op.ed-manleads.com
Open in
urlscan Pro
2620:1ec:46::44
Public Scan
Submitted URL: https://www.aprem-hi.com/rwy/ld63HUMVZAWFc9MQ/zCw3t
Effective URL: https://op.ed-manleads.com/clt-vx/Verisure/confirmation.html
Submission: On November 09 via manual from FR — Scanned from FR
Effective URL: https://op.ed-manleads.com/clt-vx/Verisure/confirmation.html
Submission: On November 09 via manual from FR — Scanned from FR
Summary
This website contacted 3 IPs
in 4 countries
across 5 domains to perform 16 HTTP transactions.
The main IP is 2620:1ec:46::44, located in
United States and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is op.ed-manleads.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 29th 2023. Valid for: a year.
This is the only time op.ed-manleads.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 29th 2023. Valid for: a year.
This is the only time op.ed-manleads.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 213.186.33.18 213.186.33.18 | 16276 (OVH) (OVH) | |
| 13 | 2620:1ec:46::44 2620:1ec:46::44 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 3 | 20.101.23.59 20.101.23.59 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 | 2a02:26f0:350... 2a02:26f0:3500:16::215:1495 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 16 | 3 |
3
20.101.23.59
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| op.mp-mdevis.com | |
| op.man-actu03.com |
2
2a02:26f0:3500:16::215:1495
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| use.typekit.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 13 |
ed-manleads.com
op.ed-manleads.com |
168 KB |
| 2 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 506 |
82 KB |
| 2 |
man-actu03.com
2 redirects
op.man-actu03.com |
426 B |
| 1 |
mp-mdevis.com
op.mp-mdevis.com |
34 KB |
| 1 |
aprem-hi.com
1 redirects
www.aprem-hi.com |
290 B |
| 16 | 5 |
| Domain | Requested by | |
|---|---|---|
| 13 | op.ed-manleads.com |
op.ed-manleads.com
|
| 2 | use.typekit.net |
op.ed-manleads.com
|
| 2 | op.man-actu03.com | 2 redirects |
| 1 | op.mp-mdevis.com |
op.ed-manleads.com
|
| 1 | www.aprem-hi.com | 1 redirects |
| 16 | 5 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.manageo.fr |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| op.ed-manleads.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-10-29 - 2024-10-29 |
a year | crt.sh |
| le-17803737.manageo.com R3 |
2023-09-30 - 2023-12-29 |
3 months | crt.sh |
| use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-21 - 2024-10-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://op.ed-manleads.com/clt-vx/Verisure/confirmation.html
Frame ID: DC7C8E4082FC4695E05087F088333367
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
MerciPage URL History Show full URLs
-
https://www.aprem-hi.com/rwy/ld63HUMVZAWFc9MQ/zCw3t
HTTP 302
https://op.ed-manleads.com/clt-vx/Verisure/formulaire_cl2.html?campagne=verisure_2023_digital&&shoot=ED... Page URL
-
https://op.man-actu03.com/valid_form.jsp
HTTP 302
https://op.man-actu03.com/traitementLeads.jsp?idLead=1264488&url_retour=https://op.ed-manleads.com/clt... HTTP 302
https://op.ed-manleads.com/clt-vx/Verisure/confirmation.html Page URL
Detected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.manageo.fr/infos/politique-gestion-donnees.html?utm_source=emailing&utm_medium=mentions-legales%22
Title: accédez à notre politique de confidentialité
Title: accédez à notre politique de confidentialité
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.aprem-hi.com/rwy/ld63HUMVZAWFc9MQ/zCw3t
HTTP 302
https://op.ed-manleads.com/clt-vx/Verisure/formulaire_cl2.html?campagne=verisure_2023_digital&&shoot=ED=788785&nom=NACCACHE&prenom=Yves&raison_sociale=SWISSLIFE%20BANQUE%20PRIVEE&telephone=0153291414&email=ynaccache@swisslifebanque.fr&civ=M&cp=75001&dyn=2 Page URL
-
https://op.man-actu03.com/valid_form.jsp
HTTP 302
https://op.man-actu03.com/traitementLeads.jsp?idLead=1264488&url_retour=https://op.ed-manleads.com/clt-vx/Verisure/confirmation.html HTTP 302
https://op.ed-manleads.com/clt-vx/Verisure/confirmation.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.aprem-hi.com/rwy/ld63HUMVZAWFc9MQ/zCw3t HTTP 302
- https://op.ed-manleads.com/clt-vx/Verisure/formulaire_cl2.html?campagne=verisure_2023_digital&&shoot=ED=788785&nom=NACCACHE&prenom=Yves&raison_sociale=SWISSLIFE%20BANQUE%20PRIVEE&telephone=0153291414&email=ynaccache@swisslifebanque.fr&civ=M&cp=75001&dyn=2
16 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
formulaire_cl2.html
op.ed-manleads.com/clt-vx/Verisure/ Redirect Chain
|
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.1.12.4.min.js
op.mp-mdevis.com/resources/js/ |
95 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
form2_cl.js
op.ed-manleads.com/clt-vx/Verisure/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
confirmation.html
op.ed-manleads.com/clt-vx/Verisure/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
op.ed-manleads.com/commons/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
op.ed-manleads.com/clt-vx/Verisure/css/ |
45 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.6.3.min.js
op.ed-manleads.com/resources/ |
88 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
op.ed-manleads.com/clt-vx/Verisure/assets/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utils.js
op.ed-manleads.com/commons/js/ |
687 B 926 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
semiDynamic.js
op.ed-manleads.com/commons/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
displayPopup.js
op.ed-manleads.com/commons/js/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
displayConfidentiality.js
op.ed-manleads.com/commons/js/ |
819 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
displayLegalMentions.js
op.ed-manleads.com/commons/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
submitValidation.js
op.ed-manleads.com/commons/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/175b25/00000000000000007735a3b1/30/ |
41 KB 41 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/e8c22b/00000000000000007735a3a4/30/ |
40 KB 40 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery function| getParamsWindows1252 function| getParams boolean| isPopup undefined| civParam undefined| firstnameParam undefined| lastnameParam string| popupHtml undefined| yes undefined| no undefined| popup undefined| firstname undefined| lastname undefined| civ string| mentions1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| op.man-actu03.com/ | Name: JSESSIONID Value: A8753CD4F0770FE653E539990C4FF8F9 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
op.ed-manleads.com
op.man-actu03.com
op.mp-mdevis.com
use.typekit.net
www.aprem-hi.com
20.101.23.59
213.186.33.18
2620:1ec:46::44
2a02:26f0:3500:16::215:1495
1680aa99859453e93a1ba210e155735f9200c658ba32df4e96a78a8639a1cd54
191a589a93841a90c70a523c4ab74e9bc825dc2e5832fe59c708d9f3b81bb272
198f21a4730b1626fd65f6653f72b9947545f4cecffdb78d86f442c46828957f
326ecbbedf06a7a87778f2d0f97dd8c506d7ee38693eabd1c7d6f47ff547dc37
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6c46e9d3fd1ab581aa30a6d911b08935d2513f3e6349116ae7d00afd278babdd
7bc34818727803b9a0f7594e6251e94dc1af772bf3ee22793f84e04d2948be54
8c0e1f170f55518282074f3541a66b73242d47cbafc6372e0fce499d6b069cfc
8ef0502d960c060d966c05b74c6ef9102308f8ed7bb8feb853463c4f8460c1a1
b3a0abc8b75f8492ee273cba211f042dbbdbbbfb7fb5f169f578c47e1d16ee44
c4ae5268bef77000a0b3d189ab188bcd5a819ed731d3e2577ff75e22a5ab37b7
d68c0e5abf88644fe8dd9c77e549a98f72805f3109afb9ac0539a18b150820c5
d6e8636e05ac39453678ce9cce314ecf75fb02c67096e40423c841cbdad463ac
de2cf8084c0d33b84c54366202569b081427ad7b531d7437b8916c6d3f38b6bc
e059a9e036b70e6fe3b135af19b8aab9d317e0a92cd83ec539f349ff0cb48f86
f1c8f85cacf62b019945da792e15ef297fe352bdbfb9d0a31c180ef60ee88481