Report - zap18738-1.plesk08.zap-webspace.com/

Report Overview

Submitted URL
zap18738-1.plesk08.zap-webspace.com/
IP
185.239.237.65
ASN
#30823 aurologic GmbH
Submitted
2024-05-04 18:16:22
Access
public
Website Title
Restaurant Pizzeria Auberge Belle Fontaine
Final URL
zap18738-1.plesk08.zap-webspace.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
zap18738-1.plesk08.zap-webspace.com	unknown	unknown	No data	No data	7.2 kB	314 kB	185.239.237.65
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-04	1.6 kB	89 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-04	1.5 kB	50 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada
2024-05-04	medium	zap18738-1.plesk08.zap-webspace.com/	Bell Canada

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	zap-webspace.com	Sinkholed
2024-05-04	medium	zap-webspace.com	Sinkholed
2024-05-04	medium	zap-webspace.com	Sinkholed
2024-05-04	medium	zap-webspace.com	Sinkholed
2024-05-04	medium	zap-webspace.com	Sinkholed
2024-05-04	medium	zap-webspace.com	Sinkholed
2024-05-04	medium	zap-webspace.com	Sinkholed
2024-05-04	medium	zap-webspace.com	Sinkholed
2024-05-04	medium	zap-webspace.com	Sinkholed
2024-05-04	medium	zap-webspace.com	Sinkholed
2024-05-04	medium	zap-webspace.com	Sinkholed
2024-05-04	medium	zap-webspace.com	Sinkholed
2024-05-04	medium	zap-webspace.com	Sinkholed
2024-05-04	medium	zap-webspace.com	Sinkholed
2024-05-04	medium	zap-webspace.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	zap18738-1.plesk08.zap-webspace.com/_nuxt/hotel.37e44b68.js	1.4 kB	2024-05-04	2024-05-04
Pretty URL zap18738-1.plesk08.zap-webspace.com/_nuxt/hotel.37e44b68.js IP 185.239.237.65 ASN #30823 aurologic GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:16:28 Last Seen2024-05-04 20:16:28 Times Seen1 Hash 5243fd35d228d747007e704acdb039dd 640af8b48ccdc6a19408516f85214dcb77e26e0b 681da647f65b357148ecabefeb2a32c51a8b3e7e5be7591c274e9dc3ef7deb8e Loading...

	zap18738-1.plesk08.zap-webspace.com/_nuxt/restaurant.ad8ab8b5.js	7.2 kB	2024-05-04	2024-05-04
Pretty URL zap18738-1.plesk08.zap-webspace.com/_nuxt/restaurant.ad8ab8b5.js IP 185.239.237.65 ASN #30823 aurologic GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:16:28 Last Seen2024-05-04 20:16:28 Times Seen1 Hash e723e4136bb155df6f42cc3cb124bc67 e3b69b13ce65d6ef19ed39230dd0ebf4942575e5 7e1f372abcd18a0c7ad5aa72ea07befafb9d1286707d64dd0f74efa7aa3d6141 Loading...

	zap18738-1.plesk08.zap-webspace.com/	151 B	2023-05-30	2024-05-04
Pretty URL zap18738-1.plesk08.zap-webspace.com/ IP 185.239.237.65 ASN #30823 aurologic GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-30 04:44:42 Last Seen2024-05-04 20:16:28 Times Seen7 Hash 5cac686572fac432e20daa320df8491d f4cc9bf85f9a856ed853085011e450a98f6e09fa 4d62af52a75a4ad2841fc25b39a03af05e3f75a3f8fd1b5931f39aba410dcda2 Loading...

	zap18738-1.plesk08.zap-webspace.com/_nuxt/resto-1.26927210.js	80 B	2024-05-04	2024-05-04
Pretty URL zap18738-1.plesk08.zap-webspace.com/_nuxt/resto-1.26927210.js IP 185.239.237.65 ASN #30823 aurologic GmbH Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-04 20:16:28 Last Seen2024-05-04 20:16:28 Times Seen1 Hash a8c8a7ea10a2d0e35f4203cd7688b66b acba6646a08a722afec58cb86d8ec6f1e6991e2c e9cb0727d39011b861e66c02f17cea95133ade38d0d9c58630ec973817875f07 Loading...

	zap18738-1.plesk08.zap-webspace.com/_nuxt/index.487dbede.js	3.4 kB	2024-05-04	2024-05-04
Pretty URL zap18738-1.plesk08.zap-webspace.com/_nuxt/index.487dbede.js IP 185.239.237.65 ASN #30823 aurologic GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:16:28 Last Seen2024-05-04 20:16:28 Times Seen2 Hash ca970ff22ec276da8319523ce21f19b2 48fd69c660abf8335fe29a56aad730fe73d1482d 6e8f1fbab72715586d73c894c69388dbce1964f89a9009f1c4a604c8c9934ffd Loading...

	zap18738-1.plesk08.zap-webspace.com/_nuxt/heroSmall.cda9c3e2.js	1.4 kB	2024-05-04	2024-05-04
Pretty URL zap18738-1.plesk08.zap-webspace.com/_nuxt/heroSmall.cda9c3e2.js IP 185.239.237.65 ASN #30823 aurologic GmbH Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-04 20:16:28 Last Seen2024-05-04 20:16:28 Times Seen2 Hash e87de788d324fa07d55a3dbf6b537569 af831056eeef91db66181cca741c22e448566bdc 24bd95831bdab7b90216e0baf37cfb59d5f5b3d4c5e4d43f2d8336096f9749a2 Loading...

	zap18738-1.plesk08.zap-webspace.com/_nuxt/entry.57d2118d.js	137 kB	2024-05-04	2024-05-04
Pretty URL zap18738-1.plesk08.zap-webspace.com/_nuxt/entry.57d2118d.js IP 185.239.237.65 ASN #30823 aurologic GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:16:28 Last Seen2024-05-04 20:16:28 Times Seen2 Hash ef6a2179e4b3c0b6d7cf15979f91a0e3 11d618251d621e0380695eadea2a89d6f2ab6c04 43eb055bfd227d86b8ab29a76567e9e11cde9673c76addf5e49edd6a5f7a0dbe Loading...

	zap18738-1.plesk08.zap-webspace.com/_nuxt/heures.b6c108fa.js	2.0 kB	2024-05-04	2024-05-04
Pretty URL zap18738-1.plesk08.zap-webspace.com/_nuxt/heures.b6c108fa.js IP 185.239.237.65 ASN #30823 aurologic GmbH Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-04 20:16:28 Last Seen2024-05-04 20:16:28 Times Seen1 Hash ae20d676ca1a396f5446b0144ecd4653 808704271ae29e7adfb863de0130485d70d34be3 21e157e91bf714da7c686595afe410dbd49e132e6ad7b54bbec141a0848dcfd7 Loading...

	zap18738-1.plesk08.zap-webspace.com/_nuxt/default.8c96c57e.js	6.2 kB	2024-05-04	2024-05-04
Pretty URL zap18738-1.plesk08.zap-webspace.com/_nuxt/default.8c96c57e.js IP 185.239.237.65 ASN #30823 aurologic GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:16:28 Last Seen2024-05-04 20:16:28 Times Seen2 Hash e622852fd4056bfaf9fdb97eb7c1cfb6 8ed8a511a583bbc727ef45916a70db9008308fa5 f36cf34b137018e0882abe99475407037e2cb14baf8f138d805e6009108ff9f3 Loading...

HTTP Transactions (21)

URL IP Response Size

zap18738-1.plesk08.zap-webspace.com/_nuxt/index.487dbede.js

185.239.237.65

200 OK

1.7 kB

URL GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/_nuxt/index.487dbede.js
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
Java source, ASCII text, with very long lines (3364)
Size
1.7 kB (1666 bytes)
Hash
ca970ff22ec276da8319523ce21f19b2
48fd69c660abf8335fe29a56aad730fe73d1482d
6e8f1fbab72715586d73c894c69388dbce1964f89a9009f1c4a604c8c9934ffd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/index.487dbede.js HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/_nuxt/entry.57d2118d.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:15:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 17:29:53 GMT
etag: W/"63a09f91-d25"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

zap18738-1.plesk08.zap-webspace.com/_nuxt/mark.3e45f3a1.svg

185.239.237.65

200 OK

2.8 kB

URL GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/_nuxt/mark.3e45f3a1.svg
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
SVG Scalable Vector Graphics image
Size
2.8 kB (2769 bytes)
Hash
dc4dd3a901221e235938c379fe1e6b33
71adbb5d40c2215cfe3fa5e434647fffb7973a41
3e45f3a13a5d7e07249f202bd15c79532fcecfd6a7ea1ce0f80d0338b404f11a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/mark.3e45f3a1.svg HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:15:57 GMT
content-type: image/svg+xml
content-length: 2769
last-modified: Mon, 19 Dec 2022 17:29:53 GMT
etag: "63a09f91-ad1"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

zap18738-1.plesk08.zap-webspace.com/_nuxt/resto-1.fdddef44.jpg

185.239.237.65

200 OK

67 kB

URL GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/_nuxt/resto-1.fdddef44.jpg
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x576, components 3
Size
67 kB (66998 bytes)
Hash
7cbeb6a05dd0a04e7ab8224e2153b1e5
cc22015dd9dc6fea1725cc2ce4c4387e62443f76
fdddef449a29ea2ebd4f2601bbb728aa7d95bf7ea2b858160e98f9731c41111e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/resto-1.fdddef44.jpg HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:15:57 GMT
content-type: image/jpeg
content-length: 66998
last-modified: Mon, 19 Dec 2022 17:29:54 GMT
etag: "63a09f92-105b6"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

zap18738-1.plesk08.zap-webspace.com/_nuxt/default.e1d7a98d.css

185.239.237.65

200 OK

501 B

URL GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/_nuxt/default.e1d7a98d.css
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
ASCII text
Size
501 B (501 bytes)
Hash
fd5bc56c933a9439bb306ed7830adbfa
0e5e24f569e0e03e9a545886fda2db3d5f20904c
e1d7a98d92a54db74492b392f0031e8326617cc4552e72abb4b00ebb6000cd96

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/default.e1d7a98d.css HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:15:57 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 19 Dec 2022 17:29:54 GMT
etag: W/"18-5f031aae87e53"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zap18738-1.plesk08.zap-webspace.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:57:12 GMT
expires: Fri, 02 May 2025 19:57:12 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 166725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lora/v35/0QIhMX1D_JOuMw_LIftL.woff2

216.58.207.227

200 OK

41 kB

URL GET HTTP/2
fonts.gstatic.com/s/lora/v35/0QIhMX1D_JOuMw_LIftL.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40780, version 1.0
Size
41 kB (40780 bytes)
Hash
f0f2581e01ee5b7385817251bdd58982
b3d6b3e87daa05d92ccb0f1e2229c6d01dbeb7e5
e6264c4ba08112a29acac88951c292c15123e5de2f38ea8e6b7b86fd8bef7c08

HTTP Headers

GET /s/lora/v35/0QIhMX1D_JOuMw_LIftL.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zap18738-1.plesk08.zap-webspace.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 05:57:47 GMT
expires: Sat, 03 May 2025 05:57:47 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 31 Jan 2024 23:10:52 GMT
content-type: font/woff2
age: 130690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lora/v35/0QIvMX1D_JOuMwr7Iw.woff2

216.58.207.227

200 OK

38 kB

URL GET HTTP/2
fonts.gstatic.com/s/lora/v35/0QIvMX1D_JOuMwr7Iw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 37764, version 1.0
Size
38 kB (37764 bytes)
Hash
84b1de656372d69f73c8e9273489c8e2
9427a3e557f56a3955ab3f13d99c8a0dd72ab15f
16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50

HTTP Headers

GET /s/lora/v35/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zap18738-1.plesk08.zap-webspace.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 12:57:16 GMT
expires: Sat, 03 May 2025 12:57:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 31 Jan 2024 23:11:20 GMT
content-type: font/woff2
age: 105521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zap18738-1.plesk08.zap-webspace.com/_nuxt/default.8c96c57e.js

185.239.237.65

200 OK

40 kB

URL GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/_nuxt/default.8c96c57e.js
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
Java source, ASCII text, with very long lines (6163)
Size
40 kB (39872 bytes)
Hash
e622852fd4056bfaf9fdb97eb7c1cfb6
8ed8a511a583bbc727ef45916a70db9008308fa5
f36cf34b137018e0882abe99475407037e2cb14baf8f138d805e6009108ff9f3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/default.8c96c57e.js HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/_nuxt/entry.57d2118d.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:15:57 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 17:29:55 GMT
etag: W/"63a09f93-1814"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

zap18738-1.plesk08.zap-webspace.com/_nuxt/heroSmall.cda9c3e2.js

185.239.237.65

200 OK

8.9 kB

URL GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/_nuxt/heroSmall.cda9c3e2.js
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
HTML document, ASCII text, with very long lines (1376)
Size
8.9 kB (8872 bytes)
Hash
e87de788d324fa07d55a3dbf6b537569
af831056eeef91db66181cca741c22e448566bdc
24bd95831bdab7b90216e0baf37cfb59d5f5b3d4c5e4d43f2d8336096f9749a2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/heroSmall.cda9c3e2.js HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/_nuxt/hotel.37e44b68.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:15:57 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 17:29:54 GMT
etag: W/"63a09f92-561"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

zap18738-1.plesk08.zap-webspace.com/

185.239.237.65

200 OK

1.2 kB

URL User Request GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1310), with no line terminators
Size
1.2 kB (1248 bytes)
Hash
d20cf44d550eb0920fa22f9cc8c2db2e
ef5bb6f24c9c71a7c76cb5e51ace7bdf8275ed93
4a1360744a32d4677f9708c76353d7f7257c5820f7067705e55028a717c5186d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:15:56 GMT
content-type: text/html
last-modified: Mon, 19 Dec 2022 17:29:57 GMT
etag: W/"63a09f95-4e0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Poppins&display=swap

142.250.74.106

200 OK

737 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Poppins&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (753), with no line terminators
Size
737 B (737 bytes)
Hash
05e8f39d4ae65d7f3a3e93b81d06ba0a
12642aa4b159dc5c82aad02e89ee5d55ec156b46
664d260c2c708b0875188631dfccf8636ffb2f0fd78b0c0b9867383ea9ce7206

HTTP Headers

GET /css?family=Poppins&amp;display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 18:15:56 GMT
date: Sat, 04 May 2024 18:15:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zap18738-1.plesk08.zap-webspace.com/_nuxt/error-component.b025eda7.js

185.239.237.65

200 OK

1.2 kB

URL GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/_nuxt/error-component.b025eda7.js
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
ASCII text, with very long lines (1256), with no line terminators
Size
1.2 kB (1197 bytes)
Hash
e99e13bb48d15bf0b2a18ed5058cd140
e492f01b5c667597b584bfa943638acefa192525
ffba2a5fd49ebc976ee36b59e5fdf6d285363361309745ba07b78837e77c5103

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/error-component.b025eda7.js HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:15:57 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 17:29:55 GMT
etag: W/"63a09f93-4ad"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

zap18738-1.plesk08.zap-webspace.com/_nuxt/restaurant.ad8ab8b5.js

185.239.237.65

200 OK

7.2 kB

URL GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/_nuxt/restaurant.ad8ab8b5.js
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
ASCII text, with very long lines (7634), with no line terminators
Size
7.2 kB (7188 bytes)
Hash
395065a384aaf43c19470c3bc5cd4da7
9e4f3563e768d9c460edc09d2601b659b290fe16
23f69339f076e571a596895ee66da323a7b3643bd7df5a7e02093c2d032f795e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/restaurant.ad8ab8b5.js HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/_nuxt/entry.57d2118d.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:15:57 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 17:29:54 GMT
etag: W/"63a09f92-1c14"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lora:400,400i,700,700i&display=swap

142.250.74.106

200 OK

17 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Lora:400,400i,700,700i&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (1572)
Size
17 kB (17220 bytes)
Hash
ea3e7437ce0f16d8c5a905b17ba3b052
1be1b6e112371d713de9b8464034683934ecd31f
3ef2815b10a907118d66a4a205a81725742fee02e687400a27ecf7f71d18b3e3

HTTP Headers

GET /css?family=Lora:400,400i,700,700i&amp;display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 18:15:56 GMT
date: Sat, 04 May 2024 18:15:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zap18738-1.plesk08.zap-webspace.com/_nuxt/resto-1.26927210.js

185.239.237.65

200 OK

80 B

URL GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/_nuxt/resto-1.26927210.js
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
ASCII text, with no line terminators
Size
80 B (80 bytes)
Hash
aff36c482eb9d89da37a08aeab46598e
1ded1a40d2dadbef559ce2748a8fcc6276c878c1
e0ea53bc9dcfed943eecf4e54fc7fedd6d5f85ac915a75a256ef2d0ee4e03835

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/resto-1.26927210.js HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/_nuxt/index.487dbede.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:15:56 GMT
content-type: application/javascript
content-length: 98
x-accel-version: 0.01
last-modified: Mon, 19 Dec 2022 17:29:53 GMT
etag: "50-5f031aad004a9-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

zap18738-1.plesk08.zap-webspace.com/favicon.ico

185.239.237.65

404 Not Found

808 B

URL GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/favicon.ico
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
HTML document, ASCII text, with very long lines (866), with no line terminators
Size
808 B (808 bytes)
Hash
b45bdabc5c2538b0c4e5f352bcdfb585
5a97ce87ce8d3d86a043c1a5e68e968e20a1e146
c96189c857253fcdbe13dfcbc7f919050fae21ccb7116c3078ee3c8d8d0f12c7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Sat, 04 May 2024 18:15:57 GMT
content-type: text/html
last-modified: Sun, 20 Mar 2022 13:32:29 GMT
etag: W/"328-5daa6694fc2f5"
content-encoding: br
X-Firefox-Spdy: h2

zap18738-1.plesk08.zap-webspace.com/_nuxt/entry.57d2118d.js

185.239.237.65

200 OK

137 kB

URL GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/_nuxt/entry.57d2118d.js
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
137 kB (137235 bytes)
Hash
ef6a2179e4b3c0b6d7cf15979f91a0e3
11d618251d621e0380695eadea2a89d6f2ab6c04
43eb055bfd227d86b8ab29a76567e9e11cde9673c76addf5e49edd6a5f7a0dbe

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/entry.57d2118d.js HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:15:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 17:29:52 GMT
etag: W/"63a09f90-21813"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

zap18738-1.plesk08.zap-webspace.com/_nuxt/heures.b6c108fa.js

185.239.237.65

200 OK

2.0 kB

URL GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/_nuxt/heures.b6c108fa.js
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
ASCII text, with very long lines (2079), with no line terminators
Size
2.0 kB (1997 bytes)
Hash
d5dcad0337cd42db3b3f94980ce94d86
837d09eb950aa1adcddf10e72443e99111cab1e5
9beb380c0375650e50bf2a13b0d86322aec8300eb6a6f98f851e46a2e2bd5ff5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/heures.b6c108fa.js HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/_nuxt/index.487dbede.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:15:57 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 17:29:55 GMT
etag: W/"63a09f93-7cd"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

zap18738-1.plesk08.zap-webspace.com/_nuxt/entry.4eea8eea.css

185.239.237.65

200 OK

38 kB

URL GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/_nuxt/entry.4eea8eea.css
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
ASCII text, with very long lines (38358)
Size
38 kB (38359 bytes)
Hash
b75122b2d4b15adc840c90aae7a44d1d
4be50bdb7191ae7607e43a03d7013b4ac81559dc
4eea8eeaed3c4fca65dbc87a408b4275e315c14dc8616599c921468016b038da

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/entry.4eea8eea.css HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:15:56 GMT
content-type: text/css
last-modified: Mon, 19 Dec 2022 17:29:54 GMT
etag: W/"63a09f92-95d7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

142.250.74.106

200 OK

30 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
30 kB (30186 bytes)
Hash
75f3900fc7e978588901f144992a693e
5dbeb2d487949282879cfbb11582ba086f9cf521
e254491b7846a5665f1280717ecddcbed7e0373232af037b100be07273291044

HTTP Headers

GET /css?family=Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&amp;display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 18:15:56 GMT
date: Sat, 04 May 2024 18:15:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zap18738-1.plesk08.zap-webspace.com/_nuxt/hotel.37e44b68.js

185.239.237.65

200 OK

1.4 kB

URL GET HTTP/2
zap18738-1.plesk08.zap-webspace.com/_nuxt/hotel.37e44b68.js
IP
185.239.237.65:443
ASN
#30823 aurologic GmbH

Requested by
https://zap18738-1.plesk08.zap-webspace.com/
Certificate
IssuerLet's Encrypt
Subjectzap18738-1.plesk08.zap-webspace.com
Fingerprint06:F8:9D:28:0D:93:36:64:21:97:9A:D3:99:3A:D9:73:BE:27:59:01
ValidityWed, 24 Apr 2024 18:14:57 GMT - Tue, 23 Jul 2024 18:14:56 GMT

File type
ASCII text, with very long lines (1429), with no line terminators
Size
1.4 kB (1385 bytes)
Hash
2e52464334627285e0b163ff9af28f70
30a5bb37f969fe552c841244abdadf7298dd846c
6fcb9b8c73452bef7b0ea67d1cc89f0098235034e418d4e1ca7c6fee3143c614

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bell Canada
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/hotel.37e44b68.js HTTP/1.1
Host: zap18738-1.plesk08.zap-webspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zap18738-1.plesk08.zap-webspace.com/_nuxt/entry.57d2118d.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:15:57 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 17:29:53 GMT
etag: W/"63a09f91-569"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML