preprod.gestion.building-management.webexpr4.ovh Open in urlscan Pro
146.59.192.207 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://preprod.gestion.building-management.webexpr4.ovh/
Effective URL:
https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication
Submission: On August 17 via automatic, source certstream-suspicious (August 17th 2024, 2:03:58 pm UTC) — Scanned from FR

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 2 domains to perform 9 HTTP transactions. The main IP is 146.59.192.207, located in France and belongs to OVH, FR. The main domain is preprod.gestion.building-management.webexpr4.ovh.
TLS certificate: Issued by R11 on August 17th 2024. Valid for: 3 months.

This is the only time preprod.gestion.building-management.webexpr4.ovh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	146.59.192.207 146.59.192.207	16276 (OVH) (OVH)
1 1	38.27.106.27 38.27.106.27	395717 (BLUEARCHI...) (BLUEARCHIVE-ZONE-1)
1	130.117.252.27 130.117.252.27	395717 (BLUEARCHI...) (BLUEARCHIVE-ZONE-1)
9	2

9 146.59.192.207 (France) 1 redirects

ASN16276 (OVH, FR)

preprod.gestion.building-management.webexpr4.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.106.27 (Manassas, United States) 1 redirects

ASN395717 (BLUEARCHIVE-ZONE-1, US)

building-management.s3.wasabisys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.117.252.27 (Amsterdam, Netherlands)

ASN395717 (BLUEARCHIVE-ZONE-1, US)

building-management.s3.eu-central-1.wasabisys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	webexpr4.ovh 1 redirects preprod.gestion.building-management.webexpr4.ovh	88 KB
2	wasabisys.com 1 redirects building-management.s3.wasabisys.com building-management.s3.eu-central-1.wasabisys.com	255 KB
9	2

	Domain	Requested by
9	preprod.gestion.building-management.webexpr4.ovh	1 redirects preprod.gestion.building-management.webexpr4.ovh
1	building-management.s3.eu-central-1.wasabisys.com	preprod.gestion.building-management.webexpr4.ovh
1	building-management.s3.wasabisys.com	1 redirects
9	3

This site contains no links.

Subject Issuer	Validity	Valid
preprod.gestion.building-management.webexpr4.ovh R11	`2024-08-17` - `2024-11-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication
Frame ID: 889F3A99A1DF1E7F8DA180AAE014CF91
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Preprod BM - Connexion

Page URL History Show full URLs

https://preprod.gestion.building-management.webexpr4.ovh/ HTTP 302
https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

343 kB
Transfer

479 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://preprod.gestion.building-management.webexpr4.ovh/ HTTP 302
https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://building-management.s3.wasabisys.com/building-management-preprod/company/company_logo.png HTTP 307
https://building-management.s3.eu-central-1.wasabisys.com/building-management-preprod/company/company_logo.png

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request authentication Show response preprod.gestion.building-management.webexpr4.ovh/admin/ Redirect Chain https://preprod.gestion.building-management.webexpr4.ovh/ https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication	27 KB 4 KB	240ms 240ms	Document text/html	146.59.192.207 OVH
General Check archive.org Show headers Download Go to Full URL https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.59.192.207 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / PHP/7.4.33 PleskLin Resource Hash `df05acd06bf733941352dbee86339e5cae9fba72b345fa5c5a70531bfe7016f0` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 3347 content-type text/html; charset=utf-8 date Sat, 17 Aug 2024 14:03:54 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx vary Accept-Encoding x-powered-by PHP/7.4.33 PleskLin Redirect headers cache-control no-store, no-cache, must-revalidate content-length 0 content-type text/html; charset=utf-8 date Sat, 17 Aug 2024 14:03:54 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication pragma no-cache server nginx x-powered-by PHP/7.4.33 PleskLin
GET H2	200	reset.min.css preprod.gestion.building-management.webexpr4.ovh/assets/css/	971 B 721 B	64ms 62ms	Stylesheet text/css	146.59.192.207 OVH
General Check archive.org Show headers Download Go to Full URL https://preprod.gestion.building-management.webexpr4.ovh/assets/css/reset.min.css?v=3.8.7 Requested by Host: preprod.gestion.building-management.webexpr4.ovh URL: https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.59.192.207 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / PleskLin Resource Hash `5a027114a8b16751f9abf1505dbac6c51360dc25217697e7da0e0f70887c013f` Request headers Referer https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 14:03:54 GMT content-encoding gzip last-modified Fri, 24 Feb 2023 13:49:12 GMT server nginx x-accel-version 0.01 etag "3cb-5f57264f38d1f-gzip" x-powered-by PleskLin vary Accept-Encoding content-type text/css accept-ranges bytes content-length 514
GET H2	200	bootstrap.min.css preprod.gestion.building-management.webexpr4.ovh/assets/plugins/bootstrap/css/	119 KB 18 KB	63ms 62ms	Stylesheet text/css	146.59.192.207 OVH
General Check archive.org Show headers Download Go to Full URL https://preprod.gestion.building-management.webexpr4.ovh/assets/plugins/bootstrap/css/bootstrap.min.css?v=3.8.7 Requested by Host: preprod.gestion.building-management.webexpr4.ovh URL: https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.59.192.207 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / PleskLin Resource Hash `1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a` Request headers Referer https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 14:03:54 GMT content-encoding br last-modified Fri, 24 Feb 2023 13:49:12 GMT server nginx etag W/"63f8c058-1da71" x-powered-by PleskLin content-type text/css
GET H2	200	roboto.css preprod.gestion.building-management.webexpr4.ovh/assets/plugins/roboto/	990 B 470 B	64ms 63ms	Stylesheet text/css	146.59.192.207 OVH
General Check archive.org Show headers Download Go to Full URL https://preprod.gestion.building-management.webexpr4.ovh/assets/plugins/roboto/roboto.css?v=3.8.7 Requested by Host: preprod.gestion.building-management.webexpr4.ovh URL: https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.59.192.207 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / PleskLin Resource Hash `39ab09ff446d3a53764045b6d7088f071cfcc3b77bc44770b97da35655e00f14` Request headers Referer https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 14:03:54 GMT content-encoding gzip last-modified Fri, 24 Feb 2023 13:49:12 GMT server nginx x-accel-version 0.01 etag "3de-5f57264f90b62-gzip" x-powered-by PleskLin vary Accept-Encoding content-type text/css accept-ranges bytes content-length 263
GET H2	200	bs-overides.min.css preprod.gestion.building-management.webexpr4.ovh/assets/css/	11 KB 2 KB	64ms 62ms	Stylesheet text/css	146.59.192.207 OVH
General Check archive.org Show headers Download Go to Full URL https://preprod.gestion.building-management.webexpr4.ovh/assets/css/bs-overides.min.css?v=3.8.7 Requested by Host: preprod.gestion.building-management.webexpr4.ovh URL: https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.59.192.207 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / PleskLin Resource Hash `2ad56f8cc0575789a1e5e2a807b1336c9d9032f5802301c526393372fb2dc1dd` Request headers Referer https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 14:03:54 GMT content-encoding br last-modified Fri, 24 Feb 2023 13:49:12 GMT server nginx etag W/"63f8c058-2a60" x-powered-by PleskLin content-type text/css
GET H2	200	custom.css preprod.gestion.building-management.webexpr4.ovh/assets/css/	4 KB 1 KB	64ms 63ms	Stylesheet text/css	146.59.192.207 OVH
General Check archive.org Show headers Download Go to Full URL https://preprod.gestion.building-management.webexpr4.ovh/assets/css/custom.css Requested by Host: preprod.gestion.building-management.webexpr4.ovh URL: https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.59.192.207 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / PleskLin Resource Hash `3c782a21da56e77ce6873308927f5f7f10f0e5174c8ab6a67faf526678f9991a` Request headers Referer https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 14:03:54 GMT content-encoding br last-modified Fri, 24 Feb 2023 13:49:12 GMT server nginx etag W/"63f8c058-fea" x-powered-by PleskLin content-type text/css
GET H/1.1	200 OK	company_logo.png building-management.s3.eu-central-1.wasabisys.com/building-management-preprod/company/ Redirect Chain https://building-management.s3.wasabisys.com/building-management-preprod/company/company_logo.png https://building-management.s3.eu-central-1.wasabisys.com/building-management-preprod/company/company_logo.png	254 KB 255 KB	175ms 103ms	Image binary/octet-stream	130.117.252.27 BLUEARCHIVE-ZONE-1
General Check archive.org Show headers Download Go to Show image Full URL https://building-management.s3.eu-central-1.wasabisys.com/building-management-preprod/company/company_logo.png Requested by Host: preprod.gestion.building-management.webexpr4.ovh URL: https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication Protocol HTTP/1.1 Server 130.117.252.27 Amsterdam, Netherlands, ASN395717 (BLUEARCHIVE-ZONE-1, US), Reverse DNS Software WasabiS3/7.20.2957-2024-08-05-c5ee44c55d (head16) / Resource Hash `405cdfdeade14de735eee59e6240045b3ab39fdc201062d4f08deeeaea6e0d65` Request headers Referer https://preprod.gestion.building-management.webexpr4.ovh/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Sat, 17 Aug 2024 14:03:55 GMT Last-Modified Fri, 03 Feb 2023 08:07:36 GMT Server WasabiS3/7.20.2957-2024-08-05-c5ee44c55d (head16) x-amz-request-id 664A91E89351CCD1:B ETag "5d92b9240f2a1d60c94e2b371ee21d81" Content-Type binary/octet-stream x-amz-storage-class REDUCED_REDUNDANCY Accept-Ranges bytes Content-Length 260180 x-amz-id-2 BHYPJI46OYB4ZsnxxP8BOtJ7eVzRzaKDiAK4X/GYhCOLephGbvZEG8f2PCGbma9zOu4upQy7gGTP Redirect headers Date Sat, 17 Aug 2024 14:03:55 GMT x-amz-bucket-region eu-central-1 Server WasabiS3/7.20.2957-2024-08-05-c5ee44c55d (head14) x-amz-request-id C022FA8DAB2BD73F:A Transfer-Encoding chunked Content-Type application/xml Location https://building-management.s3.eu-central-1.wasabisys.com/building-management-preprod/company/company_logo.png x-amz-id-2 XQ0HssUvQzhxsx2kFXcGEoqRLzS04peZuFEUc7EmM6mUnVz+yz31XhpyJ4R2NxrX6zQPsITGCBwS
GET H2	200	Roboto-Regular.woff2 preprod.gestion.building-management.webexpr4.ovh/assets/plugins/roboto/fonts/Regular/	62 KB 62 KB	29ms 29ms	Font font/woff2	146.59.192.207 OVH
General Check archive.org Show headers Download Go to Full URL https://preprod.gestion.building-management.webexpr4.ovh/assets/plugins/roboto/fonts/Regular/Roboto-Regular.woff2?v=1.1.0 Requested by Host: preprod.gestion.building-management.webexpr4.ovh URL: https://preprod.gestion.building-management.webexpr4.ovh/assets/plugins/roboto/roboto.css?v=3.8.7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.59.192.207 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / PleskLin Resource Hash `cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e` Request headers Referer https://preprod.gestion.building-management.webexpr4.ovh/assets/plugins/roboto/roboto.css?v=3.8.7 Origin https://preprod.gestion.building-management.webexpr4.ovh User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 14:03:54 GMT last-modified Fri, 24 Feb 2023 13:49:12 GMT server nginx etag "63f8c058-f7b4" x-powered-by PleskLin content-type font/woff2 accept-ranges bytes content-length 63412
GET H2	404	favicon.png preprod.gestion.building-management.webexpr4.ovh/uploads/company/	1 KB 648 B	62ms 61ms	Other text/html	146.59.192.207 OVH
General Check archive.org Show headers Download Go to Full URL https://preprod.gestion.building-management.webexpr4.ovh/uploads/company/favicon.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.59.192.207 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / PHP/7.4.33 Resource Hash `8529c824881ce5f3fd4a08bc5229ade11f9db1ff3bf6edf35fea928fff570bc3` Request headers Referer https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 14:03:55 GMT content-encoding br server nginx x-powered-by PHP/7.4.33 content-type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			preprod.gestion.building-management.webexpr4.ovh/	1970-01-20 22:51:47	Name: csrf_cookie_name Value: 7d5983c015cfa3fa55557ea55c1eeba5
			preprod.gestion.building-management.webexpr4.ovh/	1970-01-20 22:52:12	Name: sp_session Value: g4io9v3qbc5bras2ekao33289nv1h6a3

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication Message: Mixed Content: The page at 'https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication' was loaded over HTTPS, but requested an insecure element 'http://building-management.s3.wasabisys.com/building-management-preprod/company/company_logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication Message: Mixed Content: The page at 'https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication' was loaded over HTTPS, but requested an insecure element 'http://building-management.s3.wasabisys.com/building-management-preprod/company/company_logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
recommendation	verbose	URL: https://preprod.gestion.building-management.webexpr4.ovh/admin/authentication Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://preprod.gestion.building-management.webexpr4.ovh/uploads/company/favicon.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

building-management.s3.eu-central-1.wasabisys.com
building-management.s3.wasabisys.com
preprod.gestion.building-management.webexpr4.ovh
130.117.252.27
146.59.192.207
38.27.106.27
1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a
2ad56f8cc0575789a1e5e2a807b1336c9d9032f5802301c526393372fb2dc1dd
39ab09ff446d3a53764045b6d7088f071cfcc3b77bc44770b97da35655e00f14
3c782a21da56e77ce6873308927f5f7f10f0e5174c8ab6a67faf526678f9991a
405cdfdeade14de735eee59e6240045b3ab39fdc201062d4f08deeeaea6e0d65
5a027114a8b16751f9abf1505dbac6c51360dc25217697e7da0e0f70887c013f
8529c824881ce5f3fd4a08bc5229ade11f9db1ff3bf6edf35fea928fff570bc3
cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e
df05acd06bf733941352dbee86339e5cae9fba72b345fa5c5a70531bfe7016f0

preprod.gestion.building-management.webexpr4.ovh Open in urlscan Pro 146.59.192.207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

89 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

3 Countries

343 kBTransfer

479 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

4 Console Messages

Indicators

preprod.gestion.building-management.webexpr4.ovh Open in urlscan Pro
146.59.192.207 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

343 kB
Transfer

479 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions