![](/screenshots/994fcc56-efaa-4722-9f67-84b2b0a665c9.png)
efglobals.com
Open in
urlscan Pro
162.241.253.138
Malicious Activity!
Public Scan
Submission: On September 02 via api from US
Summary
TLS certificate: Issued by R3 on August 21st 2021. Valid for: 3 months.
This is the only time efglobals.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DesJardins (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 34 | 162.241.253.138 162.241.253.138 | 26337 (OIS1) (OIS1) | |
1 | 184.24.7.125 184.24.7.125 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 1 | 40.69.99.65 40.69.99.65 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 142.195.133.83 142.195.133.83 | 64258 (DESJARDINS) (DESJARDINS) | |
1 | 23.45.102.59 23.45.102.59 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
30 | 4 |
ASN16625 (AKAMAI-AS, US)
PTR: a184-24-7-125.deploy.static.akamaitechnologies.com
static.mouv.desjardins.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-45-102-59.deploy.static.akamaitechnologies.com
www.desjardins.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
efglobals.com
6 redirects
efglobals.com |
535 KB |
4 |
desjardins.com
2 redirects
static.mouv.desjardins.com analytics.desjardins.com desjardins.com www.desjardins.com |
485 B |
30 | 2 |
Domain | Requested by | |
---|---|---|
34 | efglobals.com |
6 redirects
efglobals.com
|
1 | www.desjardins.com |
text
|
1 | desjardins.com | 1 redirects |
1 | analytics.desjardins.com | 1 redirects |
1 | static.mouv.desjardins.com |
efglobals.com
|
30 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.uni.ca |
www.acadie.com |
accweb.mouv.acadie.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cpcontacts.efglobals.com R3 |
2021-08-21 - 2021-11-19 |
3 months | crt.sh |
www.desjardins.com Entrust Certification Authority - L1K |
2021-08-16 - 2022-08-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://efglobals.com/fizz-cadeaux-clients/banks/directing/uni/
Frame ID: BABDEDC1E8AB794482FD067113D7BAE6
Requests: 31 HTTP requests in this frame
Screenshot
![](/screenshots/994fcc56-efaa-4722-9f67-84b2b0a665c9.png)
Page URL History Show full URLs
-
https://efglobals.com/fizz-cadeaux-clients/banks/directing/uni
HTTP 301
https://efglobals.com/fizz-cadeaux-clients/banks/directing/uni/ Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Forgot your password?
Search URL Search Domain Scan URL
Title: Register for AccèsD
Search URL Search Domain Scan URL
Title: Register for AccèsD Affaires
Search URL Search Domain Scan URL
Title: Become a member
Search URL Search Domain Scan URL
Title: Site security
Search URL Search Domain Scan URL
Title: Report fraud
Search URL Search Domain Scan URL
Title: How to protect yourself
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Read more
Search URL Search Domain Scan URL
Title: Read more
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://efglobals.com/fizz-cadeaux-clients/banks/directing/uni
HTTP 301
https://efglobals.com/fizz-cadeaux-clients/banks/directing/uni/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 22- https://efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/g00-acadie-logo-securite-e.gif HTTP 302
- https://efglobals.com/wp-admin/install.php
- https://efglobals.com/fizz-cadeaux-clients/banks/directing/uni/img/a00-filet-titre.png HTTP 302
- https://efglobals.com/wp-admin/install.php
- https://efglobals.com/fizz-cadeaux-clients/banks/directing/uni/img/liens-action.png HTTP 302
- https://efglobals.com/wp-admin/install.php
- https://efglobals.com/fizz-cadeaux-clients/banks/directing/lib/interne/fwd-bootstrap/3.3/img/a00-modale-fond-degrade.gif HTTP 302
- https://efglobals.com/wp-admin/install.php
- https://efglobals.com/fizz-cadeaux-clients/banks/directing/uni/img/a00-puce-point-gris.png HTTP 302
- https://efglobals.com/wp-admin/install.php
- https://analytics.desjardins.com/logo-desjardins-5793f64f.png HTTP 302
- https://desjardins.com/ HTTP 301
- https://www.desjardins.com/
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/ Redirect Chain
|
28 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
182 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fwd-bootstrap.css
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
164 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global.css
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
31 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smartbanner.css
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
2 KB 899 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme-acadie-acpol.css
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.css
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entete-logo-acadie.png
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g00-entete-filet-logos.png
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g00-entete-logo-accesd.png
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g00-entete-logo-accesd-affaires.png
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entete-btn-menu-app.png
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a00-entete-ic-texte-moins-on.png
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a00-entete-ic-texte-plus-on.png
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a00-loading-petit.gif
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
5 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a00-formulaire-icone-aide.gif
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g00-acadie-logo-securite-e.gif
static.mouv.desjardins.com/static-accesweb/202101062047/acces-web/img/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blocBanniere.js
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
963 B 536 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
callcenter.jpg
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ServicePaye.jpg
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ir_accesd.jpg
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
333 KB 336 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
info-poste-client.js
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
40 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-contenu.js
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
install.php
efglobals.com/wp-admin/ Redirect Chain
|
13 KB 13 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identifiantunique-responsive.css
efglobals.com/fizz-cadeaux-clients/banks/directing/uni/filex/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
install.php
efglobals.com/wp-admin/ Redirect Chain
|
13 KB 13 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
install.php
efglobals.com/wp-admin/ Redirect Chain
|
13 KB 13 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
install.php
efglobals.com/wp-admin/ Redirect Chain
|
13 KB 13 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
install.php
efglobals.com/wp-admin/ Redirect Chain
|
13 KB 13 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.desjardins.com/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DesJardins (Financial)65 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| genRandomNumber function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| TimestampCollector object| UIEventCollector function| RSAUIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity function| switchDisplayDescription function| permuterVersLaVueDeConnexionParSaisie function| utiliserCookie0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.desjardins.com
desjardins.com
efglobals.com
static.mouv.desjardins.com
www.desjardins.com
142.195.133.83
162.241.253.138
184.24.7.125
23.45.102.59
40.69.99.65
0165d78da4ed4a41a557b1735b78acac47c51b918a7f240021ae68bac4a426b1
01e5e12ce6ed87ad72b564b88eca160273dedfd310106eb2cc42e89d08cdfefc
055996a833d736cfcc3449d92a9f2b9569e0defc0fdbf11e5d3e9f827f5d49fa
0f42def4540e99d6046672c1bb69d86b8defd743900d144756556e5128c506dc
12be7a9d2771da796994785458693b358119ce1021b20ab67de6e8b02265a352
12eb1054602044c25f18e80023f24d0a1809569ce29cad7725ec395093aec4f6
1aa71dc6bfb364f2d78e6bee6b8339f1335b58546361c0a0f7010555dbd29a57
226aa7a4feb77e78bf14f669953ce7bf4c68402272517b68d7e3a70ebec10e09
2706d06bbd89b9c172c61587325b51b2cbb5c5668beaaf6b82a4262dfde499fe
2a8d7333a0cc33eb9f9daca9faa009c2067882db646188cf938fce64c43542b2
2adae8bafe4bf4162adc790683e5109dfc29a30f553b51e3179bac40f0125388
2df41b7148cb0f09a7d7a59fe9504b3cceebeef7b5cc96bc558a5aa61e07313a
52f48aa2639915f652d5ecf037e71cb096b77583f0accb672f65dc4a6a70c5a1
56f2cb1c1109e05cd0052d140384e94f14a7351b4e5f0d854a19e56f17756bb1
66d169893f12e4e22fde51e39bc0963b828eb77d9f73704c091fedd3226ff6e4
8e7d404f8e0f26ee5e226ec7ce36bc2efe9820329b017641c054f3b638059b20
92c94c2dc8f4950ba1493977ecdad103c2d7a46b1e8067b546958dd498ae153e
93e7774ab2d0ab31412caa1f3ddefa73c364ba95624f5a9f1fc4b65c8e1ceb7b
9fb9b7442cf363f731971df0621742c82d5d4dd25094324cbbea72d98e7ba911
a3d0070e28c187d04a486c7278f87a20508e77f0863634ccfad6372066e79770
aa5385e61b7cf1a6890495d618bb8ecf83a6063358311825eac8c60c2612fdef
bf20b3d0c99ca095f8c778539c7d1a6dc80f73f3a0b711f8dedcf8045e0656f8
ca2a92817aec81a0958e49b8b97308108d37e4c9005fe8dfaa4c147066e6307a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7aed6211f4167b2a30e831ba39cd6464cc9ea8c720023aa981bb09a4f74cef5