www.lemediateur-creditmutuel.com
Open in
urlscan Pro
145.226.47.146
Malicious Activity!
Public Scan
Effective URL: https://www.lemediateur-creditmutuel.com/fr/index.html
Submission: On November 09 via manual from PH — Scanned from FR
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on June 9th 2022. Valid for: a year.
This is the only time www.lemediateur-creditmutuel.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Credit Mutuel (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 6 | 145.226.47.146 145.226.47.146 | 8255 (EURO-INFO...) (EURO-INFORMATION) | |
11 | 145.226.46.154 145.226.46.154 | 8255 (EURO-INFO...) (EURO-INFORMATION) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2008 | 15169 (GOOGLE) (GOOGLE) | |
15 | 3 |
ASN8255 (EURO-INFORMATION, FR)
lemediateur-creditmutuel.com | |
www.lemediateur-creditmutuel.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
e-i.com
cdnsi.e-i.com — Cisco Umbrella Rank: 657696 |
162 KB |
6 |
lemediateur-creditmutuel.com
3 redirects
lemediateur-creditmutuel.com www.lemediateur-creditmutuel.com |
9 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121 |
46 KB |
15 | 3 |
Domain | Requested by | |
---|---|---|
11 | cdnsi.e-i.com |
www.lemediateur-creditmutuel.com
cdnsi.e-i.com |
4 | www.lemediateur-creditmutuel.com |
1 redirects
www.lemediateur-creditmutuel.com
cdnsi.e-i.com |
2 | lemediateur-creditmutuel.com | 2 redirects |
1 | www.googletagmanager.com |
www.lemediateur-creditmutuel.com
|
15 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
lemediateur.creditmutuelarkea.fr |
eur-lex.europa.eu |
www.legifrance.gouv.fr |
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.lemediateur-creditmutuel.com GlobalSign RSA OV SSL CA 2018 |
2022-06-09 - 2023-07-11 |
a year | crt.sh |
*.e-i.com GlobalSign RSA OV SSL CA 2018 |
2022-07-22 - 2023-08-23 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-10-17 - 2023-01-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.lemediateur-creditmutuel.com/fr/index.html
Frame ID: 07D38FCD4B608D4ADDA0B3454443CA35
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Accueil | Le Médiateur du Crédit MutuelPage URL History Show full URLs
-
http://lemediateur-creditmutuel.com/
HTTP 301
https://lemediateur-creditmutuel.com/ HTTP 301
https://www.lemediateur-creditmutuel.com/ HTTP 302
https://www.lemediateur-creditmutuel.com/fr/index.html Page URL
Detected technologies
Google Tag Manager (Tag Managers) ExpandDetected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
Lightbox (JavaScript Libraries) Expand
Detected patterns
- lightbox(?:-plus-jquery)?.{0,32}\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: lemediateur.creditmutuelarkea.fr
Search URL Search Domain Scan URL
Title: Directive 2013/11/UE du parlement européen et du conseil du 21 mai 2013 relative au règlement extrajudiciaire des litiges de consommation et modifiant le règlement (CE) n°2006/2004 et la directive 2009/22/CE (directive relative au RELC)
Search URL Search Domain Scan URL
Title: Règlement (UE) N°524/2013 du parlement européen et du conseil du 21 mai 2013 relatif au règlement en ligne des litiges de consommation et modifiant le règlement (CE) n°2006/2004 et la directive 2009/22/CE (règlement relatif au RLLC)
Search URL Search Domain Scan URL
Title: Livre VI, chapitre Ier, du code de la consommation relatif au règlement des Litiges (partie législative et règlementaire)
Search URL Search Domain Scan URL
Title: Politique de confidentialité.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://lemediateur-creditmutuel.com/
HTTP 301
https://lemediateur-creditmutuel.com/ HTTP 301
https://www.lemediateur-creditmutuel.com/ HTTP 302
https://www.lemediateur-creditmutuel.com/fr/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.html
www.lemediateur-creditmutuel.com/fr/ Redirect Chain
|
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery_ei.js
cdnsi.e-i.com/INGR/sd/mediateur_2019/1.97.5/fr/javascript/appli/ |
105 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ei_tools.js
cdnsi.e-i.com/INGR/sd/mediateur_2019/1.97.5/fr/javascript/appli/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lightbox.js
cdnsi.e-i.com/INGR/sd/mediateur_2019/1.97.5/fr/javascript/appli/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v3couleurs_cm_vitrine.css
cdnsi.e-i.com/INGR/sd/mediateur_2019/1.97.5/fr/css/ |
38 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
www.lemediateur-creditmutuel.com/partage/fr/CC/Mediateur/styles/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
env.js
cdnsi.e-i.com/INGR/sd/mediateur_2019/1.97.5/fr/javascript/appli/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracking_event.js
cdnsi.e-i.com/WEBO/sd/wat/1.0.8//javascripts/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ei_custom_richradbutton.css
cdnsi.e-i.com/INGR/sd/mediateur_2019/1.97.5/fr/css/ |
0 410 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SITW-tools.js
cdnsi.e-i.com/SITW/sd/tools/2.1.5/javascripts/ |
29 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
euConsentConfig.json
www.lemediateur-creditmutuel.com/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_cm.png
cdnsi.e-i.com/INGR/sd/mediateur_2019/1.97.5/fr/images/css/env/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans--700--normal.woff2
cdnsi.e-i.com/INGR/sd/mediateur_2019/1.97.5/commun/fonts/ |
51 KB 51 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans--400--normal.woff2
cdnsi.e-i.com/INGR/sd/mediateur_2019/1.97.5/commun/fonts/ |
49 KB 49 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
119 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Credit Mutuel (Banking)97 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| jqueryIsLoaded boolean| jQueryIsLoaded function| $ function| jQuery function| ei_bodynoscroll function| ei_centerbox function| InitToggleBtn function| InitRichRB function| InitRichCKB function| OpenLB function| CloseLB function| OpenLightBox function| CloseLightBox function| resizeAll function| scrollSticky function| footer_bottom function| fc_menumobil_init function| fc_menumobil_smenu_deleate function| fc_menumobil_openclose function| fc_menumobil_close function| fc_body_noscroll function| fc_scrollReset object| jQuery11243045477775042897783 function| trackEvent function| GACEvent function| GUAEvent function| ATEvent function| TCEvent function| GTMEvent function| MTMEvent function| trackCustomEvent object| euConsentData function| checkAndSetCookiesAcceptance function| openEuConsentModal function| initEuConsentModal function| initEuConsentData function| loadEuConsentConfigAsync function| euConsentIsVersionUpToDate function| buildEuConsentModal function| buildEuConsentModalFamilies function| switchEuConsentModalStep function| euConsentModalClickOnKeyDown function| switchEuConsentRichRadio function| euConsentTickAll function| validateEuConsent function| euConsentStartCheckCookie function| getEuConsentCookie function| saveEuConsentCookie function| euConsentRemoveOtherCookie function| isAcceptancePathInEuConsentCookie function| getEuConsentSiteKey function| euConsentPageManagementBuild function| CheckRadios function| isNotEmpty function| euConsentOnUpdate function| isSolutionAccepted boolean| cookiesBlocked function| setCookie function| getCookie function| disableCookies function| enableCookies function| getCookieI14 function| getEspace function| getEspaceClientReconnu function| getMarche function| getFede function| getOldFede function| getSousMarche function| setCommonInfo function| getCommonInfo function| getImmo function| areCookiesAccepted function| setLogoLink function| setCookiesAcceptance function| checkCookiesAcceptance function| onLoadBody function| old_checkAndSetCookiesAcceptance function| closeCategory function| acceptallcookies function| openPanel function| acceptCookieCategory function| denyCookieCategory function| onLoadBodyCustom function| DeconnexionTabletteAgence object| dataLayer object| tags string| cookiePolicyLink object| google_tag_manager1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.lemediateur-creditmutuel.com/ | Name: nid Value: 4B4960D429188E5441C1FB02181352ADE564410C |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnsi.e-i.com
lemediateur-creditmutuel.com
www.googletagmanager.com
www.lemediateur-creditmutuel.com
145.226.46.154
145.226.47.146
2a00:1450:4001:810::2008
2197c1f9131d6695f5a9fff820809c24572c12cfcde9b40ec61556d75a563605
2ce37903328dcdadb65a707e5a2e36650e0b92b28f9bc5e53c99e5b2f7d7a3fc
32c08f03132aca5d52b761529ba4b8fcfdac41675e95f1b7c9cbedc8d82f1886
34384000c184533942fb323cf7a4dd6685f3d5957c1a50325068c85dbbc50fdb
360395611010812dc968f60e39bd1372be73d9184669944d85475d63b7e50589
45dbf7da4d85d3f634be7236f0dd32ee6f13ed4afa2a8b3f6eb52355664f6062
5a59032e7cc3276321edc07b1099c430689793bf7823a5c0c6bda23e6ad8693b
6d80bdf380d95a68ace4a1a721e30abd40667ea505232e536b7b783c963d3ef4
77a2e2a11dd89c12a69823b02c5d349c7a25c79cc496837a689d7d7f0803df72
8c493c16984c6a06bc9a81e598491f3aea2eb1c5319729988a47141bc4f393ab
92ba41aa9873d8f826083e78bbc5ead09ea62f3d2e13dfc453765c9aae1a16f1
b9af3e8241de0173f3eb344bfa3dc9e52a4e69d4c955079695baedcf21748704
de12d0618a825d7b93ffca1e7156197119c707011b10406bca40516fd99ee14e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea237fa52d162fcbb81f9c9b744f001373f5d02169fee6a0c8dc0e9eb4fc9577