urlscan.io logo urlscan.io
SecurityTrails logo

bymycar.ilucca.net Open in urlscan Pro
5.135.100.42  Public Scan

Go To Rescan Add Verdict Report
URL: https://bymycar.ilucca.net/timmi/oneclick/submit/408148d5-be88-4076-8b10-6ca5c3671f99
Submission: On April 11 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 5.135.100.42, located in Antwerp, Belgium and belongs to OVH, FR. The main domain is bymycar.ilucca.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 4th 2024. Valid for: a year.
This is the only time bymycar.ilucca.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 5.135.100.42 16276 (OVH)
4 2606:4700::68... 13335 (CLOUDFLAR...)
9 2
Apex Domain
Subdomains		 Transfer
5 ilucca.net
bymycar.ilucca.net
266 KB
4 lucca.fr
cdn.lucca.fr — Cisco Umbrella Rank: 521589
63 KB
9 2
Domain Requested by
5 bymycar.ilucca.net bymycar.ilucca.net
4 cdn.lucca.fr bymycar.ilucca.net
9 2

This site contains no links.

Subject Issuer Validity Valid
*.ilucca.net
Sectigo RSA Domain Validation Secure Server CA		 2024-01-04 -
2024-12-29		 a year crt.sh
*.lucca.fr
Sectigo RSA Domain Validation Secure Server CA		 2024-01-03 -
2024-12-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bymycar.ilucca.net/timmi/oneclick/submit/408148d5-be88-4076-8b10-6ca5c3671f99
Frame ID: D6E82476DA6FB30B48AF854E743A7794
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Timmi

Page Statistics

9
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

329 kB
Transfer

924 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 408148d5-be88-4076-8b10-6ca5c3671f99
bymycar.ilucca.net/timmi/oneclick/submit/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bymycar.ilucca.net/timmi/oneclick/submit/408148d5-be88-4076-8b10-6ca5c3671f99
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.135.100.42 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7725fd420d01ed8d4ab067aad1f3b23aca4d553914919b7373e779b1e355659a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
content-encoding
gzip
content-length
2394
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Thu, 11 Apr 2024 09:17:59 GMT
permissions-policy
microphone=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow, noarchive, nosnippet
x-xss-protection
1;mode=block
timmi.min.css
bymycar.ilucca.net/timmi-timesheet/static/legacy/ 		725 KB
131 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bymycar.ilucca.net/timmi-timesheet/static/legacy/timmi.min.css
Requested by
Host: bymycar.ilucca.net
URL: https://bymycar.ilucca.net/timmi/oneclick/submit/408148d5-be88-4076-8b10-6ca5c3671f99
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.135.100.42 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a8838eb8fe73777ae555550a17edf68d9e332fcf86110774370c566970e06760
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bymycar.ilucca.net/timmi/oneclick/submit/408148d5-be88-4076-8b10-6ca5c3671f99
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Thu, 11 Apr 2024 07:01:20 GMT
referrer-policy
strict-origin-when-cross-origin
content-security-policy
upgrade-insecure-requests
etag
"1da8bde0e5b3239"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
microphone=()
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
x-xss-protection
1;mode=block
illustration-footer-timmi-timesheet.svg
bymycar.ilucca.net/timmi-timesheet/static/legacy/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bymycar.ilucca.net/timmi-timesheet/static/legacy/illustration-footer-timmi-timesheet.svg
Requested by
Host: bymycar.ilucca.net
URL: https://bymycar.ilucca.net/timmi/oneclick/submit/408148d5-be88-4076-8b10-6ca5c3671f99
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.135.100.42 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f283112461e39686923801ab18df0f94cd3c54382dfada75faf4a3dcad8f6515
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bymycar.ilucca.net/timmi/oneclick/submit/408148d5-be88-4076-8b10-6ca5c3671f99
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:17:59 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 11 Apr 2024 07:01:20 GMT
content-security-policy
upgrade-insecure-requests
etag
"1da8bde0e526779"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
permissions-policy
microphone=()
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-length
132985
x-xss-protection
1;mode=block
oneclick
bymycar.ilucca.net/timmi/oneclick/ 		376 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bymycar.ilucca.net/timmi/oneclick/oneclick
Requested by
Host: bymycar.ilucca.net
URL: https://bymycar.ilucca.net/timmi/oneclick/submit/408148d5-be88-4076-8b10-6ca5c3671f99
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.135.100.42 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
42997b9d1d08020ea263064b99a5ad5bac2ccdff937417a3c85955596a72b112
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://bymycar.ilucca.net/timmi/oneclick/submit/408148d5-be88-4076-8b10-6ca5c3671f99
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 11 Apr 2024 09:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
referrer-policy
strict-origin-when-cross-origin
content-security-policy
upgrade-insecure-requests
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
private
permissions-policy
microphone=()
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-length
387
x-xss-protection
1;mode=block
sourcesanspro-semibold.woff2
cdn.lucca.fr/fonts/SourceSans/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.lucca.fr/fonts/SourceSans/sourcesanspro-semibold.woff2
Requested by
Host: bymycar.ilucca.net
URL: https://bymycar.ilucca.net/timmi-timesheet/static/legacy/timmi.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99b954b7d3b12c2f4920d2260d1655a42618916c9ca3ed01a2553189c1c5e37e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bymycar.ilucca.net/
Origin
https://bymycar.ilucca.net
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:18:00 GMT
access-control-request-method
*
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
content-security-policy
upgrade-insecure-requests
age
245
content-length
20380
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Apr 2024 16:26:00 GMT
server
cloudflare
etag
"05cf4c5638bda1:0"
vary
access-control-request-headers,access-control-request-method, Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/font-woff2
access-control-max-age
*
access-control-allow-origin
*
permissions-policy
microphone=()
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
access-control-allow-headers
Content-Type
cf-ray
8729e302aa673cff-CDG
sourcesanspro-regular.woff2
cdn.lucca.fr/fonts/SourceSans/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.lucca.fr/fonts/SourceSans/sourcesanspro-regular.woff2
Requested by
Host: bymycar.ilucca.net
URL: https://bymycar.ilucca.net/timmi-timesheet/static/legacy/timmi.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d3158a2c67082b54a253753807a415e514a287e2633b23053b9c950dfcaaad0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bymycar.ilucca.net/
Origin
https://bymycar.ilucca.net
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:18:00 GMT
access-control-request-method
*
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
content-security-policy
upgrade-insecure-requests
age
2840
content-length
20568
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Apr 2024 16:26:00 GMT
server
cloudflare
etag
"05cf4c5638bda1:0"
vary
access-control-request-headers,access-control-request-method, Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/font-woff2
access-control-max-age
*
access-control-allow-origin
*
permissions-policy
microphone=()
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
access-control-allow-headers
Content-Type
cf-ray
8729e302aa663cff-CDG
favicon-32x32.png
cdn.lucca.fr/favicon/timmi/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.lucca.fr/favicon/timmi/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb6bc8f21d219fc995208f9d74ee75d2eb02189d2e15551246a3dced9ff3ffeb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bymycar.ilucca.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:18:00 GMT
access-control-request-method
*
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
content-security-policy
upgrade-insecure-requests
age
380
content-length
1559
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Apr 2024 16:26:00 GMT
server
cloudflare
etag
"05cf4c5638bda1:0"
vary
access-control-request-headers,access-control-request-method, Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
image/png
access-control-max-age
*
access-control-allow-origin
*
permissions-policy
microphone=()
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
access-control-allow-headers
Content-Type
cf-ray
8729e3032d766f05-CDG
sourcesanspro-bold.woff2
cdn.lucca.fr/fonts/SourceSans/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.lucca.fr/fonts/SourceSans/sourcesanspro-bold.woff2
Requested by
Host: bymycar.ilucca.net
URL: https://bymycar.ilucca.net/timmi-timesheet/static/legacy/timmi.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ee8e7e88d8dba535cc8a18de4ac68deda441c16adf59cee90aca9b4a135da76
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bymycar.ilucca.net/
Origin
https://bymycar.ilucca.net
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:18:02 GMT
access-control-request-method
*
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
content-security-policy
upgrade-insecure-requests
age
246
content-length
20368
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Apr 2024 16:26:00 GMT
server
cloudflare
etag
"05cf4c5638bda1:0"
vary
access-control-request-headers,access-control-request-method, Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/font-woff2
access-control-max-age
*
access-control-allow-origin
*
permissions-policy
microphone=()
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
access-control-allow-headers
Content-Type
cf-ray
8729e30f69f43cff-CDG
icon_ok.svg
bymycar.ilucca.net/timmi-timesheet/static/legacy/ 		787 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bymycar.ilucca.net/timmi-timesheet/static/legacy/icon_ok.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.135.100.42 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1804834d8415361d3fb929cf6335aacc8b79990026d7597fd0930301df502918
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bymycar.ilucca.net/timmi/oneclick/submit/408148d5-be88-4076-8b10-6ca5c3671f99
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:18:01 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 11 Apr 2024 07:01:20 GMT
content-security-policy
upgrade-insecure-requests
etag
"1da8bde0e506313"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
permissions-policy
microphone=()
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-length
787
x-xss-protection
1;mode=block

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| hide function| show function| toggle object| xhttp

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block