impotsgovfrance.gearhostpreview.com

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 204.246.56.80, located in United States and belongs to GEARHOST, US. The main domain is impotsgovfrance.gearhostpreview.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 29th 2024. Valid for: a year.

This is the only time impotsgovfrance.gearhostpreview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	204.246.56.80 204.246.56.80	40728 (GEARHOST) (GEARHOST)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
7	3

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ln.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 204.246.56.80 (United States) 1 redirects

ASN40728 (GEARHOST, US)

impotsgovfrance.gearhostpreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	gearhostpreview.com 1 redirects impotsgovfrance.gearhostpreview.com	66 KB
1	gstatic.com fonts.gstatic.com	18 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	ln.run 1 redirects ln.run — Cisco Umbrella Rank: 186552	791 B
7	4

	Domain	Requested by
6	impotsgovfrance.gearhostpreview.com	1 redirects impotsgovfrance.gearhostpreview.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	impotsgovfrance.gearhostpreview.com
1	ln.run	1 redirects
7	4

This site contains no links.

Subject Issuer	Validity	Valid
gear.host Sectigo RSA Domain Validation Secure Server CA	`2024-05-29` - `2025-06-28`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/index.php?FGDD=1
Frame ID: AD885E32E5915D228FA0040F9671B196
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Impots : Formulaire de remboursement

Page URL History Show full URLs

https://ln.run/RMLRS HTTP 301
http://impotsgovfrance.gearhostpreview.com/impots/ HTTP 307
https://impotsgovfrance.gearhostpreview.com/impots/ HTTP 302
https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/index.php?FGDD=1 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

7
Requests

29 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

86 kB
Transfer

199 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ln.run/RMLRS HTTP 301
http://impotsgovfrance.gearhostpreview.com/impots/ HTTP 307
https://impotsgovfrance.gearhostpreview.com/impots/ HTTP 302
https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/index.php?FGDD=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.php Show response
impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/
Redirect Chain

https://ln.run/RMLRS
http://impotsgovfrance.gearhostpreview.com/impots/
https://impotsgovfrance.gearhostpreview.com/impots/
https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/index.php?FGDD=1

2 KB
2 KB

148ms
147ms

Document
text/html

204.246.56.80
GEARHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/index.php?FGDD=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 204.246.56.80 , United States, ASN40728 (GEARHOST, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / PHP/5.6.38 ASP.NET
Resource Hash: b06c4452bf0085cd5f2592be7949a5c00624b1a0d1448b5b963617abafd091c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Length: 1379
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Nov 2024 10:31:53 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.38 ASP.NET

Redirect headers

Content-Length: 192
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Nov 2024 10:31:53 GMT
Location: ./IMPODSYSJGJDHKH/index.php?FGDD=1#HDHKJDJDSSJDSJKJDSJDSDJJDSHYKJHGFG
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/5.6.38 ASP.NET

GET
H/1.1 200
OK style_v2.css
impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/X911/ 138 KB
28 KB 419ms
418ms Stylesheet
text/css 204.246.56.80
GEARHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/X911/style_v2.css
Requested by: Host: impotsgovfrance.gearhostpreview.com
URL: https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/index.php?FGDD=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 204.246.56.80 , United States, ASN40728 (GEARHOST, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3cbdcfeda6f0d4147be871cc0da2bbcd9537d96223d1f93c43a6e434532b8b4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/index.php?FGDD=1

Response headers

Content-Encoding: gzip
ETag: "3bed79825630db1:0"
Accept-Ranges: bytes
Content-Length: 28386
Date: Thu, 07 Nov 2024 10:31:54 GMT
Content-Type: text/css
Last-Modified: Wed, 06 Nov 2024 14:16:45 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

GET
H/1.1 200
OK logo.svg
impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/X911/ 16 KB
16 KB 400ms
141ms Image
image/svg+xml 204.246.56.80
GEARHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/X911/logo.svg
Requested by: Host: impotsgovfrance.gearhostpreview.com
URL: https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/index.php?FGDD=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 204.246.56.80 , United States, ASN40728 (GEARHOST, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0f733fc60e923d74618c250e5446c9c59b0992b8e213b433bb743ad789135e8c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/index.php?FGDD=1

Response headers

ETag: "2bbf07d5630db1:0"
Accept-Ranges: bytes
Content-Length: 16408
Date: Thu, 07 Nov 2024 10:31:54 GMT
Content-Type: image/svg+xml
Last-Modified: Wed, 06 Nov 2024 14:16:37 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

GET
H/1.1 200
OK lgn.png
impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/X911/ 17 KB
17 KB 402ms
144ms Image
image/png 204.246.56.80
GEARHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/X911/lgn.png
Requested by: Host: impotsgovfrance.gearhostpreview.com
URL: https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/index.php?FGDD=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 204.246.56.80 , United States, ASN40728 (GEARHOST, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 030c4a2a540fec3b9f729588392bb75dee9e22c03bb2300db1a86fdf3b7615b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/index.php?FGDD=1

Response headers

ETag: "c1c45d7c5630db1:0"
Accept-Ranges: bytes
Content-Length: 17093
Date: Thu, 07 Nov 2024 10:31:54 GMT
Content-Type: image/png
Last-Modified: Wed, 06 Nov 2024 14:16:34 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 219ms
66ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&subset=latin-ext

Requested by

Host: impotsgovfrance.gearhostpreview.com
URL: https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/X911/style_v2.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5780dcb011235f74ebd060a2e1d7e214e3bd12e13982bf4bd7fbe052d3d55f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://impotsgovfrance.gearhostpreview.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 07 Nov 2024 10:31:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 10:31:56 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 07 Nov 2024 09:19:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 134ms
41ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&subset=latin-ext

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://impotsgovfrance.gearhostpreview.com
Referer: https://fonts.googleapis.com/

Response headers

age: 204177
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 01:48:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:48:59 GMT
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18668
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK favicon.ico
impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/X911/ 2 KB
2 KB 152ms
152ms Other
image/x-icon 204.246.56.80
GEARHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/X911/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 204.246.56.80 , United States, ASN40728 (GEARHOST, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dd57f113a2eaa7ba3e6b1c507d22910ecd42437f9fef9577cfb8f4719cde59aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://impotsgovfrance.gearhostpreview.com/impots/IMPODSYSJGJDHKH/index.php?FGDD=1

Response headers

ETag: "89fa177a5630db1:0"
Accept-Ranges: bytes
Content-Length: 2238
Date: Thu, 07 Nov 2024 10:31:55 GMT
Content-Type: image/x-icon
Last-Modified: Wed, 06 Nov 2024 14:16:31 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.impotsgovfrance.gearhostpreview.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 7a7fa58ba99db771fa45aa04d5ae0977ba781a62fa99989737ad18226f5505d6
			impotsgovfrance.gearhostpreview.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: erf3s4gegqlkfjist407ukt184

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
impotsgovfrance.gearhostpreview.com
ln.run
142.250.185.227
188.114.96.3
204.246.56.80
2a00:1450:4001:802::200a
030c4a2a540fec3b9f729588392bb75dee9e22c03bb2300db1a86fdf3b7615b9
0f733fc60e923d74618c250e5446c9c59b0992b8e213b433bb743ad789135e8c
3cbdcfeda6f0d4147be871cc0da2bbcd9537d96223d1f93c43a6e434532b8b4a
5780dcb011235f74ebd060a2e1d7e214e3bd12e13982bf4bd7fbe052d3d55f63
b06c4452bf0085cd5f2592be7949a5c00624b1a0d1448b5b963617abafd091c3
dd57f113a2eaa7ba3e6b1c507d22910ecd42437f9fef9577cfb8f4719cde59aa
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

impotsgovfrance.gearhostpreview.com Open in urlscan Pro 204.246.56.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

29 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

86 kBTransfer

199 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

impotsgovfrance.gearhostpreview.com Open in urlscan Pro
204.246.56.80 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

29 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

86 kB
Transfer

199 kB
Size

2
Cookies

7 HTTP transactions
0 data transactions