welcome.horoquartz-security.com Open in urlscan Pro
63.35.51.142  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response welcome.horoquartz-security.com/	4 KB 2 KB	504ms 246ms	Document text/html	63.35.51.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.horoquartz-security.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 63.35.51.142 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-35-51-142.eu-west-1.compute.amazonaws.com Software / Resource Hash 0c2757df90b5c5206b8b5e8848dc879e9e23cab170ac1add4f9ad47897035277 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 0 content-encoding gzip content-length 1933 content-type text/html date Sun, 01 Sep 2024 15:27:31 GMT vary x-wf-forwarded-proto, Accept-Encoding x-cache MISS x-cache-hits 0 x-cluster-name eu-west-1-prod-hosting-red x-lambda-id 4e015777-dad3-4907-b655-46c82bc8534a x-served-by cache-dub4360-DUB x-timer S1725204451.369349,VS0,VE212
GET H3	200	horoquartz.webflow.2faf7c837.css cdn.prod.website-files.com/646356c3ccc611d03cf060d4/css/	120 KB 20 KB	228ms 139ms	Stylesheet text/css	172.64.153.29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/646356c3ccc611d03cf060d4/css/horoquartz.webflow.2faf7c837.css Requested by Host: welcome.horoquartz-security.com URL: https://welcome.horoquartz-security.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb921030c35e87b5f879a149c565962fd33ae9da84a5384ccf4ef908ac30a9d6 Request headers Referer https://welcome.horoquartz-security.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 15:27:31 GMT content-encoding gzip x-amz-version-id 2nQRzGA0CsgZMX3mjuQMQ.0WYHmFYbvu cf-cache-status HIT x-amz-request-id SCE79QZXD9C30YQN x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 20488 x-amz-id-2 vYrwxVVx39mFIn7T3ln8Dank0Yg30rzZhmKozQs+qV53r5mVcdUp2kCFXdFOM6QlfuDiv5Mf06TZ7CUrFnIa17D9PyaiBXA9ECL5CvgxFPM= last-modified Mon, 24 Jun 2024 07:58:57 GMT server cloudflare etag "16e23bf4cdceecdd4f786e2912a04114" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000, immutable accept-ranges bytes cf-ray 8bc648f00e44911f-FRA
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 30 KB	126ms 23ms	Script application/javascript	52.222.232.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=646356c3ccc611d03cf060d4 Requested by Host: welcome.horoquartz-security.com URL: https://welcome.horoquartz-security.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.232.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-232-47.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://welcome.horoquartz-security.com/ Origin https://welcome.horoquartz-security.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 13:13:48 GMT content-encoding br via 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront) age 8024 x-amz-cf-pop FRA56-P4 x-cache Hit from cloudfront last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate vary Accept-Encoding x-amz-cf-id ISe5nSwchQrsvqx9bLUBLvPnNuUBWIuve-wi0ROhE71UCo84x5rjpg==
GET H3	200	webflow.bc0b0f573.js Show response cdn.prod.website-files.com/646356c3ccc611d03cf060d4/js/	302 KB 75 KB	243ms 155ms	Script text/javascript	172.64.153.29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/646356c3ccc611d03cf060d4/js/webflow.bc0b0f573.js Requested by Host: welcome.horoquartz-security.com URL: https://welcome.horoquartz-security.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f73a73fda1274eb74674f52aa1c671e434e1487e526057a3ef022aac1e0cc84 Request headers Referer https://welcome.horoquartz-security.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 15:27:31 GMT content-encoding gzip x-amz-version-id VHcflq97YEpK7nKP5Uq6vinCtIjfiwnH cf-cache-status HIT x-amz-request-id EENGM1FNQG01BXPF x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 76189 x-amz-id-2 CIWAkNnwAh6oB1LgrLkuhZlohhO0+FjnuxXhjFw6/1s2TLN8d2cO1FX/JumWSiKschpcT5Wt4Yk= last-modified Mon, 24 Jun 2024 07:58:57 GMT server cloudflare etag "eeedac3098ae757eaf8d2b660240d248" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable accept-ranges bytes cf-ray 8bc648f00e47911f-FRA
GET H2	200	keep-utm-new.js Show response www.api.anode-preprod.com/anode/assets/webflow/js/	3 KB 961 B	182ms 38ms	Script application/javascript	109.234.164.222 O2SWITCH
General Check archive.org Show headers Download Go to Full URL https://www.api.anode-preprod.com/anode/assets/webflow/js/keep-utm-new.js Requested by Host: welcome.horoquartz-security.com URL: https://welcome.horoquartz-security.com/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 109.234.164.222 Levallois-Perret, France, ASN50474 (O2SWITCH, FR), Reverse DNS 109-234-164-222.reverse.odns.fr Software o2switch-PowerBoost-v3 / Resource Hash 320e842d91fc4282753e28cdb53672715a707106d16556f8c2595cf8fbc81b31 Request headers Referer https://welcome.horoquartz-security.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 15:27:31 GMT content-encoding br last-modified Thu, 08 Feb 2024 09:02:01 GMT server o2switch-PowerBoost-v3 vary Accept-Encoding content-type application/javascript
GET H2	200	8e999508-588f-4547-8b50-a463f1954eea.js Show response horoquartz-security.containers.piwik.pro/	287 KB 73 KB	80ms 24ms	Script application/javascript	2603:1020:c01:4::4 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://horoquartz-security.containers.piwik.pro/8e999508-588f-4547-8b50-a463f1954eea.js Requested by Host: welcome.horoquartz-security.com URL: https://welcome.horoquartz-security.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2603:1020:c01:4::4 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 34e70c8a62059d123c2bf5b024f94891cc9fbd431be203b0f5553ae7280e74b4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer https://welcome.horoquartz-security.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 15:27:32 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 referrer-policy origin etag W/"9564411dcab094bc-95ab3973191dc624" vary Accept-Encoding, Cookie x-frame-options sameorigin content-type application/javascript; charset=utf-8 cache-control public, must-revalidate x-robots-tag none x-cached MISS
GET H2	200	privacy-templates.json Show response horoquartz-security.containers.piwik.pro/8e999508-588f-4547-8b50-a463f1954eea/	372 KB 55 KB	35ms 19ms	XHR application/json	2603:1020:c01:4::4 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://horoquartz-security.containers.piwik.pro/8e999508-588f-4547-8b50-a463f1954eea/privacy-templates.json Requested by Host: horoquartz-security.containers.piwik.pro URL: https://horoquartz-security.containers.piwik.pro/8e999508-588f-4547-8b50-a463f1954eea.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2603:1020:c01:4::4 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 60a0a82d46e17700a55419dce4a1eec3437fb2392cd3b8d7af5884f7552a8705 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer https://welcome.horoquartz-security.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 15:27:32 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 referrer-policy origin etag W/"58d903a0c870d3b7" x-frame-options sameorigin content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, must-revalidate x-robots-tag none x-cached MISS
GET H2	200	ppms.js Show response horoquartz-security.containers.piwik.pro/	60 KB 24 KB	23ms 23ms	Script application/javascript	2603:1020:c01:4::4 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://horoquartz-security.containers.piwik.pro/ppms.js Requested by Host: welcome.horoquartz-security.com URL: https://welcome.horoquartz-security.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2603:1020:c01:4::4 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a3ce81ba84fe1bc8bb2272cb2e469c701d421df8f14dfc5d4d9d88f359b8d5dd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer https://welcome.horoquartz-security.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 15:27:32 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 last-modified Tue, 06 Aug 2024 09:24:24 GMT referrer-policy origin etag W/"66b1ebc8-f138" vary Accept-Encoding x-frame-options sameorigin content-type application/javascript cache-control max-age=21600 expires Sun, 01 Sep 2024 21:27:32 GMT
POST H2	202	ppms.php horoquartz-security.piwik.pro/	0 0	98ms 20ms	Ping text/html	2603:1020:c01:4::4 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://horoquartz-security.piwik.pro/ppms.php Requested by Host: horoquartz-security.containers.piwik.pro URL: https://horoquartz-security.containers.piwik.pro/ppms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2603:1020:c01:4::4 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://welcome.horoquartz-security.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers
GET H3	200	6464e4dd02789b51e0dab93d_Frame%2027053.png cdn.prod.website-files.com/646356c3ccc611d03cf060d4/	231 B 604 B	222ms 222ms	Other image/png	172.64.153.29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/646356c3ccc611d03cf060d4/6464e4dd02789b51e0dab93d_Frame%2027053.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e432e78db305220efa2a2f3855f0256dfd3a82c3c85db5dd791179020b25a159 Request headers Referer https://welcome.horoquartz-security.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 15:27:32 GMT x-amz-version-id WhjcnCbf.9b.IdznjqDkEI9lazBC87BX cf-cache-status MISS x-amz-request-id HEFZY6RH2RZ0X7QD x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 231 x-amz-id-2 FtHQp4YepJ/rAsOwNs3jtPBMZxAd9Q0n/H6FBU00ZvVP3E9Cx8v40JxOKVxcCWmECp6FooH1ePY= last-modified Wed, 17 May 2023 14:29:50 GMT server cloudflare etag "2af1d9cebf8ec8bdbf8c475c5598670b" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes cf-ray 8bc648f3e94e911f-FRA
POST H2	202	ppms.php horoquartz-security.piwik.pro/	0 0	19ms 16ms	Ping text/html	2603:1020:c01:4::4 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://horoquartz-security.piwik.pro/ppms.php Requested by Host: horoquartz-security.containers.piwik.pro URL: https://horoquartz-security.containers.piwik.pro/ppms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2603:1020:c01:4::4 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://welcome.horoquartz-security.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| tram object| Webflow string| current_url object| dataLayer object| ppms object| company object| url object| email object| phone object| address object| siret object| responsable object| sevenTag object| wgxpath object| _paq function| gtag object| Piwik object| AnalyticsTracker function| piwik_log

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.horoquartz-security.com/	1970-01-21 07:59:00	Name: ppms_privacy_8e999508-588f-4547-8b50-a463f1954eea Value: {%22visitorId%22:%22e1c00931-9d51-4714-85b9-f053d6a3755a%22%2C%22domain%22:{%22normalized%22:%22horoquartz-security.com%22%2C%22isWildcard%22:true%2C%22pattern%22:%22*.horoquartz-security.com%22}%2C%22consents%22:{%22remarketing%22:{%22status%22:-1}%2C%22analytics%22:{%22status%22:-1}%2C%22conversion_tracking%22:{%22status%22:-1}}%2C%22staleCheckpoint%22:%222024-09-01T15:27:32.310Z%22}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.prod.website-files.com
d3e54v103j8qbb.cloudfront.net
horoquartz-security.containers.piwik.pro
horoquartz-security.piwik.pro
welcome.horoquartz-security.com
www.api.anode-preprod.com
109.234.164.222
172.64.153.29
2603:1020:c01:4::4
52.222.232.47
63.35.51.142
0c2757df90b5c5206b8b5e8848dc879e9e23cab170ac1add4f9ad47897035277
0f73a73fda1274eb74674f52aa1c671e434e1487e526057a3ef022aac1e0cc84
320e842d91fc4282753e28cdb53672715a707106d16556f8c2595cf8fbc81b31
34e70c8a62059d123c2bf5b024f94891cc9fbd431be203b0f5553ae7280e74b4
60a0a82d46e17700a55419dce4a1eec3437fb2392cd3b8d7af5884f7552a8705
a3ce81ba84fe1bc8bb2272cb2e469c701d421df8f14dfc5d4d9d88f359b8d5dd
bb921030c35e87b5f879a149c565962fd33ae9da84a5384ccf4ef908ac30a9d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e432e78db305220efa2a2f3855f0256dfd3a82c3c85db5dd791179020b25a159
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d