telegrambottest.duckdns.org Open in urlscan Pro
20.79.155.225 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Effective URL:
https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Submission: On October 12 via automatic, source openphish (October 12th 2024, 2:13:04 pm UTC) — Scanned from CA

Summary HTTP 59 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 59 HTTP transactions. The main IP is 20.79.155.225, located in Frankfurt am Main, Germany and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is telegrambottest.duckdns.org.
TLS certificate: Issued by E5 on October 11th 2024. Valid for: 3 months.

This is the only time telegrambottest.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DesJardins (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 7	20.79.155.225 20.79.155.225	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
17	184.25.34.105 184.25.34.105	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:400d:c03::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c09::8b	15169 (GOOGLE) (GOOGLE)
2	173.194.68.94 173.194.68.94	15169 (GOOGLE) (GOOGLE)
2	23.212.250.14 23.212.250.14	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.13.152.71 23.13.152.71	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.212.250.18 23.212.250.18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.251.179.103 142.251.179.103	15169 (GOOGLE) (GOOGLE)
1	52.21.2.28 52.21.2.28	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.179.106 142.251.179.106	15169 (GOOGLE) (GOOGLE)
1	2600:9000:244... 2600:9000:244d:4400:a:6cdf:4440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f3:ae00:1e:54f1:26c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:207... 2600:9000:2073:2800:13:ab57:d440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
59	18

7 20.79.155.225 (Frankfurt am Main, Germany) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

telegrambottest.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 184.25.34.105 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-34-105.deploy.static.akamaitechnologies.com

static.desjardins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mouv.desjardins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c03::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c09::8b (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.250.14 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-250-14.deploy.static.akamaitechnologies.com

accweb.mouv.desjardins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.13.152.71 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-13-152-71.deploy.static.akamaitechnologies.com

www.desjardins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.250.18 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-250-18.deploy.static.akamaitechnologies.com

accesdc.mouv.desjardins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.179.103 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.2.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-2-28.compute-1.amazonaws.com

content-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.179.106 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:244d:4400:a:6cdf:4440:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.a79ab95c1589a13f8a4cab612bc71f9f7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f3:ae00:1e:54f1:26c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.b406929acabac9b095f124c81bdfcf57f.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2073:2800:13:ab57:d440:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.c81358859121583b7adf2ace89cb39f44.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

znaad7u8yzaqhmmxx-desjardins.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	desjardins.com static.desjardins.com — Cisco Umbrella Rank: 198063 static.mouv.desjardins.com — Cisco Umbrella Rank: 245883 accweb.mouv.desjardins.com — Cisco Umbrella Rank: 261924 www.desjardins.com — Cisco Umbrella Rank: 232489 accesdc.mouv.desjardins.com — Cisco Umbrella Rank: 283950	641 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	174 KB
7	duckdns.org 1 redirects telegrambottest.duckdns.org	58 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	324 KB
2	qualtrics.com znaad7u8yzaqhmmxx-desjardins.siteintercept.qualtrics.com — Cisco Umbrella Rank: 251187	3 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	447 B
2	gstatic.com www.gstatic.com	429 KB
1	c81358859121583b7adf2ace89cb39f44.com 1.c81358859121583b7adf2ace89cb39f44.com — Cisco Umbrella Rank: 19747
1	b406929acabac9b095f124c81bdfcf57f.com 1.b406929acabac9b095f124c81bdfcf57f.com — Cisco Umbrella Rank: 19827
1	a79ab95c1589a13f8a4cab612bc71f9f7.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com — Cisco Umbrella Rank: 19987
1	content-cdn.com content-cdn.com — Cisco Umbrella Rank: 355897	183 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
59	13

	Domain	Requested by
11	cdn.cookielaw.org	telegrambottest.duckdns.org cdn.cookielaw.org accweb.mouv.desjardins.com
9	static.mouv.desjardins.com	telegrambottest.duckdns.org
8	static.desjardins.com	telegrambottest.duckdns.org www.desjardins.com
7	telegrambottest.duckdns.org	1 redirects telegrambottest.duckdns.org
3	www.google.com	telegrambottest.duckdns.org www.gstatic.com
3	www.googletagmanager.com	telegrambottest.duckdns.org
2	znaad7u8yzaqhmmxx-desjardins.siteintercept.qualtrics.com	static.desjardins.com
2	geolocation.onetrust.com	cdn.cookielaw.org
2	accweb.mouv.desjardins.com	telegrambottest.duckdns.org accweb.mouv.desjardins.com
2	www.gstatic.com	telegrambottest.duckdns.org www.google.com
1	1.c81358859121583b7adf2ace89cb39f44.com	static.mouv.desjardins.com
1	1.b406929acabac9b095f124c81bdfcf57f.com	static.mouv.desjardins.com
1	1.a79ab95c1589a13f8a4cab612bc71f9f7.com	static.mouv.desjardins.com
1	content-cdn.com	telegrambottest.duckdns.org
1	accesdc.mouv.desjardins.com	telegrambottest.duckdns.org
1	www.desjardins.com	telegrambottest.duckdns.org
1	www.google-analytics.com	telegrambottest.duckdns.org
59	17

This site contains links to these domains. Also see Links.

Domain
www.desjardins.com
www.microsoft.com
accweb.mouv.desjardins.com
www.onetrust.com

Subject Issuer	Validity	Valid
telegrambottest.duckdns.org E5	`2024-10-11` - `2025-01-09`	3 months	crt.sh
www.desjardins.com Entrust Certification Authority - L1F	`2024-03-15` - `2025-03-15`	a year	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
accweb.mouv.desjardins.com Entrust Certification Authority - L1F	`2023-11-21` - `2024-11-21`	a year	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
content-cdn.com R11	`2024-09-10` - `2024-12-09`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.a79ab95c1589a13f8a4cab612bc71f9f7.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-31` - `2025-04-04`	a year	crt.sh
*.b406929acabac9b095f124c81bdfcf57f.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-31` - `2025-04-07`	a year	crt.sh
*.c81358859121583b7adf2ace89cb39f44.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-31` - `2025-04-07`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-02-19`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Frame ID: 1A1A0B3CB0072E60CD2715770B81BA6D
Requests: 59 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf6fp8eAAAAALK0IG3SEPUL03MfvJhlBm9DucvA&co=aHR0cHM6Ly9hY2N3ZWIubW91di5kZXNqYXJkaW5zLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=n0xkph68eu25
Frame ID: 21443720E33E097DE412B046FC53D3E1
Requests: 1 HTTP requests in this frame

Frame: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Frame ID: 678FD3AC0A9590D5921B6F000AC63D4E
Requests: 1 HTTP requests in this frame

Frame: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Frame ID: BAA519EA9A7088FB77E3B7E8A18A56ED
Requests: 1 HTTP requests in this frame

Frame: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Frame ID: AD8475B24B0B046878665A89B1E69CB3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf6fp8eAAAAALK0IG3SEPUL03MfvJhlBm9DucvA&co=aHR0cHM6Ly90ZWxlZ3JhbWJvdHRlc3QuZHVja2Rucy5vcmc6NDQz&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=y2a34jpars2
Frame ID: BEF8C3453F0A148F0F32C2E30E4671FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to your account

Page URL History Show full URLs

http://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e HTTP 307
https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e HTTP 301
https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

93 %
HTTPS

41 %
IPv6

13
Domains

17
Subdomains

18
IPs

3
Countries

1649 kB
Transfer

5813 kB
Size

4
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.desjardins.com/page-renvoi/se-connecter
Title: Learn more - This link will open in a new window.

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/edge
Title: Update your browser to the latest version External link. Opens in a new tab.

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/index.jsp

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/help-page/index.jsp?docName=ai_joindre&domaine=ACCESD
Title: Contact Us - This link will open in a new window.

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/help-page/index.jsp?docName=ai_logonlogoff&domaine=ACCESD
Title: Help - This link will open in a new window.

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/help-page/index.jsp?docName=ai_identifiant_unique&domaine=ACCESD
Title: Learn more about usernames - This link will open in a new window.

Search URL Search Domain Scan URL

URL: https://accweb.mouv.desjardins.com/identifiantunique/motPasseOublie/identification
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://accweb.mouv.desjardins.com/identifiantunique/adhesion/identification?langueCible=en
Title: Register for AccèsD

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/business/accounts-cash-management/ways-to-bank/accesd-affaires/registration
Title: Register for AccèsD Affaires

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/personal/accounts-services/open-account-become-member
Title: Become a member

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/security/security-measures/index.jsp
Title: Site security

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/personal/accounts-services/ways-to-bank/online/support/index.jsp
Title: Technical support

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/security/report-fraud
Title: Report fraud

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/security/index.jsp
Title: Guaranteed 100% secure

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/personal/index.jsp
Title: Personal services

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/business/index.jsp
Title: Business services

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/en/tips.html
Title: Advice

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/about-us/index.jsp
Title: About us

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/en/accounts-services/accesd.html#app
Title: Mobile app

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/terms-use-legal-notes/index.jsp
Title: Terms of Use and legal notes

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/privacy/index.jsp
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/about-us/social-responsibility-cooperation/cooperative-movement/accessibility/index.jsp
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/site-map/index.jsp
Title: Site map

Search URL Search Domain Scan URL

URL: https://www.desjardins.com/ca/privacy/cookies-policy/index.jsp
Title: Read our policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e HTTP 307
https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e HTTP 301
https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/
Redirect Chain

http://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

347 KB
56 KB

235ms
233ms

Document
text/html

20.79.155.225
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.79.155.225 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f2c1c4e782ed93a97c3f82ad15ec9496a9d52eeb0d7e834ff6d382c89841456b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 57000
content-type: text/html; charset=UTF-8
date: Sat, 12 Oct 2024 14:12:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-type: text/html
date: Sat, 12 Oct 2024 14:12:57 GMT
location: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 cookieGetParamConsent.js Show response
static.desjardins.com/fw/cookie/ 3 KB
1 KB 246ms
111ms Script
application/x-javascript 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.desjardins.com/fw/cookie/cookieGetParamConsent.js
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 676635addfd55d2f3f483bde69ebb92f16b2419ac247123f50a1d443364cdb63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: "36dd35a-bdf-6152f9c7b3f7e"
expires: Sun, 12 Oct 2025 14:12:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1179
date: Sat, 12 Oct 2024 14:12:57 GMT
last-modified: Wed, 03 Apr 2024 11:34:53 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 105ms
26ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-md5: uiXk8gw/ehyoMvZ3GeQiaQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCEA64C3FD6111
x-ms-lease-status: unlocked
age: 2229
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 13:35:48 GMT
date: Sat, 12 Oct 2024 14:12:57 GMT
content-type: application/javascript
last-modified: Sat, 12 Oct 2024 02:22:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: ef59518d-e01e-00e8-13ab-1c6e71000000
cf-ray: 8d17b013a933a27b-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7214
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 cookieOptanonWrapper.js Show response
static.desjardins.com/fw/cookie/ 4 KB
1 KB 245ms
111ms Script
application/x-javascript 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.desjardins.com/fw/cookie/cookieOptanonWrapper.js
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 47d5005b621c871a0f20d54e18161ba3a2370327a8e5b333ae62d3173072ea28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: "36dd35b-fed-6152f9c7b3f7e"
expires: Sun, 12 Oct 2025 14:12:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1169
date: Sat, 12 Oct 2024 14:12:57 GMT
last-modified: Wed, 03 Apr 2024 11:34:53 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 cookieSetParamConsent.js Show response
static.desjardins.com/fw/cookie/ 3 KB
1 KB 244ms
111ms Script
application/x-javascript 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.desjardins.com/fw/cookie/cookieSetParamConsent.js
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ed76e022cc86b4dcbde13cd21a2e038ffd682f9edc23d1b21895154836198b6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: "36dd35c-b2a-6152f9c7b4366"
expires: Sun, 12 Oct 2025 14:12:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 863
date: Sat, 12 Oct 2024 14:12:57 GMT
last-modified: Wed, 03 Apr 2024 11:34:53 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 374 KB
106 KB 120ms
38ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M7D4RL3&l=dataLayer

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31e6fe4f027ce3288c1434f19fa65b0856ace053a055eddbfe5e050e0f483ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 12 Oct 2024 14:12:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 14:12:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 12 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 107607
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 123ms
38ms Script
text/javascript 2607:f8b0:400d:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-encoding: gzip
age: 6263
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 14:28:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 12:28:35 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
104 KB 228ms
147ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QE46288V2S&l=dataLayer&cx=c

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e98f2910667691972fdfe608cc71d782809dc1e66034bc344ab10f3bde7fa276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 12 Oct 2024 14:12:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 14:12:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106024
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/ 539 KB
213 KB 84ms
38ms Script
text/javascript 173.194.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f94.1e100.net

Software

sffe /

Resource Hash

b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://telegrambottest.duckdns.org
Referer: https://telegrambottest.duckdns.org/

Response headers

content-encoding: gzip
age: 322208
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 20:42:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 20:42:50 GMT
last-modified: Mon, 23 Sep 2024 04:00:50 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 218137
x-xss-protection: 0
server: sffe

GET
H2 200 js-temoins.umd.js Show response
static.mouv.desjardins.com/paas/accesdc-librairies/js-temoins/1.0.6/ 5 KB
2 KB 412ms
263ms Script
application/x-javascript 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mouv.desjardins.com/paas/accesdc-librairies/js-temoins/1.0.6/js-temoins.umd.js
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9631e3f88bcb4952f517953d27f9b9542b0996fec4544bd8d35c8b04bac8f875

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: "236a115-13e0-60e88520d3e97"
expires: Sun, 12 Oct 2025 14:12:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2081
date: Sat, 12 Oct 2024 14:12:57 GMT
last-modified: Tue, 09 Jan 2024 19:28:35 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 383 KB
114 KB 208ms
128ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WFMPND

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a3c34f1a91680cc466d5bf9a2450855bd3faa0146379ed3eda8d0dbebc45d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 12 Oct 2024 14:12:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 14:12:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 12 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 116519
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ruxitagentjs_ICA7NVfgqru_10299241001084140.js Show response
accweb.mouv.desjardins.com/identifiantunique/ 209 KB
100 KB 328ms
130ms Script
text/javascript 23.212.250.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://accweb.mouv.desjardins.com/identifiantunique/ruxitagentjs_ICA7NVfgqru_10299241001084140.js

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.250.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-212-250-14.deploy.static.akamaitechnologies.com

Software

Resource Hash

f05bc5539d7a83e53cd6abaf42a28fc55fa5be112682b1b3980f1b0d663f6527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
pragma: no-cache
expires: Sat, 12 Oct 2024 14:12:57 GMT
content-length: 101870
date: Sat, 12 Oct 2024 14:12:57 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
vary: Accept-Encoding

GET
H2 200 roboto-aw.css
www.desjardins.com/ressources/css/ 2 KB
507 B 357ms
86ms Stylesheet
text/css 23.13.152.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.desjardins.com/ressources/css/roboto-aw.css?v=1506707427000

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.13.152.71 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-13-152-71.deploy.static.akamaitechnologies.com

Software

Resource Hash

78ff7318b2b978573d889746e6abb1b6bfc636b2166a402c072ef8710be38dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: max-age=0, no-cache, no-store
content-encoding: br
etag: "941-57aeafa126a00"
pragma: no-cache
expires: Sat, 12 Oct 2024 14:12:57 GMT
accept-ranges: bytes
content-length: 292
date: Sat, 12 Oct 2024 14:12:57 GMT
content-type: text/css
last-modified: Mon, 19 Aug 2024 19:57:42 GMT

GET
H2 200 bootstrap.min.css
static.mouv.desjardins.com/fw/N3/1.21.1/lib/externe/bootstrap/3.4.1/css/ 187 KB
23 KB 269ms
121ms Stylesheet
text/css 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mouv.desjardins.com/fw/N3/1.21.1/lib/externe/bootstrap/3.4.1/css/bootstrap.min.css
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f530bbbccb8d924a0f705b4d211096cbd00c14fab3e230e29ed85ce2a37665aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: "981e3-2eb3c-5bbf23ff1c43d"
expires: Sun, 12 Oct 2025 14:12:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22958
date: Sat, 12 Oct 2024 14:12:57 GMT
last-modified: Mon, 22 Feb 2021 20:00:12 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 d2-0.min.css
static.mouv.desjardins.com/fw/N3/1.21.1/lib/interne/fwd-bootstrap/3.3/css/ 381 KB
49 KB 297ms
149ms Stylesheet
text/css 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mouv.desjardins.com/fw/N3/1.21.1/lib/interne/fwd-bootstrap/3.3/css/d2-0.min.css
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c11622dca4d38be3caa49de3a8fc7cd14bc7c1cf17b47833f04ec931fceb7664

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: "a4d85-5f4d1-5bbf2412090e4"
expires: Sun, 12 Oct 2025 14:12:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 50440
date: Sat, 12 Oct 2024 14:12:57 GMT
last-modified: Mon, 22 Feb 2021 20:00:32 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 styles.139097b7b656f3d1.css
static.mouv.desjardins.com/paas/accesdc-securite-org/authentification-presentation/1.0.1/ 108 KB
15 KB 328ms
181ms Stylesheet
text/css 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mouv.desjardins.com/paas/accesdc-securite-org/authentification-presentation/1.0.1/styles.139097b7b656f3d1.css
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8d4f99858202f24173d46785a9887f5ce8d2362823909135fce7d1f1270c399d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: "341d37-1ae7a-61a8ca3fc1dc2"
expires: Sun, 12 Oct 2025 14:12:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15230
date: Sat, 12 Oct 2024 14:12:57 GMT
last-modified: Mon, 10 Jun 2024 17:40:09 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 ac.js Show response
accesdc.mouv.desjardins.com/webapp/scripts/ac/v1/ 3 KB
1 KB 338ms
134ms Script
application/javascript 23.212.250.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://accesdc.mouv.desjardins.com/webapp/scripts/ac/v1/ac.js

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.250.18 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-212-250-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ae3ac494648fe337175fd62d5ef136a510d80f2248166d9ac9f3e7fb0188e3cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
etag: "013ddaf13cc0a8605624d2e5e443d8ddf"
pragma: no-cache
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 14:12:57 GMT
x-vcap-request-id: fc214de7-c24c-48c4-6c08-29d37cf2a170
content-length: 1182
x-xss-protection: 1; mode=block
date: Sat, 12 Oct 2024 14:12:57 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding

GET
H2 200 sec.js Show response
static.mouv.desjardins.com/paas/accesdc-securite-org/bc-sdk-scripts/1.1.2/ 803 KB
134 KB 409ms
262ms Script
application/x-javascript 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mouv.desjardins.com/paas/accesdc-securite-org/bc-sdk-scripts/1.1.2/sec.js
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d7c6d9ae1e9c8fb73b75492ec04d0903a73131cd01fa9bcecda16afc7876e4e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: "30d22f-c8c1d-610b839b38e37"
expires: Sun, 12 Oct 2025 14:12:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 136899
date: Sat, 12 Oct 2024 14:12:57 GMT
last-modified: Tue, 06 Feb 2024 15:28:08 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 scriptCookie.js Show response
static.desjardins.com/fw/cookie/ 3 KB
903 B 241ms
112ms Script
application/x-javascript 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.desjardins.com/fw/cookie/scriptCookie.js
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 27e78093c400d3d152cfc64ce3cf92f8d24e5b59de27b6c5dfba23802306bd65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: "36dd35d-ccf-6152f9c7b4366"
expires: Sun, 12 Oct 2025 14:12:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 711
date: Sat, 12 Oct 2024 14:12:57 GMT
last-modified: Wed, 03 Apr 2024 11:34:53 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 consentementDynatrace.js Show response
static.desjardins.com/fw/cookie-dynatrace/ 2 KB
880 B 244ms
114ms Script
application/x-javascript 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.desjardins.com/fw/cookie-dynatrace/consentementDynatrace.js
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 586dcafd6289a2e687646c9790332a8d368e673b84f8f6f7169afc368af290f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: "19ea8c-8cf-5f8946c3bb08f"
expires: Sun, 12 Oct 2025 14:12:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 688
date: Sat, 12 Oct 2024 14:12:57 GMT
last-modified: Wed, 05 Apr 2023 10:40:38 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202405.2.0/ 451 KB
110 KB 33ms
30ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

402dda334f81814b077c20d0d093636239c027f3e82996fd7c12cb91aa57540a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-md5: Ryx3T13YxV6i1yEKSnAPIA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E423ECD5E2
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 72576
x-content-type-options: nosniff
date: Sat, 12 Oct 2024 14:12:58 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 22:10:45 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 96934d7a-301e-0069-12ce-d7cc26000000
cf-ray: 8d17b0168c63a27b-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112015
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 1.34b9add74236326c85cf.chunk.js Show response
static.desjardins.com/fw/qualtrics/lastversion/js/ 238 KB
50 KB 162ms
114ms Script
application/x-javascript 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.desjardins.com/fw/qualtrics/lastversion/js/1.34b9add74236326c85cf.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=hostedjs&Q_DEBUG=1&Q_BRANDID=desjardins

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-34-105.deploy.static.akamaitechnologies.com

Software

Resource Hash

10939270924b28dc83c6076a4c8085ff7fc71e6ab62fb521fdf54792da3a488b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=0
content-encoding: gzip
etag: "3b960-60ac1d63494c0"
expires: Sat, 12 Oct 2024 14:12:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 50712
date: Sat, 12 Oct 2024 14:12:57 GMT
last-modified: Wed, 22 Nov 2023 18:24:59 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 404 lightbox_md.png
telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/assets/img/ 1 KB
1 KB 122ms
121ms Image
text/html 20.79.155.225
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/assets/img/lightbox_md.png
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 20.79.155.225 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Sat, 12 Oct 2024 14:12:57 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 jquery-3.5.1.min.js Show response
static.mouv.desjardins.com/fw/N3/1.21.1/lib/externe/jquery/3.5.1/ 105 KB
32 KB 358ms
297ms Script
application/x-javascript 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mouv.desjardins.com/fw/N3/1.21.1/lib/externe/jquery/3.5.1/jquery-3.5.1.min.js
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 26bdb28425f4d7199ba9f9414f4d14f8313da0e9faa78a4bc5275702a5620aaf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: "30a98ee-1a4e2-5bbf24104f27c"
expires: Sun, 12 Oct 2025 14:12:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33061
date: Sat, 12 Oct 2024 14:12:57 GMT
last-modified: Mon, 22 Feb 2021 20:00:30 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 bootstrap.min.js Show response
static.mouv.desjardins.com/fw/N3/1.21.1/lib/externe/bootstrap/3.4.1/js/ 39 KB
11 KB 302ms
300ms Script
application/x-javascript 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mouv.desjardins.com/fw/N3/1.21.1/lib/externe/bootstrap/3.4.1/js/bootstrap.min.js
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: "981e7-9b00-5bbf23ff202bd"
expires: Sun, 12 Oct 2025 14:12:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10940
date: Sat, 12 Oct 2024 14:12:57 GMT
last-modified: Mon, 22 Feb 2021 20:00:12 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H3 404 fwd-bootstrap.min.js
telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/assets/js/ 0
0 123ms
121ms Script
text/html 20.79.155.225
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/assets/js/fwd-bootstrap.min.js
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 20.79.155.225 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Sat, 12 Oct 2024 14:12:58 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H3 404 runtime.ffeff68a1714cae6.js
telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/ 0
0 122ms
121ms Script
text/html 20.79.155.225
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/runtime.ffeff68a1714cae6.js
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 20.79.155.225 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://telegrambottest.duckdns.org
Referer: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Sat, 12 Oct 2024 14:12:57 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H3 404 polyfills.06c1b09560faa93f.js
telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/ 0
0 121ms
120ms Script
text/html 20.79.155.225
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/polyfills.06c1b09560faa93f.js
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 20.79.155.225 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://telegrambottest.duckdns.org
Referer: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Sat, 12 Oct 2024 14:12:57 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H3 404 main.f52115199d47413b.js
telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/ 0
0 122ms
122ms Script
text/html 20.79.155.225
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/main.f52115199d47413b.js
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 20.79.155.225 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://telegrambottest.duckdns.org
Referer: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Sat, 12 Oct 2024 14:12:57 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 wHlwB Show response
accweb.mouv.desjardins.com/k-ALZi/Mp0Ru/mKDdL/mw/aL9DmLXQm8bG/ITk8VCBifQU/KUQlJGE/ 300 KB
100 KB 67ms
60ms Script
application/javascript 23.212.250.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accweb.mouv.desjardins.com/k-ALZi/Mp0Ru/mKDdL/mw/aL9DmLXQm8bG/ITk8VCBifQU/KUQlJGE/wHlwB
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-14.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8ef832cc6ab9f6898d7d4261e654395fc43f0ea5266cfa6bf923de5788ead8d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=21600, max-age=21600
content-encoding: br
etag: "37c54ca48dce2dd6f2812da8b3d43e25f760900af2c19f4e127d9303ffd1f5ea"
pragma: no-cache
expires: Sat, 12 Oct 2024 14:12:58 GMT
content-length: 101374
date: Sat, 12 Oct 2024 14:12:58 GMT
stored-attribute-sha-checksum: 8ef832cc6ab9f6898d7d4261e654395fc43f0ea5266cfa6bf923de5788ead8d4
last-modified: Tue, 03 Sep 2024 15:50:52 GMT
content-type: application/javascript

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 116ms
48ms Script
text/javascript 142.251.179.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6Lf6fp8eAAAAALK0IG3SEPUL03MfvJhlBm9DucvA&hl=en

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.103 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f103.1e100.net

Software

ESF /

Resource Hash

b634224561abe9cdc08be04873be951bbd7167f98fc4443953620fba2828c7bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 14:12:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sat, 12 Oct 2024 14:12:58 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 32ms
25ms Image
mage/png 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-md5: E8+sk/ECzKgTUVtDLikiIA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCE9619C095E55
age: 72570
cf-cache-status: HIT
x-content-type-options: nosniff
date: Sat, 12 Oct 2024 14:12:58 GMT
content-type: mage/png
last-modified: Thu, 10 Oct 2024 19:27:41 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 5535a687-b01e-005a-0158-1b950b000000
cf-ray: 8d17b0168c61a27b-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4036
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 33ms
27ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 58083
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 12 Oct 2024 14:12:58 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Oct 2024 19:27:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8ae8ad6d-d01e-008d-5f4f-1bdf2c000000
cf-ray: 8d17b0168c62a27b-YUL
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 OrchestratorMain.js Show response
static.desjardins.com/fw/qualtrics/lastversion/js/ 22 KB
7 KB 246ms
240ms Script
application/x-javascript 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.desjardins.com/fw/qualtrics/lastversion/js/OrchestratorMain.js
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: adab6b58a9218a16cfbec471c7e6ff48971df2f33379696510afcb8ae2862dfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=31536000
content-encoding: gzip
etag: "191458c-5868-60ac203fe6bbe"
expires: Sun, 12 Oct 2025 14:12:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6685
date: Sat, 12 Oct 2024 14:12:58 GMT
last-modified: Wed, 22 Nov 2023 18:37:47 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 e9872dc2-14af-4d30-b0e9-01b95a0b9ab1.json Show response
cdn.cookielaw.org/consent/e9872dc2-14af-4d30-b0e9-01b95a0b9ab1/ 4 KB
2 KB 72ms
35ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e9872dc2-14af-4d30-b0e9-01b95a0b9ab1/e9872dc2-14af-4d30-b0e9-01b95a0b9ab1.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccb6c88ab962f2dfce3ac233e6920f81b48316f0e304914efecbe3a3b2857797

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-md5: DHx7tM+AyqgJOwDtwqBnsw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DC870E181E380E
age: 6155
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sun, 13 Oct 2024 14:12:57 GMT
date: Sat, 12 Oct 2024 14:12:57 GMT
content-type: application/json
last-modified: Fri, 07 Jun 2024 16:22:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: faaab81c-401e-0088-7f94-1c2b53000000
cf-ray: 8d17b014fca9a288-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1572
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 eHJsPTUwNTBxMjE1NjQ2NHM4bzc1bzQwczNxOHBvbjE2OG4zcTRubjE0NXI=.gif
content-cdn.com/498/dWdnY2Y6Ly9ncnlydGVuem9iZ2dyZmcucWhweHFhZi5iZXQvSGNxbmdySXJldnNsQ2VmZiEvUXJmd25lcXZhZi8/ 42 B
183 B 142ms
32ms Image
image/gif 52.21.2.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-cdn.com/498/dWdnY2Y6Ly9ncnlydGVuem9iZ2dyZmcucWhweHFhZi5iZXQvSGNxbmdySXJldnNsQ2VmZiEvUXJmd25lcXZhZi8/eHJsPTUwNTBxMjE1NjQ2NHM4bzc1bzQwczNxOHBvbjE2OG4zcTRubjE0NXI=.gif

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.21.2.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-2-28.compute-1.amazonaws.com

Software

envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 42
date: Sat, 12 Oct 2024 14:12:58 GMT
x-envoy-upstream-service-time: 1
content-type: image/gif
vary: Origin
server: envoy

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 121ms
35ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://telegrambottest.duckdns.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d17b015c986a2e4-YUL
access-control-allow-origin: *
date: Sat, 12 Oct 2024 14:12:57 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
DATA 200
OK truncated
/ 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 226aa7a4feb77e78bf14f669953ce7bf4c68402272517b68d7e3a70ebec10e09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/css

GET
H2 200 e9872dc2-14af-4d30-b0e9-01b95a0b9ab1.json Show response
cdn.cookielaw.org/consent/e9872dc2-14af-4d30-b0e9-01b95a0b9ab1/ 4 KB
0 0ms
0ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e9872dc2-14af-4d30-b0e9-01b95a0b9ab1/e9872dc2-14af-4d30-b0e9-01b95a0b9ab1.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccb6c88ab962f2dfce3ac233e6920f81b48316f0e304914efecbe3a3b2857797

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-md5: DHx7tM+AyqgJOwDtwqBnsw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DC870E181E380E
age: 6155
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sun, 13 Oct 2024 14:12:57 GMT
date: Sat, 12 Oct 2024 14:12:57 GMT
content-type: application/json
last-modified: Fri, 07 Jun 2024 16:22:58 GMT
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: faaab81c-401e-0088-7f94-1c2b53000000
cf-ray: 8d17b014fca9a288-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1572
x-ms-blob-type: BlockBlob
server: cloudflare

GET 149e0d6e-d17d-450c-bd09-ce4b2d890da5
https://telegrambottest.duckdns.org/ Frame 0
0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
152 B 36ms
36ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://telegrambottest.duckdns.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d17b0168a6da2e4-YUL
access-control-allow-origin: *
date: Sat, 12 Oct 2024 14:12:58 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
DATA 200
OK truncated
/ 704 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3365b80f0cee873023bf61e1c859535f086dfeb1c5ecd171b8848bf8ca317a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 img-auth-desj.jpg
static.mouv.desjardins.com/paas/accesdc-securite-org/authentification-presentation/1.0.1/assets/img/ 70 KB
71 KB 230ms
228ms Image
image/jpeg 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mouv.desjardins.com/paas/accesdc-securite-org/authentification-presentation/1.0.1/assets/img/img-auth-desj.jpg
Requested by: Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 242c7f9b31db0c13a108b450adad63cf662c474aa04c25b0f03a8c21dfaa70b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "375381-11934-61a8ca3fc873a"
pragma: no-cache
expires: Sat, 12 Oct 2024 14:12:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 71988
date: Sat, 12 Oct 2024 14:12:58 GMT
last-modified: Mon, 10 Jun 2024 17:40:09 GMT
content-type: image/jpeg

GET
H2 200 Roboto-Regular.woff
static.desjardins.com/fonts/roboto/ 24 KB
25 KB 177ms
91ms Font
application/octet-stream 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.desjardins.com/fonts/roboto/Roboto-Regular.woff
Requested by: Host: www.desjardins.com
URL: https://www.desjardins.com/ressources/css/roboto-aw.css?v=1506707427000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://telegrambottest.duckdns.org
Referer: https://www.desjardins.com/

Response headers

cache-control: max-age=1790588
etag: "300014b-61bc-551e39606b000"
expires: Sat, 02 Nov 2024 07:36:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25020
date: Sat, 12 Oct 2024 14:12:58 GMT
last-modified: Wed, 14 Jun 2017 04:00:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a262df60dceadf67bfdd1fdcd8fd1fc940d332b874e227275aeaee49d878e018

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 739ea8ae25d70493cf41e78c049c481f5f6873ad7d9a2db1e65782f9b19f4b0c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a88fc5a5ca49cea2f4d26e6ed14d8abf24049c61673fd94a72fa6ec02188870

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5303c82e129a5b6eb9211cf97e52fc17fdd3ca99b4d4e6cc27157d34ae58e6e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/e9872dc2-14af-4d30-b0e9-01b95a0b9ab1/1cc63af5-2cf3-47db-af58-69c4a1b530b7/ 133 KB
28 KB 38ms
37ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e9872dc2-14af-4d30-b0e9-01b95a0b9ab1/1cc63af5-2cf3-47db-af58-69c4a1b530b7/en.json

Requested by

Host: accweb.mouv.desjardins.com
URL: https://accweb.mouv.desjardins.com/identifiantunique/ruxitagentjs_ICA7NVfgqru_10299241001084140.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2f2e3c03fad9e26e5e742f6a748b4f38d9fd93e3c844176387742bdc365e217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-md5: tSYwH8MNxSv/NZoSh2lnKQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DC870E18FBF47F
age: 6156
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sun, 13 Oct 2024 14:12:58 GMT
date: Sat, 12 Oct 2024 14:12:58 GMT
content-type: application/json
last-modified: Fri, 07 Jun 2024 16:22:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 379da6a4-901e-00ce-1294-1cf5c5000000
cf-ray: 8d17b0177f3ca288-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28120
x-ms-blob-type: BlockBlob
server: cloudflare

POST wHlwB
accweb.mouv.desjardins.com/k-ALZi/Mp0Ru/mKDdL/mw/aL9DmLXQm8bG/ITk8VCBifQU/KUQlJGE/ 0
0

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 2144 0
0 114ms
56ms Document
text/html 142.251.179.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf6fp8eAAAAALK0IG3SEPUL03MfvJhlBm9DucvA&co=aHR0cHM6Ly9hY2N3ZWIubW91di5kZXNqYXJkaW5zLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=n0xkph68eu25

Requested by

Host: telegrambottest.duckdns.org
URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f106.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B-CSJXm_2cLFPy1omIoDGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegrambottest.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-B-CSJXm_2cLFPy1omIoDGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Oct 2024 14:12:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 crossdomain.html
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 678F 0
0 211ms
29ms Document
text/html 2600:9000:244d:4400:a:6cdf:4440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Requested by: Host: static.mouv.desjardins.com
URL: https://static.mouv.desjardins.com/paas/accesdc-securite-org/bc-sdk-scripts/1.1.2/sec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:244d:4400:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://telegrambottest.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 20730
content-length: 221
content-type: text/html
date: Sat, 12 Oct 2024 08:27:29 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 0bdcc10f69b746cb367ceb51e88a3d1c.cloudfront.net (CloudFront)
x-amz-cf-id: yKQw0fKIvKPx8ELLOVcvj8JQAunDSe8ZldsvzTcx4iJfkeUz7fGl3Q==
x-amz-cf-pop: IAD61-P2
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 crossdomain.html
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame BAA5 0
0 207ms
30ms Document
text/html 2600:9000:24f3:ae00:1e:54f1:26c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Requested by: Host: static.mouv.desjardins.com
URL: https://static.mouv.desjardins.com/paas/accesdc-securite-org/bc-sdk-scripts/1.1.2/sec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f3:ae00:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://telegrambottest.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 17286
content-length: 221
content-type: text/html
date: Sat, 12 Oct 2024 09:24:53 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 9ac471895811a7ff78c729bcc099e068.cloudfront.net (CloudFront)
x-amz-cf-id: 4nCRcLSj9DOhy86Tjtkw6DSIwGFP6IbXmJ1z7rJqGde7QTlCyvfP0A==
x-amz-cf-pop: IAD55-P2
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 crossdomain.html
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame AD84 0
0 146ms
28ms Document
text/html 2600:9000:2073:2800:13:ab57:d440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Requested by: Host: static.mouv.desjardins.com
URL: https://static.mouv.desjardins.com/paas/accesdc-securite-org/bc-sdk-scripts/1.1.2/sec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2073:2800:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://telegrambottest.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 82121
content-length: 221
content-type: text/html
date: Fri, 11 Oct 2024 15:24:18 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
x-amz-cf-id: nloM1TjZJBGEEvWPiQ1OmoIjq2b0Cy5hxj09KNlDwa7mxPqdk1MwNg==
x-amz-cf-pop: IAD50-C2
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/ 546 KB
216 KB 38ms
37ms Script
text/javascript 173.194.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lf6fp8eAAAAALK0IG3SEPUL03MfvJhlBm9DucvA&hl=en

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f94.1e100.net

Software

sffe /

Resource Hash

5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://telegrambottest.duckdns.org
Referer: https://telegrambottest.duckdns.org/

Response headers

content-encoding: gzip
age: 260872
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 13:45:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 13:45:06 GMT
last-modified: Mon, 07 Oct 2024 04:02:51 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220951
x-xss-protection: 0
server: sffe

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/ 9 KB
3 KB 28ms
26ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCenterRounded.json

Requested by

Host: accweb.mouv.desjardins.com
URL: https://accweb.mouv.desjardins.com/identifiantunique/ruxitagentjs_ICA7NVfgqru_10299241001084140.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1bc0b181617d553a69d6c20ada9495d7a8efe04ca9f098c965ec0758ba7a114

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-md5: mPFWl2a3UR06DZ1cx/YBSQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E42003D45E
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 6155
x-content-type-options: nosniff
date: Sat, 12 Oct 2024 14:12:58 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 22:10:38 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 24190159-901e-0020-7e94-1cff46000000
cf-ray: 8d17b01a7ab4a288-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2612
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/v2/ 62 KB
13 KB 31ms
29ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/v2/otPcCenter.json

Requested by

Host: accweb.mouv.desjardins.com
URL: https://accweb.mouv.desjardins.com/identifiantunique/ruxitagentjs_ICA7NVfgqru_10299241001084140.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d5103576ca3021541a6eb4ece82f19b2b2ac610297ccb565da0fdcc8bf479e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-md5: ndTXzqjNmA00/Jt9SANbwQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E420E2D96B
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 6155
x-content-type-options: nosniff
date: Sat, 12 Oct 2024 14:12:58 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 22:10:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 52e9825b-b01e-00d2-1894-1c2dd2000000
cf-ray: 8d17b01a7ab6a288-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12748
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/ 24 KB
4 KB 31ms
29ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCommonStyles.css

Requested by

Host: accweb.mouv.desjardins.com
URL: https://accweb.mouv.desjardins.com/identifiantunique/ruxitagentjs_ICA7NVfgqru_10299241001084140.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-md5: 9eusssrwoAzVOVsIadvhfQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 6155
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 12 Oct 2024 14:12:58 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 22:10:51 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 379daf91-901e-00ce-0294-1cf5c5000000
cf-ray: 8d17b01a7ab7a288-YUL
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H2 200 Targeting.php Show response
znaad7u8yzaqhmmxx-desjardins.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
2 KB 206ms
114ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znaad7u8yzaqhmmxx-desjardins.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_InterceptID=SI_doJQr7eBQ2q0GCF&Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=hostedjs

Requested by

Host: static.desjardins.com
URL: https://static.desjardins.com/fw/qualtrics/lastversion/js/1.34b9add74236326c85cf.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=hostedjs&Q_DEBUG=1&Q_BRANDID=desjardins

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66e9d0ef2a851ddfae5b3e1229b41ac4a8f9b896501f53bb7c3a457a16e7e47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://telegrambottest.duckdns.org/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
date: Sat, 12 Oct 2024 14:12:58 GMT
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
trace-id: 422154be12e626ee
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d17b01bbb4e7c87-EWR
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: https://telegrambottest.duckdns.org
server: cloudflare

POST wHlwB
accweb.mouv.desjardins.com/k-ALZi/Mp0Ru/mKDdL/mw/aL9DmLXQm8bG/ITk8VCBifQU/KUQlJGE/ 0
0

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame BEF8 0
0 50ms
49ms Document
text/html 142.251.179.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf6fp8eAAAAALK0IG3SEPUL03MfvJhlBm9DucvA&co=aHR0cHM6Ly90ZWxlZ3JhbWJvdHRlc3QuZHVja2Rucy5vcmc6NDQz&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=y2a34jpars2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f106.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ckP3zDR-hoZ0lwUpyjyiZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegrambottest.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ckP3zDR-hoZ0lwUpyjyiZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Oct 2024 14:12:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
518 B 32ms
31ms Fetch
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: accweb.mouv.desjardins.com
URL: https://accweb.mouv.desjardins.com/identifiantunique/ruxitagentjs_ICA7NVfgqru_10299241001084140.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 28041
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 12 Oct 2024 14:12:59 GMT
content-type: image/svg+xml
last-modified: Sat, 12 Oct 2024 02:22:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: f55c1cc0-301e-0062-046f-1cd452000000
cf-ray: 8d17b01d5d33a288-YUL
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H2 200 Targeting.php Show response
znaad7u8yzaqhmmxx-desjardins.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 122ms
121ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znaad7u8yzaqhmmxx-desjardins.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_InterceptID=SI_doJQr7eBQ2q0GCF&Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=hostedjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66e9d0ef2a851ddfae5b3e1229b41ac4a8f9b896501f53bb7c3a457a16e7e47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://telegrambottest.duckdns.org/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
date: Sat, 12 Oct 2024 14:12:59 GMT
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
trace-id: 563611639f1c89dc
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d17b01e4e0b7c87-EWR
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: https://telegrambottest.duckdns.org
server: cloudflare

GET
H2 200 desjardins.ico
static.mouv.desjardins.com/paas/accesdc-securite-org/authentification-presentation/1.0.1/assets/img/favicon/ 15 KB
15 KB 103ms
103ms Other
image/x-icon 184.25.34.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mouv.desjardins.com/paas/accesdc-securite-org/authentification-presentation/1.0.1/assets/img/favicon/desjardins.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.34.105 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-34-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9f2b36f3f6ef0fb253962390f4a2c90e8053455452235e3fa06080df29481afa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://telegrambottest.duckdns.org/

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "19b37cf-3aee-61a8ca3fca67a"
pragma: no-cache
expires: Sat, 12 Oct 2024 14:12:59 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15086
date: Sat, 12 Oct 2024 14:12:59 GMT
last-modified: Mon, 10 Jun 2024 17:40:09 GMT
content-type: image/x-icon

POST wHlwB
accweb.mouv.desjardins.com/k-ALZi/Mp0Ru/mKDdL/mw/aL9DmLXQm8bG/ITk8VCBifQU/KUQlJGE/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: telegrambottest.duckdns.org
URL: blob:https://telegrambottest.duckdns.org/149e0d6e-d17d-450c-bd09-ce4b2d890da5

Domain: accweb.mouv.desjardins.com
URL: https://accweb.mouv.desjardins.com/k-ALZi/Mp0Ru/mKDdL/mw/aL9DmLXQm8bG/ITk8VCBifQU/KUQlJGE/wHlwB

Domain: accweb.mouv.desjardins.com
URL: https://accweb.mouv.desjardins.com/k-ALZi/Mp0Ru/mKDdL/mw/aL9DmLXQm8bG/ITk8VCBifQU/KUQlJGE/wHlwB

Domain: accweb.mouv.desjardins.com
URL: https://accweb.mouv.desjardins.com/k-ALZi/Mp0Ru/mKDdL/mw/aL9DmLXQm8bG/ITk8VCBifQU/KUQlJGE/wHlwB

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DesJardins (Financial)

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
telegrambottest.duckdns.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: ko05suro1f3vlc1th0l74g6nii
.telegrambottest.duckdns.org/	1969-12-31 23:59:59	Name: cdContextId Value: 1
.telegrambottest.duckdns.org/	1970-01-21 08:57:58	Name: bmuid Value: 1728742377977-30E1622A-CFDD-4348-8DC3-1E336DF6B8EC
.telegrambottest.duckdns.org/	1970-01-21 00:12:25	Name: cdSNum Value: fictional_sid

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/assets/img/lightbox_md.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/polyfills.06c1b09560faa93f.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/runtime.ffeff68a1714cae6.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/main.f52115199d47413b.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/assets/js/fwd-bootstrap.min.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e(Line 9789) Message: Access to XMLHttpRequest at 'https://accweb.mouv.desjardins.com/k-ALZi/Mp0Ru/mKDdL/mw/aL9DmLXQm8bG/ITk8VCBifQU/KUQlJGE/wHlwB' from origin 'https://telegrambottest.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://accweb.mouv.desjardins.com/k-ALZi/Mp0Ru/mKDdL/mw/aL9DmLXQm8bG/ITk8VCBifQU/KUQlJGE/wHlwB Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e Message: Access to XMLHttpRequest at 'https://accweb.mouv.desjardins.com/k-ALZi/Mp0Ru/mKDdL/mw/aL9DmLXQm8bG/ITk8VCBifQU/KUQlJGE/wHlwB' from origin 'https://telegrambottest.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://accweb.mouv.desjardins.com/k-ALZi/Mp0Ru/mKDdL/mw/aL9DmLXQm8bG/ITk8VCBifQU/KUQlJGE/wHlwB Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://telegrambottest.duckdns.org/UpdateVerifyPrss!/Desjardins/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e Message: Access to XMLHttpRequest at 'https://accweb.mouv.desjardins.com/k-ALZi/Mp0Ru/mKDdL/mw/aL9DmLXQm8bG/ITk8VCBifQU/KUQlJGE/wHlwB' from origin 'https://telegrambottest.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://accweb.mouv.desjardins.com/k-ALZi/Mp0Ru/mKDdL/mw/aL9DmLXQm8bG/ITk8VCBifQU/KUQlJGE/wHlwB Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.a79ab95c1589a13f8a4cab612bc71f9f7.com
1.b406929acabac9b095f124c81bdfcf57f.com
1.c81358859121583b7adf2ace89cb39f44.com
accesdc.mouv.desjardins.com
accweb.mouv.desjardins.com
cdn.cookielaw.org
content-cdn.com
geolocation.onetrust.com
static.desjardins.com
static.mouv.desjardins.com
telegrambottest.duckdns.org
www.desjardins.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
znaad7u8yzaqhmmxx-desjardins.siteintercept.qualtrics.com
accweb.mouv.desjardins.com
telegrambottest.duckdns.org
104.17.208.240
142.251.179.103
142.251.179.106
173.194.68.94
184.25.34.105
20.79.155.225
23.13.152.71
23.212.250.14
23.212.250.18
2600:9000:2073:2800:13:ab57:d440:93a1
2600:9000:244d:4400:a:6cdf:4440:93a1
2600:9000:24f3:ae00:1e:54f1:26c0:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:562a
2607:f8b0:400d:c03::61
2607:f8b0:400d:c09::8b
52.21.2.28
10939270924b28dc83c6076a4c8085ff7fc71e6ab62fb521fdf54792da3a488b
226aa7a4feb77e78bf14f669953ce7bf4c68402272517b68d7e3a70ebec10e09
242c7f9b31db0c13a108b450adad63cf662c474aa04c25b0f03a8c21dfaa70b6
26bdb28425f4d7199ba9f9414f4d14f8313da0e9faa78a4bc5275702a5620aaf
27e78093c400d3d152cfc64ce3cf92f8d24e5b59de27b6c5dfba23802306bd65
2a3c34f1a91680cc466d5bf9a2450855bd3faa0146379ed3eda8d0dbebc45d61
2a88fc5a5ca49cea2f4d26e6ed14d8abf24049c61673fd94a72fa6ec02188870
31e6fe4f027ce3288c1434f19fa65b0856ace053a055eddbfe5e050e0f483ce0
402dda334f81814b077c20d0d093636239c027f3e82996fd7c12cb91aa57540a
47d5005b621c871a0f20d54e18161ba3a2370327a8e5b333ae62d3173072ea28
5303c82e129a5b6eb9211cf97e52fc17fdd3ca99b4d4e6cc27157d34ae58e6e0
586dcafd6289a2e687646c9790332a8d368e673b84f8f6f7169afc368af290f8
5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
66e9d0ef2a851ddfae5b3e1229b41ac4a8f9b896501f53bb7c3a457a16e7e47e
676635addfd55d2f3f483bde69ebb92f16b2419ac247123f50a1d443364cdb63
679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
739ea8ae25d70493cf41e78c049c481f5f6873ad7d9a2db1e65782f9b19f4b0c
78ff7318b2b978573d889746e6abb1b6bfc636b2166a402c072ef8710be38dac
8d4f99858202f24173d46785a9887f5ce8d2362823909135fce7d1f1270c399d
8ef832cc6ab9f6898d7d4261e654395fc43f0ea5266cfa6bf923de5788ead8d4
9631e3f88bcb4952f517953d27f9b9542b0996fec4544bd8d35c8b04bac8f875
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9f2b36f3f6ef0fb253962390f4a2c90e8053455452235e3fa06080df29481afa
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe
a262df60dceadf67bfdd1fdcd8fd1fc940d332b874e227275aeaee49d878e018
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
adab6b58a9218a16cfbec471c7e6ff48971df2f33379696510afcb8ae2862dfb
ae3ac494648fe337175fd62d5ef136a510d80f2248166d9ac9f3e7fb0188e3cf
b1bc0b181617d553a69d6c20ada9495d7a8efe04ca9f098c965ec0758ba7a114
b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731
b634224561abe9cdc08be04873be951bbd7167f98fc4443953620fba2828c7bb
c11622dca4d38be3caa49de3a8fc7cd14bc7c1cf17b47833f04ec931fceb7664
c2f2e3c03fad9e26e5e742f6a748b4f38d9fd93e3c844176387742bdc365e217
c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa
ccb6c88ab962f2dfce3ac233e6920f81b48316f0e304914efecbe3a3b2857797
d3365b80f0cee873023bf61e1c859535f086dfeb1c5ecd171b8848bf8ca317a6
d7c6d9ae1e9c8fb73b75492ec04d0903a73131cd01fa9bcecda16afc7876e4e9
db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e98f2910667691972fdfe608cc71d782809dc1e66034bc344ab10f3bde7fa276
ed76e022cc86b4dcbde13cd21a2e038ffd682f9edc23d1b21895154836198b6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f05bc5539d7a83e53cd6abaf42a28fc55fa5be112682b1b3980f1b0d663f6527
f2c1c4e782ed93a97c3f82ad15ec9496a9d52eeb0d7e834ff6d382c89841456b
f4d5103576ca3021541a6eb4ece82f19b2b2ac610297ccb565da0fdcc8bf479e
f530bbbccb8d924a0f705b4d211096cbd00c14fab3e230e29ed85ce2a37665aa

telegrambottest.duckdns.org Open in urlscan Pro 20.79.155.225 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

93 %HTTPS

41 %IPv6

13 Domains

17 Subdomains

18 IPs

3 Countries

1649 kBTransfer

5813 kBSize

4 Cookies

25 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

telegrambottest.duckdns.org Open in urlscan Pro
20.79.155.225 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

93 %
HTTPS

41 %
IPv6

13
Domains

17
Subdomains

18
IPs

3
Countries

1649 kB
Transfer

5813 kB
Size

4
Cookies

59 HTTP transactions
6 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!