cf61059.tw1.ru Open in urlscan Pro
2a03:6f00:1::5c35:608f  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request loginform.php Show response cf61059.tw1.ru/item/	9 KB 2 KB	981ms 812ms	Document text/html	2a03:6f00:1::5c35:608f TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://cf61059.tw1.ru/item/loginform.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:1::5c35:608f , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash 83b5738bb9447fb6a808ff5ad4208d8a1803e637f6c1064875321db1f3cdfd47 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 05 Mar 2024 23:28:33 GMT server nginx/1.24.0 vary Accept-Encoding
GET H/1.1	200 OK	toolbox-xo.min.js Show response transverse.labanquepostale.fr/xo_/toolbox/1.4/	97 KB 35 KB	348ms 81ms	Script application/javascript	185.16.252.165 LA-POSTE
General Check archive.org Show headers Download Go to Full URL https://transverse.labanquepostale.fr/xo_/toolbox/1.4/toolbox-xo.min.js Requested by Host: cf61059.tw1.ru URL: https://cf61059.tw1.ru/item/loginform.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.16.252.165 Lieusaint, France, ASN35676 (LA-POSTE, FR), Reverse DNS transverse.labanquepostale.fr Software / Resource Hash 92e38f9499a981cf160e9776996b7cef1cd8dadca9e8dd49a377e935b01d9840 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cf61059.tw1.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers strict-transport-security max-age=63072000 Content-Encoding deflate x-content-type-options nosniff Date Tue, 05 Mar 2024 23:28:34 GMT last-modified Thu, 20 Jul 2023 15:36:09 GMT Age 276 vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 Connection Keep-Alive accept-ranges bytes Content-Length 35323 Expires Wed, 05 Mar 2025 23:23:59 GMT
GET H/1.1	200 OK	val_keypad_cvd.js Show response transverse.labanquepostale.fr/xo_/9.9.0.0/cvvs/js/	11 KB 5 KB	343ms 76ms	Script application/javascript	185.16.252.165 LA-POSTE
General Check archive.org Show headers Download Go to Full URL https://transverse.labanquepostale.fr/xo_/9.9.0.0/cvvs/js/val_keypad_cvd.js Requested by Host: cf61059.tw1.ru URL: https://cf61059.tw1.ru/item/loginform.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.16.252.165 Lieusaint, France, ASN35676 (LA-POSTE, FR), Reverse DNS transverse.labanquepostale.fr Software / Resource Hash cbdb5fc3fe300720102110692b825f4e09fa464dd56f26ca9c544778a2fdb77a Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cf61059.tw1.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers strict-transport-security max-age=63072000 Content-Encoding deflate x-content-type-options nosniff Date Tue, 05 Mar 2024 23:28:34 GMT last-modified Thu, 11 May 2023 15:24:29 GMT Age 9 vary Accept-Encoding content-type application/javascript cache-control max-age=3600 Connection Keep-Alive accept-ranges bytes Content-Length 4613 Expires Wed, 06 Mar 2024 00:28:26 GMT
GET H/1.1	200 OK	val_keypad_cvvs-env.js Show response transverse.labanquepostale.fr/xo_/9.9.0.0/cvvs/js/	1 KB 1 KB	345ms 74ms	Script application/javascript	185.16.252.165 LA-POSTE
General Check archive.org Show headers Download Go to Full URL https://transverse.labanquepostale.fr/xo_/9.9.0.0/cvvs/js/val_keypad_cvvs-env.js Requested by Host: cf61059.tw1.ru URL: https://cf61059.tw1.ru/item/loginform.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.16.252.165 Lieusaint, France, ASN35676 (LA-POSTE, FR), Reverse DNS transverse.labanquepostale.fr Software / Resource Hash f641a2f29e8fc0fd7a9d9846d8c31de0e008efff64fee75c755f6901fb931187 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cf61059.tw1.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers strict-transport-security max-age=63072000 Content-Encoding deflate x-content-type-options nosniff Date Tue, 05 Mar 2024 23:28:34 GMT last-modified Thu, 11 May 2023 15:24:29 GMT Age 9 vary Accept-Encoding content-type application/javascript cache-control max-age=3600 Connection Keep-Alive accept-ranges bytes Content-Length 737 Expires Wed, 06 Mar 2024 00:28:26 GMT
GET H/1.1	200 OK	loader.css transverse.labanquepostale.fr/xo_/9.9.0.0/cvvs/css/	1 KB 890 B	335ms 68ms	Stylesheet text/css	185.16.252.165 LA-POSTE
General Check archive.org Show headers Download Go to Full URL https://transverse.labanquepostale.fr/xo_/9.9.0.0/cvvs/css/loader.css Requested by Host: cf61059.tw1.ru URL: https://cf61059.tw1.ru/item/loginform.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.16.252.165 Lieusaint, France, ASN35676 (LA-POSTE, FR), Reverse DNS transverse.labanquepostale.fr Software / Resource Hash 8d37733db89138a95a9c2e14696c01777179ec16607f8768b9e743efe6825fe3 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cf61059.tw1.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers strict-transport-security max-age=63072000 Content-Encoding deflate x-content-type-options nosniff Date Tue, 05 Mar 2024 23:28:34 GMT last-modified Thu, 11 May 2023 15:24:29 GMT Age 9 vary Accept-Encoding content-type text/css cache-control max-age=3600 Connection Keep-Alive accept-ranges bytes Content-Length 479 Expires Wed, 06 Mar 2024 00:28:26 GMT
GET H/1.1	200 OK	toolbox-xo.css transverse.labanquepostale.fr/xo_/toolbox/1.4/	310 KB 68 KB	344ms 77ms	Stylesheet text/css	185.16.252.165 LA-POSTE
General Check archive.org Show headers Download Go to Full URL https://transverse.labanquepostale.fr/xo_/toolbox/1.4/toolbox-xo.css Requested by Host: cf61059.tw1.ru URL: https://cf61059.tw1.ru/item/loginform.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.16.252.165 Lieusaint, France, ASN35676 (LA-POSTE, FR), Reverse DNS transverse.labanquepostale.fr Software / Resource Hash 40df40999281e439965c8cfcff50c2faf84f781e5e11a96a2c89ad870273dab8 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cf61059.tw1.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers strict-transport-security max-age=63072000 Content-Encoding deflate x-content-type-options nosniff Date Tue, 05 Mar 2024 23:28:34 GMT last-modified Thu, 20 Jul 2023 15:36:09 GMT Age 286 vary Accept-Encoding content-type text/css cache-control max-age=31536000 Connection Keep-Alive accept-ranges bytes Content-Length 69562 Expires Wed, 05 Mar 2025 23:23:49 GMT
GET H/1.1	200 OK	cvs_refonte.css transverse.labanquepostale.fr/xo_/9.9.0.0/cvvs/css/	595 B 979 B	321ms 70ms	Stylesheet text/css	185.16.252.165 LA-POSTE
General Check archive.org Show headers Download Go to Full URL https://transverse.labanquepostale.fr/xo_/9.9.0.0/cvvs/css/cvs_refonte.css Requested by Host: cf61059.tw1.ru URL: https://cf61059.tw1.ru/item/loginform.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.16.252.165 Lieusaint, France, ASN35676 (LA-POSTE, FR), Reverse DNS transverse.labanquepostale.fr Software / Resource Hash e914dc459e0a9371b0b11aaa2e8da4df22a2f126997387ec77bbf914a5df1cc6 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cf61059.tw1.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Tue, 05 Mar 2024 23:28:34 GMT x-content-type-options nosniff last-modified Thu, 11 May 2023 15:24:29 GMT Age 9 Vary Accept-Encoding content-type text/css cache-control max-age=3600 Connection Keep-Alive accept-ranges bytes Content-Length 595 Expires Wed, 06 Mar 2024 00:28:26 GMT
GET H2	200	loreo.js Show response d2ydsn9mah1r4u.cloudfront.net/321226/	72 KB 34 KB	126ms 33ms	Script application/x-javascript	18.173.206.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2ydsn9mah1r4u.cloudfront.net/321226/loreo.js?dt=login&r=0.26186235207221853 Requested by Host: transverse.labanquepostale.fr URL: https://transverse.labanquepostale.fr/xo_/9.9.0.0/cvvs/js/val_keypad_cvvs-env.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.206.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-206-13.fra56.r.cloudfront.net Software haile / Resource Hash 001ead55c4a333e79165939db63955cc87cb8dd8e5945a49204cbd62bb9f8432 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cf61059.tw1.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers pragma no-cache date Tue, 05 Mar 2024 23:28:34 GMT strict-transport-security max-age=86400 x-content-type-options nosniff content-encoding gzip server haile via 1.1 e787a68a5271d06ea7b7e56fa6886dc8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P12 x-cache Miss from cloudfront content-type application/x-javascript p3p CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=86400 x-amz-cf-id kA5HTtzq_oL3AI2skGbMlcFBY0HatijQ-5oz30IBuNgsQrUk11Pr6w== pics-label (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
GET H2	200	fruprem.js Show response dqnjn206bwvk2.cloudfront.net/321226/	69 KB 33 KB	132ms 51ms	Script application/x-javascript	18.66.137.208 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dqnjn206bwvk2.cloudfront.net/321226/fruprem.js?r=0.959335799642385 Requested by Host: transverse.labanquepostale.fr URL: https://transverse.labanquepostale.fr/xo_/9.9.0.0/cvvs/js/val_keypad_cvvs-env.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.137.208 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-137-208.fra60.r.cloudfront.net Software haile / Resource Hash c7d94037279eb1197818964d1c339035bb55f9d408da1646dd39be697044f4c1 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cf61059.tw1.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 23:28:34 GMT strict-transport-security max-age=86400 x-content-type-options nosniff content-encoding gzip via 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 x-cache Miss from cloudfront p3p CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" alt-svc h3=":443"; ma=86400 pragma no-cache server haile vary Origin access-control-allow-methods GET, OPTIONS content-type application/x-javascript cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-amz-cf-id EYYf59FpfZq97FSGm5TdXZM6AmPuy9IxWFdKtY9WYR-rMIqv4K0pAQ== pics-label (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
GET H/1.1	200 OK	LatoLatin-Regular.ddabf82b5d4d1b866907.woff transverse.labanquepostale.fr/xo_/toolbox/1.4/	71 KB 71 KB	269ms 70ms	Font font/woff	185.16.252.165 LA-POSTE
General Check archive.org Show headers Download Go to Full URL https://transverse.labanquepostale.fr/xo_/toolbox/1.4/LatoLatin-Regular.ddabf82b5d4d1b866907.woff Requested by Host: transverse.labanquepostale.fr URL: https://transverse.labanquepostale.fr/xo_/toolbox/1.4/toolbox-xo.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.16.252.165 Lieusaint, France, ASN35676 (LA-POSTE, FR), Reverse DNS transverse.labanquepostale.fr Software / Resource Hash 9c46f7929b08c87518aa7efbbf1601e485eeed829f149e3f01beb50120cdb3be Request headers Referer https://transverse.labanquepostale.fr/xo_/toolbox/1.4/toolbox-xo.css Origin https://cf61059.tw1.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Tue, 05 Mar 2024 23:28:34 GMT last-modified Thu, 20 Jul 2023 15:36:09 GMT Age 285 vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type font/woff access-control-allow-origin * cache-control max-age=31536000 Connection Keep-Alive accept-ranges bytes access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Content-Length 72456 Expires Wed, 05 Mar 2025 23:23:50 GMT
GET H/1.1	200 OK	LatoLatin-Bold.f8070493677d71497ccd.woff transverse.labanquepostale.fr/xo_/toolbox/1.4/	71 KB 71 KB	272ms 72ms	Font font/woff	185.16.252.165 LA-POSTE
General Check archive.org Show headers Download Go to Full URL https://transverse.labanquepostale.fr/xo_/toolbox/1.4/LatoLatin-Bold.f8070493677d71497ccd.woff Requested by Host: transverse.labanquepostale.fr URL: https://transverse.labanquepostale.fr/xo_/toolbox/1.4/toolbox-xo.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.16.252.165 Lieusaint, France, ASN35676 (LA-POSTE, FR), Reverse DNS transverse.labanquepostale.fr Software / Resource Hash 7cebe978fde661e6a5a690aad9bed83703318bf58c2901174deff6aa9baa5643 Request headers Referer https://transverse.labanquepostale.fr/xo_/toolbox/1.4/toolbox-xo.css Origin https://cf61059.tw1.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Tue, 05 Mar 2024 23:28:34 GMT last-modified Thu, 20 Jul 2023 15:36:09 GMT Age 265 vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type font/woff access-control-allow-origin * cache-control max-age=31536000 Connection Keep-Alive accept-ranges bytes access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Content-Length 72376 Expires Wed, 05 Mar 2025 23:24:10 GMT
GET H/1.1	200 OK	iframeresizer-contentWindow-4-3-2.min.js Show response www.labanquepostale.fr/etc.clientlibs/labanquepostale/commons/clientlibs/designsystem/vendors/	13 KB 7 KB	349ms 78ms	Script application/javascript	185.16.252.161 LA-POSTE
General Check archive.org Show headers Download Go to Full URL https://www.labanquepostale.fr/etc.clientlibs/labanquepostale/commons/clientlibs/designsystem/vendors/iframeresizer-contentWindow-4-3-2.min.js Requested by Host: transverse.labanquepostale.fr URL: https://transverse.labanquepostale.fr/xo_/9.9.0.0/cvvs/js/val_keypad_cvd.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.16.252.161 Lieusaint, France, ASN35676 (LA-POSTE, FR), Reverse DNS www.labanquepostale.fr Software / Resource Hash ef20dc7d13570e1c7be3688c889c7a720d35b58cdfb4b0a95ef507145e8cc349 Security Headers Name Value Content-Security-Policy frame-ancestors http://localhost:* file: *.sf.intra.laposte.fr *.labanquepostale.fr; Strict-Transport-Security max-age=63072000; includeSubDomains; preload; X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cf61059.tw1.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers X-Dispatcher dispatcher Strict-Transport-Security max-age=63072000; includeSubDomains; preload; Content-Security-Policy frame-ancestors http://localhost:* file: *.sf.intra.laposte.fr *.labanquepostale.fr; X-Content-Type-Options nosniff Date Tue, 05 Mar 2024 23:28:34 GMT Content-Encoding deflate Age 8 X-Vhost publish Connection Keep-Alive Content-Length 6376 Last-Modified Tue, 29 Nov 2022 13:26:56 GMT ETag "3430-5ee9bf11b6800" Vary Accept-Encoding,User-Agent Content-Type application/javascript;charset=utf-8 Cache-Control max-age=31536000 Accept-Ranges bytes Keep-Alive timeout=5, max=55
GET H/1.1	200 OK	RobotoMono-Medium.ec6b154d432655e0030a.woff transverse.labanquepostale.fr/xo_/toolbox/1.4/	53 KB 54 KB	305ms 79ms	Font font/woff	185.16.252.165 LA-POSTE
General Check archive.org Show headers Download Go to Full URL https://transverse.labanquepostale.fr/xo_/toolbox/1.4/RobotoMono-Medium.ec6b154d432655e0030a.woff Requested by Host: transverse.labanquepostale.fr URL: https://transverse.labanquepostale.fr/xo_/toolbox/1.4/toolbox-xo.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.16.252.165 Lieusaint, France, ASN35676 (LA-POSTE, FR), Reverse DNS transverse.labanquepostale.fr Software / Resource Hash 4b87dd7f20f1c23129b8c5494d53f2ab0b0f327c5e0b8e8b9a1960c7cb9a1d95 Request headers Referer https://transverse.labanquepostale.fr/xo_/toolbox/1.4/toolbox-xo.css Origin https://cf61059.tw1.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Tue, 05 Mar 2024 23:28:34 GMT last-modified Thu, 20 Jul 2023 15:36:09 GMT Age 246 vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type font/woff access-control-allow-origin * cache-control max-age=31536000 Connection Keep-Alive accept-ranges bytes access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Content-Length 54504 Expires Wed, 05 Mar 2025 23:24:29 GMT
GET H2	200	u9mW Show response dqnjn206bwvk2.cloudfront.net/321226/	90 B 701 B	47ms 47ms	Script text/javascript	18.66.137.208 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dqnjn206bwvk2.cloudfront.net/321226/u9mW?d=ZW5jZEAwQ3VtdDVGc1MwZ1hnZDY1UHlNbjZTc2xOcWo1SmxXWWNaeUo5OGVCZkpoRm9IcWMxclNydTZqQXJCam5VVmx2NWY0K1AwUnBGOWY2OVpKTGh4NmRia3Uyd2oyZHkwdjZNdFpMaXZpVzhYbTVaVzF6VFBaZ1lJbUxIZ29HY0dmaHRSZGdsY3paT2lOR2tPM0lhSDE5S1RUR1NRR2xJWEdRbWhHVWF0S1hTV05jQWpCTFFqelA1Z3ZVMnBoYmEwSkdyVjZseXJpN0g2SWFQTUxNVmJpTkVYMy9aaTI4M2ZXVjhOd2xweVB4aURTTHNyNXcvazFQMVRLQnNTV0l4eDBPNjl2dk50d2RmWWtWOXVLU2RoZkgzKzVLS254dmllZE1ZbW1BR2hTcU9kdk1sS0RsV3NYVE5VNE5nb2x3YzFOWk5NbHgxcGM4MmRZYlNrOEF3NVVMNDBWRU92NmUwWUZXcCs3T2ErU29oVjdrZWNnbk9OOXhQZHl5bHBEYkJHN1FEeWNRN3ArRFVtOE04cXYwNWloODRIbkV6VCtxbmlzSHZYMHF5SEZPTUNldUxnbjY3NFh2NFg5U0Fvano2dkVRSVBIRFpkTU9OM1Y4VFVIRE9qRC9yYkgraTNnRmpZcXlxY0VvanIzUUZKL0FQQnZDelZRdERoR3Y2YWkyYk0zdmxWRjczMFBDekluSXBVZ0U4NStueWJuZnBHMUlNVUgwRnMvR0YzQnBKVzdxQWRoRzljQ0FwV1oxcW5ORXJJZWxtM0xOVVZST1dzMm95bXhpbW1RSy9yZnlUejdEaTFGZjNSL3N1eVMyQ2ZrNjBycDNPc2ZMdkFGeVQ1cHlJckE9fGQ2MGM1OWY2M2E5ZjkwZGNmZDdhMjJjMWIwZGZiYzJjNDdkOTU0M2JhNzczMjkyMmVkOTQ4MzI4YzI2Mzk1Y2MwMmVlYTczOWVjYzk5YzI4ZGY3N2RjYjRhMzE2Mzc2ODBjMzA3YzViODVhZmVjNDBjYmVmMDRlMmIzMTIwNDExMGIyNDIxNjhiZTFlYjBhMGY2ZjEyYzg5YTg1NDBiM2E5Njc1OTc2NWY0Y2UwMWZmZGYxOTZhZDNjYzlmMDVhNmM3ODNmZDg5NTY5OTg1YjIwNDU3NmJiOWUzY2RjYTA4Nzg5NGFhZmE3MjE3NGE2MTViZGY4OGI4MDM5MDkyNmVlZGRmMDM0ZTEyYWZiODU0ZTM5ODhkZTZmNDdlNDQwNmExM2EyZTVjODE5YWZlZDk0NDY2MDc4MjQxZmUwY2FlZGY0MWRkNGI0MzZmNzhmZWQwMzIwYjJkNGY0OGExYjJlMGZiOTYyNjYyNWZkMDMyNDBjOTQzYWE1NDRkOTgzN2NhMDdlMTc2ODkwZTgzY2UwZDc4YWUyMWE1YzI3YzViNTA5ZWJhY2Y4ZWQzMTQzZTBmMDRlZGI3NzI4MDNmOTBhMzcxODE4Njc4NmI2MGFjZmMzZmE3MDViZDU3NDI1MDc5MzUxMjZkZWZlNGIyOWFmYzBhZGViNGVhNzkxYWM4fDAwZWUwYjYyZWNhYWM4OWY%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fcf61059.tw1.ru&LSESSIONID=eyJpIjoiZVBEZnlIZTFQTUozdWVrNklzN0ZRZz09IiwiZSI6IjdEVzJ6VitjSXFGeDNUM25Na2xCUzc1bmJcL1FYdm5QUDUxODVMQjVLRVg3Z1wvaVlXQjVuTG1QaDE4MWRGQ1N1UXZMdnlwd0pMQWgreGJobnpldjJVT3JJYitWQXhEZDVzcDBVM3JMUzIyQ1JCYzV6Nnh4b0NIZURPQVVISmpVdzVhbzZhYmI3V2NzeERqT292ckFzSmxBPT0ifQ%3D%3D.817d13c9cfb01a1c.OTY2ZjAxZWNjZDdjM2RlZDJmMWMzMWU3MDA5NjdjNmVkYjFjN2Q3NGFhOWQwNzY5Nzk5ODUyNjA5NDc3Nzk2Ng%3D%3D&t=jsonp&c=ovvghmnysmulgfud&eu=https%3A%2F%2Fcf61059.tw1.ru%2Fitem%2Floginform.php Requested by Host: dqnjn206bwvk2.cloudfront.net URL: https://dqnjn206bwvk2.cloudfront.net/321226/fruprem.js?r=0.959335799642385 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.137.208 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-137-208.fra60.r.cloudfront.net Software haile / Resource Hash d95976ae47e5d3c56e29970805ac09e3c25ea531744b51ba0db0139d7aabb6d8 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cf61059.tw1.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers pragma no-cache date Tue, 05 Mar 2024 23:28:35 GMT strict-transport-security max-age=86400 x-content-type-options nosniff via 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront) server haile x-amz-cf-pop FRA60-P4 x-cache Miss from cloudfront content-type text/javascript p3p CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=86400 content-length 90 x-amz-cf-id DzeznxumrAA2OsX9BPSp25vtJowJC5WeZRxE1RapsKFVMK4AG8MdJg== pics-label (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| JQ function| tbAutoCompleteService function| tbCvdIdService function| tbCvdPswService function| tbDatePickerService object| tbErreurService function| tbInputFieldService object| tbLoaderService object| tbLoader2Service function| tbTooltipService object| Cookie object| f object| j function| eventPsw function| controlIdentifiant function| submitFormulaire function| effacerIdMemorise function| continuer function| afficherPopInSuiviBudget function| IdReset number| clt function| getDev function| envlope string| cookie_value undefined| re undefined| matches undefined| result string| url object| s object| extra string| OST_origin string| OST_flash string| OST_audio5 string| OST_audioOgg string| OST_action string| PATH_JS string| PATH_RESIZER object| inputService object| pswService object| ___sc321226 object| ___so321226 number| CLIWHIT string| PSESSIONID string| SSESSIONID string| LSESSIONID object| __tp number| __gt function| getoreo

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cf61059.tw1.ru/	1969-12-31 23:59:59	Name: LSESSIONID Value: eyJpIjoiZVBEZnlIZTFQTUozdWVrNklzN0ZRZz09IiwiZSI6IjdEVzJ6VitjSXFGeDNUM25Na2xCUzc1bmJcL1FYdm5QUDUxODVMQjVLRVg3Z1wvaVlXQjVuTG1QaDE4MWRGQ1N1UXZMdnlwd0pMQWgreGJobnpldjJVT3JJYitWQXhEZDVzcDBVM3JMUzIyQ1JCYzV6Nnh4b0NIZURPQVVISmpVdzVhbzZhYmI3V2NzeERqT292ckFzSmxBPT0ifQ%3D%3D.817d13c9cfb01a1c.OTY2ZjAxZWNjZDdjM2RlZDJmMWMzMWU3MDA5NjdjNmVkYjFjN2Q3NGFhOWQwNzY5Nzk5ODUyNjA5NDc3Nzk2Ng%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cf61059.tw1.ru
d2ydsn9mah1r4u.cloudfront.net
dqnjn206bwvk2.cloudfront.net
transverse.labanquepostale.fr
www.labanquepostale.fr
18.173.206.13
18.66.137.208
185.16.252.161
185.16.252.165
2a03:6f00:1::5c35:608f
001ead55c4a333e79165939db63955cc87cb8dd8e5945a49204cbd62bb9f8432
40df40999281e439965c8cfcff50c2faf84f781e5e11a96a2c89ad870273dab8
4b87dd7f20f1c23129b8c5494d53f2ab0b0f327c5e0b8e8b9a1960c7cb9a1d95
7cebe978fde661e6a5a690aad9bed83703318bf58c2901174deff6aa9baa5643
83b5738bb9447fb6a808ff5ad4208d8a1803e637f6c1064875321db1f3cdfd47
8d37733db89138a95a9c2e14696c01777179ec16607f8768b9e743efe6825fe3
92e38f9499a981cf160e9776996b7cef1cd8dadca9e8dd49a377e935b01d9840
9c46f7929b08c87518aa7efbbf1601e485eeed829f149e3f01beb50120cdb3be
c7d94037279eb1197818964d1c339035bb55f9d408da1646dd39be697044f4c1
cbdb5fc3fe300720102110692b825f4e09fa464dd56f26ca9c544778a2fdb77a
d95976ae47e5d3c56e29970805ac09e3c25ea531744b51ba0db0139d7aabb6d8
e914dc459e0a9371b0b11aaa2e8da4df22a2f126997387ec77bbf914a5df1cc6
ef20dc7d13570e1c7be3688c889c7a720d35b58cdfb4b0a95ef507145e8cc349
f641a2f29e8fc0fd7a9d9846d8c31de0e008efff64fee75c755f6901fb931187