u1302737hf3.ha004.t.justns.ru
Open in
urlscan Pro
2a00:b700::39
Malicious Activity!
Public Scan
Effective URL: http://u1302737hf3.ha004.t.justns.ru/bst/formulaire.php?id=679
Submission: On November 04 via manual from FR — Scanned from FR
Summary
This is the only time u1302737hf3.ha004.t.justns.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Assurance Maladie (Healthcare)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 2a00:b700::39 2a00:b700::39 | 51659 (ASBAXET) (ASBAXET) | |
13 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
justns.ru
1 redirects
u1302737hf3.ha004.t.justns.ru |
182 KB |
13 | 1 |
Domain | Requested by | |
---|---|---|
14 | u1302737hf3.ha004.t.justns.ru |
1 redirects
u1302737hf3.ha004.t.justns.ru
|
13 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://u1302737hf3.ha004.t.justns.ru/bst/formulaire.php?id=679
Frame ID: 247AA5A95D817C159FB98E944487D72F
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
mon espace personnelVotre compte ameliPage URL History Show full URLs
-
http://u1302737hf3.ha004.t.justns.ru/bst
HTTP 301
http://u1302737hf3.ha004.t.justns.ru/bst/ Page URL
- http://u1302737hf3.ha004.t.justns.ru/bst/formulaire.php?id=679 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://u1302737hf3.ha004.t.justns.ru/bst
HTTP 301
http://u1302737hf3.ha004.t.justns.ru/bst/ Page URL
- http://u1302737hf3.ha004.t.justns.ru/bst/formulaire.php?id=679 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://u1302737hf3.ha004.t.justns.ru/bst HTTP 301
- http://u1302737hf3.ha004.t.justns.ru/bst/
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
u1302737hf3.ha004.t.justns.ru/bst/ Redirect Chain
|
187 B 418 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
formulaire.php
u1302737hf3.ha004.t.justns.ru/bst/ |
24 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.css
u1302737hf3.ha004.t.justns.ru/bst/formulaire_files/ |
2 KB 952 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
u1302737hf3.ha004.t.justns.ru/bst/formulaire_files/ |
118 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
u1302737hf3.ha004.t.justns.ru/bst/formulaire_files/ |
2 KB 985 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scoure.min.css
u1302737hf3.ha004.t.justns.ru/bst/formulaire_files/ |
134 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scoure.smart.css
u1302737hf3.ha004.t.justns.ru/bst/formulaire_files/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scoure.footer.css
u1302737hf3.ha004.t.justns.ru/bst/formulaire_files/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-latest.min.js.download
u1302737hf3.ha004.t.justns.ru/bst/formulaire_files/ |
94 KB 94 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.mask.min.js.download
u1302737hf3.ha004.t.justns.ru/bst/formulaire_files/ |
8 KB 8 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.js.download
u1302737hf3.ha004.t.justns.ru/bst/formulaire_files/ |
2 KB 2 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scourelogo.png
u1302737hf3.ha004.t.justns.ru/bst/formulaire_files/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
franceconnect.png
u1302737hf3.ha004.t.justns.ru/bst/formulaire_files/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Assurance Maladie (Healthcare)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| m string| d function| $ function| jQuery object| $jscomp function| Calculate function| Validate function| validateCreditCard function| validateform undefined| characterCount0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
u1302737hf3.ha004.t.justns.ru
2a00:b700::39
3498297c12089ddc4341fde707d5e94697bc0a435640a726aed5121914609a10
4068033ed5dd4c08246dcc50fb8e2137c1847fd9ae29214088caf222a20d685f
4ed0ea868553a7e9a221e988291a4d2af70db67272be0217e85f097e97aa872f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
63de0af2c566f0b586172786c2f8991c5045c47f7f0602c14c027737119dd9f6
6e61cb92481c48d630d5260fcb8a819f7ee842de5af4ced3b9d57c9c257abd32
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
bfd78bdb641eb1ad45d158018a271e00eef3d1a75eb638efa8942e217d50dff6
c40ed48f8c34a3a1f4cdf32fc8de5f6e934d2146dd1ca0886ea0f152396073ed
de8b8cb9d12cca4aa5462b80c74ba470501a4af8bedafb484fac243c1adeafa8
e0aaef491c0fc84cbcecd918c8e5f6f53176fbd197c0c32e99cf646cfdf600a6
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c