fr-boursorama-fr.web.app Open in urlscan Pro
2620:0:890::100 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://uptime.agencek2.com/
Effective URL:
https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073
Submission: On June 23 via api (June 23rd 2023, 8:48:34 am UTC) from CZ — Scanned from FR

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is fr-boursorama-fr.web.app.
TLS certificate: Issued by GTS CA 1D4 on May 10th 2023. Valid for: 3 months.

This is the only time fr-boursorama-fr.web.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Boursorama (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	5.39.68.33 5.39.68.33	16276 (OVH) (OVH)
2	192.99.71.107 192.99.71.107	16276 (OVH) (OVH)
2	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
1 1	2606:4700:10:... 2606:4700:10::6814:8b41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
4	2606:4700:e6:... 2606:4700:e6::ac40:cb1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.237.62.211 104.237.62.211	18450 (WEBNX) (WEBNX)
28	6

1 5.39.68.33 (France)

ASN16276 (OVH, FR)
PTR: mail2.agencek2.com

uptime.agencek2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.99.71.107 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: 107.ip-192-99-71.net

ip-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)

api.telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:8b41 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

linkbs.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fr-boursorama-fr.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.237.62.211 (El Segundo, United States)

ASN18450 (WEBNX, US)
PTR: hosted-by.racknerd.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	web.app linkbs.web.app fr-boursorama-fr.web.app	303 KB
4	fontawesome.com ka-f.fontawesome.com — Cisco Umbrella Rank: 4145	30 KB
2	telegram.org api.telegram.org — Cisco Umbrella Rank: 35240	1 KB
2	ip-api.io ip-api.io — Cisco Umbrella Rank: 378193	2 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2448	116 B
1	tinyurl.com 1 redirects tinyurl.com — Cisco Umbrella Rank: 17588	519 B
1	agencek2.com uptime.agencek2.com	3 KB
28	7

	Domain	Requested by
17	fr-boursorama-fr.web.app	fr-boursorama-fr.web.app
4	ka-f.fontawesome.com	fr-boursorama-fr.web.app
2	api.telegram.org	uptime.agencek2.com fr-boursorama-fr.web.app
2	ip-api.io	uptime.agencek2.com fr-boursorama-fr.web.app
1	api.ipify.org	fr-boursorama-fr.web.app
1	linkbs.web.app	uptime.agencek2.com
1	tinyurl.com	1 redirects
1	uptime.agencek2.com
28	8

This site contains no links.

Subject Issuer	Validity	Valid
uptime.agencek2.com R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
ip-api.io R3	`2023-06-11` - `2023-09-09`	3 months	crt.sh
api.telegram.org Go Daddy Secure Certificate Authority - G2	`2023-03-26` - `2024-04-26`	a year	crt.sh
web.app GTS CA 1D4	`2023-05-10` - `2023-08-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-12` - `2023-08-12`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073
Frame ID: 8EEDF5F982CDE01716189E0144ADFC7B
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Espace ClientLogo Boursorama Banque

Page URL History Show full URLs

https://uptime.agencek2.com/ Page URL
https://tinyurl.com/5dwkdzkx HTTP 301
https://linkbs.web.app/ Page URL
https://fr-boursorama-fr.web.app/ Page URL
https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073 Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

6
IPs

4
Countries

339 kB
Transfer

2241 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://uptime.agencek2.com/ Page URL
https://tinyurl.com/5dwkdzkx HTTP 301
https://linkbs.web.app/ Page URL
https://fr-boursorama-fr.web.app/ Page URL
https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://tinyurl.com/5dwkdzkx HTTP 301
https://linkbs.web.app/

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
uptime.agencek2.com/ 12 KB
3 KB 169ms
19ms Document
text/html 5.39.68.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://uptime.agencek2.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.39.68.33 , France, ASN16276 (OVH, FR),
Reverse DNS: mail2.agencek2.com
Software: nginx / PleskLin
Resource Hash: 208b172fff345eb16ca35fc49a442b3ba92283e90d7e7e9f0af704cf524eee38

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Fri, 23 Jun 2023 08:48:30 GMT
etag: W/"6494a6c0-2f41"
last-modified: Thu, 22 Jun 2023 19:53:36 GMT
server: nginx
x-powered-by: PleskLin

GET
H/1.1 200
OK / Show response
ip-api.io/json/ 505 B
945 B 313ms
100ms XHR
application/json 192.99.71.107
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ip-api.io/json/
Requested by: Host: uptime.agencek2.com
URL: https://uptime.agencek2.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.71.107 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: 107.ip-192-99-71.net
Software: nginx/1.12.2 /
Resource Hash: 159c902dfcff3c62a2725f7287360322288f21d717ca019bdbbba63af71b3419

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://uptime.agencek2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 08:48:30 GMT
Server: nginx/1.12.2
x-ratelimit-remaining: 72
Content-Type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 54689
x-ratelimit-limit: 200
Connection: keep-alive
Content-Length: 505
x-request-id: F2s9gTKE_FE-bpFYmyeC

POST
H2 200 sendMessage
api.telegram.org/bot5812238966:AAFZgHTzE8yweBMxgfFtCCwz0bF9QJ12DzI/ 385 B
632 B 158ms
97ms XHR
application/json 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://api.telegram.org/bot5812238966:AAFZgHTzE8yweBMxgfFtCCwz0bF9QJ12DzI/sendMessage?chat_id=891906517&text=IP%20address%20lein1%3A%2037.59.164.96%0Acity%3A%20%0Aregion%20name%3A%20%0Acountry%3A%20FR%0Ainternet%3A%20OVH%20SAS%0Azone%3A%20Europe%2FParis

Requested by

Host: uptime.agencek2.com
URL: https://uptime.agencek2.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://uptime.agencek2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 08:48:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
content-length: 385

GET
H2

200

/ Show response
linkbs.web.app/
Redirect Chain

https://tinyurl.com/5dwkdzkx
https://linkbs.web.app/

220 B
488 B

85ms
19ms

Document
text/html

2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linkbs.web.app/

Requested by

Host: uptime.agencek2.com
URL: https://uptime.agencek2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b76118a08d0a4bd9d26a064d74d0a79339f8bfc15d0c08497226d7d58f386fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://uptime.agencek2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 121
content-type: text/html; charset=utf-8
date: Fri, 23 Jun 2023 08:48:31 GMT
etag: "ef307458bfc177b1294159297ffe6e1ccc1802b63f2aa4ae81bb10218041bdcc-br"
last-modified: Thu, 22 Jun 2023 20:00:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-lcy-eglc8600029-LCY
x-timer: S1687510111.308925,VS0,VE1

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
cf-cache-status: DYNAMIC
cf-ray: 7dbb78f05856d560-CDG
content-type: text/html; charset=UTF-8
date: Fri, 23 Jun 2023 08:48:31 GMT
location: https://linkbs.web.app
referrer-policy: unsafe-url
server: cloudflare
x-content-type-options: nosniff
x-tinyurl-redirect: eyJpdiI6Imk2eWQvVFdWaEpWb3p0Vkk0K0duM1E9PSIsInZhbHVlIjoiZ3IxOWpjd2owelB1UDFuMHcraW9CK1FJWmtEMWxaTXY3VGxKWWdaNWJXUEo1RWcwbWo4TExlc29qaGJHNG9JRFBaYW1kUUdkKzFISURSaXY1UWhUekE9PSIsIm1hYyI6IjJhY2E4MzljOWI0MDVhYTUzYTgzZjE2YTgwOGFmN2YzNjZlMmNiN2Q0NWQzMzdkMmVmODM4ZjM4NjQxZjQyZmUiLCJ0YWciOiIifQ==
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
fr-boursorama-fr.web.app/ 13 KB
2 KB 36ms
20ms Document
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b2f57c7dd709e7c318e9a1134d4a028b75d4b8fa3ca9ee64a7bd0f73cc784568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://linkbs.web.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 2392
content-type: text/html; charset=utf-8
date: Fri, 23 Jun 2023 08:48:31 GMT
etag: "cd916b575dab626567aefd6160a9c3dadbc2e2651b87082572cb7ba2f8b18bcb-br"
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-lcy-eglc8600029-LCY
x-timer: S1687510111.399953,VS0,VE1

GET
H/1.1 200
OK / Show response
ip-api.io/json/ 505 B
945 B 100ms
99ms XHR
application/json 192.99.71.107
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ip-api.io/json/
Requested by: Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.71.107 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: 107.ip-192-99-71.net
Software: nginx/1.12.2 /
Resource Hash: 159c902dfcff3c62a2725f7287360322288f21d717ca019bdbbba63af71b3419

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 08:48:31 GMT
Server: nginx/1.12.2
x-ratelimit-remaining: 84
Content-Type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 54688
x-ratelimit-limit: 200
Connection: keep-alive
Content-Length: 505
x-request-id: F2s9gW5Sv0lbaYCIQbDB

POST
H2 200 sendMessage
api.telegram.org/bot5812238966:AAFZgHTzE8yweBMxgfFtCCwz0bF9QJ12DzI/ 385 B
631 B 79ms
79ms XHR
application/json 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 08:48:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
content-length: 385

GET
H2 200 Primary Request login.html Show response
fr-boursorama-fr.web.app/ 216 KB
29 KB 20ms
19ms Document
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c9fa5a5920c868d017739ce902206c4b749fa83dc7dcfa8f153c53e4175eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://fr-boursorama-fr.web.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 29289
content-type: text/html; charset=utf-8
date: Fri, 23 Jun 2023 08:48:31 GMT
etag: "5504c98f657d1db32a105477d9915e8d4169b93dffc47998ad59db8206980e2c-br"
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-lcy-eglc8600029-LCY
x-timer: S1687510112.643562,VS0,VE1

GET
H3 200 1.css
fr-boursorama-fr.web.app/css/ 181 KB
21 KB 20ms
19ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/css/1.css

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

611282d72af9f414bbc1272c919a1336265f4dbd6f2cf78f25d70bf09d1b8b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.685980,VS0,VE1
etag: "64a62a3974456207d07a9d7324fefb5393e0f863096ac2a6f7b7321ad02cb7f6-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20901
x-cache-hits: 1

GET
H3 200 2.css
fr-boursorama-fr.web.app/css/ 595 KB
30 KB 23ms
19ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/css/2.css

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d739b310b8a43bf4cda5f110d77bdfefa2123a890e1442b0270e0898f6b7f44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.688763,VS0,VE1
etag: "f697629ea3f740964724d8209766a2ece6d4fe8684563d4b9a250de35dd67b30-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30198
x-cache-hits: 1

GET
H3 200 3.css
fr-boursorama-fr.web.app/css/ 142 KB
18 KB 37ms
34ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/css/3.css

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1b4b9bc613a34d05328e493db7c257ded1560681a47f2f0e7a32d95ad8d4c47b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.689155,VS0,VE1
etag: "52a34fefa1b4d4d7a89041e22af547d1f281fe45733cc3967e8b0dcef7f9d334-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18037
x-cache-hits: 1

GET
H3 200 4.css
fr-boursorama-fr.web.app/css/ 196 KB
21 KB 38ms
35ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/css/4.css

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

698d247b4a8020859cb7d1ba6f1da9d345e89a619a0a890e56b69ae0d0a9015c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.689133,VS0,VE2
etag: "7ca67671e00faa947ee97e40d3ada653ef7fa16ddeaca6632e418715a3913286-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20751
x-cache-hits: 1

GET
H3 200 5.css
fr-boursorama-fr.web.app/css/ 35 KB
6 KB 39ms
36ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/css/5.css

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d08e5a091a415aaeb621a8c6409054d0d67656553375fd27a3f2da779651097

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.689141,VS0,VE1
etag: "22d39e8f1917b2f0c235a2b3a5b042de932c4342ffcc090d66a182a8b332a19d-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5422
x-cache-hits: 1

GET
H3 200 6.css
fr-boursorama-fr.web.app/css/ 129 KB
12 KB 40ms
37ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/css/6.css

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e9a3ed3097af3491b7582893352df85155f41076c7b994d9e93f76d446793c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.689420,VS0,VE2
etag: "a6f7bbcb0298543410efb64c284a8734b17271fd2938936ff252a4dfeb6301e6-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12176
x-cache-hits: 1

GET
H3 200 363d4a4d7b.js Show response
fr-boursorama-fr.web.app/js/ 11 KB
4 KB 41ms
38ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/js/363d4a4d7b.js

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

112ac2e3ffe928e7a1dca786498b893f07d5b4f59153b7c43d74e2d9315bdf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.689405,VS0,VE4
etag: "765db67e9808c8652d1b492185077702f3738c2bba29f1bbbca139401d17e8dd-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3758
x-cache-hits: 1

GET
H3 200 jquery-1.11.0.js Show response
fr-boursorama-fr.web.app/js/ 276 KB
69 KB 41ms
39ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/js/jquery-1.11.0.js

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ce0343e1d6f489768eeefe022c12181c6a0822e756239851310acf076d23d10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.689566,VS0,VE2
etag: "6f3f7dcbf5ca5090ee6cbb169d45a6e78b381a25297370519efc2a1958a369c0-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 69843
x-cache-hits: 1

GET
H3 200 jquery.inputmask.bundle.js Show response
fr-boursorama-fr.web.app/js/ 214 KB
32 KB 54ms
51ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/js/jquery.inputmask.bundle.js

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5cbeb9095648444ae26ad665785931d937a10bc83b78f2cf51eaefea0dc0ec21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.689997,VS0,VE2
etag: "9487e285e2fc43e7f126bb4c1f8c85e0ff3d3a62cc41e1a2b7aecadb86f9bf0b-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32114
x-cache-hits: 1

GET
H3 200 axios.min.js Show response
fr-boursorama-fr.web.app/js/ 41 KB
10 KB 55ms
53ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/js/axios.min.js

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a2ae249b4f343bab4ba5e4692860f863838ab6bee51a4702d3d1555d520e173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.690129,VS0,VE1
etag: "3713a3013c56a31a42b063b4ecede313139071a4d79d672f048b77f6879598ae-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10134
x-cache-hits: 1

GET
H3 200 main.js Show response
fr-boursorama-fr.web.app/js/ 899 B
725 B 56ms
53ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/js/main.js

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cbd3d839b2c90831a6e2d2caa53ff4c02629888dac219756be2757d4d7156387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/login.html?xml_id=/fr_FR/Login?ID=972911073
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.690346,VS0,VE2
etag: "015fc58e19976dbf5a7412eee2b00e10eb6dc17bd0aed0767280c07e61551bc3-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 376
x-cache-hits: 1

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.4.0/css/ 100 KB
23 KB 81ms
28ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.0/css/free.min.css?token=363d4a4d7b
Requested by: Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/js/363d4a4d7b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd28ebf7bdffb45da731413ed6e6940dc60123aa120bfa5a3909a40b2a2ba7e1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 08:48:31 GMT
via: 1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
age: 14924
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 Mar 2023 21:29:21 GMT
server: cloudflare
etag: W/"5febfb939e2fc4ddf14fffae53b72cf0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJ2w4uTEWRU%2BJwuQqbGYZtxkhNIz8XaqORLNJgjZCADt55Lf6p6yrXeBfv7WSOe98PHw6SbxIBABF%2FW%2FBK9p4jPgy%2BGUOHnZzYUgscv6U5R%2FGwYMRlkg7fK2GYZJyraKI8kRWm6BUjGsws4zqlQ9I9bAKg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7dbb78f6eb310401-CDG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: BTyGuvnuwNgO9P13q-l8QYnqxuFHgiFDfwX6ozT7RB1-5n-ROBox-Q==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.4.0/css/ 27 KB
5 KB 85ms
31ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-shims.min.css?token=363d4a4d7b
Requested by: Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/js/363d4a4d7b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 425741cc35824b5b3b18d4135fbef6afca30662d23638366af151f7e74ba2575

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 08:48:31 GMT
via: 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
age: 43209
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
server: cloudflare
etag: W/"5193a6de5225940ae4ef5f7c82126be9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dC3GvWWBL9yPybkQoWI9duRqUDbocw84rdM2%2F3r%2Bi5QsyKqZCrrFlZdErzzgidzaSP1OewelJISOqyQV%2BTqFRNfWn%2FGbiwSgPsojtjQ7Rr2IELdbflqOW9S1l0VpdXjhTmBqisd3L1KyUvWWZalLgUa5TA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7dbb78f6eb330401-CDG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: TTNzHYRfFrSlEOOesJqwD_hEkHStee6BbnXU24ZdjdOpudtsqAEaug==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.4.0/css/ 823 B
1 KB 79ms
26ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v5-font-face.min.css?token=363d4a4d7b
Requested by: Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/js/363d4a4d7b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d144babd74738640f3133de675f5fa21c7fb58bfbd430dbd967ca813403afbfd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 08:48:31 GMT
via: 1.1 652331095b841aa2e89ce3a0cd676d04.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
age: 14924
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
server: cloudflare
etag: W/"5856e3f07fbc36fc4d430a95a577a87f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3x1eqS%2FXyOT%2Fz8REjWv85IOiRaCRzZuTntxeKgUcFWeiLhcq0zzE%2BLybM9q0YgENnBw%2BTwvgfPhnUMEKYTShuEBMLgrF6WuOit%2Fn2tXn4sgtaWqh81Uc8NvIb2HK04KjL7v8M7OjlTWW97yOk4qXXUuYlw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7dbb78f6eb340401-CDG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: _fzpIcrmaqlNZXJOuox6dbGq_NaXpsdGkW3jaw7SB_e5o5U-JCxdTA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.4.0/css/ 2 KB
1 KB 80ms
27ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-font-face.min.css?token=363d4a4d7b
Requested by: Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/js/363d4a4d7b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af59041c11cf929a2d34e75e190b5da8ef037bd0fbe81a863c3bdcf430dd6b76

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fr-boursorama-fr.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 08:48:31 GMT
via: 1.1 442140e40576f40d5aa1ef69d1669f8c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
age: 43209
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
server: cloudflare
etag: W/"9e7f9f634ace089bcdacc3fcc5f23ce5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hooXLI3T8e%2FsZV%2FCH9sDTpG9FO5J8CrTMJfjUgk1d9aG%2FYKnmefSBn2WHujI3lyVJJJV9HpkBZ34V%2BbCes8DYh21R1QLPuySx9rElcr7j5zGIefDzM%2BS3JVV1W6iyWAJ1WMSwPv94NZjrmna7UxyfoSXKw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7dbb78f6eb350401-CDG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: cR9vRSYC5dVmsvv10Sw6jV3o3_9NxSlIrcNfe81OKfpJBXljFxcMeA==

GET
H2 200 / Show response
api.ipify.org/ 21 B
116 B 618ms
150ms XHR
application/json 104.237.62.211
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/js/axios.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.211 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: hosted-by.racknerd.com
Software: /
Resource Hash: 88c14ddc84ca453ea9fa093b11728f247f352b03e47b3083be7f805aba9df393

Request headers

Accept: application/json, text/plain, */*
Referer: https://fr-boursorama-fr.web.app/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://fr-boursorama-fr.web.app
date: Fri, 23 Jun 2023 08:48:32 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 proximanova-bold-webfont-cache-1458301567.woff2
fr-boursorama-fr.web.app/css/fonts/ 14 KB
14 KB 21ms
21ms Font
font/woff2 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/css/fonts/proximanova-bold-webfont-cache-1458301567.woff2

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/css/6.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c57f6799cf187a6b7e7e3c188a728b416662c74b245337c4c0119eaea76efa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://fr-boursorama-fr.web.app/css/6.css
Origin: https://fr-boursorama-fr.web.app
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.803633,VS0,VE1
etag: "6755217464e1a32fa92576cf0c5c753415782d7f7146e7da812c4492e6b5eb5a"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14300
x-cache-hits: 1

GET
H3 200 proximanova-regular-webfont-cache-1458301567.woff2
fr-boursorama-fr.web.app/css/fonts/ 16 KB
16 KB 23ms
22ms Font
font/woff2 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/css/fonts/proximanova-regular-webfont-cache-1458301567.woff2

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/css/6.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e53ee2f002f94b2f0538c486bb2228daf092cd58d487a528d5c80e67e18a6f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://fr-boursorama-fr.web.app/css/6.css
Origin: https://fr-boursorama-fr.web.app
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.803963,VS0,VE2
etag: "69f77776d2c1f3ffaf7037563192cfd7c4062680457253655c802369c826c39a"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16128
x-cache-hits: 1

GET
H3 200 proximanova-medium-webfont-cache-1521040380.woff2
fr-boursorama-fr.web.app/css/fonts/ 9 KB
9 KB 22ms
21ms Font
font/woff2 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/css/fonts/proximanova-medium-webfont-cache-1521040380.woff2

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/css/6.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fc6d016af92c77df78ac5a8a607ffc1c528f105be3e5276825e90f64faa15e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://fr-boursorama-fr.web.app/css/6.css
Origin: https://fr-boursorama-fr.web.app
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.803933,VS0,VE1
etag: "8aefe564d8d5e20552f37640ff8b831250e4c7f09343b029001e00624c048d1b"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9384
x-cache-hits: 1

GET
H3 200 proximanova-semibold-webfont-cache-1572260791.woff2
fr-boursorama-fr.web.app/css/fonts/ 9 KB
9 KB 21ms
21ms Font
font/woff2 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fr-boursorama-fr.web.app/css/fonts/proximanova-semibold-webfont-cache-1572260791.woff2

Requested by

Host: fr-boursorama-fr.web.app
URL: https://fr-boursorama-fr.web.app/css/6.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c95d1fb1d2285f81e925222f0850b22b2624f55d2aea6089597eed155d358468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://fr-boursorama-fr.web.app/css/6.css
Origin: https://fr-boursorama-fr.web.app
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600033-LCY
strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 23 Jun 2023 08:48:31 GMT
last-modified: Fri, 23 Jun 2023 04:02:54 GMT
x-timer: S1687510112.803931,VS0,VE1
etag: "21aa1508767a363aa720f850c5323115626aa1e5473cbdfdc935e4d99b7210ad"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9036
x-cache-hits: 1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Boursorama (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
api.telegram.org
fr-boursorama-fr.web.app
ip-api.io
ka-f.fontawesome.com
linkbs.web.app
tinyurl.com
uptime.agencek2.com
104.237.62.211
192.99.71.107
2001:67c:4e8:f004::9
2606:4700:10::6814:8b41
2606:4700:e6::ac40:cb1c
2620:0:890::100
5.39.68.33
112ac2e3ffe928e7a1dca786498b893f07d5b4f59153b7c43d74e2d9315bdf24
159c902dfcff3c62a2725f7287360322288f21d717ca019bdbbba63af71b3419
1a2ae249b4f343bab4ba5e4692860f863838ab6bee51a4702d3d1555d520e173
1b4b9bc613a34d05328e493db7c257ded1560681a47f2f0e7a32d95ad8d4c47b
1d08e5a091a415aaeb621a8c6409054d0d67656553375fd27a3f2da779651097
208b172fff345eb16ca35fc49a442b3ba92283e90d7e7e9f0af704cf524eee38
425741cc35824b5b3b18d4135fbef6afca30662d23638366af151f7e74ba2575
5cbeb9095648444ae26ad665785931d937a10bc83b78f2cf51eaefea0dc0ec21
611282d72af9f414bbc1272c919a1336265f4dbd6f2cf78f25d70bf09d1b8b8c
698d247b4a8020859cb7d1ba6f1da9d345e89a619a0a890e56b69ae0d0a9015c
6c57f6799cf187a6b7e7e3c188a728b416662c74b245337c4c0119eaea76efa3
88c14ddc84ca453ea9fa093b11728f247f352b03e47b3083be7f805aba9df393
8b76118a08d0a4bd9d26a064d74d0a79339f8bfc15d0c08497226d7d58f386fa
af59041c11cf929a2d34e75e190b5da8ef037bd0fbe81a863c3bdcf430dd6b76
b2f57c7dd709e7c318e9a1134d4a028b75d4b8fa3ca9ee64a7bd0f73cc784568
c95d1fb1d2285f81e925222f0850b22b2624f55d2aea6089597eed155d358468
c9fa5a5920c868d017739ce902206c4b749fa83dc7dcfa8f153c53e4175eed6d
cbd3d839b2c90831a6e2d2caa53ff4c02629888dac219756be2757d4d7156387
ce0343e1d6f489768eeefe022c12181c6a0822e756239851310acf076d23d10c
d144babd74738640f3133de675f5fa21c7fb58bfbd430dbd967ca813403afbfd
d739b310b8a43bf4cda5f110d77bdfefa2123a890e1442b0270e0898f6b7f44e
e53ee2f002f94b2f0538c486bb2228daf092cd58d487a528d5c80e67e18a6f75
e9a3ed3097af3491b7582893352df85155f41076c7b994d9e93f76d446793c2d
fc6d016af92c77df78ac5a8a607ffc1c528f105be3e5276825e90f64faa15e27
fd28ebf7bdffb45da731413ed6e6940dc60123aa120bfa5a3909a40b2a2ba7e1

fr-boursorama-fr.web.app Open in urlscan Pro 2620:0:890::100 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

57 %IPv6

7 Domains

8 Subdomains

6 IPs

4 Countries

339 kBTransfer

2241 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fr-boursorama-fr.web.app Open in urlscan Pro
2620:0:890::100 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

6
IPs

4
Countries

339 kB
Transfer

2241 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!