catalogue-sfr.com Open in urlscan Pro
178.62.53.195 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://catalogue-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!.html
Effective URL:
https://catalogue-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!.html
Submission Tags: 7052180
Submission: On March 31 via api (March 31st 2021, 8:04:38 am UTC) from NL

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 34 HTTP transactions. The main IP is 178.62.53.195, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is catalogue-sfr.com.
TLS certificate: Issued by R3 on March 29th 2021. Valid for: 3 months.

This is the only time catalogue-sfr.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
28	178.62.53.195 178.62.53.195	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	162.212.132.51 162.212.132.51	55293 (A2HOSTING) (A2HOSTING)
1	2600:9000:218... 2600:9000:2182:4800:1d:d7f6:39cf:a761	16509 (AMAZON-02) (AMAZON-02)
1	152.199.23.20 152.199.23.20	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:1c00:2:49a2:4500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
34	7

28 178.62.53.195 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

catalogue-sfr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.212.132.51 (United States)

ASN55293 (A2HOSTING, US)
PTR: burdickkitchens.com

med.csmobiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:4800:1d:d7f6:39cf:a761 (United States)

ASN16509 (AMAZON-02, US)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.23.20 (United States)

ASN15133 (EDGECAST, US)

fr.shopping.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:1c00:2:49a2:4500:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets3.lottiefiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	catalogue-sfr.com catalogue-sfr.com	536 KB
1	gstatic.com fonts.gstatic.com	18 KB
1	lottiefiles.com assets3.lottiefiles.com	2 KB
1	googleapis.com fonts.googleapis.com	731 B
1	rakuten.com fr.shopping.rakuten.com	31 KB
1	ssl-images-amazon.com images-na.ssl-images-amazon.com	69 KB
1	csmobiles.com med.csmobiles.com	56 KB
34	7

	Domain	Requested by
28	catalogue-sfr.com	catalogue-sfr.com
1	fonts.gstatic.com	fonts.googleapis.com
1	assets3.lottiefiles.com	catalogue-sfr.com
1	fonts.googleapis.com	catalogue-sfr.com
1	fr.shopping.rakuten.com	catalogue-sfr.com
1	images-na.ssl-images-amazon.com	catalogue-sfr.com
1	med.csmobiles.com	catalogue-sfr.com
34	7

This site contains no links.

Subject Issuer	Validity	Valid
catalogue-sfr.com R3	`2021-03-29` - `2021-06-27`	3 months	crt.sh
med.csmobiles.com cPanel, Inc. Certification Authority	`2021-03-16` - `2021-06-14`	3 months	crt.sh
Images-na.ssl-images-amazon.com DigiCert Global CA G2	`2021-03-23` - `2022-03-22`	a year	crt.sh
*.fr.shopping.rakuten.com DigiCert SHA2 Secure Server CA	`2020-04-21` - `2022-05-06`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.lottiefiles.com Amazon	`2020-11-25` - `2021-12-24`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://catalogue-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!.html
Frame ID: D739F7B19748224FFEE2460F9F6C9643
Requests: 33 HTTP requests in this frame

Frame: https://catalogue-sfr.com/index/Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!_files/saved_resource.html
Frame ID: 491372AAD3B7416DB0B2FB2306D5EBA4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

34
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

713 kB
Transfer

1275 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Sondage%20aupr%C3%A8s%20des%20acheteurs%20-%20nous%20voulons%20votre%20avis!.html Show response
catalogue-sfr.com/index/ 25 KB
5 KB 104ms
34ms Document
text/html 178.62.53.195
DIGITALOCEAN-ASN

General

catalogue-sfr.com Open in urlscan Pro 178.62.53.195 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

34 Requests

100 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

7 IPs

3 Countries

713 kBTransfer

1275 kBSize

0 Cookies

0 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

catalogue-sfr.com Open in urlscan Pro
178.62.53.195 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

713 kB
Transfer

1275 kB
Size

0
Cookies

34 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!