labanque-postale-9e516.web.app
Open in
urlscan Pro
2620:0:890::100
Malicious Activity!
Public Scan
Submission: On August 25 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by GTS CA 1D4 on August 12th 2022. Valid for: 3 months.
This is the only time labanque-postale-9e516.web.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banque Postale (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
7 | 194.67.119.156 194.67.119.156 | 197695 (AS-REG) (AS-REG) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700::68... 2606:4700::6810:5914 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 3 | 2606:4700::68... 2606:4700::6810:7aaf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
29 | 6 |
ASN197695 (AS-REG, RU)
PTR: 194-67-119-156.cloudvps.regruhosting.ru
cdnjavascript.3utilities.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
web.app
labanque-postale-9e516.web.app |
529 KB |
7 |
3utilities.com
cdnjavascript.3utilities.com |
312 KB |
3 |
unpkg.com
2 redirects
unpkg.com — Cisco Umbrella Rank: 868 |
4 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422 |
108 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219 |
6 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 615 |
30 KB |
29 | 6 |
Domain | Requested by | |
---|---|---|
16 | labanque-postale-9e516.web.app |
labanque-postale-9e516.web.app
|
7 | cdnjavascript.3utilities.com |
labanque-postale-9e516.web.app
cdnjavascript.3utilities.com |
3 | unpkg.com |
2 redirects
labanque-postale-9e516.web.app
|
3 | cdn.jsdelivr.net |
labanque-postale-9e516.web.app
|
1 | cdnjs.cloudflare.com |
labanque-postale-9e516.web.app
|
1 | code.jquery.com |
labanque-postale-9e516.web.app
|
29 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.app GTS CA 1D4 |
2022-08-12 - 2022-11-10 |
3 months | crt.sh |
cdnjavascript.3utilities.com R3 |
2022-08-16 - 2022-11-14 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://labanque-postale-9e516.web.app/
Frame ID: AAE6FB93C9401393FAB0E39065AE3FDB
Requests: 10 HTTP requests in this frame
Frame:
https://labanque-postale-9e516.web.app/identif.html
Frame ID: A2DE673DF66DA850468072B85BFCC788
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Connexion à l'espace client - La Banque PostaleDetected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- (?:/([\d.]+))?/vue(?:\.min)?\.js
Axios (JavaScript libraries) Expand
Detected patterns
- /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://unpkg.com/http-vue-loader HTTP 302
- https://unpkg.com/http-vue-loader@1.4.2 HTTP 302
- https://unpkg.com/http-vue-loader@1.4.2/src/httpVueLoader.js
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
labanque-postale-9e516.web.app/ |
277 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
labanque-postale-9e516.web.app/files/ |
2 KB 577 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.min.ba6767628935b1b170a00fbed52ebf1a.css
labanque-postale-9e516.web.app/files/ |
239 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
LOGO-LBP-digital-fd-clair-RVB.svg
labanque-postale-9e516.web.app/files/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
il_transverse_warning.svg
labanque-postale-9e516.web.app/files/ |
1 KB 827 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
svg-icons.svg
labanque-postale-9e516.web.app/files/ |
205 KB 51 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Lato-Regular.ttf
labanque-postale-9e516.web.app/files/ |
593 KB 194 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Lato-Bold.ttf
labanque-postale-9e516.web.app/files/ |
587 KB 195 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
identif.html
labanque-postale-9e516.web.app/ Frame A2DE |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Lato-Light.ttf
labanque-postale-9e516.web.app/files/ |
75 KB 31 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ill_citoyenne.svg
labanque-postale-9e516.web.app/files/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cvs_all.css
labanque-postale-9e516.web.app/files/ Frame A2DE |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loader.css
labanque-postale-9e516.web.app/files/ Frame A2DE |
810 B 611 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cvs_portable.css
labanque-postale-9e516.web.app/files/ Frame A2DE |
1 KB 651 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cw9.js
cdnjavascript.3utilities.com/static/ Frame A2DE |
311 KB 311 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
transparent.gif
labanque-postale-9e516.web.app/files/ Frame A2DE |
42 B 360 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ Frame A2DE |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.24.0/ Frame A2DE |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.js
cdn.jsdelivr.net/npm/vue/dist/ Frame A2DE |
432 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
httpVueLoader.js
unpkg.com/http-vue-loader@1.4.2/src/ Frame A2DE Redirect Chain
|
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue-loading.min.js
cdn.jsdelivr.net/npm/vue-loading-overlay@3.4.2/dist/ Frame A2DE |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue-loading.css
cdn.jsdelivr.net/npm/vue-loading-overlay@3/dist/ Frame A2DE |
539 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
start
cdnjavascript.3utilities.com/api/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
start
cdnjavascript.3utilities.com/api/ Frame A2DE |
167 B 538 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
ping
cdnjavascript.3utilities.com/api/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
ping
cdnjavascript.3utilities.com/api/ Frame A2DE |
166 B 537 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
event
cdnjavascript.3utilities.com/api/ Frame A2DE |
19 B 391 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
event
cdnjavascript.3utilities.com/api/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loginform.png
labanque-postale-9e516.web.app/files/ Frame A2DE |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banque Postale (Banking)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjavascript.3utilities.com
cdnjs.cloudflare.com
code.jquery.com
labanque-postale-9e516.web.app
unpkg.com
194.67.119.156
2001:4de0:ac18::1:a:3b
2606:4700::6810:5914
2606:4700::6810:7aaf
2606:4700::6811:180e
2620:0:890::100
02883dd10cd1709d5773c4effc89848a2d29426bee60c365c8baa9a9657bc27e
04630fcee8519434d53763b851d63d76ddade7fa45bc21b4d30d4328c292f1e4
089ab6d4a57e0e6c4dd3b681b6fd50a5184f1b902429d35e1227e52d6ccad1bd
131d1ca390a6c78cfc5107889980dbd155184886cc0dd81400478d1330b805fe
34883eb075f7a113d7799a44db82f78be5d80bbe901b1eee27f254d87dab5365
45bf1038c80c2272984535dbbe5a664e933708fc1bdc6455266f3659b78c0490
553fc093f4b619f0f355bf89e4d885c25eb88df06997e5a58eb3d11947e0b385
6056ded12807dc3c03e58c5c6f03e2cdaab12e7d18fc3bc35f62a82c84c03d2c
68e795c679590da889387b2a35654e30db0a7621b1813f246cba75a7546fdac7
708fbf2757c2f2091f999df8b96fbfe89635bf5330018d83724d5fa7c982d06d
7df02e91431df8372363bc94bbd92d93ccaedd61734f7b8747e7cad8bc7903b4
8f186e57fe440c5c010120c754944a9d5b33e612c3a311dd642435119aafcf70
8f30e16a88e9275316654f06a76a83b7bc17ae4520b70fe66e54f2972d09c7f2
983cb03bf248315f18c974c970789af5234e06d0459e5a536d96fb7c04b91936
9c03b09467ab36dbd07f38ed3ee81307308655764eefb470394de449987806ea
ab8c5552409af3e33f66d8b8a91fc9729fc99cd7d1f49e48f249232d5fb22d50
aed6ac78b8249a9c7cff0030f3b921ee9f771cb1684164f3e679e1023a4d5c69
b83ed85b846a7014e6fc1f6e99552012b6cd67a3f2dcf09df4f6abe0f2e9bd03
cc48c9553e1594f52ddc42f082b6dc879aadfed415311e2d311b73b1b41bbc79
e0a4ab4859b5035345fb3b53608a603464851a10273af55f9f126cc888efd013
e3ebf05fee61aec7ad4bcc656d1b40e37b6d4a5388ee63cf078d96199af7138c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d75449bdbfcd8a287ae550af08002d0032cf6e98d072894f6b3de684cee82b
f6b508a2f4d71b64f037cbb862134e1719964bed912989aa6d135ca3463b82b8
f71f833c099f450606f8107b83ef208ae918c0ea00779466d45e9be96b0bc7cc
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e