appp.dev
Open in
urlscan Pro
43.229.132.4
Malicious Activity!
Public Scan
Submission Tags: 6928183
Submission: On January 20 via api from NL
Summary
TLS certificate: Issued by R3 on January 10th 2021. Valid for: 3 months.
This is the only time appp.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: SFR (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 43.229.132.4 43.229.132.4 | 56309 (SIAMDATA-...) (SIAMDATA-TH 408 Fl4 CATTOWER) | |
2 | 2a02:8400:21:... 2a02:8400:21:1::3 | 15557 (LDCOMNET) (LDCOMNET) | |
9 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
appp.dev
appp.dev |
1021 KB |
2 |
s-sfr.fr
static.s-sfr.fr |
69 KB |
9 | 2 |
Domain | Requested by | |
---|---|---|
7 | appp.dev |
appp.dev
|
2 | static.s-sfr.fr |
appp.dev
|
9 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.sfr.fr |
assistance.sfr.fr |
webmail.sfr.fr |
forum.sfr.fr |
www.aba.ae |
espace-client.sfr.fr |
www.mintme.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
appp.dev R3 |
2021-01-10 - 2021-04-10 |
3 months | crt.sh |
*.s-sfr.fr Certigna Wild CA |
2020-05-11 - 2022-05-11 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
https://appp.dev/bluewin/login.html
Frame ID: 5F2DDAAEE5A73D39B99A1F10C236B8BA
Requests: 26 HTTP requests in this frame
Frame:
https://appp.dev/bluewin/Espace%20Client_files/saved_resource.html
Frame ID: B0038175BA2683FEC85B44364D818EB5
Requests: 1 HTTP requests in this frame
Frame:
https://appp.dev/bluewin/Espace%20Client_files/saved_resource(1).html
Frame ID: 878327286079E65DA3D0B59796A3899F
Requests: 1 HTTP requests in this frame
13 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Assistance
Search URL Search Domain Scan URL
Title: Mail
Search URL Search Domain Scan URL
Title: Je me connecte
Search URL Search Domain Scan URL
Title: Je me déconnecte
Search URL Search Domain Scan URL
Title: Forum
Search URL Search Domain Scan URL
Title: Suivi de commande
Search URL Search Domain Scan URL
Title: Déménagement
Search URL Search Domain Scan URL
Title: aba.ae
Search URL Search Domain Scan URL
Title: Click here
Search URL Search Domain Scan URL
Title: cliquez ici
Search URL Search Domain Scan URL
Title: Crowdfunding
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.html
appp.dev/bluewin/ |
2 MB 1020 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
34 KB 34 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
36 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
19 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
29 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
179 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
34 KB 34 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sfr-1.0-regular-webfont.woff
static.s-sfr.fr/resources/font/ |
34 KB 35 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
27 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sfr-1.0-bold-webfont.woff
static.s-sfr.fr/resources/font/ |
34 KB 34 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource.html
appp.dev/bluewin/Espace%20Client_files/ Frame B003 |
513 B 488 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(1).html
appp.dev/bluewin/Espace%20Client_files/ Frame 8783 |
516 B 493 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sfr-1.0-regular-webfont.woff
appp.dev/resources/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sfr-1.0-bold-webfont.woff
appp.dev/resources/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sfr-1.0-bold-webfont.ttf
appp.dev/resources/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sfr-1.0-regular-webfont.ttf
appp.dev/resources/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: SFR (Telecommunication)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| savepage_ShadowLoader0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
appp.dev
static.s-sfr.fr
2a02:8400:21:1::3
43.229.132.4
06c6f97924ad58a8af6f4fc20ea444333c2fa653d2ed2a219948a3a56f2b50b5
0a56247ad1519f075d6d29965951adbfad386186ef5fd7b4867bcc9aa42b1219
0ce1fe72a171307e254f6dc12d2dd07125b9fa931101bd430a2cccc287b15b61
149aa738b1cd062359330f7705f4a22684fa3f14e647120e28067a0a4fb064f2
2f587f735f5e096ac920ab3d511e60893f7693ee9f010581d8a54b10a2cc36c2
3e198048bd7031571195e19e64bb43329636db0b7b487c37a2f92ee6447f385b
4adf762670da7e1a8bc8e7a0de36f2b61742fe02fe23234e57f5a206263f40bf
558e35221f50e46594101582239ddd8c56549c7c3cebb3870a548bbb92c68360
5f618841c21775f839c5d4fdf8263c31100724110a105a9ab356b5e00f084ddd
63fb569879b521803347af90744dcaa974768c9d4296874723c66bbee5269a89
6dc697716f0591188a48862b4c21afb2d793e10affca19f1592369800a9535a8
776d3aacb0b69d2f5a0cb0b8b29602f0d317748e495fac300aa67cf6be58e1d2
88c194c6e6645a96df01efe62480a555918920ef4e16114648317f2634770e05
9c563e6c1e6c734bde513a1baa646314c42291e5741aace234af8d5378446321
9ead5e2696cd56ed68d74dfddbb9620e250d5afd9cc1ca4a83922da88bcf4ab0
aea14de2f15479f33a2cdfab1cdf996596cd10de05d4c2f1f5137ad1f16a2d4c
b561c66b7722503c36b8723fd40ef9fed0a9b4a593134c86ac598f239e56c8dd
b77601d12adf7dd8d225dbc8bf8deee672fa8e67fd47a79a81e3ecf2f77c586f
d1d5dad65e744e1812f2f9b88a700d9fe6ef30e43db3e8ca16c3a076d1bcda5e
d1e6a5f0b2dfb9c509b5d8cece61d024486ae5d3ee8ce70b92a111e8917c199c
eafa77baa968994d26ef05f143f6492a0905a40744413b5efdfc992e5d0bacc1
f843597975745ae4d8ee9bcca9a708f6dd78509cdad71f1b5563b83109ecd4b2