urlscan.io logo urlscan.io
SecurityTrails logo

ouvriruncomptepro.web.oxv.fr Open in urlscan Pro
195.60.188.198  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ouvriruncomptepro.web.oxv.fr/
Effective URL: https://ouvriruncomptepro.web.oxv.fr/
Submission: On November 15 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 195.60.188.198, located in France and belongs to OXEVA, FR. The main domain is ouvriruncomptepro.web.oxv.fr.
TLS certificate: Issued by R10 on October 2nd 2024. Valid for: 3 months.
This is the only time ouvriruncomptepro.web.oxv.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banque Postale (Banking)

Domain & IP information

IP Address AS Autonomous System
11 195.60.188.198 39104 (OXEVA)
4 192.229.233.55 15133 (EDGECAST)
1 1 99.83.220.108 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 51.44.35.226 16509 (AMAZON-02)
1 185.16.252.161 ()
1 18.245.46.113 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
20 7
11    195.60.188.198 (France)

ASN39104 (OXEVA, FR)
PTR: spbanquepostale.web.reagi.com
ouvriruncomptepro.web.oxv.fr
4    192.229.233.55 (United States)

ASN15133 (EDGECAST, US)
cdn.tagcommander.com
cdn.trustcommander.net
1    99.83.220.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: af2c0c9576fba10fd.awsglobalaccelerator.com
www.bugherd.com
1    2606:4700:10::6816:4bd6 (United States)

ASN13335 (CLOUDFLARENET, US)
sidebar.bugherd.com
1    51.44.35.226 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-51-44-35-226.eu-west-3.compute.amazonaws.com
privacy.trustcommander.net
1    185.16.252.161 (Issy-les-Moulineaux, France)

ASN- ()
PTR: www.labanquepostale.fr
www.labanquepostale.fr
1    18.245.46.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-113.fra56.r.cloudfront.net
avp.labanquepostale.fr
1    2606:4700:10::ac43:192f (United States)

ASN13335 (CLOUDFLARENET, US)
sidebar.bugherd.com
Apex Domain
Subdomains		 Transfer
11 oxv.fr
ouvriruncomptepro.web.oxv.fr
1 MB
3 bugherd.com
www.bugherd.com — Cisco Umbrella Rank: 24744
sidebar.bugherd.com — Cisco Umbrella Rank: 25932
9 KB
3 tagcommander.com
cdn.tagcommander.com — Cisco Umbrella Rank: 19920
204 KB
2 labanquepostale.fr
www.labanquepostale.fr
avp.labanquepostale.fr
4 KB
2 trustcommander.net
cdn.trustcommander.net — Cisco Umbrella Rank: 48937
privacy.trustcommander.net — Cisco Umbrella Rank: 81085
26 KB
20 5
Domain Requested by
11 ouvriruncomptepro.web.oxv.fr ouvriruncomptepro.web.oxv.fr
3 cdn.tagcommander.com ouvriruncomptepro.web.oxv.fr
2 sidebar.bugherd.com ouvriruncomptepro.web.oxv.fr
www.bugherd.com
1 avp.labanquepostale.fr ouvriruncomptepro.web.oxv.fr
1 www.labanquepostale.fr ouvriruncomptepro.web.oxv.fr
1 privacy.trustcommander.net cdn.tagcommander.com
1 cdn.trustcommander.net cdn.tagcommander.com
1 www.bugherd.com 1 redirects
20 8

This site contains links to these domains. Also see Links.

Domain
www.labanquepostale.fr
symfony.com
Subject Issuer Validity Valid
ouvriruncomptepro.web.oxv.fr
R10		 2024-10-02 -
2024-12-31		 3 months crt.sh
cdn.tagcommander.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-23 -
2025-03-25		 a year crt.sh
*.trustcommander.net
Thawte TLS RSA CA G1		 2024-02-14 -
2025-03-16		 a year crt.sh
www.labanquepostale.fr
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-15 -
2025-05-14		 a year crt.sh
avp.labanquepostale.fr
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-22 -
2025-10-21		 a year crt.sh
bugherd.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ouvriruncomptepro.web.oxv.fr/
Frame ID: 717261BD5ABDD01C6F96C7E93F0EA571
Requests: 19 HTTP requests in this frame

Frame: https://sidebar.bugherd.com/sidebar/embed_html?apikey=ufnuxxsf5gbhe7aj68bqog
Frame ID: 7B24CDAC32A2A6DD4DEDBCD45BB5E0C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ouvrir un compte bancaire Auto-entrepreneur, formulaire en ligne - La Banque Postale

Page URL History Show full URLs

  1. http://ouvriruncomptepro.web.oxv.fr/ HTTP 307
    https://ouvriruncomptepro.web.oxv.fr/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.tagcommander\.com

Page Statistics

20
Requests

95 %
HTTPS

25 %
IPv6

5
Domains

8
Subdomains

7
IPs

2
Countries

1723 kB
Transfer

4070 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ouvriruncomptepro.web.oxv.fr/ HTTP 307
    https://ouvriruncomptepro.web.oxv.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://www.bugherd.com/sidebarv2.js?apikey=ufnuxxsf5gbhe7aj68bqog HTTP 302
  • https://sidebar.bugherd.com/embed.js?apikey=ufnuxxsf5gbhe7aj68bqog

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ouvriruncomptepro.web.oxv.fr/
Redirect Chain
  • http://ouvriruncomptepro.web.oxv.fr/
  • https://ouvriruncomptepro.web.oxv.fr/
153 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ouvriruncomptepro.web.oxv.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.60.188.198 , France, ASN39104 (OXEVA, FR),
Reverse DNS
spbanquepostale.web.reagi.com
Software
/
Resource Hash
152dfe4539bc8ec3369c8e8518dfe5ae2e7826b1d2a801fab283e90b0c50b9ee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Nov 2024 09:46:59 GMT
expires
Fri, 15 Nov 2024 09:46:59 GMT
vary
Accept-Encoding
x-debug-token
b2d968
x-debug-token-link
https://ouvriruncomptepro.web.oxv.fr/_profiler/b2d968
x-robots-tag
noindex
x-server-id
2004

Redirect headers

Location
https://ouvriruncomptepro.web.oxv.fr/
Non-Authoritative-Reason
HttpsUpgrades
symfostack.desktop.css
ouvriruncomptepro.web.oxv.fr/css/ 		424 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ouvriruncomptepro.web.oxv.fr/css/symfostack.desktop.css?t=20241115104659
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.60.188.198 , France, ASN39104 (OXEVA, FR),
Reverse DNS
spbanquepostale.web.reagi.com
Software
/
Resource Hash
49388c73be463576e8cc90ea3de17ac936891b342473a4e90fc21d7c9652dfc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

content-encoding
gzip
accept-ranges
bytes
x-server-id
2004
content-length
31990
date
Fri, 15 Nov 2024 09:46:59 GMT
last-modified
Tue, 13 Dec 2022 15:45:48 GMT
vary
Accept-Encoding
content-type
text/css
tc_LaBanquePostale_4.js
cdn.tagcommander.com/2623/uat/ 		102 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tagcommander.com/2623/uat/tc_LaBanquePostale_4.js
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.55 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F91) /
Resource Hash
0079e2dca502681bba7cae4f23d08e703b78349a5df1e44c7beee1f5c13e6295

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

access-control-max-age
31536000
content-encoding
gzip
etag
"447b8174c8bd9b62df2ce632b65577c9+gzip"
age
7564
access-control-allow-methods
HEAD, GET
x-cache
HIT
date
Fri, 15 Nov 2024 09:46:59 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 07:32:10 GMT
vary
Accept-Encoding
x-amz-id-2
4Hdj3X4r4B9kEbTWheEnv5khqKZAp43qcU/VHr/ORXM6bNuhAdE4t01Ouw/iBMFbnpUzblaIyL0=
cache-control
max-age=86400, must-revalidate
x-cdn
edgio
x-amz-request-id
QH17FCG4P0K5GFE8
access-control-allow-origin
*
content-length
28370
server
ECS (pab/6F91)
embed.js
sidebar.bugherd.com/
Redirect Chain
  • https://www.bugherd.com/sidebarv2.js?apikey=ufnuxxsf5gbhe7aj68bqog
  • https://sidebar.bugherd.com/embed.js?apikey=ufnuxxsf5gbhe7aj68bqog
18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sidebar.bugherd.com/embed.js?apikey=ufnuxxsf5gbhe7aj68bqog
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/
Protocol
H2
Server
2606:4700:10::6816:4bd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6189835fbd60bc65960275ad8cfd189eb895544010625f9fcb7bd7f168c04844
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

access-control-max-age
1728000
x-request-id
610b2f2c-fce1-4194-b978-f38b4e1c7318
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"f7817aa7196d01424f021dadc4873449"
x-permitted-cross-domain-policies
none
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731664020&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=axLsr%2FIl2WzZ2KGwLQ3rLGVdFWjNDwmHg2OaM5nWagA%3D"}]}
x-content-type-options
nosniff
access-control-allow-methods
PUT, OPTIONS, GET, DELETE, POST
access-control-request-method
*
p3p
CP="NOI ADM DEV COM NAV OUR STP"
date
Fri, 15 Nov 2024 09:47:00 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-runtime
0.004868
x-frame-options
SAMEORIGIN
access-control-allow-headers
x-csrf-token, Content-Type, X-Pusher-Socket-ID, Authentication
strict-transport-security
max-age=0; includeSubDomains
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731664020&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=axLsr%2FIl2WzZ2KGwLQ3rLGVdFWjNDwmHg2OaM5nWagA%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
max-age=600, public
access-control-allow-credentials
true
referrer-policy
origin
x-download-options
noopen
via
1.1 vegur
cf-ray
8e2e5140cdbd4d25-FRA
accept-ranges
bytes
access-control-allow-origin
http://sidebar.bugherd.com
content-length
6520
x-xss-protection
1; mode=block
server
cloudflare

Redirect headers

X-Request-Id
fd7c7b91-2fe0-4e8e-8ab2-cf496d0e159d
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731664020&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=SM36qcpUq9vGMt5JMeo9NEQ%2BzCUUtL0r0sJ2rouKoJw%3D"}]}
X-Content-Type-Options
nosniff
P3p
CP="NOI ADM DEV COM NAV OUR STP"
Date
Fri, 15 Nov 2024 09:47:00 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
X-Runtime
0.003679
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0; includeSubDomains
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731664020&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=SM36qcpUq9vGMt5JMeo9NEQ%2BzCUUtL0r0sJ2rouKoJw%3D
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Location
https://sidebar.bugherd.com/embed.js?apikey=ufnuxxsf5gbhe7aj68bqog
Cache-Control
no-cache
Connection
keep-alive
Referrer-Policy
origin
X-Download-Options
noopen
Via
1.1 vegur
X-Xss-Protection
1; mode=block
Server
Cowboy
logo-banque-postale.png
ouvriruncomptepro.web.oxv.fr/bundles/sweetpunklbp/medias/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ouvriruncomptepro.web.oxv.fr/bundles/sweetpunklbp/medias/images/logo-banque-postale.png
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.60.188.198 , France, ASN39104 (OXEVA, FR),
Reverse DNS
spbanquepostale.web.reagi.com
Software
/
Resource Hash
fe3baba0cc91b1be37c3657894a384d5395f640fb25426c582130c7d1e0641eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

accept-ranges
bytes
x-server-id
2004
content-length
8619
date
Fri, 15 Nov 2024 09:46:59 GMT
last-modified
Wed, 19 Oct 2022 09:20:05 GMT
content-type
image/png
background.jpg
ouvriruncomptepro.web.oxv.fr/medias/images/ 		415 KB
415 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ouvriruncomptepro.web.oxv.fr/medias/images/background.jpg
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.60.188.198 , France, ASN39104 (OXEVA, FR),
Reverse DNS
spbanquepostale.web.reagi.com
Software
/
Resource Hash
8e5287bed5d7999f057b469928dfe05562602e0de73eb7a6074755df1135b851

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

accept-ranges
bytes
x-server-id
2004
content-length
424530
date
Fri, 15 Nov 2024 09:46:59 GMT
last-modified
Wed, 19 Oct 2022 09:16:34 GMT
content-type
image/jpeg
bulle.png
ouvriruncomptepro.web.oxv.fr/bundles/sweetpunklbp/medias/images/ 		446 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ouvriruncomptepro.web.oxv.fr/bundles/sweetpunklbp/medias/images/bulle.png
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.60.188.198 , France, ASN39104 (OXEVA, FR),
Reverse DNS
spbanquepostale.web.reagi.com
Software
/
Resource Hash
48859e8911df53c52f09983d582f90cb11ee5e4177265d7ee17c777f344ce2f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

accept-ranges
bytes
x-server-id
2004
content-length
446
date
Fri, 15 Nov 2024 09:46:59 GMT
last-modified
Wed, 19 Oct 2022 09:20:06 GMT
content-type
image/png
tc_LaBanquePostale_5.js
cdn.tagcommander.com/2623/uat/ 		463 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tagcommander.com/2623/uat/tc_LaBanquePostale_5.js
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.55 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F8D) /
Resource Hash
db7e6c319e2f3a28ac64cc5f2a4b66ec963bc59b9e7c9896d4c540701460e281

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

access-control-max-age
31536000
content-encoding
gzip
etag
"e5fc6e24c11b2c9e5640a9fba278b069+gzip"
age
58565
access-control-allow-methods
HEAD, GET
x-cache
HIT
date
Fri, 15 Nov 2024 09:46:59 GMT
content-type
application/javascript
last-modified
Tue, 12 Nov 2024 17:29:48 GMT
vary
Accept-Encoding
x-amz-id-2
2xTSQRm9L2eB6ykgvHXq1hLSeIT2H6I9JtTPJQCFvBc6gTFc48UAOsQFf5mfkLcH7IZyo9tq9rs=
cache-control
max-age=86400, must-revalidate
x-cdn
edgio
x-amz-request-id
Y507BZ7YY920QJVP
access-control-allow-origin
*
content-length
106740
server
ECS (pab/6F8D)
tc_LaBanquePostale_6.js
cdn.tagcommander.com/2623/uat/ 		506 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tagcommander.com/2623/uat/tc_LaBanquePostale_6.js
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.55 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FAF) /
Resource Hash
95927625cd3430cbbb83fc1a8764fe941f5a5c5e266f42d1fc48cc6caff0317e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

access-control-max-age
31536000
content-encoding
gzip
etag
"e4f352a6620fb9725f83593e4b194774+gzip"
age
64398
access-control-allow-methods
HEAD, GET
x-cache
HIT
date
Fri, 15 Nov 2024 09:47:00 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 15:51:36 GMT
vary
Accept-Encoding
x-amz-id-2
MPla88JWf/xEFSs2hw4Vw1cz50vjsCPcGm25aELD05NDgc98c6Bq8ZJHmLn2NT4RejYfOAIa3eQ=
cache-control
max-age=86400, must-revalidate
x-cdn
edgio
x-amz-request-id
7DNXY1ABXZF6VSNZ
access-control-allow-origin
*
content-length
72455
server
ECS (pab/6FAF)
symfostack.desktop.lib.js
ouvriruncomptepro.web.oxv.fr/js/ 		797 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ouvriruncomptepro.web.oxv.fr/js/symfostack.desktop.lib.js?t=20241115104659
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.60.188.198 , France, ASN39104 (OXEVA, FR),
Reverse DNS
spbanquepostale.web.reagi.com
Software
/
Resource Hash
63996c7a24f51dcf1bded9faa8b095d919afcf85326d2eb2dc1db6be079be45d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

accept-ranges
bytes
x-server-id
2004
content-encoding
gzip
date
Fri, 15 Nov 2024 09:47:00 GMT
last-modified
Wed, 19 Oct 2022 09:16:26 GMT
vary
Accept-Encoding
content-type
application/javascript
symfostack.desktop.app.js
ouvriruncomptepro.web.oxv.fr/js/ 		343 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ouvriruncomptepro.web.oxv.fr/js/symfostack.desktop.app.js?t=20241115104659
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.60.188.198 , France, ASN39104 (OXEVA, FR),
Reverse DNS
spbanquepostale.web.reagi.com
Software
/
Resource Hash
6d114eb05b5e97783969777c99f424106edb8eed1ffa5ff71c80f99873866257

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

accept-ranges
bytes
x-server-id
2004
content-encoding
gzip
date
Fri, 15 Nov 2024 09:47:00 GMT
last-modified
Tue, 13 Dec 2022 15:45:48 GMT
vary
Accept-Encoding
content-type
application/javascript
Lato-Bold.woff2
ouvriruncomptepro.web.oxv.fr/bundles/sweetpunklbp/medias/fonts/Lato/ 		223 KB
224 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ouvriruncomptepro.web.oxv.fr/bundles/sweetpunklbp/medias/fonts/Lato/Lato-Bold.woff2
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/css/symfostack.desktop.css?t=20241115104659
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.60.188.198 , France, ASN39104 (OXEVA, FR),
Reverse DNS
spbanquepostale.web.reagi.com
Software
/
Resource Hash
79af3777688e4135969f0ded09a3789f77852392c017150dcaacdaa2227ecccf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ouvriruncomptepro.web.oxv.fr
Referer
https://ouvriruncomptepro.web.oxv.fr/css/symfostack.desktop.css?t=20241115104659

Response headers

accept-ranges
bytes
x-server-id
2004
content-length
228684
date
Fri, 15 Nov 2024 09:47:00 GMT
last-modified
Wed, 19 Oct 2022 09:22:27 GMT
content-type
text/plain
Lato-Regular.woff2
ouvriruncomptepro.web.oxv.fr/bundles/sweetpunklbp/medias/fonts/Lato/ 		222 KB
222 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ouvriruncomptepro.web.oxv.fr/bundles/sweetpunklbp/medias/fonts/Lato/Lato-Regular.woff2
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/css/symfostack.desktop.css?t=20241115104659
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.60.188.198 , France, ASN39104 (OXEVA, FR),
Reverse DNS
spbanquepostale.web.reagi.com
Software
/
Resource Hash
a506a2f0dd72aa9666ec768c0b28e0053c048d4e88b922c4451df8bb35cbe5e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ouvriruncomptepro.web.oxv.fr
Referer
https://ouvriruncomptepro.web.oxv.fr/css/symfostack.desktop.css?t=20241115104659

Response headers

accept-ranges
bytes
x-server-id
2004
content-length
227380
date
Fri, 15 Nov 2024 09:47:00 GMT
last-modified
Wed, 19 Oct 2022 09:21:57 GMT
content-type
text/plain
privacy_v2_66.js
cdn.trustcommander.net/privacy/2623/ 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustcommander.net/privacy/2623/privacy_v2_66.js
Requested by
Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/2623/uat/tc_LaBanquePostale_6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.55 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F94) /
Resource Hash
1509e8dc57da399ea1998aa69507d4eb64755960720d535530df837f76e7ba0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

access-control-max-age
31536000
content-encoding
gzip
etag
"b9b50d38cdaa96588e2764852ef0e77a+gzip"
age
80521
access-control-allow-methods
HEAD, GET
x-cache
HIT
date
Fri, 15 Nov 2024 09:47:00 GMT
content-type
application/javascript
last-modified
Wed, 09 Oct 2024 11:23:50 GMT
vary
Accept-Encoding
x-amz-id-2
/Vh2kKVC2qQnglwpfwlFc9tQrKls9WQx0AcGYIYLgWiJmSeuT1bAIBo01x5o9uibiewq3VrkARk=
cache-control
max-age=86400, must-revalidate
x-cdn
edgio
x-amz-request-id
BPDS0ZXAV25K04S5
access-control-allow-origin
*
content-length
25833
server
ECS (pab/6F94)
b2d968
ouvriruncomptepro.web.oxv.fr/_wdt/ 		19 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ouvriruncomptepro.web.oxv.fr/_wdt/b2d968
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.60.188.198 , France, ASN39104 (OXEVA, FR),
Reverse DNS
spbanquepostale.web.reagi.com
Software
/
Resource Hash
d9200b7f9fb8b364ee691a2c4bb3f1a37fb0d8ea2a2f5319884e61c6a410ec65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/
X-Requested-With
XMLHttpRequest

Response headers

x-robots-tag
noindex
cache-control
no-cache, private
x-server-id
2004
content-encoding
gzip
date
Fri, 15 Nov 2024 09:47:00 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
privacy-consent
privacy.trustcommander.net/ 		43 B
545 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://privacy.trustcommander.net/privacy-consent?site=2623
Requested by
Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/2623/uat/tc_LaBanquePostale_4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.44.35.226 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-51-44-35-226.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

cache-control
private, max-age=486000, pre-check=486000
pragma
private
Connection
keep-alive
access-control-allow-credentials
true
expires
Thu, 13 Feb 2025 09:47:00 GMT
access-control-allow-origin
https://ouvriruncomptepro.web.oxv.fr
Content-Length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Date
Fri, 15 Nov 2024 09:47:00 GMT
Content-Type
image/gif
vary
Origin
access-control-allow-headers
Content-Type
LOGO-LaBanquePostale-RVB.svg
www.labanquepostale.fr/content/dam/lbp/images/logo/la-banque-postale/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.labanquepostale.fr/content/dam/lbp/images/logo/la-banque-postale/LOGO-LaBanquePostale-RVB.svg
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.16.252.161 Issy-les-Moulineaux, France, ASN (),
Reverse DNS
www.labanquepostale.fr
Software
/
Resource Hash
739104b5349ad414323b0f821b747b55af29af684d47f6c6a189edb08b76b4e3
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost:* file: *.sf.intra.laposte.fr *.labanquepostale.fr;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

X-Vhost
publish
ETag
"dd1-5d92404322b00"
Age
197
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=12
Date
Fri, 15 Nov 2024 09:47:00 GMT
Content-Disposition
attachment; filename="LOGO-LaBanquePostale-RVB.svg"
Last-Modified
Tue, 01 Mar 2022 08:33:16 GMT
Vary
Accept-Encoding,User-Agent
Content-Type
image/svg+xml
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload;
Content-Security-Policy
frame-ancestors http://localhost:* file: *.sf.intra.laposte.fr *.labanquepostale.fr;
Cache-Control
max-age=31536000, public
X-Dispatcher
dispatcher
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3537
avp
avp.labanquepostale.fr/ 		35 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avp.labanquepostale.fr/avp?s=584862&idclient=686c4d74-3611-47e6-9f5f-f58053ec8790-NO&ts=1731664020386&vtag=5.29.2&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=10x47x0&lng=fr-FR&idp=1047008884369&jv=0&p=formulaire_sad_entrepreneur::inscription&s2=180&vrn=1&f1=non&x1=2&reprise_parcours=non&usage_compte=&usage=&cout_global=&cout_financement=&revenus=&charges=&financement_souhaite=&categorie_socio_pro=&type_contrat=&nom_document=&statut_document=&ref=
Requested by
Host: ouvriruncomptepro.web.oxv.fr
URL: https://ouvriruncomptepro.web.oxv.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-113.fra56.r.cloudfront.net
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

strict-transport-security
max-age=15768000
cache-control
no-store
via
1.1 aa6c36522a23788dfef1fae9af9fd5e0.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
35
x-amz-cf-id
6FKW5MwUFlQX2JlcN8OtGNSIAivhEKH0qtTdSMW8n566ar0X8DSXpg==
date
Fri, 15 Nov 2024 09:47:00 GMT
content-type
image/gif
x-amz-cf-pop
FRA56-P9
embed_html
sidebar.bugherd.com/sidebar/ Frame 7B24 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sidebar.bugherd.com/sidebar/embed_html?apikey=ufnuxxsf5gbhe7aj68bqog
Requested by
Host: www.bugherd.com
URL: https://www.bugherd.com/sidebarv2.js?apikey=ufnuxxsf5gbhe7aj68bqog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:192f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ouvriruncomptepro.web.oxv.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-csrf-token, Content-Type, X-Pusher-Socket-ID, Authentication
access-control-allow-methods
PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin
http://sidebar.bugherd.com
access-control-max-age
1728000
access-control-request-method
*
cache-control
public, max-age=14400
cf-cache-status
MISS
cf-ray
8e2e51435d649c0d-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 15 Nov 2024 09:47:01 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
p3p
CP="NOI ADM DEV COM NAV OUR STP"
referrer-policy
origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731664021&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=JA4wv7rX9x29opR7%2B4QdYPSwLOTPDdbUych275v%2FiO4%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731664021&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=JA4wv7rX9x29opR7%2B4QdYPSwLOTPDdbUych275v%2FiO4%3D
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
via
1.1 vegur
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
f65b7a83-d191-4abd-90f5-ea9e12aaa826
x-runtime
0.004673
x-xss-protection
1; mode=block
favicon.ico
ouvriruncomptepro.web.oxv.fr/bundles/sweetpunklbp/medias/favicon/ 		279 KB
279 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ouvriruncomptepro.web.oxv.fr/bundles/sweetpunklbp/medias/favicon/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.60.188.198 , France, ASN39104 (OXEVA, FR),
Reverse DNS
spbanquepostale.web.reagi.com
Software
/
Resource Hash
1fc05983afb65ae14614660a1e309c7b9faf51a98253e30efc7f403ca07df9f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ouvriruncomptepro.web.oxv.fr/

Response headers

accept-ranges
bytes
x-server-id
2004
content-length
285478
date
Fri, 15 Nov 2024 09:47:01 GMT
last-modified
Wed, 19 Oct 2022 09:20:08 GMT
content-type
image/x-icon

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banque Postale (Banking)

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| tc_events_global function| tc_slugify function| gtag function| tcGetScrollPercent function| reloadAllContainers function| optinAndReload function| optOUTandReload function| removeBanner string| tcImplicitType number| tcTrustTrigger string| tcTrustTriggerName function| tc_events_4 number| tc_privacy_used function| tC object| tC_2623_4 object| caReady function| cact object| tc_array_events function| tC2623_4 object| tc_vars object| dataLayer function| tc_closePrivacyCenter function| tc_closePrivacyButton function| tc_privacy_display_4 number| tc_privacy_cpt function| tc_privacy_wait_body_4 object| pianoAnalytics function| tc_events_5 object| tC_2623_5 function| tC2623_5 object| pdl object| ATInternet function| ATCustomEvent object| _pac object| _paq object| pa function| tc_ATinternet_ConsentMode function| pushToParentPage function| receiveMessage function| tc_events_6 object| tC_2623_6 function| tC2623_6 object| _env string| MEDIAS object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TimelineLite function| TimelineMax function| TweenMax function| CSSPlugin function| BezierPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| ExpoScaleEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| _gsQueue function| ScrollToPlugin function| bindAll function| getURLFileExtension function| isArray function| isObject function| closest function| delegate function| addEventListenerMulti function| findDOM function| findAllDOM function| getElementCenter function| getWindowPosition function| isElementVisible function| BackgroundClipPolyfill function| create function| Smooth function| splitText function| Swipe function| clamp function| lerp function| loopIndex function| map function| normalize function| smoothstep function| randomFloat function| randomInt function| rgbToHex function| hexToRgb function| isEven function| isOdd function| angle function| diagonal function| distance function| toDegrees function| toRadians object| createjs object| Sfjs string| tcVendorsConsent string| tcCategoriesConsent object| overlay function| tc_action_optin object| Main object| States object| tag boolean| _bugHerd_sidebar2021

3 Cookies

Domain/Path Name / Value
.oxv.fr/ Name: TCPID
Value: 124115104701453902657
.oxv.fr/ Name: tCdebugLib
Value: 1
.oxv.fr/ Name: _pprv
Value: eyJjb25zZW50Ijp7IjAiOnsibW9kZSI6ImVzc2VudGlhbCJ9LCIxIjp7Im1vZGUiOiJvcHQtaW4ifSwiMiI6eyJtb2RlIjoib3B0LWluIn0sIjMiOnsibW9kZSI6Im9wdC1pbiJ9LCI0Ijp7Im1vZGUiOiJvcHQtaW4ifSwiNSI6eyJtb2RlIjoib3B0LWluIn0sIjYiOnsibW9kZSI6Im9wdC1pbiJ9LCI3Ijp7Im1vZGUiOiJvcHQtaW4ifX0sInB1cnBvc2VzIjp7IjAiOiJBTSIsIjEiOiJBRCIsIjIiOiJDUCIsIjMiOiJQUiIsIjQiOiJQUiIsIjUiOiJQUiIsIjYiOiJBRCIsIjciOiJETCJ9LCJfdCI6Im1qNnl6Nm52fG0zaWsxcGJ2In0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avp.labanquepostale.fr
cdn.tagcommander.com
cdn.trustcommander.net
ouvriruncomptepro.web.oxv.fr
privacy.trustcommander.net
sidebar.bugherd.com
www.bugherd.com
www.labanquepostale.fr
18.245.46.113
185.16.252.161
192.229.233.55
195.60.188.198
2606:4700:10::6816:4bd6
2606:4700:10::ac43:192f
51.44.35.226
99.83.220.108
0079e2dca502681bba7cae4f23d08e703b78349a5df1e44c7beee1f5c13e6295
1509e8dc57da399ea1998aa69507d4eb64755960720d535530df837f76e7ba0f
152dfe4539bc8ec3369c8e8518dfe5ae2e7826b1d2a801fab283e90b0c50b9ee
1fc05983afb65ae14614660a1e309c7b9faf51a98253e30efc7f403ca07df9f1
48859e8911df53c52f09983d582f90cb11ee5e4177265d7ee17c777f344ce2f2
49388c73be463576e8cc90ea3de17ac936891b342473a4e90fc21d7c9652dfc3
6189835fbd60bc65960275ad8cfd189eb895544010625f9fcb7bd7f168c04844
63996c7a24f51dcf1bded9faa8b095d919afcf85326d2eb2dc1db6be079be45d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d114eb05b5e97783969777c99f424106edb8eed1ffa5ff71c80f99873866257
739104b5349ad414323b0f821b747b55af29af684d47f6c6a189edb08b76b4e3
79af3777688e4135969f0ded09a3789f77852392c017150dcaacdaa2227ecccf
8e5287bed5d7999f057b469928dfe05562602e0de73eb7a6074755df1135b851
95927625cd3430cbbb83fc1a8764fe941f5a5c5e266f42d1fc48cc6caff0317e
a506a2f0dd72aa9666ec768c0b28e0053c048d4e88b922c4451df8bb35cbe5e4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d9200b7f9fb8b364ee691a2c4bb3f1a37fb0d8ea2a2f5319884e61c6a410ec65
db7e6c319e2f3a28ac64cc5f2a4b66ec963bc59b9e7c9896d4c540701460e281
fe3baba0cc91b1be37c3657894a384d5395f640fb25426c582130c7d1e0641eb