securre-sfr.laviewddns.com Open in urlscan Pro
62.4.29.75 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://securre-sfr.laviewddns.com/
Effective URL:
https://securre-sfr.laviewddns.com/
Submission: On December 04 via manual (December 4th 2023, 10:05:22 am UTC) from FR — Scanned from FR

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 62.4.29.75, located in Paris, France and belongs to Online SAS, FR. The main domain is securre-sfr.laviewddns.com.
TLS certificate: Issued by R3 on December 2nd 2023. Valid for: 3 months.

This is the only time securre-sfr.laviewddns.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SFR (Telecommunication)

Domain & IP information

	IP Address		AS Autonomous System
1 12	62.4.29.75 62.4.29.75		12876 (Online SAS) (Online SAS)
11	1

12 62.4.29.75 (Paris, France) 1 redirects

ASN12876 (Online SAS, FR)

securre-sfr.laviewddns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	laviewddns.com 1 redirects securre-sfr.laviewddns.com	151 KB
11	1

	Domain	Requested by
12	securre-sfr.laviewddns.com	1 redirects securre-sfr.laviewddns.com
11	1

This site contains no links.

Subject Issuer	Validity	Valid
securre-sfr.laviewddns.com R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://securre-sfr.laviewddns.com/
Frame ID: 190E3BC9A55317C5ACE0827E70C7D1AE
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SFR Mail – Retrouvez votre Webmail, boite mail et adresse mail

Page URL History Show full URLs

http://securre-sfr.laviewddns.com/ HTTP 301
https://securre-sfr.laviewddns.com/ Page URL

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

151 kB
Transfer

237 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://securre-sfr.laviewddns.com/ HTTP 301
https://securre-sfr.laviewddns.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
securre-sfr.laviewddns.com/
Redirect Chain

http://securre-sfr.laviewddns.com/
https://securre-sfr.laviewddns.com/

21 KB
5 KB

208ms
159ms

Document
text/html

62.4.29.75
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://securre-sfr.laviewddns.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.4.29.75 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

c220e9a4ef5314df7f49790c65d4496154fd2eee1a5ce16401fa4e7ffad07d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 10:05:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 04 Dec 2023 10:05:17 GMT
Location: https://securre-sfr.laviewddns.com/
Server: nginx
Strict-Transport-Security: max-age=31536000

GET
H2 200 layerresponsive.css
securre-sfr.laviewddns.com/filla/css/ 5 KB
1 KB 20ms
19ms Stylesheet
text/css 62.4.29.75
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://securre-sfr.laviewddns.com/filla/css/layerresponsive.css

Requested by

Host: securre-sfr.laviewddns.com
URL: https://securre-sfr.laviewddns.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.4.29.75 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

27d771c5f16d04167a77aaaac7f9e91aa5298a4ddff7ed2a45b6d9ca9e8b50df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://securre-sfr.laviewddns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:05:17 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 20:19:08 GMT
server: nginx
etag: W/"656b913c-1207"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 04 Dec 2023 22:05:17 GMT

GET
H2 200 buttons.css
securre-sfr.laviewddns.com/filla/css/ 48 KB
6 KB 21ms
19ms Stylesheet
text/css 62.4.29.75
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://securre-sfr.laviewddns.com/filla/css/buttons.css

Requested by

Host: securre-sfr.laviewddns.com
URL: https://securre-sfr.laviewddns.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.4.29.75 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

e45c99498dd23265eae7e117ea56f40593d5c31e45406cbccfa137ae28f6cb0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://securre-sfr.laviewddns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:05:17 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 20:19:04 GMT
server: nginx
etag: W/"656b9138-bf65"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 04 Dec 2023 22:05:17 GMT

GET
H2 200 styleresponsive.css
securre-sfr.laviewddns.com/filla/css/ 30 KB
5 KB 38ms
37ms Stylesheet
text/css 62.4.29.75
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://securre-sfr.laviewddns.com/filla/css/styleresponsive.css

Requested by

Host: securre-sfr.laviewddns.com
URL: https://securre-sfr.laviewddns.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.4.29.75 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

d6a2fb4e724fd18050185e3b81e91f90fb0f4158ce6d3fa51e73335afa9cb079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://securre-sfr.laviewddns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:05:17 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 20:19:12 GMT
server: nginx
etag: W/"656b9140-792f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 04 Dec 2023 22:05:17 GMT

GET
H2 200 styleresponsiveupdate.css
securre-sfr.laviewddns.com/filla/css/ 2 KB
996 B 39ms
38ms Stylesheet
text/css 62.4.29.75
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://securre-sfr.laviewddns.com/filla/css/styleresponsiveupdate.css

Requested by

Host: securre-sfr.laviewddns.com
URL: https://securre-sfr.laviewddns.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.4.29.75 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

1b3badc09a6e94f07125ae6463890ca6df06cc667733a6ff14d3cd1fa96fd89d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://securre-sfr.laviewddns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:05:17 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 20:19:14 GMT
server: nginx
etag: W/"656b9142-774"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 04 Dec 2023 22:05:17 GMT

GET
H2 200 mail.jpg
securre-sfr.laviewddns.com/filla/img/ 66 KB
66 KB 40ms
39ms Image
image/jpeg 62.4.29.75
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securre-sfr.laviewddns.com/filla/img/mail.jpg

Requested by

Host: securre-sfr.laviewddns.com
URL: https://securre-sfr.laviewddns.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.4.29.75 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

4838ecf875b02765777cd75c56c1e7b8e9cb919513b7138ccac79134744912e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://securre-sfr.laviewddns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:05:17 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 02 Dec 2023 20:20:27 GMT
server: nginx
etag: "656b918b-1060f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 67087
expires: Wed, 03 Jan 2024 10:05:17 GMT

GET
H2 200 ayera.jpg
securre-sfr.laviewddns.com/filla/img/ 27 KB
28 KB 76ms
75ms Image
image/jpeg 62.4.29.75
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securre-sfr.laviewddns.com/filla/img/ayera.jpg

Requested by

Host: securre-sfr.laviewddns.com
URL: https://securre-sfr.laviewddns.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.4.29.75 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

149aa738b1cd062359330f7705f4a22684fa3f14e647120e28067a0a4fb064f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://securre-sfr.laviewddns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:05:17 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 02 Dec 2023 20:20:00 GMT
server: nginx
etag: "656b9170-6d8f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28047
expires: Wed, 03 Jan 2024 10:05:17 GMT

GET
H2 200 spirite.png
securre-sfr.laviewddns.com/filla/img/ 29 KB
30 KB 34ms
34ms Image
image/png 62.4.29.75
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securre-sfr.laviewddns.com/filla/img/spirite.png

Requested by

Host: securre-sfr.laviewddns.com
URL: https://securre-sfr.laviewddns.com/filla/css/styleresponsive.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.4.29.75 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

4adf762670da7e1a8bc8e7a0de36f2b61742fe02fe23234e57f5a206263f40bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://securre-sfr.laviewddns.com/filla/css/styleresponsive.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:05:17 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 02 Dec 2023 20:20:32 GMT
server: nginx
etag: "656b9190-7551"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30033
expires: Wed, 03 Jan 2024 10:05:17 GMT

GET
H2 404 eye.svg
securre-sfr.laviewddns.com/filla/css/ 548 B
548 B 34ms
34ms Image
text/html 62.4.29.75
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securre-sfr.laviewddns.com/filla/css/eye.svg
Requested by: Host: securre-sfr.laviewddns.com
URL: https://securre-sfr.laviewddns.com/filla/css/styleresponsive.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.4.29.75 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://securre-sfr.laviewddns.com/filla/css/styleresponsive.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:05:17 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 404 bg-croix.png
securre-sfr.laviewddns.com/filla/css/ 548 B
548 B 34ms
34ms Image
text/html 62.4.29.75
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securre-sfr.laviewddns.com/filla/css/bg-croix.png
Requested by: Host: securre-sfr.laviewddns.com
URL: https://securre-sfr.laviewddns.com/filla/css/styleresponsive.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.4.29.75 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://securre-sfr.laviewddns.com/filla/css/styleresponsive.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:05:17 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 200 numa.jpg
securre-sfr.laviewddns.com/filla/img/ 8 KB
8 KB 35ms
34ms Image
image/jpeg 62.4.29.75
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securre-sfr.laviewddns.com/filla/img/numa.jpg

Requested by

Host: securre-sfr.laviewddns.com
URL: https://securre-sfr.laviewddns.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.4.29.75 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

b648e64e295f8fb642df1992aa31ca2f1f331207982cb2fb1fa990a008d21054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://securre-sfr.laviewddns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:05:17 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 02 Dec 2023 20:20:30 GMT
server: nginx
etag: "656b918e-208e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8334
expires: Wed, 03 Jan 2024 10:05:17 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SFR (Telecommunication)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			securre-sfr.laviewddns.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: encfkn67gb5ivvqfbv6r7eo191

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://securre-sfr.laviewddns.com/filla/css/eye.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://securre-sfr.laviewddns.com/filla/css/bg-croix.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

securre-sfr.laviewddns.com
62.4.29.75
149aa738b1cd062359330f7705f4a22684fa3f14e647120e28067a0a4fb064f2
1b3badc09a6e94f07125ae6463890ca6df06cc667733a6ff14d3cd1fa96fd89d
27d771c5f16d04167a77aaaac7f9e91aa5298a4ddff7ed2a45b6d9ca9e8b50df
4838ecf875b02765777cd75c56c1e7b8e9cb919513b7138ccac79134744912e9
4adf762670da7e1a8bc8e7a0de36f2b61742fe02fe23234e57f5a206263f40bf
b648e64e295f8fb642df1992aa31ca2f1f331207982cb2fb1fa990a008d21054
c220e9a4ef5314df7f49790c65d4496154fd2eee1a5ce16401fa4e7ffad07d43
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d6a2fb4e724fd18050185e3b81e91f90fb0f4158ce6d3fa51e73335afa9cb079
e45c99498dd23265eae7e117ea56f40593d5c31e45406cbccfa137ae28f6cb0b

securre-sfr.laviewddns.com Open in urlscan Pro 62.4.29.75 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

151 kBTransfer

237 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

securre-sfr.laviewddns.com Open in urlscan Pro
62.4.29.75 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

151 kB
Transfer

237 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!