![](/screenshots/e3dfe704-5511-4c7d-ba69-721b11be9a01.png)
actionverification5428596542358.mymeriva.com
Open in
urlscan Pro
104.168.149.129
Malicious Activity!
Public Scan
Effective URL: https://actionverification5428596542358.mymeriva.com/fr/espace/?client_id=a389322b67c3cbd5&appIdKey=a389322b67c3cbd528d2241aa4950704ac196f6b&country=FR
Submission: On November 04 via manual from FR — Scanned from FR
Summary
TLS certificate: Issued by R3 on November 3rd 2023. Valid for: 3 months.
This is the only time actionverification5428596542358.mymeriva.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banque Postale (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3038::6815:ead7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 22 | 104.168.149.129 104.168.149.129 | 54290 (HOSTWINDS) (HOSTWINDS) | |
7 | 185.16.252.165 185.16.252.165 | 35676 (LA-POSTE) (LA-POSTE) | |
28 | 2 |
ASN54290 (HOSTWINDS, US)
PTR: hwsrv-1106535.hostwindsdns.com
rea5148596575639512584568569.mymeriva.com | |
actionverification5428596542358.mymeriva.com |
ASN35676 (LA-POSTE, FR)
PTR: transverse.labanquepostale.fr
transverse.labanquepostale.fr |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
mymeriva.com
1 redirects
rea5148596575639512584568569.mymeriva.com actionverification5428596542358.mymeriva.com |
1 MB |
7 |
labanquepostale.fr
transverse.labanquepostale.fr — Cisco Umbrella Rank: 393058 |
267 KB |
1 |
urlz.fr
1 redirects
urlz.fr — Cisco Umbrella Rank: 425442 |
499 B |
28 | 3 |
Domain | Requested by | |
---|---|---|
21 | actionverification5428596542358.mymeriva.com |
1 redirects
rea5148596575639512584568569.mymeriva.com
actionverification5428596542358.mymeriva.com |
7 | transverse.labanquepostale.fr |
actionverification5428596542358.mymeriva.com
transverse.labanquepostale.fr |
1 | rea5148596575639512584568569.mymeriva.com | |
1 | urlz.fr | 1 redirects |
28 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
rea5148596575639512584568569.mymeriva.com R3 |
2023-11-03 - 2024-02-01 |
3 months | crt.sh |
actionverification5428596542358.mymeriva.com R3 |
2023-11-03 - 2024-02-01 |
3 months | crt.sh |
transverse.labanquepostale.fr DigiCert EV RSA CA G2 |
2023-06-05 - 2024-06-04 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://actionverification5428596542358.mymeriva.com/fr/espace/?client_id=a389322b67c3cbd5&appIdKey=a389322b67c3cbd528d2241aa4950704ac196f6b&country=FR
Frame ID: 3BCE100010A5636DB1DAA7C15D0DAC0B
Requests: 16 HTTP requests in this frame
Frame:
https://actionverification5428596542358.mymeriva.com/fr/espace/frame.php
Frame ID: A4E168C3D5C020BA53ECD1FC4C9683B4
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/e3dfe704-5511-4c7d-ba69-721b11be9a01.png)
Page Title
Connexion à mon espace client - La Banque PostalePage URL History Show full URLs
-
https://urlz.fr/oiil
HTTP 302
https://rea5148596575639512584568569.mymeriva.com/ Page URL
-
https://actionverification5428596542358.mymeriva.com/fr/index.php?pwd=bp
HTTP 302
https://actionverification5428596542358.mymeriva.com/fr/espace/?client_id=a389322b67c3cbd5&appIdKey=a389322b67c3cbd528d2241aa4950... Page URL
Detected technologies
Detected patterns
- \bangular.{0,32}\.js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://urlz.fr/oiil
HTTP 302
https://rea5148596575639512584568569.mymeriva.com/ Page URL
-
https://actionverification5428596542358.mymeriva.com/fr/index.php?pwd=bp
HTTP 302
https://actionverification5428596542358.mymeriva.com/fr/espace/?client_id=a389322b67c3cbd5&appIdKey=a389322b67c3cbd528d2241aa4950704ac196f6b&country=FR Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://urlz.fr/oiil HTTP 302
- https://rea5148596575639512584568569.mymeriva.com/
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
rea5148596575639512584568569.mymeriva.com/ Redirect Chain
|
247 B 306 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
actionverification5428596542358.mymeriva.com/fr/espace/ Redirect Chain
|
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base-fonts.min.css
actionverification5428596542358.mymeriva.com/fr/espace/css/ |
2 KB 751 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.min.css
actionverification5428596542358.mymeriva.com/fr/espace/css/ |
292 KB 58 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
actionverification5428596542358.mymeriva.com/fr/espace/css/js/ |
163 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
actionverification5428596542358.mymeriva.com/fr/espace/css/js/ |
86 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
actionverification5428596542358.mymeriva.com/fr/espace/css/js/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.js
actionverification5428596542358.mymeriva.com/fr/espace/css/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LOGO-LBP-digital-fd-clair-RVB.svg
actionverification5428596542358.mymeriva.com/fr/espace/css/ |
3 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LOGO-LBP-digital-fd-glass-RVB.svg
actionverification5428596542358.mymeriva.com/fr/espace/css/ |
3 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cvs_refonte.css
transverse.labanquepostale.fr/xo_/9.9.0.0/cvvs/css/ |
595 B 979 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
svg-icons.svg
actionverification5428596542358.mymeriva.com/fr/espace/css/ |
223 KB 223 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame.php
actionverification5428596542358.mymeriva.com/fr/espace/ Frame A4E1 |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lato-Regular.woff2
actionverification5428596542358.mymeriva.com/fr/espace/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lato-Bold.woff2
actionverification5428596542358.mymeriva.com/fr/espace/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lato-Regular.woff
actionverification5428596542358.mymeriva.com/fr/espace/css/fonts/ |
302 KB 302 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lato-Bold.woff
actionverification5428596542358.mymeriva.com/fr/espace/css/fonts/ |
302 KB 303 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
actionverification5428596542358.mymeriva.com/fr/espace/css/js/ Frame A4E1 |
163 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
actionverification5428596542358.mymeriva.com/fr/espace/css/js/ Frame A4E1 |
86 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
actionverification5428596542358.mymeriva.com/fr/espace/css/js/ Frame A4E1 |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.js
actionverification5428596542358.mymeriva.com/fr/espace/css/js/ Frame A4E1 |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pass.js
actionverification5428596542358.mymeriva.com/fr/espace/css/ Frame A4E1 |
731 B 945 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader.css
transverse.labanquepostale.fr/xo_/9.9.0.0/cvvs/css/ Frame A4E1 |
1 KB 890 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
toolbox-xo.css
transverse.labanquepostale.fr/xo_/toolbox/1.4/ Frame A4E1 |
310 KB 68 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cvs_refonte.css
transverse.labanquepostale.fr/xo_/9.9.0.0/cvvs/css/ Frame A4E1 |
595 B 979 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LatoLatin-Regular.ddabf82b5d4d1b866907.woff
transverse.labanquepostale.fr/xo_/toolbox/1.4/ Frame A4E1 |
71 KB 71 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RobotoMono-Medium.ec6b154d432655e0030a.woff
transverse.labanquepostale.fr/xo_/toolbox/1.4/ Frame A4E1 |
53 KB 54 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LatoLatin-Bold.f8070493677d71497ccd.woff
transverse.labanquepostale.fr/xo_/toolbox/1.4/ Frame A4E1 |
71 KB 71 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banque Postale (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| angular function| $ function| jQuery function| preventBack1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
actionverification5428596542358.mymeriva.com/ | Name: PHPSESSID Value: jndslko54iq50coroqol08m4pd |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
actionverification5428596542358.mymeriva.com
rea5148596575639512584568569.mymeriva.com
transverse.labanquepostale.fr
urlz.fr
104.168.149.129
185.16.252.165
2606:4700:3038::6815:ead7
0e4482745482b3f5c558a3a0cebff7efb54cb37ddd6e7508e349e465c2423827
0e56b17d142eb366c8007031d14e34da48c70b4a9d9a0ca492e696a7bae45e1e
151811e82869209a043987bbc0f4a165426d7b2e03410f856bb06eb56f525670
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
40df40999281e439965c8cfcff50c2faf84f781e5e11a96a2c89ad870273dab8
4b87dd7f20f1c23129b8c5494d53f2ab0b0f327c5e0b8e8b9a1960c7cb9a1d95
5b9025dda4d7688e3311b0c17eddc501133b807def33effaef6593843cf5416e
616805b0f5752e19b05af7eff54485d1fdc20360bd7435929df6afa6429c296b
644b9536ec3fb0d3638328694cbaaf0f2687aeb15bc57bf2bc6228d6af9dedae
739104b5349ad414323b0f821b747b55af29af684d47f6c6a189edb08b76b4e3
7a98676258cca9eab797414210b253833147461e9a54df3d1d1e2f85e5f467df
7cebe978fde661e6a5a690aad9bed83703318bf58c2901174deff6aa9baa5643
8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9
8d37733db89138a95a9c2e14696c01777179ec16607f8768b9e743efe6825fe3
9c46f7929b08c87518aa7efbbf1601e485eeed829f149e3f01beb50120cdb3be
cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a
e13689e08a1b8042c0b96db6f1712ca81f81a3711f1866bfa810a93d4d9cde93
e914dc459e0a9371b0b11aaa2e8da4df22a2f126997387ec77bbf914a5df1cc6
f050012b033cb391112b37757113c73ff09884815ff73ce45592ee309ce87b3f
fa2df8361e86bd220a4ff76e69fa3e6d767c966390ed6076ebddf9715b41c3bb