Submitted URL: https://archducal-cyclist-b8075b9946a7.herokuapp.com/b?y=49ii4eh26or32or569j30dph6oq66dpg60o3eob369i68e925gh748hq49k78t3gect2ubr4c5q62bj2c5q6isr5ccn6...
Effective URL: https://data.batisec.fr/DF%20systeme%20complet%202.0m%20-%202.4m%20-%203m.pdf
Submission: On May 02 via manual from AT — Scanned from AT

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 20.58.57.101, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is data.batisec.fr.
TLS certificate: Issued by R3 on April 23rd 2024. Valid for: 3 months.
This is the only time data.batisec.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.208.60.216 14618 (AMAZON-AES)
1 1 34.149.61.18 396982 (GOOGLE-CL...)
2 20.58.57.101 8075 (MICROSOFT...)
2 1
Apex Domain
Subdomains
Transfer
2 batisec.fr
data.batisec.fr
500 B
1 aptracking1.com
www.aptracking1.com — Cisco Umbrella Rank: 128193
940 B
1 herokuapp.com
archducal-cyclist-b8075b9946a7.herokuapp.com
969 B
2 3
Domain Requested by
2 data.batisec.fr
1 www.aptracking1.com 1 redirects
1 archducal-cyclist-b8075b9946a7.herokuapp.com 1 redirects
2 3

This site contains no links.

Subject Issuer Validity Valid
data.batisec.fr
R3
2024-04-23 -
2024-07-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://data.batisec.fr/DF%20systeme%20complet%202.0m%20-%202.4m%20-%203m.pdf
Frame ID: 2641D6CFE3F78286CC2622FE423C04E1
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://archducal-cyclist-b8075b9946a7.herokuapp.com/b?y=49ii4eh26or32or569j30dph6oq66dpg60o3eob369i68e925gh748hq49k78t3gect2ubr4... HTTP 307
    https://www.aptracking1.com/b?action=click&controller=redirector&y=49ii4eh26or32or569j30dph6oq66dpg60o3e... HTTP 302
    https://data.batisec.fr/DF%20systeme%20complet%202.0m%20-%202.4m%20-%203m.pdf Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

0 kB
Transfer

1 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://archducal-cyclist-b8075b9946a7.herokuapp.com/b?y=49ii4eh26or32or569j30dph6oq66dpg60o3eob369i68e925gh748hq49k78t3gect2ubr4c5q62bj2c5q6isr5ccn6cshf8h32achgedsn6t35dliiachgcdnmqs3cclq2achg68n30r9568o2q99i60p2sd3d4kp30b9568o36r9ee1i6c8g= HTTP 307
    https://www.aptracking1.com/b?action=click&controller=redirector&y=49ii4eh26or32or569j30dph6oq66dpg60o3eob369i68e925gh748hq49k78t3gect2ubr4c5q62bj2c5q6isr5ccn6cshf8h32achgedsn6t35dliiachgcdnmqs3cclq2achg68n30r9568o2q99i60p2sd3d4kp30b9568o36r9ee1i6c8g= HTTP 302
    https://data.batisec.fr/DF%20systeme%20complet%202.0m%20-%202.4m%20-%203m.pdf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request DF%20systeme%20complet%202.0m%20-%202.4m%20-%203m.pdf
data.batisec.fr/
Redirect Chain
  • https://archducal-cyclist-b8075b9946a7.herokuapp.com/b?y=49ii4eh26or32or569j30dph6oq66dpg60o3eob369i68e925gh748hq49k78t3gect2ubr4c5q62bj2c5q6isr5ccn6cshf8h32achgedsn6t35dliiachgcdnmqs3cclq2achg68n3...
  • https://www.aptracking1.com/b?action=click&controller=redirector&y=49ii4eh26or32or569j30dph6oq66dpg60o3eob369i68e925gh748hq49k78t3gect2ubr4c5q62bj2c5q6isr5ccn6cshf8h32achgedsn6t35dliiachgcdnmqs3ccl...
  • https://data.batisec.fr/DF%20systeme%20complet%202.0m%20-%202.4m%20-%203m.pdf
345 B
0
Document
General
Full URL
https://data.batisec.fr/DF%20systeme%20complet%202.0m%20-%202.4m%20-%203m.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.58.57.101 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
7df761d63028a0d29d041ac52aa6bb8aa7707d4af5984f80fc27b9f70d1e97fc

Request headers

Accept-Language
de-AT,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
1011883
content-type
application/pdf
date
Thu, 02 May 2024 11:01:45 GMT
etag
"6617a049-f70ab"
last-modified
Thu, 11 Apr 2024 08:33:13 GMT
server
nginx
x-powered-by
PleskLin

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-security-policy
frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn *.salesforce.com *.lightning.force.com
content-type
text/html; charset=utf-8
date
Thu, 02 May 2024 11:01:44 GMT
location
https://data.batisec.fr/DF%20systeme%20complet%202.0m%20-%202.4m%20-%203m.pdf
server
nginx
status
302 Found
strict-transport-security
max-age=3600
vary
Origin
via
1.1 google
x-content-type-options
nosniff
x-frame-options
ALLOWALL
x-transaction-id
37ae56d27489662193b96d0f9b1aa9d2
favicon.ico
data.batisec.fr/
808 B
500 B
Other
General
Full URL
https://data.batisec.fr/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.58.57.101 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://data.batisec.fr/DF%20systeme%20complet%202.0m%20-%202.4m%20-%203m.pdf
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 11:01:45 GMT
content-encoding
br
last-modified
Mon, 14 Jun 2021 23:04:31 GMT
server
nginx
etag
W/"328-5c4c1e155497e"
content-type
text/html

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

3 Cookies

Domain/Path Name / Value
www.aptracking1.com/ Name: X-CSRF-TOKEN
Value: jNSAIQSEHK3UD-6MCy9jhjlUYfU-vQYlzGNtO2MahK-FzCPNPNFZTnYFMQ_zVoa79BpkZn5TCvkWk2YEvXYOpw
www.aptracking1.com/ Name: _leadgenie_session
Value: oe08VUzKWobbm7eMu%2B42eZx6kHDd4r6CR2UEIjES1D0x7Og1tWsN%2FXA301jPOKvHsZxAnE9bOIh7l1mRoeHf8AbnM%2Bb%2FHl4MILexAz35rp9gFuSakoT3Tya%2FV5rKUjsibyNEYEDFAl25ON0wdMN9NkNrvCVdSWUxfTXcp6RAb%2FT4lnBdOgVSldVidAPEVDcvRcttep3FrI5G8EntDQrrt0m%2B0X6jEUR%2BxbGLN6U3fIF%2FN0qBQcRbUzm6YmB8YUJCG7d5LblL9sgO2WiZRnX7bH3he8a45CMk9As%3D--P4RGUdRIAo3YTBs6--gRwckKqIoi9HJumQCWuUsA%3D%3D
www.aptracking1.com/ Name: GCLB
Value: CIOOtMe40ZWjBhAD

1 Console Messages

Source Level URL
Text
network error URL: https://data.batisec.fr/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

archducal-cyclist-b8075b9946a7.herokuapp.com
data.batisec.fr
www.aptracking1.com
18.208.60.216
20.58.57.101
34.149.61.18
7df761d63028a0d29d041ac52aa6bb8aa7707d4af5984f80fc27b9f70d1e97fc
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187