729f6e706c4b273b7812b44b0aa372
a2ab3983e8105e5312760ec99c01bde0f90fd55643c4f747514d00a50bd1b7ef
b0c27854e81befe4550c8b103739faa7e16d31ca4abb5fcd01ba6ce655b8964d
b940d188f160765fcbc91a40f428c17c85a6772d1b8e61401e75764447e87190
ce6001d0b09337c45954eb5bb13393952472e31a6de4a4bba732b08dee3f2595
d5562f84bc332e29872bf0c007295be5f7609c80cd82dd5c2e7a872c220b048c
e06e5e8cfb6e73aca8931d586a386d80a345691348e8e7d90755741658d4250a
feed130a51bf18e520d924fade8c9647f2c155663b95fa9c0323d4735296a22b
ff059b259e00fd4d0a7eef9eec88ef19ad57924ec5ff52a333a7d502f4c11339