applink.account.broker-login.robinhood.saint-jouvent.fr Open in urlscan Pro
162.240.154.13 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://7251561d-d63d-43b4-a85c-d6b69147a957-28025.wemailtrack.com/7251561d-d63d-43b4-a85c-d6b69147a957:831bddd32672a610c684da00873e0e75/599615b28a9c1c591feabf11a5...
Effective URL:
https://applink.account.broker-login.robinhood.saint-jouvent.fr/login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml%2Capplication%2Fxht...
Submission: On August 25 via manual (August 25th 2024, 4:29:19 pm UTC) from US — Scanned from US

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 9 HTTP transactions. The main IP is 162.240.154.13, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is applink.account.broker-login.robinhood.saint-jouvent.fr.
TLS certificate: Issued by R11 on August 20th 2024. Valid for: 3 months.

This is the only time applink.account.broker-login.robinhood.saint-jouvent.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Robinhood (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::ac43:aba5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 11	162.240.154.13 162.240.154.13	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2

1 2606:4700:3030::ac43:aba5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

7251561d-d63d-43b4-a85c-d6b69147a957-28025.wemailtrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 162.240.154.13 (United States) 3 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-240-154-13.unifiedlayer.com

archive-journal.saintjouvent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
applink.account.broker-login.robinhood.saint-jouvent.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	saint-jouvent.fr 1 redirects applink.account.broker-login.robinhood.saint-jouvent.fr	744 KB
2	saintjouvent.com 2 redirects archive-journal.saintjouvent.com	692 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508	29 KB
1	wemailtrack.com 1 redirects 7251561d-d63d-43b4-a85c-d6b69147a957-28025.wemailtrack.com	1 KB
9	4

	Domain	Requested by
9	applink.account.broker-login.robinhood.saint-jouvent.fr	1 redirects applink.account.broker-login.robinhood.saint-jouvent.fr
2	archive-journal.saintjouvent.com	2 redirects
1	stackpath.bootstrapcdn.com	applink.account.broker-login.robinhood.saint-jouvent.fr
1	7251561d-d63d-43b4-a85c-d6b69147a957-28025.wemailtrack.com	1 redirects
9	4

This site contains no links.

Subject Issuer	Validity	Valid
applink.account.broker-login.robinhood.saint-jouvent.fr R11	`2024-08-20` - `2024-11-18`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://applink.account.broker-login.robinhood.saint-jouvent.fr/login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
Frame ID: E45B3B3961B84E28845CBAA7402E79C4
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In | Robinhood

Page URL History Show full URLs

https://7251561d-d63d-43b4-a85c-d6b69147a957-28025.wemailtrack.com/7251561d-d63d-43b4-a85c-d6b69147a957:831bddd32672a610c684da00873e0e75/599615... HTTP 302
https://archive-journal.saintjouvent.com/margin?_wem_rev_track=7251561d-d63d-43b4-a85c-d6b69147a957%3A HTTP 301
https://archive-journal.saintjouvent.com/margin/?_wem_rev_track=7251561d-d63d-43b4-a85c-d6b69147a957%3A HTTP 302
https://applink.account.broker-login.robinhood.saint-jouvent.fr/?acc HTTP 302
https://applink.account.broker-login.robinhood.saint-jouvent.fr/login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

9
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

773 kB
Transfer

899 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://7251561d-d63d-43b4-a85c-d6b69147a957-28025.wemailtrack.com/7251561d-d63d-43b4-a85c-d6b69147a957:831bddd32672a610c684da00873e0e75/599615b28a9c1c591feabf11a5ada947 HTTP 302
https://archive-journal.saintjouvent.com/margin?_wem_rev_track=7251561d-d63d-43b4-a85c-d6b69147a957%3A HTTP 301
https://archive-journal.saintjouvent.com/margin/?_wem_rev_track=7251561d-d63d-43b4-a85c-d6b69147a957%3A HTTP 302
https://applink.account.broker-login.robinhood.saint-jouvent.fr/?acc HTTP 302
https://applink.account.broker-login.robinhood.saint-jouvent.fr/login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
applink.account.broker-login.robinhood.saint-jouvent.fr/
Redirect Chain

https://7251561d-d63d-43b4-a85c-d6b69147a957-28025.wemailtrack.com/7251561d-d63d-43b4-a85c-d6b69147a957:831bddd32672a610c684da00873e0e75/599615b28a9c1c591feabf11a5ada947
https://archive-journal.saintjouvent.com/margin?_wem_rev_track=7251561d-d63d-43b4-a85c-d6b69147a957%3A
https://archive-journal.saintjouvent.com/margin/?_wem_rev_track=7251561d-d63d-43b4-a85c-d6b69147a957%3A
https://applink.account.broker-login.robinhood.saint-jouvent.fr/?acc
https://applink.account.broker-login.robinhood.saint-jouvent.fr/login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0....

144 KB
144 KB

197ms
196ms

Document
text/html

162.240.154.13
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.154.13 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-154-13.unifiedlayer.com
Software: Apache /
Resource Hash: ceabebb58029716959cb85a1bd80d0948b3b79e7482e32eb98ef6264dfddb9c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Sun, 25 Aug 2024 16:29:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 25 Aug 2024 16:29:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
pragma: no-cache
server: Apache

GET
H2 200 legacyStyles.54f4576ded752cf2cfa8.css
applink.account.broker-login.robinhood.saint-jouvent.fr/assets/style/ 93 KB
93 KB 139ms
137ms Stylesheet
text/css 162.240.154.13
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/assets/style/legacyStyles.54f4576ded752cf2cfa8.css
Requested by: Host: applink.account.broker-login.robinhood.saint-jouvent.fr
URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.154.13 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-154-13.unifiedlayer.com
Software: Apache /
Resource Hash: d9fee132950dfdd93814447d12e049fd1795fbcc5e13fa9961d2fc3141f4534e

Request headers

Referer: https://applink.account.broker-login.robinhood.saint-jouvent.fr/login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 16:29:02 GMT
last-modified: Sat, 06 Jul 2024 03:21:26 GMT
server: Apache
accept-ranges: bytes
content-length: 95211
content-type: text/css

GET
H3 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 157 KB
29 KB 115ms
36ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Host: applink.account.broker-login.robinhood.saint-jouvent.fr
URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://applink.account.broker-login.robinhood.saint-jouvent.fr/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 16:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 940
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10494213
cdn-cachedat: 10/31/2023 19:21:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 661a59f20240fbd0b3bba9437806c5bc
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8b8cf5aea93042cb-EWR
cdn-requestpullsuccess: True

GET
H2 200 App.8d455d3471c517adc757.css
applink.account.broker-login.robinhood.saint-jouvent.fr/assets/style/ 45 KB
45 KB 187ms
187ms Stylesheet
text/css 162.240.154.13
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/assets/style/App.8d455d3471c517adc757.css
Requested by: Host: applink.account.broker-login.robinhood.saint-jouvent.fr
URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.154.13 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-154-13.unifiedlayer.com
Software: Apache /
Resource Hash: 027ab0a5f3e4c1ad69e2b8edd3bc7bc73db91c4d1af84760d98e4d137d4b2b78

Request headers

Referer: https://applink.account.broker-login.robinhood.saint-jouvent.fr/login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 16:29:02 GMT
last-modified: Sat, 06 Jul 2024 03:21:26 GMT
server: Apache
accept-ranges: bytes
content-length: 46133
content-type: text/css

GET
H2 200 9435691b466061dc75b0.jpg
applink.account.broker-login.robinhood.saint-jouvent.fr/assets/images/ 401 KB
402 KB 74ms
74ms Image
image/jpeg 162.240.154.13
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/assets/images/9435691b466061dc75b0.jpg
Requested by: Host: applink.account.broker-login.robinhood.saint-jouvent.fr
URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.154.13 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-154-13.unifiedlayer.com
Software: Apache /
Resource Hash: d94ee7e0d70ca2074c1d040a373731061200dc94aa3b218a9264f0511f603c78

Request headers

Referer: https://applink.account.broker-login.robinhood.saint-jouvent.fr/login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 16:29:02 GMT
last-modified: Sat, 06 Jul 2024 03:21:26 GMT
server: Apache
accept-ranges: bytes
content-length: 410967
content-type: image/jpeg

GET
H2 200 8b42e3fc6d1d161d6fbd.woff2
applink.account.broker-login.robinhood.saint-jouvent.fr/assets/font/ 19 KB
19 KB 157ms
156ms Font
font/woff2 162.240.154.13
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/assets/font/8b42e3fc6d1d161d6fbd.woff2
Requested by: Host: applink.account.broker-login.robinhood.saint-jouvent.fr
URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/assets/style/legacyStyles.54f4576ded752cf2cfa8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.154.13 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-154-13.unifiedlayer.com
Software: Apache /
Resource Hash: d6e0f9a85b076741a771ec8574c1278fb65fe34160e73bd8beffa2f927831302

Request headers

Referer: https://applink.account.broker-login.robinhood.saint-jouvent.fr/assets/style/legacyStyles.54f4576ded752cf2cfa8.css
Origin: https://applink.account.broker-login.robinhood.saint-jouvent.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 16:29:02 GMT
last-modified: Sat, 06 Jul 2024 03:21:26 GMT
server: Apache
accept-ranges: bytes
content-length: 18968
content-type: font/woff2

GET
H2 200 ece4dfe7c8753c6ed9e4.woff2
applink.account.broker-login.robinhood.saint-jouvent.fr/assets/font/ 19 KB
19 KB 172ms
171ms Font
font/woff2 162.240.154.13
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/assets/font/ece4dfe7c8753c6ed9e4.woff2
Requested by: Host: applink.account.broker-login.robinhood.saint-jouvent.fr
URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/assets/style/legacyStyles.54f4576ded752cf2cfa8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.154.13 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-154-13.unifiedlayer.com
Software: Apache /
Resource Hash: 6573ba5ca76b29d5ffe83d94b27a4a8a09c8d5c8d5f2ca0719aaeef6856042d8

Request headers

Referer: https://applink.account.broker-login.robinhood.saint-jouvent.fr/assets/style/legacyStyles.54f4576ded752cf2cfa8.css
Origin: https://applink.account.broker-login.robinhood.saint-jouvent.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 16:29:02 GMT
last-modified: Sat, 06 Jul 2024 03:21:26 GMT
server: Apache
accept-ranges: bytes
content-length: 19072
content-type: font/woff2

GET
H2 200 f31b2ecb2f8e039d53bd.woff2
applink.account.broker-login.robinhood.saint-jouvent.fr/assets/font/ 18 KB
18 KB 170ms
169ms Font
font/woff2 162.240.154.13
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/assets/font/f31b2ecb2f8e039d53bd.woff2
Requested by: Host: applink.account.broker-login.robinhood.saint-jouvent.fr
URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/assets/style/legacyStyles.54f4576ded752cf2cfa8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.154.13 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-154-13.unifiedlayer.com
Software: Apache /
Resource Hash: 0ef7c688bd1385a7df6941a13f3b4e980cd2f90f01b9268c9bb3e95394eec486

Request headers

Referer: https://applink.account.broker-login.robinhood.saint-jouvent.fr/assets/style/legacyStyles.54f4576ded752cf2cfa8.css
Origin: https://applink.account.broker-login.robinhood.saint-jouvent.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 16:29:02 GMT
last-modified: Sat, 06 Jul 2024 03:21:26 GMT
server: Apache
accept-ranges: bytes
content-length: 18804
content-type: font/woff2

GET
H2 200 favicon.ico
applink.account.broker-login.robinhood.saint-jouvent.fr/assets/images/ 4 KB
4 KB 73ms
72ms Other
image/x-icon 162.240.154.13
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://applink.account.broker-login.robinhood.saint-jouvent.fr/assets/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.154.13 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-154-13.unifiedlayer.com
Software: Apache /
Resource Hash: f2413a8bddf0d54c3a1080c123f4f51db1eeb03310f548a75f5ce1466aaaa30e

Request headers

Referer: https://applink.account.broker-login.robinhood.saint-jouvent.fr/login?c_ds_na=SWVRGY4pKNnbnDHsKmehxoM9h7h0huLIzu9iyp9mhL&c_ds_no=text%2Fhtml%2Capplication%2Fxhtml%2Bxml%2Capplication%2Fxml%3Bq%3D0.9%2Cimage%2Favif%2Cimage%2Fwebp%2Cimage%2Fapng%2C%2A%2F%2A%3Bq%3D0.8%2Capplication%2Fsigned-exchange%3Bv%3Db3%3Bq%3D0.7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 16:29:03 GMT
last-modified: Sat, 06 Jul 2024 03:21:26 GMT
server: Apache
accept-ranges: bytes
content-length: 4286
content-type: image/x-icon

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Robinhood (Financial)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
7251561d-d63d-43b4-a85c-d6b69147a957-28025.wemailtrack.com/	1970-01-20 23:03:30	Name: XSRF-TOKEN Value: eyJpdiI6ImNteGFsN0F4Y0M0aTdTT0h4dy96dWc9PSIsInZhbHVlIjoiOHhkUWs5RlRPZDFhMXR6Z08xZVl6UWZKUUxvN1VpVWo2UWg4TTNUWmVwekpsa1VVUVBEN05aRlVSMmxlWlMzcUVESG9ocG5XSEI1MnliYlJObm5qd2drY3pDU21oUjJuY0NhTHlzZ0htU0tOdUVJR1BuSVZ3RWwrT1NlOW1vT0ciLCJtYWMiOiJkOWNhMDk5MGI0YTM1OWNiODNkODUzOGU0MjZlMmJjOTdhYmE4YzdmOTZiYTU0Mzc3OWYwMzNjYzBhN2U3ZjQ5IiwidGFnIjoiIn0%3D
7251561d-d63d-43b4-a85c-d6b69147a957-28025.wemailtrack.com/	1970-01-20 23:03:30	Name: wemail_tracker_session Value: eyJpdiI6IjJybll6T2pCb25LOWZmWFlET1loeUE9PSIsInZhbHVlIjoidjZWWkxXNDVSYVlSOG9EbXpnZXh6NTRVMk4wZW1lbzNxNEhOaUZpV2tpekRLQ0c2TWZNd1ZhY3p0aDI4N3ZtZzdGYjVHbXRmWHpZa2ZHS3VzdlA2VnhwV1VnNUNpRWJEcDdTblQraXo3OU04NGFOM3ZaN1lHcUFydUsydVhCT0giLCJtYWMiOiIxY2UzYjRmYWQzMjM0YjQ2NjU4ZmU2NGYyYzIzZmY3MjhiN2JkYTY4YzRiZWExMGFmNDJiZjRmZWE3OTVkODhiIiwidGFnIjoiIn0%3D
archive-journal.saintjouvent.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 602f6a9a11b62e01692396abdf82951e
applink.account.broker-login.robinhood.saint-jouvent.fr/	1969-12-31 23:59:59	Name: PHPSESSID Value: cf02d9aebd2d0a1698fcbc3a85ebc2d7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7251561d-d63d-43b4-a85c-d6b69147a957-28025.wemailtrack.com
applink.account.broker-login.robinhood.saint-jouvent.fr
archive-journal.saintjouvent.com
stackpath.bootstrapcdn.com
162.240.154.13
2606:4700:3030::ac43:aba5
2606:4700::6812:acf
027ab0a5f3e4c1ad69e2b8edd3bc7bc73db91c4d1af84760d98e4d137d4b2b78
0ef7c688bd1385a7df6941a13f3b4e980cd2f90f01b9268c9bb3e95394eec486
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
6573ba5ca76b29d5ffe83d94b27a4a8a09c8d5c8d5f2ca0719aaeef6856042d8
ceabebb58029716959cb85a1bd80d0948b3b79e7482e32eb98ef6264dfddb9c2
d6e0f9a85b076741a771ec8574c1278fb65fe34160e73bd8beffa2f927831302
d94ee7e0d70ca2074c1d040a373731061200dc94aa3b218a9264f0511f603c78
d9fee132950dfdd93814447d12e049fd1795fbcc5e13fa9961d2fc3141f4534e
f2413a8bddf0d54c3a1080c123f4f51db1eeb03310f548a75f5ce1466aaaa30e

applink.account.broker-login.robinhood.saint-jouvent.fr Open in urlscan Pro 162.240.154.13 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

67 %IPv6

4 Domains

4 Subdomains

2 IPs

1 Countries

773 kBTransfer

899 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

4 Cookies

Indicators

applink.account.broker-login.robinhood.saint-jouvent.fr Open in urlscan Pro
162.240.154.13 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

773 kB
Transfer

899 kB
Size

4
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!