qualif.bforbank.catalizr.eu Open in urlscan Pro
91.208.207.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://qualif.bforbank.catalizr.eu/
Submission: On June 11 via automatic, source certstream-suspicious (June 11th 2024, 8:19:29 am UTC) — Scanned from FR

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 91.208.207.209, located in France and belongs to MAGICRETAIL, FR. The main domain is qualif.bforbank.catalizr.eu.
TLS certificate: Issued by lolcatho.st on July 22nd 2019. Valid for: 50 years.

This is the only time qualif.bforbank.catalizr.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	91.208.207.209 91.208.207.209	43424 (MAGICRETAIL) (MAGICRETAIL)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	91.208.207.210 91.208.207.210	43424 (MAGICRETAIL) (MAGICRETAIL)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
11	4

4 91.208.207.209 (France)

ASN43424 (MAGICRETAIL, FR)

qualif.bforbank.catalizr.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.208.207.210 (France)

ASN43424 (MAGICRETAIL, FR)

qualif.backend.catalizr.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	catalizr.eu qualif.bforbank.catalizr.eu qualif.backend.catalizr.eu	819 KB
2	gstatic.com fonts.gstatic.com	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	854 B
11	3

	Domain	Requested by
4	qualif.backend.catalizr.eu	qualif.bforbank.catalizr.eu
4	qualif.bforbank.catalizr.eu	qualif.bforbank.catalizr.eu
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	qualif.bforbank.catalizr.eu
11	4

This site contains links to these domains. Also see Links.

Domain
www.utocat.com

Subject Issuer	Validity	Valid
lolcatho.st lolcatho.st	`2019-07-22` - `2069-07-09`	50 years	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
qualif.backend.catalizr.eu R3	`2024-04-10` - `2024-07-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://qualif.bforbank.catalizr.eu/
Frame ID: 2121EA2EEA6FB7AE38A044C4FB563B56
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Catalizr

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

64 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

836 kB
Transfer

3472 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.utocat.com/
Title: www.utocat.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
qualif.bforbank.catalizr.eu/ 760 B
1 KB 429ms
46ms Document
text/html 91.208.207.209
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://qualif.bforbank.catalizr.eu/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

91.208.207.209 , France, ASN43424 (MAGICRETAIL, FR),

Reverse DNS

Software

Apache /

Resource Hash

bd3edf39a8457553b87585f2441dc390fcf5b5193836945db436ad4aa142036d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: https://.catalizr.eu https://.api.catalizr.io https://api.catalizr.io https://fonts.googleapis.com https://fonts.gstatic.com https://.hotjar.com https://.hotjar.io wss://.hotjar.com; frame-ancestors https://.catalizr.eu;
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM=https://*.catalizr.eu

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 432
Content-Security-Policy: default-src 'self' 'unsafe-inline' data: https://*.catalizr.eu https://*.api.catalizr.io https://api.catalizr.io https://fonts.googleapis.com https://fonts.gstatic.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; frame-ancestors https://*.catalizr.eu;
Content-Type: text/html
Date: Tue, 11 Jun 2024 08:19:19 GMT
ETag: "2f8-61a862dcb83a0-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Mon, 10 Jun 2024 09:57:36 GMT
Server: Apache
Sozu-Id: 01J0362KYFNPYKPDREV7DE1QRC
Strict-Transport-Security: max-age=2592000; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: ALLOW-FROM=https://*.catalizr.eu

GET
H2 200 css
fonts.googleapis.com/ 3 KB
854 B 375ms
38ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,500,600,700

Requested by

Host: qualif.bforbank.catalizr.eu
URL: https://qualif.bforbank.catalizr.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

25513feb2a07c8d5794eb114332a70bb01cbf925830fe0eea9e7a5adde2ee1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qualif.bforbank.catalizr.eu/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 08:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 07:37:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 08:19:19 GMT

GET
H/1.1 200
OK main.16fe9ee1.js Show response
qualif.bforbank.catalizr.eu/static/js/ 3 MB
775 KB 65ms
64ms Script
text/javascript 91.208.207.209
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://qualif.bforbank.catalizr.eu/static/js/main.16fe9ee1.js

Requested by

Host: qualif.bforbank.catalizr.eu
URL: https://qualif.bforbank.catalizr.eu/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

91.208.207.209 , France, ASN43424 (MAGICRETAIL, FR),

Reverse DNS

Software

Apache /

Resource Hash

8d5c6114a4817d54f13ed634ba4c475c140dc538f1ffaa08c1e3349e53558eca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: https://.catalizr.eu https://.api.catalizr.io https://api.catalizr.io https://fonts.googleapis.com https://fonts.gstatic.com https://.hotjar.com https://.hotjar.io wss://.hotjar.com; frame-ancestors https://.catalizr.eu;
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM=https://*.catalizr.eu

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qualif.bforbank.catalizr.eu/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 08:19:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' data: https://*.catalizr.eu https://*.api.catalizr.io https://api.catalizr.io https://fonts.googleapis.com https://fonts.gstatic.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; frame-ancestors https://*.catalizr.eu;
Strict-Transport-Security: max-age=2592000; preload
Transfer-Encoding: chunked
Connection: Keep-Alive
Last-Modified: Mon, 10 Jun 2024 09:57:36 GMT
Server: Apache
ETag: "307690-61a862dcd19e0-gzip"
Vary: Accept-Encoding
X-Frame-Options: ALLOW-FROM=https://*.catalizr.eu
Content-Type: text/javascript
Sozu-Id: 01J0362M6E96F491WS7THP9HTJ
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK main.7c1ce795.css
qualif.bforbank.catalizr.eu/static/css/ 250 KB
35 KB 127ms
82ms Stylesheet
text/css 91.208.207.209
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://qualif.bforbank.catalizr.eu/static/css/main.7c1ce795.css

Requested by

Host: qualif.bforbank.catalizr.eu
URL: https://qualif.bforbank.catalizr.eu/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

91.208.207.209 , France, ASN43424 (MAGICRETAIL, FR),

Reverse DNS

Software

Apache /

Resource Hash

70f194621a0f33cdf1b21ee068abce303ca19d5738eb3ef5f1e7bd39b9a5f980

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: https://.catalizr.eu https://.api.catalizr.io https://api.catalizr.io https://fonts.googleapis.com https://fonts.gstatic.com https://.hotjar.com https://.hotjar.io wss://.hotjar.com; frame-ancestors https://.catalizr.eu;
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM=https://*.catalizr.eu

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qualif.bforbank.catalizr.eu/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 08:19:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' data: https://*.catalizr.eu https://*.api.catalizr.io https://api.catalizr.io https://fonts.googleapis.com https://fonts.gstatic.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; frame-ancestors https://*.catalizr.eu;
Strict-Transport-Security: max-age=2592000; preload
Connection: Keep-Alive
Content-Length: 35308
Last-Modified: Mon, 10 Jun 2024 09:57:36 GMT
Server: Apache
ETag: "3e8c4-61a862dcb9728-gzip"
Vary: Accept-Encoding
X-Frame-Options: ALLOW-FROM=https://*.catalizr.eu
Content-Type: text/css
Sozu-Id: 01J0362MA336BZPZM0CY7CNCV2
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

POST
H/1.1 200
OK logout Show response
qualif.backend.catalizr.eu/ 34 B
678 B 170ms
34ms XHR
application/json 91.208.207.210
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://qualif.backend.catalizr.eu/logout

Requested by

Host: qualif.bforbank.catalizr.eu
URL: https://qualif.bforbank.catalizr.eu/static/js/main.16fe9ee1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

91.208.207.210 , France, ASN43424 (MAGICRETAIL, FR),

Reverse DNS

Software

Resource Hash

539f60595901a1ba858f8c6246a6333dc71879ab763f44aa364f5b22eab54ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://qualif.bforbank.catalizr.eu/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=600
Date: Tue, 11 Jun 2024 08:19:21 GMT
x-content-type-options: nosniff
x-download-options: noopen
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://qualif.bforbank.catalizr.eu
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-credentials: true
Sozu-Id: 01J0362P0J27H1TA32Z01HHZVG
Connection: keep-alive
Keep-Alive: timeout=5
content-length: 34
x-xss-protection: 0

GET
H/1.1 200
OK init Show response
qualif.backend.catalizr.eu/ 2 KB
1 KB 706ms
118ms XHR
application/json 91.208.207.210
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://qualif.backend.catalizr.eu/init?subdomain=bforbank

Requested by

Host: qualif.bforbank.catalizr.eu
URL: https://qualif.bforbank.catalizr.eu/static/js/main.16fe9ee1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

91.208.207.210 , France, ASN43424 (MAGICRETAIL, FR),

Reverse DNS

Software

Resource Hash

1a0320626c79fa4cc70b8c9e5bc994e7537a116e658686f80b79703a01fb5744

Security Headers

Name	Value
Strict-Transport-Security	max-age=600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://qualif.bforbank.catalizr.eu/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=600
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 11 Jun 2024 08:19:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 0
x-download-options: noopen
vary: origin,accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://qualif.bforbank.catalizr.eu
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-credentials: true
Sozu-Id: 01J0362NFTV2TSK0N8CQVVC435
Keep-Alive: timeout=5

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 496ms
30ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://qualif.bforbank.catalizr.eu
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 01:38:17 GMT
x-content-type-options: nosniff
age: 24064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 01:38:17 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 499ms
34ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://qualif.bforbank.catalizr.eu
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 08:24:00 GMT
x-content-type-options: nosniff
age: 345321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 08:24:00 GMT

GET
H/1.1 200
OK favicon.ico
qualif.bforbank.catalizr.eu/ 99 KB
5 KB 118ms
115ms Other
image/x-icon 91.208.207.209
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://qualif.bforbank.catalizr.eu/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

91.208.207.209 , France, ASN43424 (MAGICRETAIL, FR),

Reverse DNS

Software

Apache /

Resource Hash

b5e8be9c03101caced75ed652d893b8f3a858f339106e27daa64fe1aebb39314

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: https://.catalizr.eu https://.api.catalizr.io https://api.catalizr.io https://fonts.googleapis.com https://fonts.gstatic.com https://.hotjar.com https://.hotjar.io wss://.hotjar.com; frame-ancestors https://.catalizr.eu;
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM=https://*.catalizr.eu

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qualif.bforbank.catalizr.eu/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 08:19:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' data: https://*.catalizr.eu https://*.api.catalizr.io https://api.catalizr.io https://fonts.googleapis.com https://fonts.gstatic.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; frame-ancestors https://*.catalizr.eu;
Strict-Transport-Security: max-age=2592000; preload
Connection: Keep-Alive
Content-Length: 4034
Last-Modified: Mon, 10 Jun 2024 09:57:36 GMT
Server: Apache
ETag: "18bd2-61a862dcb83a0-gzip"
Vary: Accept-Encoding
X-Frame-Options: ALLOW-FROM=https://*.catalizr.eu
Content-Type: image/x-icon
Sozu-Id: 01J0362MECPDMW32QRPAZJNM0K
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

OPTIONS
H/1.1 200
OK logout
qualif.backend.catalizr.eu/ 0
0 624ms
23ms Preflight 91.208.207.210
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://qualif.backend.catalizr.eu/logout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

91.208.207.210 , France, ASN43424 (MAGICRETAIL, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://qualif.bforbank.catalizr.eu
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 11 Jun 2024 08:19:21 GMT
Keep-Alive: timeout=5
Sozu-Id: 01J0362NFT98PS7RV9M867YKVN
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,set-cookie
access-control-allow-methods: POST
access-control-allow-origin: https://qualif.bforbank.catalizr.eu
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
content-length: 0
strict-transport-security: max-age=600
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 0

GET
H/1.1 200
OK banners Show response
qualif.backend.catalizr.eu/api/ 2 B
567 B 48ms
41ms XHR
application/json 91.208.207.210
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL

https://qualif.backend.catalizr.eu/api/banners

Requested by

Host: qualif.bforbank.catalizr.eu
URL: https://qualif.bforbank.catalizr.eu/static/js/main.16fe9ee1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

91.208.207.210 , France, ASN43424 (MAGICRETAIL, FR),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://qualif.bforbank.catalizr.eu/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=600
Date: Tue, 11 Jun 2024 08:19:21 GMT
x-content-type-options: nosniff
Connection: keep-alive
content-length: 2
x-xss-protection: 0
x-download-options: noopen
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://qualif.bforbank.catalizr.eu
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-credentials: true
Sozu-Id: 01J0362P1WCHN1M7G5CRF1MAH2
accept-ranges: bytes
Keep-Alive: timeout=5

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: https://.catalizr.eu https://.api.catalizr.io https://api.catalizr.io https://fonts.googleapis.com https://fonts.gstatic.com https://.hotjar.com https://.hotjar.io wss://.hotjar.com; frame-ancestors https://.catalizr.eu;
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM=https://*.catalizr.eu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
qualif.backend.catalizr.eu
qualif.bforbank.catalizr.eu
2a00:1450:4001:801::2003
2a00:1450:4001:82b::200a
91.208.207.209
91.208.207.210
1a0320626c79fa4cc70b8c9e5bc994e7537a116e658686f80b79703a01fb5744
25513feb2a07c8d5794eb114332a70bb01cbf925830fe0eea9e7a5adde2ee1e3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
539f60595901a1ba858f8c6246a6333dc71879ab763f44aa364f5b22eab54ced
70f194621a0f33cdf1b21ee068abce303ca19d5738eb3ef5f1e7bd39b9a5f980
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8d5c6114a4817d54f13ed634ba4c475c140dc538f1ffaa08c1e3349e53558eca
b5e8be9c03101caced75ed652d893b8f3a858f339106e27daa64fe1aebb39314
bd3edf39a8457553b87585f2441dc390fcf5b5193836945db436ad4aa142036d
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

qualif.bforbank.catalizr.eu Open in urlscan Pro 91.208.207.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

64 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

836 kBTransfer

3472 kBSize

0 Cookies

1 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

qualif.bforbank.catalizr.eu Open in urlscan Pro
91.208.207.209 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

64 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

836 kB
Transfer

3472 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions