![](/screenshots/64965219-0be1-474c-841f-6ddd5ba380a3.png)
app-eunickel.cetellfr.fr
Open in
urlscan Pro
209.209.40.75
Malicious Activity!
Public Scan
Effective URL: https://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/clients/
Submission: On December 10 via manual from FR — Scanned from FR
Summary
TLS certificate: Issued by R3 on December 8th 2022. Valid for: 3 months.
This is the only time app-eunickel.cetellfr.fr was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nickel (Financial)Community Verdicts: Malicious — 2 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 92.48.77.148 92.48.77.148 | () () | |
1 | 2606:4700:7::... 2606:4700:7::a29f:8a09 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:3865 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 18 | 209.209.40.75 209.209.40.75 | () () | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
2 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 23.213.161.214 23.213.161.214 | () () | |
22 | 8 |
ASN13335 (CLOUDFLARENET, US)
suivre-colischrono.elementor.cloud |
ASN- ()
PTR: a23-213-161-214.deploy.static.akamaitechnologies.com
static-resources.nickel.eu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
cetellfr.fr
6 redirects
app-eunickel.cetellfr.fr |
258 KB |
3 |
nickel.eu
static-resources.nickel.eu |
95 KB |
3 |
onlisesa.fr
app-n-ickeleu.onlisesa.fr |
|
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211 |
35 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 750 |
14 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 687 |
30 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1038 |
6 KB |
1 |
elementor.cloud
suivre-colischrono.elementor.cloud |
654 B |
1 |
partisilsa.com
partisilsa.com |
292 B |
22 | 9 |
Domain | Requested by | |
---|---|---|
15 | app-eunickel.cetellfr.fr |
6 redirects
suivre-colischrono.elementor.cloud
app-eunickel.cetellfr.fr |
3 | static-resources.nickel.eu |
app-eunickel.cetellfr.fr
|
3 | app-n-ickeleu.onlisesa.fr |
app-eunickel.cetellfr.fr
|
2 | cdnjs.cloudflare.com |
app-eunickel.cetellfr.fr
|
1 | maxcdn.bootstrapcdn.com |
app-eunickel.cetellfr.fr
|
1 | code.jquery.com |
app-eunickel.cetellfr.fr
|
1 | static.cloudflareinsights.com |
suivre-colischrono.elementor.cloud
|
1 | suivre-colischrono.elementor.cloud |
partisilsa.com
|
1 | partisilsa.com | |
22 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
partisilsa.com R3 |
2022-12-10 - 2023-03-10 |
3 months | crt.sh |
elementor.cloud Cloudflare Inc ECC CA-3 |
2022-10-15 - 2023-10-15 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-11 - 2023-05-10 |
a year | crt.sh |
app-eunickel.cetellfr.fr R3 |
2022-12-08 - 2023-03-08 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
bnp09s.bnpparibas.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-10-11 - 2023-03-22 |
5 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/clients/
Frame ID: 781C0E342D5C080B0A2C8DD63A7D4BE7
Requests: 22 HTTP requests in this frame
Screenshot
![](/screenshots/64965219-0be1-474c-841f-6ddd5ba380a3.png)
Page Title
Espace client : Gérer son compte | NickelPage URL History Show full URLs
- https://partisilsa.com/ Page URL
- https://suivre-colischrono.elementor.cloud/ss.html Page URL
-
https://app-eunickel.cetellfr.fr//wp-content/themes/twentyseventeen/inc/n
HTTP 301
http://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/ HTTP 307
https://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/ HTTP 302
https://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/clients HTTP 301
http://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/clients/ HTTP 307
https://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/clients/ Page URL
Detected technologies
Detected patterns
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://partisilsa.com/ Page URL
- https://suivre-colischrono.elementor.cloud/ss.html Page URL
-
https://app-eunickel.cetellfr.fr//wp-content/themes/twentyseventeen/inc/n
HTTP 301
http://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/ HTTP 307
https://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/ HTTP 302
https://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/clients HTTP 301
http://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/clients/ HTTP 307
https://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/clients/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/2282daa7.chunk.html HTTP 301
- https://app-n-ickeleu.onlisesa.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/2282daa7.chunk.html
- https://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/74.b7389af6.chunk.html HTTP 301
- https://app-n-ickeleu.onlisesa.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/74.b7389af6.chunk.html
- https://app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/65.045f2d82.chunk.html HTTP 301
- https://app-n-ickeleu.onlisesa.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/65.045f2d82.chunk.html
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
partisilsa.com/ |
259 B 292 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ss.html
suivre-colischrono.elementor.cloud/ |
686 B 654 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/clients/ Redirect Chain
|
188 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
86fffa26.chunk.css
app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/ |
25 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
24571a40.chunk.css
app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/ |
32 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
des.css
app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f55d3599.chunk.css
app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
645939e1.chunk.css
app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fe9185d1.chunk.css
app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2282daa7.chunk.html
app-n-ickeleu.onlisesa.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
74.b7389af6.chunk.html
app-n-ickeleu.onlisesa.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65.045f2d82.chunk.html
app-n-ickeleu.onlisesa.fr/wp-content/themes/twentyseventeen/inc/n/assets/css/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sketch-homepage.a14b9180.png
app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/assets/ |
193 KB 181 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.inputmask.js
app-eunickel.cetellfr.fr/wp-content/themes/twentyseventeen/inc/n/assets/js/ |
193 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.6.1/ |
89 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ |
48 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MullerNarrow-Light.woff2
static-resources.nickel.eu/fonts/ |
31 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MullerNarrow-ExtraBold.woff2
static-resources.nickel.eu/fonts/ |
30 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MullerNarrow-Medium.woff2
static-resources.nickel.eu/fonts/ |
32 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
page.url
Submitted on
December 10th 2022, 1:17:14 pm
UTC —
From France
Threats:
Phishing
Comment: Phishing - Website is trying to steal user credentials
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nickel (Financial)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery function| Inputmask function| default function| resetpass function| refreshpass object| bootstrap0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app-eunickel.cetellfr.fr
app-n-ickeleu.onlisesa.fr
cdnjs.cloudflare.com
code.jquery.com
maxcdn.bootstrapcdn.com
partisilsa.com
static-resources.nickel.eu
static.cloudflareinsights.com
suivre-colischrono.elementor.cloud
2001:4de0:ac18::1:a:2b
209.209.40.75
23.213.161.214
2606:4700:7::a29f:8a09
2606:4700::6810:3865
2606:4700::6811:180e
2606:4700::6812:acf
92.48.77.148
222662d0ed5617d8df9772f5394fdb715acdd3296f00d6db261b682e8400ecd2
234a61d9c004512f92960323b0e8ea01bf7138f7e3daa22648f50000bec54301
29a377530b36d1a9e568c24f4539126c6342ce8bc14de3843fdcf7a3dc18add4
2cfaa794a00f343478348b84cfbde43882c5bb941286c4b55cefab5c6b4ae87f
368d3e222fb20951615a298ab3bd932813679981b92d448183a988068c113d77
4da7ff58a085e3c3fdc781d9e38117c808d7d3425dda5ab7d605d05ad7025493
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
5ce7979af69c35c2381677bbb13f2c07717278dbbb31c09984310e34408d5c4b
6392a748f3002e48611ba86cd3f3bec9ff95a4f2c11449e15dc1253ce3585028
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
e671416c9ac25a7877362f1c6581b91fbe987ec04e187b365a96a3feecc2bb1a
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f0e7fef75b97057f33e9ba884f068688dd6514ad2e303685ab29418e1390b842
f37a52e5c8f06d2c3e0a2e23c8947bc25b286a07d59f7ddf87ed7d7d7dd61bcd
f996d7eb10768373376f60c455f38135808f5ad7d6a347aec0584362de092fa7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e