serveurclientcommunication-7f9e06.ingress-haven.ewp.live Open in urlscan Pro
63.250.43.144 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://notifsclients.blogspot.be/
Effective URL:
https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
Submission: On December 30 via api (December 30th 2023, 3:25:13 pm UTC) from IE — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 6 domains to perform 20 HTTP transactions. The main IP is 63.250.43.144, located in United States and belongs to NAMECHEAP-NET, US. The main domain is serveurclientcommunication-7f9e06.ingress-haven.ewp.live.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 2nd 2023. Valid for: a year.

This is the only time serveurclientcommunication-7f9e06.ingress-haven.ewp.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Orange (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 1	91.215.219.133 91.215.219.133	49699 (ICN-) (ICN-)
1 1	178.238.224.248 178.238.224.248	51167 (CONTABO) (CONTABO)
1 1	2804:10:8022:... 2804:10:8022::218:52	28299 (Cyberweb ...) (Cyberweb Networks Ltda)
18	63.250.43.144 63.250.43.144	22612 (NAMECHEAP...) (NAMECHEAP-NET)
20	3

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

notifsclients.blogspot.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
notifsclients.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.219.133 (Sofia, Bulgaria) 1 redirects

ASN49699 (ICN-, BG)
PTR: reverse-219-133.icnhost.net

jtbtigers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.238.224.248 (Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: host.aparg.com

parg.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:10:8022::218:52 (Brazil) 1 redirects

ASN28299 (Cyberweb Networks Ltda, BR)

avbc.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 63.250.43.144 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: ingress-haven.ewp.live

serveurclientcommunication-7f9e06.ingress-haven.ewp.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	ewp.live serveurclientcommunication-7f9e06.ingress-haven.ewp.live	518 KB
1	avbc.me 1 redirects avbc.me	147 B
1	parg.co 1 redirects parg.co	98 B
1	jtbtigers.com 1 redirects jtbtigers.com	119 B
1	blogspot.com notifsclients.blogspot.com dythfyujfgjvhnb.blogspot.com Failed	15 KB
1	blogspot.be 1 redirects notifsclients.blogspot.be	293 B
20	6

	Domain	Requested by
18	serveurclientcommunication-7f9e06.ingress-haven.ewp.live	notifsclients.blogspot.com serveurclientcommunication-7f9e06.ingress-haven.ewp.live
1	avbc.me	1 redirects
1	parg.co	1 redirects
1	jtbtigers.com	1 redirects
1	notifsclients.blogspot.com
1	notifsclients.blogspot.be	1 redirects
0	dythfyujfgjvhnb.blogspot.com Failed	notifsclients.blogspot.com
20	7

This site contains no links.

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.ingress-haven.ewp.live Sectigo RSA Domain Validation Secure Server CA	`2023-12-02` - `2024-12-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
Frame ID: 74E97070488AF40DDCF828A7E85E830D
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Identifiez-vous avec votre compte

Page URL History Show full URLs

https://notifsclients.blogspot.be/ HTTP 302
https://notifsclients.blogspot.com/ Page URL
https://jtbtigers.com/b1sg6/ HTTP 301
https://parg.co/Uy2v HTTP 301
https://avbc.me/E5sXV3E1 HTTP 302
https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

40 %
IPv6

6
Domains

7
Subdomains

3
IPs

4
Countries

533 kB
Transfer

1603 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://notifsclients.blogspot.be/ HTTP 302
https://notifsclients.blogspot.com/ Page URL
https://jtbtigers.com/b1sg6/ HTTP 301
https://parg.co/Uy2v HTTP 301
https://avbc.me/E5sXV3E1 HTTP 302
https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://notifsclients.blogspot.be/ HTTP 302
https://notifsclients.blogspot.com/

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
notifsclients.blogspot.com/
Redirect Chain

https://notifsclients.blogspot.be/
https://notifsclients.blogspot.com/

71 KB
15 KB

560ms
539ms

Document
text/html

2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://notifsclients.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 15290
content-type: text/html; charset=UTF-8
date: Sat, 30 Dec 2023 15:25:05 GMT
etag: W/"e0b3fb7fc0b7381f87b20068ad78718af23c8bec4cfa331341edb91f5f1ca3e6"
expires: Sat, 30 Dec 2023 15:25:05 GMT
last-modified: Fri, 29 Dec 2023 16:37:10 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 181
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Sat, 30 Dec 2023 15:25:04 GMT
expires: Sat, 30 Dec 2023 15:25:04 GMT
location: https://notifsclients.blogspot.com/
server: GSE
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET &
dythfyujfgjvhnb.blogspot.com/ 0
0

GET
H2

200

Primary Request ologin.php Show response
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/
Redirect Chain

https://jtbtigers.com/b1sg6/
https://parg.co/Uy2v
https://avbc.me/E5sXV3E1
https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

6 KB
2 KB

841ms
446ms

Document
text/html

63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Requested by

Host: notifsclients.blogspot.com
URL: https://notifsclients.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

59df91753adabf784ff238284307d24b2290e41cdb90e9ce3eb57e729bb3f76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://notifsclients.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: no-store, no-cache, must-revalidate, public
content-encoding: gzip
content-length: 1656
content-type: text/html; charset=UTF-8
date: Sat, 30 Dec 2023 15:25:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
date: Sat, 30 Dec 2023 15:25:06 GMT
location: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier#_9a2b0ea5792253c8c
server: Kestrel
strict-transport-security: max-age=2592000

GET
H2 200 bootstrap.min.css
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/css/ 152 KB
23 KB 390ms
388ms Stylesheet
text/css 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/css/bootstrap.min.css

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 83
x-cache: HIT
content-length: 23237
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Feb 2019 00:01:40 GMT
server: nginx
etag: "5c635e64-2606e"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 helpers.css
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/css/ 41 KB
5 KB 393ms
392ms Stylesheet
text/css 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/css/helpers.css

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 83
x-cache: HIT
content-length: 4668
x-xss-protection: 1; mode=block
last-modified: Mon, 26 Nov 2018 16:16:08 GMT
server: nginx
etag: "5bfc1c48-a318"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fonts.css
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/css/ 1 KB
787 B 390ms
389ms Stylesheet
text/css 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/css/fonts.css

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

98b62b715000035bde65a6ada525f27da578202c9996ef4acfd8bcd725a7374c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 83
x-cache: HIT
content-length: 278
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Feb 2020 14:20:24 GMT
server: nginx
etag: "5e382c28-570"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.css
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/css/ 19 KB
4 KB 392ms
391ms Stylesheet
text/css 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/css/main.css

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

597b9b27f841be4c9d0b58eb0438170f95831c48bfc872ee5252cfd2c5801ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 83
x-cache: HIT
content-length: 3747
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Nov 2020 18:37:56 GMT
server: nginx
etag: "5fb6bb84-4a97"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search.png
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/ 601 B
1 KB 394ms
393ms Image
image/png 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/search.png

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

ca446372108422f4ae3830b53a2d6a7982cb44b44a4aa0b92b6b99a0e4c8829f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:23:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 83
x-cache: HIT
content-length: 601
x-xss-protection: 1; mode=block
last-modified: Sun, 24 May 2020 00:15:34 GMT
server: nginx
etag: "5ec9bca6-259"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 question.png
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/ 707 B
1 KB 391ms
390ms Image
image/png 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/question.png

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

7481d73fe7d8c134502e441aacdeb67d764d0657700d5d1ec39b294c3d3ac11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:23:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 83
x-cache: HIT
content-length: 707
x-xss-protection: 1; mode=block
last-modified: Sun, 24 May 2020 00:15:58 GMT
server: nginx
etag: "5ec9bcbe-2c3"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ologo.png
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/ 3 KB
4 KB 573ms
571ms Image
image/png 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/ologo.png

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

b36e8ca10880ffc8a3903cd991589fbbe8aa75cbff6315f475be1ed0e9bda472

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:20:59 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 248
x-cache: HIT
content-length: 3354
x-xss-protection: 1; mode=block
last-modified: Sun, 24 May 2020 00:12:22 GMT
server: nginx
etag: "5ec9bbe6-d1a"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 info.png
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/ 905 B
1 KB 387ms
385ms Image
image/png 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/info.png

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

428e1c3a0b2e69d13ede5f646e59135bda623e06f6a15e3db6be376c20ff5517

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:23:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 83
x-cache: HIT
content-length: 905
x-xss-protection: 1; mode=block
last-modified: Sun, 24 May 2020 00:16:24 GMT
server: nginx
etag: "5ec9bcd8-389"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 question2.png
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/ 751 B
1 KB 575ms
573ms Image
image/png 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/question2.png

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

c06e2e110215159142de4f4f817425f2c1a79e15c657242ffbac72c414e1c7b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:23:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 83
x-cache: HIT
content-length: 751
x-xss-protection: 1; mode=block
last-modified: Sun, 24 May 2020 00:16:58 GMT
server: nginx
etag: "5ec9bcfa-2ef"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 obanner.png
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/ 29 KB
29 KB 764ms
763ms Image
image/png 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/obanner.png

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

8dab2dc2566251e916a476c846ea0ed1ce459d26917a088146765ea6b2bef997

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:23:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 83
x-cache: HIT
content-length: 29367
x-xss-protection: 1; mode=block
last-modified: Sun, 24 May 2020 00:13:18 GMT
server: nginx
etag: "5ec9bc1e-72b7"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 forum.png
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/ 548 B
548 B 1151ms
1150ms Image
text/html 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/forum.png

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:25:08 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
content-type: text/html
content-length: 167

GET
H2 200 search2.png
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/ 1 KB
2 KB 767ms
767ms Image
image/png 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/search2.png

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

cb2ad55f3843070c4d7bae3fd446e789bcc861396ff31f8cbf4be5dc9e953cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:23:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 83
x-cache: HIT
content-length: 1050
x-xss-protection: 1; mode=block
last-modified: Sun, 24 May 2020 00:18:00 GMT
server: nginx
etag: "5ec9bd38-41a"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/js/ 86 KB
31 KB 574ms
572ms Script
application/javascript 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/js/jquery.min.js

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 265
x-cache: HIT
content-length: 30719
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 13:52:54 GMT
server: nginx
etag: "5d78fc36-15851"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 popper.min.js Show response
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/js/ 20 KB
8 KB 577ms
575ms Script
application/javascript 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/js/popper.min.js

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 265
x-cache: HIT
content-length: 7243
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Nov 2018 12:02:46 GMT
server: nginx
etag: "5bfa8f66-4f74"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/js/ 133 KB
25 KB 766ms
764ms Script
application/javascript 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/js/bootstrap.min.js

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:20:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 264
x-cache: HIT
content-length: 25283
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Apr 2020 18:23:26 GMT
server: nginx
etag: "5ea32e9e-21388"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome.min.js Show response
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/js/ 1 MB
379 KB 766ms
764ms Script
application/javascript 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/js/fontawesome.min.js

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 14:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 3078
x-cache: HIT
content-length: 387147
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Nov 2018 15:03:18 GMT
server: nginx
etag: "5bfab9b6-10314e"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.js Show response
serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/js/ 2 KB
1 KB 766ms
765ms Script
application/javascript 63.250.43.144
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/js/main.js

Requested by

Host: serveurclientcommunication-7f9e06.ingress-haven.ewp.live
URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.144 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

affcca477f7e7c1983871bbe51d7a929505affc53a540070a8a90216ac487995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/BFS/ologin.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 15:20:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 250
x-cache: HIT
content-length: 518
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Nov 2020 12:33:40 GMT
server: nginx
etag: "5fb66624-71f"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dythfyujfgjvhnb.blogspot.com
URL: https://dythfyujfgjvhnb.blogspot.com/&

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Orange (Telecommunication)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			serveurclientcommunication-7f9e06.ingress-haven.ewp.live/	1969-12-31 23:59:59	Name: PHPSESSID Value: ohafjpudk7m4iva7icq0ih63ck

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://serveurclientcommunication-7f9e06.ingress-haven.ewp.live/cz/assets/images/forum.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avbc.me
dythfyujfgjvhnb.blogspot.com
jtbtigers.com
notifsclients.blogspot.be
notifsclients.blogspot.com
parg.co
serveurclientcommunication-7f9e06.ingress-haven.ewp.live
dythfyujfgjvhnb.blogspot.com
178.238.224.248
2804:10:8022::218:52
2a00:1450:4001:829::2001
63.250.43.144
91.215.219.133
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58
428e1c3a0b2e69d13ede5f646e59135bda623e06f6a15e3db6be376c20ff5517
597b9b27f841be4c9d0b58eb0438170f95831c48bfc872ee5252cfd2c5801ed5
59df91753adabf784ff238284307d24b2290e41cdb90e9ce3eb57e729bb3f76d
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
7481d73fe7d8c134502e441aacdeb67d764d0657700d5d1ec39b294c3d3ac11a
8dab2dc2566251e916a476c846ea0ed1ce459d26917a088146765ea6b2bef997
98b62b715000035bde65a6ada525f27da578202c9996ef4acfd8bcd725a7374c
affcca477f7e7c1983871bbe51d7a929505affc53a540070a8a90216ac487995
b36e8ca10880ffc8a3903cd991589fbbe8aa75cbff6315f475be1ed0e9bda472
c06e2e110215159142de4f4f817425f2c1a79e15c657242ffbac72c414e1c7b9
ca446372108422f4ae3830b53a2d6a7982cb44b44a4aa0b92b6b99a0e4c8829f
cb2ad55f3843070c4d7bae3fd446e789bcc861396ff31f8cbf4be5dc9e953cde
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765

serveurclientcommunication-7f9e06.ingress-haven.ewp.live Open in urlscan Pro 63.250.43.144 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

95 %HTTPS

40 %IPv6

6 Domains

7 Subdomains

3 IPs

4 Countries

533 kBTransfer

1603 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

serveurclientcommunication-7f9e06.ingress-haven.ewp.live Open in urlscan Pro
63.250.43.144 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

40 %
IPv6

6
Domains

7
Subdomains

3
IPs

4
Countries

533 kB
Transfer

1603 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!