urlscan.io logo urlscan.io
SecurityTrails logo

client.xefi.fr Open in urlscan Pro
134.90.140.18  Public Scan

Go To Rescan Add Verdict Report
URL: https://client.xefi.fr/
Submission: On September 20 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 6 domains to perform 20 HTTP transactions. The main IP is 134.90.140.18, located in Oyonnax, France and belongs to XEFI, FR. The main domain is client.xefi.fr.
TLS certificate: Issued by Thawte TLS RSA CA G1 on February 26th 2018. Valid for: 2 years.
This is the only time client.xefi.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 134.90.140.18 198330 (XEFI)
2 185.199.111.153 54113 (FASTLY)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 185.199.110.153 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
20 6
12    134.90.140.18 (Oyonnax, France)

ASN198330 (XEFI, FR)
client.xefi.fr
2    185.199.111.153 (United States)

ASN54113 (FASTLY - Fastly, US)
designmodo.github.io
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
1    185.199.110.153 (United States)

ASN54113 (FASTLY - Fastly, US)
daneden.github.io
1    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
Domain Requested by
12 client.xefi.fr client.xefi.fr
2 connect.facebook.net client.xefi.fr
connect.facebook.net
2 designmodo.github.io client.xefi.fr
1 staticxx.facebook.com connect.facebook.net
1 fonts.googleapis.com client.xefi.fr
1 daneden.github.io client.xefi.fr
1 maxcdn.bootstrapcdn.com client.xefi.fr
20 7

This site contains no links.

Subject Issuer Validity Valid
*.xefi.fr
Thawte TLS RSA CA G1		 2018-02-26 -
2019-10-14		 2 years crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA		 2018-06-27 -
2020-06-20		 2 years crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-03 -
2019-10-12		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-08-24 -
2019-10-19		 2 months crt.sh

This page contains 2 frames:

Primary Page: https://client.xefi.fr/
Frame ID: FC501D3ACCA0E4004BD8B4554AAEB84E
Requests: 19 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 55008FD8A753CE5A940A300FB25A589E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

6
IPs

5
Countries

503 kB
Transfer

857 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
client.xefi.fr/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://client.xefi.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.90.140.18 Oyonnax, France, ASN198330 (XEFI, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2a8352724035fc1a52bae034fa8e9d4ad6df05a7dea33ecfe2598ea7ec90aff1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
client.xefi.fr
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
server
Microsoft-IIS/10.0
x-aspnetmvc-version
5.2
x-frame-options
SAMEORIGIN
x-aspnet-version
4.0.30319
set-cookie
__RequestVerificationToken=rjDwxZL_H9dn1L65MAvHHxZu6E6raoBCEf2F_H3BIdQ321bUiNJ1d7awy7jPQvUtWkd8CPulwaPRDth-vE4Aita8bDI6YtixQZIIPjxhxYw1; path=/; HttpOnly
x-powered-by
ASP.NET
date
Fri, 20 Sep 2019 13:58:24 GMT
content-length
4611
Menu.less
client.xefi.fr/Content/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.xefi.fr/Content/Menu.less
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.90.140.18 Oyonnax, France, ASN198330 (XEFI, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f1f5d78e267ab7b9898d806efc2d98d53c151a591b96e9e71d0f5bc4fb0870dd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://client.xefi.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 13:58:24 GMT
content-encoding
gzip
etag
"lNSxZ8dqVx4Zx7KPV0tRFx22kCczyShO6LjnzTwjBIA="
last-modified
Wed, 27 Dec 2017 14:24:48 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
*
content-type
text/css; charset=utf-8
status
200
cache-control
public
content-length
1534
expires
Fri, 27 Sep 2019 10:48:04 GMT
css
client.xefi.fr/Content/ 		92 KB
92 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.xefi.fr/Content/css?v=Vn8GqRBDKIcGqT2ZFraUt_iuA1i56bsjQt1AlgPuVRw1
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.90.140.18 Oyonnax, France, ASN198330 (XEFI, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66fd9b168083beaa4230d6b2038860aba8308043f66b5f6ac6fb9dd9a33869f4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://client.xefi.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 13:58:24 GMT
last-modified
Fri, 20 Sep 2019 13:58:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/css; charset=utf-8
status
200
cache-control
public
content-length
94457
expires
Sat, 19 Sep 2020 13:58:24 GMT
modernizr-2.6.2.js
client.xefi.fr/Scripts/ 		50 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.xefi.fr/Scripts/modernizr-2.6.2.js
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.90.140.18 Oyonnax, France, ASN198330 (XEFI, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a06c8a7e392e128a69c6b160cd54d613191a3446f24c8adff3cb93d916fc8fe7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://client.xefi.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 13:58:24 GMT
last-modified
Sat, 02 Dec 2017 15:29:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"822c9b57826bd31:0"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
51458
login
client.xefi.fr/Content/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.xefi.fr/Content/login?v=_1hlG3XO3fRNR1uuz13TNKc6NnNqqgCV_GEVxI10tzY1
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.90.140.18 Oyonnax, France, ASN198330 (XEFI, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
199959831b198ffcfec9698586ad5495081fe8ff87e99f97d5ecb8e2aa8a3f6d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://client.xefi.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 13:58:24 GMT
last-modified
Fri, 20 Sep 2019 13:58:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/css; charset=utf-8
status
200
cache-control
public
content-length
3573
expires
Sat, 19 Sep 2020 13:58:24 GMT
logoxefi.png
client.xefi.fr/Content/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.xefi.fr/Content/logoxefi.png
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.90.140.18 Oyonnax, France, ASN198330 (XEFI, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fb84b86231faf2848edcb06f25703b4ac874a72bffa3236b309381d2d3891be1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://client.xefi.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 13:58:24 GMT
last-modified
Sat, 02 Dec 2017 16:00:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"862552a7866bd31:0"
content-type
image/png
status
200
accept-ranges
bytes
content-length
53165
jquery
client.xefi.fr/bundles/ 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.xefi.fr/bundles/jquery?v=FVs3ACwOLIVInrAl5sdzR2jrCDmVOWFbZMY6g6Q0ulE1
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.90.140.18 Oyonnax, France, ASN198330 (XEFI, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8e36a92b48ce8c4a823f7703ae2b1d91a96baf49a3c5c20fa0441df4c20bb3ec

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://client.xefi.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 13:58:24 GMT
last-modified
Fri, 20 Sep 2019 13:58:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/javascript; charset=utf-8
status
200
cache-control
public
content-length
93078
expires
Sat, 19 Sep 2020 13:58:24 GMT
Menu
client.xefi.fr/bundles/ 		334 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.xefi.fr/bundles/Menu?v=IXrkfbMG_IhrBBcXkm0mHKMXYvGd2XuRfSzvq-aTnfc1
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.90.140.18 Oyonnax, France, ASN198330 (XEFI, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aa2176d618afb3d8044f4ece20b0e2d8365fc89d435ff3ed8d3f68fb2be881c2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://client.xefi.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 13:58:24 GMT
last-modified
Fri, 20 Sep 2019 13:58:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/javascript; charset=utf-8
status
200
cache-control
public
content-length
334
expires
Sat, 19 Sep 2020 13:58:24 GMT
bootstrap
client.xefi.fr/bundles/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.xefi.fr/bundles/bootstrap?v=WnOENM4V9bmdDC-9oBlSxHCS2nTdKqiEgBunrWMz1BQ1
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.90.140.18 Oyonnax, France, ASN198330 (XEFI, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6f5d2e59682f06e7f6439b0dedba12cc360ae1500be78ed4083041c288039f27

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://client.xefi.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 13:58:24 GMT
last-modified
Fri, 20 Sep 2019 13:58:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/javascript; charset=utf-8
status
200
cache-control
public
content-length
27819
expires
Sat, 19 Sep 2020 13:58:24 GMT
login
client.xefi.fr/bundles/ 		396 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.xefi.fr/bundles/login?v=DCSWeZ1MlNaAuSEDG6x3IIe9h2AiP9UWKktWjgA-h5M1
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.90.140.18 Oyonnax, France, ASN198330 (XEFI, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5cb00392cbf1c2b64b99195a5b71bc16b8b5462516bf273ae84ba6172feb5fd1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://client.xefi.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 13:58:24 GMT
last-modified
Fri, 20 Sep 2019 13:58:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/javascript; charset=utf-8
status
200
cache-control
public
content-length
396
expires
Sat, 19 Sep 2020 13:58:24 GMT
flat-ui.min.css
designmodo.github.io/Flat-UI/dist/css/ 		161 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://designmodo.github.io/Flat-UI/dist/css/flat-ui.min.css
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
b83fb0b19234d27bc5186b106d49f6509eca32cb5875d25b096043a7f1c1f435

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://client.xefi.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
2a0c0a933bcb8d4ea28418cc3d3790ef752a5ee9
date
Fri, 20 Sep 2019 13:58:24 GMT
content-encoding
gzip
age
128
x-cache
HIT
status
200
content-length
25300
x-served-by
cache-fra19173-FRA
access-control-allow-origin
*
last-modified
Fri, 04 May 2018 10:29:49 GMT
server
GitHub.com
x-github-request-id
700C:3B7E:71E932:95C98D:5D846E80
x-timer
S1568987904.475826,VS0,VE1
etag
W/"5aec361d-28367"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Fri, 20 Sep 2019 06:03:01 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
HIT
x-cache-hits
1
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://client.xefi.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 13:58:24 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
status
200
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
6079
animate.min.css
daneden.github.io/animate.css/ 		57 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://daneden.github.io/animate.css/animate.min.css
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://client.xefi.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
f625f9fd166d85575d993ff70fe39d6b7b57c908
date
Fri, 20 Sep 2019 13:58:24 GMT
content-encoding
gzip
age
109
x-cache
HIT
status
200
content-length
4431
x-served-by
cache-hhn4054-HHN
access-control-allow-origin
*
last-modified
Fri, 26 Jul 2019 16:26:51 GMT
server
GitHub.com
x-github-request-id
389A:1CE9:911C5:C0ECF:5D783373
x-timer
S1568987904.475701,VS0,VE0
etag
W/"5d3b29cb-e311"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Tue, 10 Sep 2019 23:38:55 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
HIT
x-cache-hits
7
GothamBook.woff
client.xefi.fr/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://client.xefi.fr/fonts/GothamBook.woff
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/Scripts/modernizr-2.6.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.90.140.18 Oyonnax, France, ASN198330 (XEFI, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bc69616764a4f3fed8a7f0e096f391a0f9591cd50da98b7c5a5efd80d73b19e4

Request headers

Sec-Fetch-Mode
cors
Referer
https://client.xefi.fr/Content/css?v=Vn8GqRBDKIcGqT2ZFraUt_iuA1i56bsjQt1AlgPuVRw1
Origin
https://client.xefi.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 13:58:24 GMT
last-modified
Mon, 11 Dec 2017 22:08:49 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"4fa9d9fcc72d31:0"
content-type
font/x-woff
status
200
accept-ranges
bytes
content-length
26900
css
fonts.googleapis.com/ 		5 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
503be6067d9534da173b7ed7904c9a8df447bb069a0febe58e74fda3d6f2bc9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://client.xefi.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 20 Sep 2019 13:58:24 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 20 Sep 2019 13:58:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 20 Sep 2019 13:58:24 GMT
sdk.js
connect.facebook.net/fr_FR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/fr_FR/sdk.js
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f07cbe709cdd9aca5eec68fe01edd7412501097232ab1ee7046954569acec374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://client.xefi.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
duKligC0y/Gbxd8DyyMpug==
status
200
content-length
1780
etag
"5a62e3536048655d3c1c79593d0aab60"
x-fb-debug
KoJVOI8OKUSLGNgEfSXzbs7Jrc3pB5TcKhLxLuWb5yjUH5GxekXrX8cR6Lf9RcQVxQqhI/9wlA6o2+l8h0qARQ==
x-fb-trip-id
420120009
x-fb-content-md5
fb58aa2f6921420193e665d8df9313f4
x-frame-options
DENY
date
Fri, 20 Sep 2019 13:58:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 20 Sep 2019 14:03:11 GMT
gotham-bold-1361523260.woff
client.xefi.fr/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://client.xefi.fr/fonts/gotham-bold-1361523260.woff
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.90.140.18 Oyonnax, France, ASN198330 (XEFI, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3eb36f90806111ff899c142bf13467e01eb029adca3b869883747a476454e968

Request headers

Sec-Fetch-Mode
cors
Referer
https://client.xefi.fr/Content/css?v=Vn8GqRBDKIcGqT2ZFraUt_iuA1i56bsjQt1AlgPuVRw1
Origin
https://client.xefi.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 13:58:24 GMT
last-modified
Mon, 11 Dec 2017 22:08:49 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f75ad9fcc72d31:0"
content-type
font/x-woff
status
200
accept-ranges
bytes
content-length
22284
lato-light.woff
designmodo.github.io/Flat-UI/dist/fonts/lato/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://designmodo.github.io/Flat-UI/dist/fonts/lato/lato-light.woff
Requested by
Host: client.xefi.fr
URL: https://client.xefi.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
f653fc595da917c516a1fd1713515bca59f3857335fd264552993fa9bc9617ad

Request headers

Sec-Fetch-Mode
cors
Referer
https://designmodo.github.io/Flat-UI/dist/css/flat-ui.min.css
Origin
https://client.xefi.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
91c618c7b5a7cc6054fd66b52b1fdc0322e045f6
date
Fri, 20 Sep 2019 13:58:24 GMT
via
1.1 varnish
age
4
x-cache
HIT
status
200
content-length
34608
x-served-by
cache-fra19138-FRA
last-modified
Fri, 04 May 2018 10:29:49 GMT
server
GitHub.com
x-github-request-id
E576:36D4:521E72:6930DB:5D846CAE
x-timer
S1568987905.591711,VS0,VE1
etag
"5aec361d-8730"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
expires
Fri, 20 Sep 2019 06:17:42 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
1
sdk.js
connect.facebook.net/fr_FR/ 		195 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/fr_FR/sdk.js?hash=62204b227f2948c069fa5bb7e57e5cca&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a3a8b1d4a75baa6d92581ca8c915bf017b4b30e5d30133189e5e57a213cea43f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://client.xefi.fr/
Origin
https://client.xefi.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
dPUv8YDBZRvwZdHKAHcO1Q==
status
200
content-length
59207
etag
"3f4100c2e7e8a1042e9729780a969fc6"
x-fb-debug
+rKwWGsYjzcFlvW0ndepvsPrlX3pecTOyWWQo9gKiMYTA6imV8pZd18+2KgA0mFESG87cK2CnLxf1wo3me9xhg==
x-fb-trip-id
420120009
x-fb-content-md5
835312a49046111258b9a9240b1b7f50
x-frame-options
DENY
date
Fri, 20 Sep 2019 13:58:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Sat, 19 Sep 2020 11:40:55 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 5500 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=62204b227f2948c069fa5bb7e57e5cca&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://client.xefi.fr/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://client.xefi.fr/

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Fri, 18 Sep 2020 22:28:08 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
WXRvnisSb8HnPE13hl9MKA+CN/uRJWK2dlfLOgXBtdutwhOi0oP48ds4KLGiuYPgekyMLXdr278V9LALaCKGlQ==
content-length
11816
x-fb-trip-id
420120009
date
Fri, 20 Sep 2019 13:58:24 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| html5 object| Modernizr function| $ function| jQuery object| jQuery11020313082122450252 object| FB function| cambio

1 Cookies

Domain/Path Name / Value
client.xefi.fr/ Name: __RequestVerificationToken
Value: rjDwxZL_H9dn1L65MAvHHxZu6E6raoBCEf2F_H3BIdQ321bUiNJ1d7awy7jPQvUtWkd8CPulwaPRDth-vE4Aita8bDI6YtixQZIIPjxhxYw1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client.xefi.fr
connect.facebook.net
daneden.github.io
designmodo.github.io
fonts.googleapis.com
maxcdn.bootstrapcdn.com
staticxx.facebook.com
134.90.140.18
185.199.110.153
185.199.111.153
2001:4de0:ac19::1:b:3a
2a00:1450:4001:81f::200a
2a03:2880:f02d:12:face:b00c:0:3
199959831b198ffcfec9698586ad5495081fe8ff87e99f97d5ecb8e2aa8a3f6d
2a8352724035fc1a52bae034fa8e9d4ad6df05a7dea33ecfe2598ea7ec90aff1
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
3eb36f90806111ff899c142bf13467e01eb029adca3b869883747a476454e968
503be6067d9534da173b7ed7904c9a8df447bb069a0febe58e74fda3d6f2bc9b
5cb00392cbf1c2b64b99195a5b71bc16b8b5462516bf273ae84ba6172feb5fd1
66fd9b168083beaa4230d6b2038860aba8308043f66b5f6ac6fb9dd9a33869f4
6f5d2e59682f06e7f6439b0dedba12cc360ae1500be78ed4083041c288039f27
8e36a92b48ce8c4a823f7703ae2b1d91a96baf49a3c5c20fa0441df4c20bb3ec
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
a06c8a7e392e128a69c6b160cd54d613191a3446f24c8adff3cb93d916fc8fe7
a3a8b1d4a75baa6d92581ca8c915bf017b4b30e5d30133189e5e57a213cea43f
aa2176d618afb3d8044f4ece20b0e2d8365fc89d435ff3ed8d3f68fb2be881c2
b83fb0b19234d27bc5186b106d49f6509eca32cb5875d25b096043a7f1c1f435
bc69616764a4f3fed8a7f0e096f391a0f9591cd50da98b7c5a5efd80d73b19e4
f07cbe709cdd9aca5eec68fe01edd7412501097232ab1ee7046954569acec374
f1f5d78e267ab7b9898d806efc2d98d53c151a591b96e9e71d0f5bc4fb0870dd
f653fc595da917c516a1fd1713515bca59f3857335fd264552993fa9bc9617ad
fb84b86231faf2848edcb06f25703b4ac874a72bffa3236b309381d2d3891be1