int-connect.navigo.fr
Open in
urlscan Pro
45.223.137.7
Malicious Activity!
Public Scan
Submission: On January 11 via api from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert G2 TLS EU RSA4096 SHA384 202... on December 11th 2023. Valid for: a year.
This is the only time int-connect.navigo.fr was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Île-de-France Mobilités (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 45.223.137.7 45.223.137.7 | 19551 (INCAPSULA) (INCAPSULA) | |
12 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
navigo.fr
int-connect.navigo.fr |
257 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
12 | int-connect.navigo.fr |
int-connect.navigo.fr
|
12 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.iledefrance-mobilites.fr |
Subject Issuer | Validity | Valid | |
---|---|---|---|
pprod-connect.navigo.fr DigiCert G2 TLS EU RSA4096 SHA384 2022 CA1 |
2023-12-11 - 2024-12-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://int-connect.navigo.fr/auth/realms/connect/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Fint-connect.navigo.fr%2Fauth%2Frealms%2Fconnect%2Faccount%2Flogin-redirect&state=0%2Fa5e66eea-12fe-45ca-93bc-c736fae495d4&response_type=code&scope=openid
Frame ID: 6BE054FD9CBCFF09E5B6494B2EC82356
Requests: 12 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: I am unable to log in
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
auth
int-connect.navigo.fr/auth/realms/connect/protocol/openid-connect/ |
7 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min-2.5.16-RC8.css
int-connect.navigo.fr/auth/resources/v3zsp/login/navigo-connect/css/ |
24 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
illu1-login.svg
int-connect.navigo.fr/auth/resources/v3zsp/login/navigo-connect/img/ |
49 KB 50 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.min-2.5.16-RC8.js
int-connect.navigo.fr/auth/resources/v3zsp/login/navigo-connect/js/ |
79 KB 80 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_Incapsula_Resource
int-connect.navigo.fr/ |
140 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ic-select-close.svg
int-connect.navigo.fr/auth/resources/v3zsp/login/navigo-connect/img/ |
619 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Logo_IDFM-H.svg
int-connect.navigo.fr/auth/resources/v3zsp/login/navigo-connect/img/ |
21 KB 21 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ic-viewPWD-off.svg
int-connect.navigo.fr/auth/resources/v3zsp/login/navigo-connect/img/ |
818 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ic-blank.svg
int-connect.navigo.fr/auth/resources/v3zsp/login/navigo-connect/img/ |
319 B 736 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
raleway-regular-webfont.woff2
int-connect.navigo.fr/auth/resources/v3zsp/login/navigo-connect/css/ |
24 KB 25 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
raleway-bold-webfont.woff2
int-connect.navigo.fr/auth/resources/v3zsp/login/navigo-connect/css/ |
24 KB 25 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_Incapsula_Resource
int-connect.navigo.fr/ |
1 B 196 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Île-de-France Mobilités (Transportation)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture boolean| selector_open string| pathname object| language_links function| validateEmail function| validatePassword function| strongPassword function| validateBirthDate function| validateBirthdateRegex function| getYear function| switchButtonClassName function| notEmpty function| setValidationCheck function| invalidStartOrEndCharacterValidator function| multipleCharacterValidator function| unauthorizedCharacterValidator function| characterReplacer function| $ function| jQuery function| validateLoginBt7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
int-connect.navigo.fr/auth/realms/connect/ | Name: AUTH_SESSION_ID Value: d0839fba-68b0-46fd-8d00-cfaa24910efe.hsso74-5b48698f79-6q9pz |
|
int-connect.navigo.fr/auth/realms/connect/ | Name: AUTH_SESSION_ID_LEGACY Value: d0839fba-68b0-46fd-8d00-cfaa24910efe.hsso74-5b48698f79-6q9pz |
|
int-connect.navigo.fr/auth/realms/connect/ | Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI5NDNiNTgzZS02YTZkLTQyNzEtODcxMi0wZjUwNDMxOWY4MTAifQ.eyJjaWQiOiJhY2NvdW50IiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9pbnQtY29ubmVjdC5uYXZpZ28uZnIvYXV0aC9yZWFsbXMvY29ubmVjdC9hY2NvdW50L2xvZ2luLXJlZGlyZWN0IiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQiLCJpc3MiOiJodHRwczovL2ludC1jb25uZWN0Lm5hdmlnby5mci9hdXRoL3JlYWxtcy9jb25uZWN0IiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL2ludC1jb25uZWN0Lm5hdmlnby5mci9hdXRoL3JlYWxtcy9jb25uZWN0L2FjY291bnQvbG9naW4tcmVkaXJlY3QiLCJzdGF0ZSI6IjAvYTVlNjZlZWEtMTJmZS00NWNhLTkzYmMtYzczNmZhZTQ5NWQ0In19.5yQnW2BxF7HpRXSQ6saD_STC4yJdywetM3hcFjTn2EM |
|
int-connect.navigo.fr/ | Name: 4ba4a4a4cd47b5aad3bb2b21f0ef840a Value: e3a2cd80044b6eb5f0c2b6ce3cf8b5ce |
|
.navigo.fr/ | Name: visid_incap_2741068 Value: 3U2fJ8mnQ82M9/B0jOvugqQJoGUAAAAAQUIPAAAAAAAK+T2W5NqkLdNzrFvCqmJH |
|
.navigo.fr/ | Name: incap_ses_1603_2741068 Value: YwSvRV5eSxDcdmJCiwA/FqQJoGUAAAAAyoCDVoA7SlC2yccgUr4a/A== |
|
int-connect.navigo.fr/ | Name: ___utmvc Value: LXcUk+mOhH4ClITk+OHvlu66LtclgsA+Cdq5O21ZhBpH+s8p3PdOTG6+461xrP3vOQcsIYVWU9FHigTZAkAiE/Wd8RqOfpTkNFjJYfWPOyMCvzvg/PkzqwZXNO8EKMZfopqrSeMGeI7iB4RIJnhLNTGS1eTUExrfuTwaqW51CfnTAlISZ7xShGQOvW0QVBn9+GEL5DjmXzaLiA7uJIbIAbbJ2Gc2ppGTxK2Qh5Q9xvdoZnMZkpkRftRBUl7zLrsgEbVL8YGTI1bP80cjNDhxkckZP87tt8wDjX81YbOcxcx5HPdZbGKEu9TJgBNlZh/MM5cQor3rmUgFc8rqlmyDQ9lcsEb+G8oDr2UKYEN6S0my1T6JfCEO+Ky3TamPqoe2NUWD2hgsPngKVwas4KvzIEzT3G/90NqP8c5X2tjAJjDAkntTNyQt7WCil9QX2U58vusGOw4bwdzVsFDtIRKmidyTOifaphFJy5Vc7xD5gCauNO3RpE1AIzcY5Z8oYWULdGTKG+7kzbBjWKjrtD1IubteAmcP95AQr+Iss24If9UfSCekSgDzq3H5JVnc9hcWc+XuOdDpKlVWi2+BJB4aWsSQrHgE9oIabaC/1JNBTJVqUaY4LjwolXYORKp5vXEaCRxvzCeAUNLK4UwX9eFImudPXhSxc1AaEzaMTHruClO9skjp2p5llgVog5qe9JeQ19T6qz5gJWDdutFa0jpMkFrZlBDVfcIBn8ObnxPIs6VyV7lG0RbT0WnQf+FnwCpIjAcmyjU/1bRAfVYptqjNAErL6f3d+HPH2rBbPReUkCdoqBnSYK4oQncjNUhdTiuykoUAa78XOLJNT114V2NW5FfIgmgt5vHZIDRO324Qsp5v4PB3TGllfp8FtIrqKemimU/Yc5BA0TQrB3t9l2Jo8fF++wib3lnFkeJ4WTjhE/RqgLxs/HPdoIfoxwYBURUr5VJWqMBjCY7h45TlFz8wkueYZjceVfJa1qepncKs+cd6NUhXp5MC/UuTHYhAqDazQ5THO7SWchTYS6YCrVngFvXhPu6LouJxsxP9WM2wsIqSQVNTq+/yQl6cibflD2DSAvj7kwWM+SKUdK4gNA4dCN4Bq2IaRPU9AxQrDu0pJpjxNOI/jJVvae+jDrIOht+pz3iwvzXL0xvP4sGqE3v4tVL9FjUtrs1OI5F1lndcXDWmnrblGORJ+TmH12Ufd8vMM+AVPiX8yG4RMReALujmDelTdiXM3u5wfLfo7XNT3kCLD2OThVauFszWFo0Sn5+1oHPEzRRgEiLZeTNGzNBF0uVvKnFoGdCA1XCblaqK40k3nAO0G9skqWB+6hbChEwl5wIKaRLTOJgXgeZ+PTEDmqeecbZZF5KF5GeFt1oVSkNK4WdB9rObabXVxflHrrACLkGRa+6I6muQqUoD3mEWuRlplg1OTCGcD7iMg+8Q0QqszNmPCWGUWoMhxqcTHG9odiW4UgBxOOrHWqM9zohgOSfj8WrnDPyHq+fqqkc7wb/O5eZXa8mQhEjRmnPaOPXcJx6GUmaxIZinLYXc7Av9BRxX+ym98mUUTDjMmdGfiW3fxtv4poWt1vJv1kQQmFt/E9AgYFf0WQ7W73quw1lzWYTR9Bzc4GMaybgL/ENnrW6cKta74trGg67jdMkCWHJLTZnlTyT5F60lqHB9igAkF7WMbjtePK83+6t+87mPpYepZMRoOTwQb7BIWonNXsY25L3TEZqZ9bd32E/WTZtUipWQD09EDzqL9M2YAMXhcj3AOgEvfz8RBAIgQVCbxO0NjakLjGIRbPmq8KKPFHyXDqy2Oxm6aaE4LCSdNUkjvDJubIK/vHAwGM3wUI7AhZQTeOU5xFq60EuBq0h7qjw9NYq2oPLKgfpTWTDLq0g0xt/xMvq0m3pvxGDb/JHoSC9xBiNBC1TE4sMGlzOG5F07JUh7NTx3n+OB0N0+DDMQyyMIKnjySatfES00/ONQW4Vp5GoDJC0nEdGsjUYsYJCX9FuHCd0Y2KXc9a7C3yZVDfbtQzbq/lCwxCM9gGJ5QlshJc4Xy965VAQDsJKpZubxXQpA8jS/D3Ry+Os6n+OIU03c9KsBrbErXZbCh5pceASXLmAT0noZDXD3fvqVZyLTppNZ/BWBj0XuT7qKjNQONogZgTEtnPpxPnQk+Waid6xv5nA/ISFIBGSmbb/inH+uy+ofrJqDGcA5fEb1W0r4twueZG+2MyqGqyFpQKal+nZIwqSwMBkVVS34EiKvClK/211qqo+d2tKwbo8sntILjw/yC6TNbVJdDUo6J+nMGXKuEbY6AboJeUuQjr72OvAMpEtx9dVRjwiCDIdtG+So0Q1+zUdpBtvGMkZcIKk9GNTcu5D79WLkwu1SL/mKLr7e+FyiaPSWZwQft68gHr/Zpfmm9UETDwae5gfRnDqUAWX6azp0Xkz6jSLAri/iEuChhjJGfzxBWPrxuSw/QEdjxntdJvwDWE+sYBm/+56LwBkH8gFxBuekEa3S3Z/gncZazISQfazq05jfxYMOK0YR7eVI4xaf+fSC1x2vD5TEjv9Zv5yHCqMQnv73kInIwS1XJZcgoTmKSDvxKRj/8h96AcvEsmBPszBB0FpvpNXu7vdItnkx9dAmQFRwclzM2oxMJMr8s37A1V1X1fqUud1kDvrb0tMnGJ+wZCx+GAqnMLoG0hQ3XtzytjJB1j/JDmDyaFqF45uUe8itdjCDa5XeOrEszCv01CskxE0ZBRjchnZXiEjTNPsvi7mWUa7+TFgIR+eC/712G7kUiULeDHN0oDfqycGX56+sYxCjQqOEsCY+r82CLGRpZ2VzdD0xOTMzMDMscz03NzdmOTk4NDc1OTQ4NjY4NzU4NmEyODc5Zjg4YTE2YjY4YTQ4MTZkYTg2OGE1OWM5NWFjODM5YzczODA3NWIxODk3YTkzOTQ4YmEwNzA3MA== |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-src 'self' https://www.google.com/ https://int.connect.iledefrance-mobilites.fr/ https://int-connect.navigo.fr; |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | ALLOW-FROM https://www.google.com https://int.connect.iledefrance-mobilites.fr/ https://int-connect.navigo.fr |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
int-connect.navigo.fr
45.223.137.7
04a121b13d3f7f14034c60c287edc7a4bf735a52e8e806a084d5224319a413ce
3306d62cb82c5264475ac8d0d25d755cb4549741f4c60cb54b67a01293e2a5ad
3c331d900a86d66e48c7b87c297765396434dc2b3f5251ca73e97af6006d84ef
4f11141e8511d01d10ec5f6a194f28d978e379ec5632e837c2277c982ddbf2b5
57a5de055526c89bbba8b3017e35f8976de42ef2112da1a2d9e878e373c9c150
5c77fa0a3c79a051cc4be8753fec497b3b595fb61e0ac87d32e1d4bc0b4f6985
5f5808bd01d948345e08cde0af8411a83112549412c4215272cebbaae0e9b718
72882ea04072d7c05e5dcc43f1169de998e0e500035871dcee6f893aac71ecba
7789412758110a071ec11cae242e7a5a3fe50c84601969d752cbc8eb1535609e
80c9dbdb3419420531263f4aa8f238230f9df718cfdcbfc7a0f486c21b5e2f19
dea38cd98f57867f2fdd47dd9a755623f0b7b29516c7273c0c281e61fb8b87fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855