urlscan.io logo urlscan.io
SecurityTrails logo

calvadosienne.fr Open in urlscan Pro
146.255.171.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://calvadosienne.fr/public/doc/PayPal/5zdvmnda=/signin/?country.x=Tunis&locale.x=fr-FR,fr
Effective URL: https://calvadosienne.fr/wp-content/themes/nr_theme/coming-soon.html?country.x=Tunis&locale.x=fr-FR,fr
Submission Tags: phishing malicious Search All
Submission: On February 23 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 146.255.171.35, located in Le Petit-Quevilly, France and belongs to ASN-WEBAXYS, FR. The main domain is calvadosienne.fr.
TLS certificate: Issued by R3 on January 6th 2022. Valid for: 3 months.
This is the only time calvadosienne.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 146.255.171.35 43858 (ASN-WEBAXYS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 3
Apex Domain
Subdomains		 Transfer
7 calvadosienne.fr
calvadosienne.fr
2 MB
2 gstatic.com
fonts.gstatic.com
50 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
9 3
Domain Requested by
7 calvadosienne.fr 2 redirects calvadosienne.fr
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com calvadosienne.fr
9 3

This site contains no links.

Subject Issuer Validity Valid
calvadosienne.fr
R3		 2022-01-06 -
2022-04-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://calvadosienne.fr/wp-content/themes/nr_theme/coming-soon.html?country.x=Tunis&locale.x=fr-FR,fr
Frame ID: 2FAD604189085FC5F3975170DD76F7B8
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Site en contruction

Page URL History Show full URLs

  1. http://calvadosienne.fr/public/doc/PayPal/5zdvmnda=/signin/?country.x=Tunis&locale.x=fr-FR,fr HTTP 301
    https://calvadosienne.fr/public/doc/PayPal/5zdvmnda=/signin/?country.x=Tunis&locale.x=fr-FR,fr HTTP 302
    https://calvadosienne.fr/wp-content/themes/nr_theme/coming-soon.html?country.x=Tunis&locale.x=fr-FR,fr Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

9
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1932 kB
Transfer

1931 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://calvadosienne.fr/public/doc/PayPal/5zdvmnda=/signin/?country.x=Tunis&locale.x=fr-FR,fr HTTP 301
    https://calvadosienne.fr/public/doc/PayPal/5zdvmnda=/signin/?country.x=Tunis&locale.x=fr-FR,fr HTTP 302
    https://calvadosienne.fr/wp-content/themes/nr_theme/coming-soon.html?country.x=Tunis&locale.x=fr-FR,fr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request coming-soon.html
calvadosienne.fr/wp-content/themes/nr_theme/
Redirect Chain
  • http://calvadosienne.fr/public/doc/PayPal/5zdvmnda=/signin/?country.x=Tunis&locale.x=fr-FR,fr
  • https://calvadosienne.fr/public/doc/PayPal/5zdvmnda=/signin/?country.x=Tunis&locale.x=fr-FR,fr
  • https://calvadosienne.fr/wp-content/themes/nr_theme/coming-soon.html?country.x=Tunis&locale.x=fr-FR,fr
702 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://calvadosienne.fr/wp-content/themes/nr_theme/coming-soon.html?country.x=Tunis&locale.x=fr-FR,fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.255.171.35 Le Petit-Quevilly, France, ASN43858 (ASN-WEBAXYS, FR),
Reverse DNS
nregard11.webaxys.net
Software
nginx / PleskLin
Resource Hash
aecb4fd45e24f6e291460bfe08a44bac3199f452b98453a284a57855ed394609

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

server
nginx
date
Wed, 23 Feb 2022 02:21:52 GMT
content-type
text/html
content-length
297
x-accel-version
0.01
last-modified
Thu, 06 Jan 2022 09:00:42 GMT
etag
"2be-5d4e61ae9e9cf-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
x-powered-by
PleskLin

Redirect headers

server
nginx
date
Wed, 23 Feb 2022 02:21:52 GMT
content-type
text/html; charset=iso-8859-1
content-length
357
location
https://calvadosienne.fr/wp-content/themes/nr_theme/coming-soon.html?country.x=Tunis&locale.x=fr-FR,fr
x-powered-by
PleskLin
static-pages.css
calvadosienne.fr/wp-content/themes/nr_theme/assets/static/ 		1 KB
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://calvadosienne.fr/wp-content/themes/nr_theme/assets/static/static-pages.css
Requested by
Host: calvadosienne.fr
URL: https://calvadosienne.fr/wp-content/themes/nr_theme/coming-soon.html?country.x=Tunis&locale.x=fr-FR,fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.255.171.35 Le Petit-Quevilly, France, ASN43858 (ASN-WEBAXYS, FR),
Reverse DNS
nregard11.webaxys.net
Software
nginx / PleskLin
Resource Hash
0f35a63a58f702663dc6a098e03d40d248a4b1513a1bd2fba0b5eece7c30f532

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://calvadosienne.fr/wp-content/themes/nr_theme/coming-soon.html?country.x=Tunis&locale.x=fr-FR,fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 02:21:52 GMT
content-encoding
br
etag
W/"61d6b08c-4cd"
last-modified
Thu, 06 Jan 2022 09:04:12 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
logo.svg
calvadosienne.fr/wp-content/themes/nr_theme/assets/static/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://calvadosienne.fr/wp-content/themes/nr_theme/assets/static/logo.svg
Requested by
Host: calvadosienne.fr
URL: https://calvadosienne.fr/wp-content/themes/nr_theme/coming-soon.html?country.x=Tunis&locale.x=fr-FR,fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.255.171.35 Le Petit-Quevilly, France, ASN43858 (ASN-WEBAXYS, FR),
Reverse DNS
nregard11.webaxys.net
Software
nginx / PleskLin
Resource Hash
3353a4f75ac48108527de8f1f2156b96413b0fe16d06a480ca779c481400b965

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://calvadosienne.fr/wp-content/themes/nr_theme/coming-soon.html?country.x=Tunis&locale.x=fr-FR,fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 02:21:52 GMT
last-modified
Thu, 06 Jan 2022 09:04:12 GMT
server
nginx
x-powered-by
PleskLin
etag
"61d6b08c-d774"
content-type
image/svg+xml
accept-ranges
bytes
content-length
55156
coming-soon-illustration.svg
calvadosienne.fr/wp-content/themes/nr_theme/assets/static/ 		176 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://calvadosienne.fr/wp-content/themes/nr_theme/assets/static/coming-soon-illustration.svg
Requested by
Host: calvadosienne.fr
URL: https://calvadosienne.fr/wp-content/themes/nr_theme/coming-soon.html?country.x=Tunis&locale.x=fr-FR,fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.255.171.35 Le Petit-Quevilly, France, ASN43858 (ASN-WEBAXYS, FR),
Reverse DNS
nregard11.webaxys.net
Software
nginx / PleskLin
Resource Hash
45d7290f8aa0bf0cefe46403e3553de9bce58c7f7198f3324a37d886a13949ba

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://calvadosienne.fr/wp-content/themes/nr_theme/coming-soon.html?country.x=Tunis&locale.x=fr-FR,fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 02:21:52 GMT
last-modified
Thu, 06 Jan 2022 09:04:12 GMT
server
nginx
x-powered-by
PleskLin
etag
"61d6b08c-2c115"
content-type
image/svg+xml
accept-ranges
bytes
content-length
180501
css2
fonts.googleapis.com/ 		2 KB
1001 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Be+Vietnam+Pro:wght@400;700&display=swap
Requested by
Host: calvadosienne.fr
URL: https://calvadosienne.fr/wp-content/themes/nr_theme/assets/static/static-pages.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cb3a0de90ce41719733f3692aeef51bf03ae20ef0a2a8db2da9b03e64e589082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://calvadosienne.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 02:21:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 23 Feb 2022 02:21:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Feb 2022 02:21:52 GMT
css2
fonts.googleapis.com/ 		1 KB
501 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ephesis&display=swap
Requested by
Host: calvadosienne.fr
URL: https://calvadosienne.fr/wp-content/themes/nr_theme/assets/static/static-pages.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d9859176dd993518727c8043a6a8507d654f7592800e1665d35131301eb440e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://calvadosienne.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 01:36:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 23 Feb 2022 02:21:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Feb 2022 02:21:52 GMT
pattern-footer.svg
calvadosienne.fr/wp-content/themes/nr_theme/assets/static/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://calvadosienne.fr/wp-content/themes/nr_theme/assets/static/pattern-footer.svg
Requested by
Host: calvadosienne.fr
URL: https://calvadosienne.fr/wp-content/themes/nr_theme/assets/static/static-pages.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.255.171.35 Le Petit-Quevilly, France, ASN43858 (ASN-WEBAXYS, FR),
Reverse DNS
nregard11.webaxys.net
Software
nginx / PleskLin
Resource Hash
5814061cef5fb5d05738f04e49dd7993f95e7c00453e243b4483ccb74df14d56

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://calvadosienne.fr/wp-content/themes/nr_theme/assets/static/static-pages.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 02:21:52 GMT
last-modified
Thu, 06 Jan 2022 09:04:13 GMT
server
nginx
x-powered-by
PleskLin
etag
"61d6b08d-19b8f0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1685744
uU9PCBUS8IerL2VG3xTR3w.woff2
fonts.gstatic.com/s/ephesis/v5/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ephesis/v5/uU9PCBUS8IerL2VG3xTR3w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ephesis&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
230e94d74dd2e9f4d08ffcb485a839decb1fa8f8e85b51496097ac9614e642d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://calvadosienne.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 09:44:29 GMT
x-content-type-options
nosniff
age
578243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30488
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 22:32:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Feb 2023 09:44:29 GMT
QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2
fonts.gstatic.com/s/bevietnampro/v8/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bevietnampro/v8/QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Be+Vietnam+Pro:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afba0a9e71e6bf5b89cb8ea73a331d6f16d8ad0d9059fd5270e424c2b372da82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://calvadosienne.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 03:37:43 GMT
x-content-type-options
nosniff
age
168249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20136
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 22:11:14 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 21 Feb 2023 03:37:43 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

0 Cookies