URL: https://bouygues-cyber-attaque.preprod.sh/
Submission: On July 06 via api from US — Scanned from FR

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 51.255.66.201, located in France and belongs to OVH, FR. The main domain is bouygues-cyber-attaque.preprod.sh.
TLS certificate: Issued by R10 on June 15th 2024. Valid for: 3 months.
This is the only time bouygues-cyber-attaque.preprod.sh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 51.255.66.201 16276 (OVH)
1 212.194.120.170 5410 (BOUYGTEL-ISP)
1 52.222.236.67 16509 (AMAZON-02)
2 2600:9000:26e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.227.39.132 14618 (AMAZON-AES)
1 40.66.33.45 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
22 9
Apex Domain
Subdomains
Transfer
14 preprod.sh
bouygues-cyber-attaque.preprod.sh
764 KB
2 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 3934
98 KB
2 userback.io
static.userback.io — Cisco Umbrella Rank: 74067
api.userback.io — Cisco Umbrella Rank: 63455
167 KB
2 bouygues-immobilier.com
les-offres.bouygues-immobilier.com
www.bouygues-immobilier.com
74 KB
1 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 739
301 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 85
103 KB
22 6
Domain Requested by
14 bouygues-cyber-attaque.preprod.sh bouygues-cyber-attaque.preprod.sh
2 sdk.privacy-center.org bouygues-cyber-attaque.preprod.sh
sdk.privacy-center.org
1 ssl.google-analytics.com www.bouygues-immobilier.com
1 www.bouygues-immobilier.com www.googletagmanager.com
1 api.userback.io static.userback.io
1 www.googletagmanager.com bouygues-cyber-attaque.preprod.sh
1 static.userback.io bouygues-cyber-attaque.preprod.sh
1 les-offres.bouygues-immobilier.com bouygues-cyber-attaque.preprod.sh
22 8

This site contains links to these domains. Also see Links.

Domain
www.bouygues-immobilier.com
Subject Issuer Validity Valid
bouygues-cyber-attaque.preprod.sh
R10
2024-06-15 -
2024-09-13
3 months crt.sh
les-offres.bouygues-immobilier.com
Sectigo RSA Organization Validation Secure Server CA
2023-11-21 -
2024-11-20
a year crt.sh
*.userback.io
Amazon RSA 2048 M02
2023-08-24 -
2024-09-20
a year crt.sh
*.privacy-center.org
Amazon RSA 2048 M03
2024-03-10 -
2025-04-07
a year crt.sh
*.google-analytics.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
www.bouygues-immobilier.com
Sectigo RSA Organization Validation Secure Server CA
2024-06-18 -
2025-06-18
a year crt.sh

This page contains 1 frames:

Primary Page: https://bouygues-cyber-attaque.preprod.sh/
Frame ID: 900548202FD35A2B4774C02CBB226A10
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

immobilier-neuf

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

22
Requests

100 %
HTTPS

38 %
IPv6

6
Domains

8
Subdomains

9
IPs

3
Countries

1206 kB
Transfer

2199 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bouygues-cyber-attaque.preprod.sh/
15 KB
5 KB
Document
General
Full URL
https://bouygues-cyber-attaque.preprod.sh/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.255.66.201 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3027008.ip-51-255-66.eu
Software
nginx/1.17.9 / PHP/7.4.13
Resource Hash
c5f76ec165cccfb44a349de41b4588cbe3581a366b288201f48ae13ae3765eab

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
cache-control
max-age=3600, public
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 06 Jul 2024 13:22:39 GMT
server
nginx/1.17.9
x-content-digest
enc5f76ec165cccfb44a349de41b4588cbe3581a366b288201f48ae13ae3765eab
x-powered-by
PHP/7.4.13
x-robots-tag
noindex, follow
468.341f417e.css
bouygues-cyber-attaque.preprod.sh/build/
30 KB
31 KB
Stylesheet
General
Full URL
https://bouygues-cyber-attaque.preprod.sh/build/468.341f417e.css
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.255.66.201 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3027008.ip-51-255-66.eu
Software
nginx/1.17.9 /
Resource Hash
c5561b40e53c0af58195d1563e83d3dd6e54863a03a8c0a62f29d6386a7e946a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:39 GMT
last-modified
Mon, 13 Nov 2023 08:46:34 GMT
server
nginx/1.17.9
etag
"6551e26a-791a"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex, follow
content-length
31002
app.8b62b256.css
bouygues-cyber-attaque.preprod.sh/build/
380 KB
381 KB
Stylesheet
General
Full URL
https://bouygues-cyber-attaque.preprod.sh/build/app.8b62b256.css
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.255.66.201 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3027008.ip-51-255-66.eu
Software
nginx/1.17.9 /
Resource Hash
d9039ea0c187b9a9bf9fdca0e6ad5d8ec9228e4043161007f9ec5b7fbfadb07b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:39 GMT
last-modified
Mon, 13 Nov 2023 08:46:34 GMT
server
nginx/1.17.9
etag
"6551e26a-5ee91"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex, follow
content-length
388753
bi_logo_LANDING_principal_rvb_274x102.png
les-offres.bouygues-immobilier.com/sites/default/files/
5 KB
6 KB
Image
General
Full URL
https://les-offres.bouygues-immobilier.com/sites/default/files/bi_logo_LANDING_principal_rvb_274x102.png
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.194.120.170 Paris, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
static-dcd-cqq-120170.business.bouyguestelecom.com
Software
/
Resource Hash
b64d83c67f1c7a8f695ef697075eec97a86097e850e109b3e0a154251ddce7ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.bouygues-immobilier.com https://www.bouygues-immobilier-corporate.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.bouygues-immobilier.com

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 12:52:26 GMT
Content-Security-Policy
frame-ancestors https://*.bouygues-immobilier.com https://www.bouygues-immobilier-corporate.com
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Cacheable
YES
age
0
X-Cache
31834
X-Varnish-TTL
31536000.000
Connection
keep-alive
Content-Length
5373
Last-Modified
Thu, 05 Jan 2023 13:18:38 GMT
ETag
"14fd-5f184238d6780"
X-Frame-Options
ALLOW-FROM https://www.bouygues-immobilier.com
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Expires
Sun, 06 Jul 2025 13:22:39 GMT
runtime.c793f42a.js
bouygues-cyber-attaque.preprod.sh/build/
1 KB
2 KB
Script
General
Full URL
https://bouygues-cyber-attaque.preprod.sh/build/runtime.c793f42a.js
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.255.66.201 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3027008.ip-51-255-66.eu
Software
nginx/1.17.9 /
Resource Hash
e3fe4e5b242c32b84e1e522851b85b512ad845ccb1b62bc317e5d19a88eedac3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:39 GMT
last-modified
Mon, 13 Nov 2023 08:46:34 GMT
server
nginx/1.17.9
etag
"6551e26a-55c"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, follow
content-length
1372
716.9781178e.js
bouygues-cyber-attaque.preprod.sh/build/
19 KB
19 KB
Script
General
Full URL
https://bouygues-cyber-attaque.preprod.sh/build/716.9781178e.js
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.255.66.201 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3027008.ip-51-255-66.eu
Software
nginx/1.17.9 /
Resource Hash
8d24d8d6d7ba9fac21d400b34bc23429b3797f31adac5f05aa0597fc5b4b5753

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:39 GMT
last-modified
Mon, 13 Nov 2023 08:46:34 GMT
server
nginx/1.17.9
etag
"6551e26a-4c3b"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, follow
content-length
19515
649.a92649e0.js
bouygues-cyber-attaque.preprod.sh/build/
6 KB
6 KB
Script
General
Full URL
https://bouygues-cyber-attaque.preprod.sh/build/649.a92649e0.js
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.255.66.201 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3027008.ip-51-255-66.eu
Software
nginx/1.17.9 /
Resource Hash
dfe9b95040b78b89800851448cfe09cb58f7c62746fb8180da3a5ac56b642352

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:39 GMT
last-modified
Mon, 13 Nov 2023 08:46:34 GMT
server
nginx/1.17.9
etag
"6551e26a-1834"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, follow
content-length
6196
677.4c68d0c7.js
bouygues-cyber-attaque.preprod.sh/build/
86 KB
86 KB
Script
General
Full URL
https://bouygues-cyber-attaque.preprod.sh/build/677.4c68d0c7.js
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.255.66.201 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3027008.ip-51-255-66.eu
Software
nginx/1.17.9 /
Resource Hash
5dc67cd53b9e36796350b3c6320ebb591ac2a8121a17a61a1f76039dbe6e4a09

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:39 GMT
last-modified
Mon, 13 Nov 2023 08:46:34 GMT
server
nginx/1.17.9
etag
"6551e26a-15660"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, follow
content-length
87648
468.cda2881a.js
bouygues-cyber-attaque.preprod.sh/build/
140 KB
141 KB
Script
General
Full URL
https://bouygues-cyber-attaque.preprod.sh/build/468.cda2881a.js
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.255.66.201 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3027008.ip-51-255-66.eu
Software
nginx/1.17.9 /
Resource Hash
8c379029d831ec3213945ea8d38caa6e1728ce9c14b272263c9a0ce4dfdd0fde

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:39 GMT
last-modified
Mon, 13 Nov 2023 08:46:34 GMT
server
nginx/1.17.9
etag
"6551e26a-231ed"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, follow
content-length
143853
app.b754066b.js
bouygues-cyber-attaque.preprod.sh/build/
38 KB
38 KB
Script
General
Full URL
https://bouygues-cyber-attaque.preprod.sh/build/app.b754066b.js
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.255.66.201 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3027008.ip-51-255-66.eu
Software
nginx/1.17.9 /
Resource Hash
d68a6b224780b567af72923d5abd2d8c7c92b099b96a8a2f3df3f8a57d403ce6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:39 GMT
last-modified
Mon, 13 Nov 2023 08:46:34 GMT
server
nginx/1.17.9
etag
"6551e26a-9839"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, follow
content-length
38969
filter.a60f7d22.js
bouygues-cyber-attaque.preprod.sh/build/home/
426 B
604 B
Script
General
Full URL
https://bouygues-cyber-attaque.preprod.sh/build/home/filter.a60f7d22.js
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.255.66.201 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3027008.ip-51-255-66.eu
Software
nginx/1.17.9 /
Resource Hash
ff26110aaecba66160fcfbc3eb0acf47eff76af79d229d7808691a77552051c8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:39 GMT
last-modified
Mon, 13 Nov 2023 08:46:34 GMT
server
nginx/1.17.9
etag
"6551e26a-1aa"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, follow
content-length
426
v1.js
static.userback.io/widget/
564 KB
166 KB
Script
General
Full URL
https://static.userback.io/widget/v1.js
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-67.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b99b4e6ede5350d66bae8d85f78f2e4efaefbe1d7c4328c2621d5e3a7bcc7fcc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Jm8GS7AbKObcTQ1h1Vj1dOcFOzfuhHKW
content-encoding
gzip
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
date
Sat, 06 Jul 2024 03:21:58 GMT
last-modified
Wed, 03 Jul 2024 03:21:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
36043
x-amz-server-side-encryption
AES256
etag
W/"76e527c154e11459549e3b928aa72384"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
vcz8Ee8gR0Jf2HDpF37952Q9-hKPZ7n2ZEUMxQAa39ItR6Aph28d6g==
icon-phone-header.af1be5d3.svg
bouygues-cyber-attaque.preprod.sh/build/images/
1 KB
1 KB
Image
General
Full URL
https://bouygues-cyber-attaque.preprod.sh/build/images/icon-phone-header.af1be5d3.svg
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/build/app.8b62b256.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.255.66.201 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3027008.ip-51-255-66.eu
Software
nginx/1.17.9 /
Resource Hash
59a48286e63e323c9f2fd7b726b8f409827f54c7dd1009adcc46d5f6136b229b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/build/app.8b62b256.css
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:39 GMT
last-modified
Mon, 13 Nov 2023 08:46:34 GMT
server
nginx/1.17.9
etag
"6551e26a-40b"
content-type
image/svg+xml
accept-ranges
bytes
x-robots-tag
noindex, follow
content-length
1035
karbon-semibold.8d33f4f6.woff2
bouygues-cyber-attaque.preprod.sh/build/fonts/
24 KB
24 KB
Font
General
Full URL
https://bouygues-cyber-attaque.preprod.sh/build/fonts/karbon-semibold.8d33f4f6.woff2
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/build/app.8b62b256.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.255.66.201 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3027008.ip-51-255-66.eu
Software
nginx/1.17.9 /
Resource Hash
6c57afd226e47104e5afe6095941b8e016a2466f4f198689d8f6da046ab426b6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/build/app.8b62b256.css
Origin
https://bouygues-cyber-attaque.preprod.sh
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:39 GMT
last-modified
Mon, 13 Nov 2023 08:46:34 GMT
server
nginx/1.17.9
etag
"6551e26a-5f2c"
content-type
application/octet-stream
accept-ranges
bytes
x-robots-tag
noindex, follow
content-length
24364
karbon-regular.c05bc119.woff2
bouygues-cyber-attaque.preprod.sh/build/fonts/
22 KB
22 KB
Font
General
Full URL
https://bouygues-cyber-attaque.preprod.sh/build/fonts/karbon-regular.c05bc119.woff2
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/build/app.8b62b256.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.255.66.201 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3027008.ip-51-255-66.eu
Software
nginx/1.17.9 /
Resource Hash
1c55bfe89db5eeb8580da9630c193a99c8eef204d25608a2de948f12e34ab50e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/build/app.8b62b256.css
Origin
https://bouygues-cyber-attaque.preprod.sh
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:39 GMT
last-modified
Mon, 13 Nov 2023 08:46:34 GMT
server
nginx/1.17.9
etag
"6551e26a-5734"
content-type
application/octet-stream
accept-ranges
bytes
x-robots-tag
noindex, follow
content-length
22324
loader.js
sdk.privacy-center.org/a1bc868d-2500-4727-9b46-53e0f65c3bef/
2 KB
1 KB
Script
General
Full URL
https://sdk.privacy-center.org/a1bc868d-2500-4727-9b46-53e0f65c3bef/loader.js?target=bouygues-cyber-attaque.preprod.sh
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:e00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
48e4efda2f76bd51fe067a5ffd3899c47993a78d6bf6709db5eeb26f1f9d67e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:39 GMT
x-didomi-configs-version
110
content-encoding
br
via
1.1 0c32b42e3b5070fcbe6b5b320d0621b2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-amzn-requestid
da12410d-7900-4161-9392-05be762289db
etag
W/"4a0f4008328dc92fe2145035d753e238"
vary
Accept-Encoding
x-amzn-trace-id
root=1-6689451f-4d8922c37b570f68643c1069;parent=4fd5856848972e57;sampled=0;lineage=eaae1266:0
content-type
application/javascript; charset=utf-8
x-cache
Miss from cloudfront
cache-control
max-age=60, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
mrqunml5vOSFU2JL_gLdzhwzF5z5v6DCstRlds1xHs2gOtPP6YKMmQ==
gtm.js
www.googletagmanager.com/
304 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVNVLCC
Requested by
Host: bouygues-cyber-attaque.preprod.sh
URL: https://bouygues-cyber-attaque.preprod.sh/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eed78672ad20c6a1914cbbc5d1c1e0e424dd9e04949713dcd74f5414f09b2bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104926
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 13:22:39 GMT
/
api.userback.io/
5 B
526 B
XHR
General
Full URL
https://api.userback.io/?jsSnippetLoad
Requested by
Host: static.userback.io
URL: https://static.userback.io/widget/v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.39.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-39-132.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://bouygues-cyber-attaque.preprod.sh/
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 13:22:39 GMT
server
nginx/1.24.0
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-length
5
expires
Thu, 19 Nov 1981 08:52:00 GMT
sdk.1abe9b26d01ff658b887f6ede160abb2dbd780ca.js
sdk.privacy-center.org/sdk/1abe9b26d01ff658b887f6ede160abb2dbd780ca/modern/
345 KB
97 KB
Script
General
Full URL
https://sdk.privacy-center.org/sdk/1abe9b26d01ff658b887f6ede160abb2dbd780ca/modern/sdk.1abe9b26d01ff658b887f6ede160abb2dbd780ca.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/a1bc868d-2500-4727-9b46-53e0f65c3bef/loader.js?target=bouygues-cyber-attaque.preprod.sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:e00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6771c2886cd045294ae79b30a0ffea414ca345c8b2bb1ff2050eb417fd858d3e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:01:45 GMT
content-encoding
gzip
via
1.1 0c32b42e3b5070fcbe6b5b320d0621b2.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jul 2024 12:01:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
350455
etag
W/"7724214ef0ff4e32537e19bf79086ad6-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
YPFAeSKS_q55TRTJ6MXCFr3cEW2iFxO0wTmt3maCR90aumXTpglyvQ==
cc55.js
www.bouygues-immobilier.com/modules/custom/bi_core/js/
204 KB
68 KB
Script
General
Full URL
https://www.bouygues-immobilier.com/modules/custom/bi_core/js/cc55.js?1291234202
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVNVLCC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
40.66.33.45 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b15a1639f353fc9a0e3ee37e8acd3a70905653e187627f63c09bb63d845fbfba
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
MISS
date
Sat, 06 Jul 2024 13:22:39 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 04 Jul 2024 08:46:05 GMT
x-varnish-cacheable
YES
etag
W/"6686614d-33092"
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
expires
Sat, 06 Jul 2024 16:22:39 GMT
collect
ssl.google-analytics.com/
35 B
301 B
XHR
General
Full URL
https://ssl.google-analytics.com/collect?v=1&tid=UA-48838450-8&cid=8681376288.1720272160&t=event&ec=cc55&ea=main&el=display_launch&dh=bouygues-cyber-attaque.preprod.sh&aip=1&cd1=desktop&cd2=popin&cd3=bouygues-cyber-attaque.preprod.sh&cd4=fr&cd5=default&cd6=no&cd7=functional&cd8=accept&cd9=webAnalytics&cd10=decline&cd11=advertising&cd12=decline&cd13=social&cd14=decline&cd19=GTM&cd20=5.0.0&cd21=original&cd22=BOUYGUESIMMO&z=7110208307
Requested by
Host: www.bouygues-immobilier.com
URL: https://www.bouygues-immobilier.com/modules/custom/bi_core/js/cc55.js?1291234202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Jul 2024 14:49:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81171
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ca9c55d967fd324f332a24163a96b6c871d5b3e3ed31e168c6a02c0eebe5e9d

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
bouygues-cyber-attaque.preprod.sh/build/images/
7 KB
7 KB
Other
General
Full URL
https://bouygues-cyber-attaque.preprod.sh/build/images/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.255.66.201 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3027008.ip-51-255-66.eu
Software
nginx/1.17.9 /
Resource Hash
10a0cce01c35028a7d6f278c18d716afe1ecda828695521655c53f1b47624fe4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bouygues-cyber-attaque.preprod.sh/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 13:22:40 GMT
last-modified
Mon, 13 Nov 2023 08:46:34 GMT
server
nginx/1.17.9
etag
"6551e26a-1cee"
content-type
image/x-icon
accept-ranges
bytes
x-robots-tag
noindex, follow
content-length
7406

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| Userback boolean| gdprAppliesGlobally function| __tcfapi object| body object| webpackChunk undefined| EVENTS object| BI object| dataLayer object| webpackChunkapp_userback_io function| eve function| mina function| Snap string| didomiCountry undefined| didomiRegion object| didomiGeoRegulations object| google_tag_manager object| google_tag_data object| __tcfapiBuffer object| CookieConsent object| webpackChunkDidomi object| Didomi object| didomiOnReady object| didomiEventListeners object| DidomiSanitizing object| didomiState object| FontAwesomeConfig object| ___FONT_AWESOME___ function| cookieconsent object| divParam object| divAccept object| divContainer object| divRefuse string| cssButtonHoverRefuse object| head object| style string| css

2 Cookies

Domain/Path Name / Value
.preprod.sh/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTkwODgzNjAtMzhkZi02YzEwLWE4ODgtZjMzNzljNmNkNDk4IiwiY3JlYXRlZCI6IjIwMjQtMDctMDZUMTM6MjI6MzkuNjI5WiIsInVwZGF0ZWQiOiIyMDI0LTA3LTA2VDEzOjIyOjM5LjYyOVoiLCJ2ZXJzaW9uIjpudWxsfQ==
.preprod.sh/ Name: _gcl_au
Value: 1.1.1955913856.1720272160

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userback.io
bouygues-cyber-attaque.preprod.sh
les-offres.bouygues-immobilier.com
sdk.privacy-center.org
ssl.google-analytics.com
static.userback.io
www.bouygues-immobilier.com
www.googletagmanager.com
212.194.120.170
2600:9000:26e8:e00:5:b7cc:d3c0:93a1
2a00:1450:4001:830::2008
2a00:1450:4001:831::2008
3.227.39.132
40.66.33.45
51.255.66.201
52.222.236.67
10a0cce01c35028a7d6f278c18d716afe1ecda828695521655c53f1b47624fe4
1c55bfe89db5eeb8580da9630c193a99c8eef204d25608a2de948f12e34ab50e
48e4efda2f76bd51fe067a5ffd3899c47993a78d6bf6709db5eeb26f1f9d67e1
4ca9c55d967fd324f332a24163a96b6c871d5b3e3ed31e168c6a02c0eebe5e9d
59a48286e63e323c9f2fd7b726b8f409827f54c7dd1009adcc46d5f6136b229b
5dc67cd53b9e36796350b3c6320ebb591ac2a8121a17a61a1f76039dbe6e4a09
6771c2886cd045294ae79b30a0ffea414ca345c8b2bb1ff2050eb417fd858d3e
6c57afd226e47104e5afe6095941b8e016a2466f4f198689d8f6da046ab426b6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c379029d831ec3213945ea8d38caa6e1728ce9c14b272263c9a0ce4dfdd0fde
8d24d8d6d7ba9fac21d400b34bc23429b3797f31adac5f05aa0597fc5b4b5753
b15a1639f353fc9a0e3ee37e8acd3a70905653e187627f63c09bb63d845fbfba
b64d83c67f1c7a8f695ef697075eec97a86097e850e109b3e0a154251ddce7ad
b99b4e6ede5350d66bae8d85f78f2e4efaefbe1d7c4328c2621d5e3a7bcc7fcc
c5561b40e53c0af58195d1563e83d3dd6e54863a03a8c0a62f29d6386a7e946a
c5f76ec165cccfb44a349de41b4588cbe3581a366b288201f48ae13ae3765eab
d68a6b224780b567af72923d5abd2d8c7c92b099b96a8a2f3df3f8a57d403ce6
d9039ea0c187b9a9bf9fdca0e6ad5d8ec9228e4043161007f9ec5b7fbfadb07b
dfe9b95040b78b89800851448cfe09cb58f7c62746fb8180da3a5ac56b642352
e3fe4e5b242c32b84e1e522851b85b512ad845ccb1b62bc317e5d19a88eedac3
eed78672ad20c6a1914cbbc5d1c1e0e424dd9e04949713dcd74f5414f09b2bcf
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
ff26110aaecba66160fcfbc3eb0acf47eff76af79d229d7808691a77552051c8