| servicesca.ocsp.certigna.fr/ | 109.197.245.20 | | 2.4 kB |
URL servicesca.ocsp.certigna.fr/ IP109.197.245.20:0 ASN#35625 Eurofiber France SAS
Hash5340ca4489766e69aae9cd09682cfb98 4a0fbf65de38dd457ef0a12e9d8918d83c8e5b4e db625b6df519c27f600b327817d22f28fdcb8aa40fe236a914ed0b77d32b3d94
POST / HTTP/1.1
Host: servicesca.ocsp.certigna.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Type: application/ocsp-response
Content-Length: 2377
Date: Thu, 28 Mar 2024 08:26:18 GMT
|
|
| cfspart.impots.gouv.fr/enp/Affichage_Document_PDF?idEnsua=9445C253917A08526E83536BC2614B0A047026A6963CA417AF2688D7709CE485 | 145.242.11.27 | 302 Found | 416 B |
URL User Request GET HTTP/1.1cfspart.impots.gouv.fr/enp/Affichage_Document_PDF?idEnsua=9445C253917A08526E83536BC2614B0A047026A6963CA417AF2688D7709CE485 IP145.242.11.27:443
CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeHTML document, ASCII text Hash429cc97d3dc8885cb3b4063ea8c0885d efb19eda064e1089b535c889bc540cdc3cd1e4af 584e68462af0d9ec45204bbdf80fae36f6be3037ad0ee09eb68838c0558d9922
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /enp/Affichage_Document_PDF?idEnsua=9445C253917A08526E83536BC2614B0A047026A6963CA417AF2688D7709CE485 HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 28 Mar 2024 08:26:18 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Set-Cookie: lemondgfipprodpart=_test_client; domain=cfspart.impots.gouv.fr; path=/
Pragma: no-cache
Connection: close
Location: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Content-Length: 416
Content-Type: text/html; charset=iso-8859-1
|
|
| cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== | 145.242.11.27 | 200 OK | 13 kB |
URL User Request GET HTTP/1.1cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== IP145.242.11.27:443
CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeHTML document, ASCII text, with very long lines (464) Hashddc51b53094874c3b2bc412c7d691c71 bc16b1e8f9e1dc96c91412554a3fc9bc4e8f0c00 7110ff3f6fb232c995c106d28bed1fedd366f2cf128b010fffa099836448bc98
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: lemondgfipprodpart=_test_client
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:18 GMT
Server: Apache
Set-Cookie: ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a; domain=cfspart.impots.gouv.fr; path=/
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' https://app.franceconnect.gouv.fr https://cfsfc.impots.gouv.fr ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Via: dpapusx036
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13256
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1
|
|
| cfspart.impots.gouv.fr/templates/styles/bootstrap.min.css | 145.242.11.27 | 200 OK | 18 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/styles/bootstrap.min.css IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeASCII text, with very long lines (64976) Hasha04c20e9d8e971c005c10a25372cb7c3 e42875a7c13d6f766ece94b27b636549edff7fe7 1831874c5d0edf9deec31365a40c7aa7a5e271717109bdb345390daef315735c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/styles/bootstrap.min.css HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "41b2a-1a442-590ff5bcd7feb"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 17849
Last-Modified: Mon, 26 Aug 2019 06:35:14 GMT
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| cfspart.impots.gouv.fr/templates/js/dyn/auth2019v3.js | 145.242.11.27 | 200 OK | 13 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/js/dyn/auth2019v3.js IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (327) Hashaa6568826221aa3ebe0dd820101f104c 51976a5ec9b39497a288278bfe2995acedf42b17 ae4f95487be04020d57577c7668636d869c388c8bc860f9299de550960193805
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/js/dyn/auth2019v3.js HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Jan 2023 09:05:54 GMT
ETag: "2c6f-13319-5f1e530f936d9"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Content-Length: 12635
Keep-Alive: timeout=1, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| cfspart.impots.gouv.fr/templates/js/dyn/idContact.js | 145.242.11.27 | 200 OK | 720 B |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/js/dyn/idContact.js IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
Hash0cc752ee17ca1b1aec4e4c18a7d429bb 49fc4ba175b339ad2dd01ec3444f26bf94c883bf 196d95e958dd419e1b15a2992f6f32508f076c2c327d056d2952401d3118db35
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/js/dyn/idContact.js HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 13 Dec 2022 07:01:47 GMT
ETag: "2c65-c31-5efb03183e2bb"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Content-Length: 720
Keep-Alive: timeout=1, max=97
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| cfspart.impots.gouv.fr/templates/styles/commun.css | 145.242.11.27 | 200 OK | 1.8 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/styles/commun.css IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeassembler source, Unicode text, UTF-8 text, with very long lines (406) Hash4964f08183bccac130433472ef984b0a 753beace3167a2cf4648e0f3bce280d75f5f4966 88c20f31fe0c9e3e282c41a7b17ab9538043cb69622b41b639b200835b485eb9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/styles/commun.css HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "41b22-168c-5daf88d076dd9"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 1844
Last-Modified: Thu, 24 Mar 2022 15:32:16 GMT
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| cfspart.impots.gouv.fr/templates/styles/mire.css | 145.242.11.27 | 200 OK | 918 B |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/styles/mire.css IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
Hash652abbe170c34e51ea1b8ae71a065bb2 cd0361a41f553289d10aed700580b2556d56eae9 e93bc93191ef5c3c6aa146c41135d36f46483e5f836ba36767ca8999570ed195
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/styles/mire.css HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "41b28-ab7-5bd3d976b5511"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 918
Last-Modified: Thu, 11 Mar 2021 07:18:34 GMT
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| cfspart.impots.gouv.fr/templates/styles/dac.css | 145.242.11.27 | 200 OK | 437 B |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/styles/dac.css IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
Hash02f2819a5b62c5d07e28c0591d1f3ea0 c1d9d8977d3c37ed6c5e59c596804cf43b7b02f0 cece61d8fd5fbeb96fa77967e4bbc4aa19e4111468133b5cd1521c1b823b43bc
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/styles/dac.css HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "41b27-303-5a2208bf9719f"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 437
Last-Modified: Tue, 31 Mar 2020 06:19:14 GMT
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| cfspart.impots.gouv.fr/templates/js/bootstrap.min.js | 145.242.11.27 | 200 OK | 9.0 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/js/bootstrap.min.js IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32002) Hashf0f6ac68931d683c1a5b99c2f2c7a2ef 30c7ac5eb61d2fe553aec2354eb5a8045ac0726e 75b52a07e8d4d433f8dc2dd323b7661d7945611c3258161ce37772f4dda615ad
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/js/bootstrap.min.js HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "2c5d-8208-590ff5bce2fb3"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 8991
Last-Modified: Mon, 26 Aug 2019 06:35:14 GMT
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| cfspart.impots.gouv.fr/templates/js/dyn/messages.js | 145.242.11.27 | 200 OK | 2.9 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/js/dyn/messages.js IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
Hashab3812930a4a05a5534af1b3aa1cb394 8b722bd53b824d550c8c1e788dccf8367c68f5c7 2e4aebd08758860dae6add24f14ea13f7efb2741e507fc5e49448fb842194ff5
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/js/dyn/messages.js HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 14 Dec 2022 13:26:08 GMT
ETag: "2c78-2be3-5efc9addfb372"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Content-Length: 2918
Keep-Alive: timeout=1, max=96
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| cfspart.impots.gouv.fr/templates/js/dyn/urls.js | 145.242.11.27 | 200 OK | 248 B |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/js/dyn/urls.js IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
Hash0490574b4f675f9ceceafc8ec5aee4c6 ed0fe52a6382c698e9ca870363e58ab1e6dc7ca5 f9d32f35707df52561a55b4649691ba45a3b1d638ffbfdaf514d3c7b1751c49d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/js/dyn/urls.js HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 26 Aug 2019 06:35:14 GMT
ETag: "2c63-23b-590ff5bcdf903"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Content-Length: 248
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| cfspart.impots.gouv.fr/templates/js/dyn/configuration.js | 145.242.11.27 | 200 OK | 467 B |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/js/dyn/configuration.js IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
Hashc1655b8bff588e7b1659d10f21233639 fdbe3771ea4dd5e17cdca41c991b2585a2b78ab4 64a83804a787c8b6c4ee5b82936a842d7d2b96355d891f1d02863bc26a2deed5
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/js/dyn/configuration.js HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 08 Apr 2020 13:41:20 GMT
ETag: "2c66-3a1-5a2c7a7bf45ed"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Content-Length: 467
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| cfspart.impots.gouv.fr/templates/js/dyn/franceConnect.js | 145.242.11.27 | 200 OK | 126 B |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/js/dyn/franceConnect.js IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
Hashe1bdb29090bf90479997b5eabda963f2 dc88d844892f8b51970e31d8815689e7aa014cc1 dc35e548f9f5cdddeb342e5663624a19cf8f4df71260d362b92d5bc620fbdaba
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/js/dyn/franceConnect.js HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 26 Aug 2019 06:35:14 GMT
ETag: "2c67-9f-590ff5bce08a3"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Content-Length: 126
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| cfspart.impots.gouv.fr/templates/js/jquery.min.js | 145.242.11.27 | 200 OK | 30 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/js/jquery.min.js IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/js/jquery.min.js HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "2c5b-14e4a-590ff5bce23fb"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 29822
Last-Modified: Mon, 26 Aug 2019 06:35:14 GMT
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| cfspart.impots.gouv.fr/templates/js/jquery.details.js | 145.242.11.27 | 200 OK | 952 B |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/js/jquery.details.js IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1908) Hashc10f732cb103ddc9eecf769ec9f1a47c 9afe5279c4b275ff6d7e5215c2bb3c45a67a4a82 07a4d78d858bb93b3220fd4af3f599035ea5e4f932bfb53b1196ee328116c5b9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/js/jquery.details.js HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "2c58-7d0-590ff5bcde963"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 952
Last-Modified: Mon, 26 Aug 2019 06:35:14 GMT
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| cfspart.impots.gouv.fr/templates/js/dyn/matrix.js | 145.242.11.27 | 200 OK | 327 B |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/js/dyn/matrix.js IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
Hash8ec37bc11ef9abd036cc3a9aea1b935e e4eec5dfe6441f795170aa4f32aa6577297d0310 e7d109b1e269fd76b1e8884347063a16a3c095e2cd68f1cbce73da32c68c669e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/js/dyn/matrix.js HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 22 Mar 2023 08:43:28 GMT
ETag: "2bee-2a7-5f779276f702f"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Content-Length: 327
Keep-Alive: timeout=1, max=95
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| cfspart.impots.gouv.fr/templates/js/dyn/nav.js | 145.242.11.27 | 200 OK | 922 B |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/js/dyn/nav.js IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeJavaScript source, ASCII text Hash095ca41a1c8f7142c5b1f73f80455fcc c4e9f3b87dc4a0c8007348a9d01c2c6b9ee93c12 f0d79ac4bad049cb08f35a8c4b5f124d80a2bedcac6b8655b07bd83d2fe04ff3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/js/dyn/nav.js HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 22 Mar 2023 08:43:50 GMT
ETag: "3222-91f-5f77928c24a28"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Content-Length: 922
Keep-Alive: timeout=1, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| cfspart.impots.gouv.fr/templates/images/bloc-marque.svg | 145.242.11.27 | 200 OK | 5.7 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/images/bloc-marque.svg IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash4257fb0a56ea55bc4b76ea2fe46b8b9d d33741728f77502ffef2144609aa61ee920eefbb 90d8552964c8e804a6dea1870bfd34d3114389e6c28b725bcdec63808b75c8a6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/images/bloc-marque.svg HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/templates/styles/commun.css
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "2fb9-4608-5bd3d9340228b"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 5743
Last-Modified: Thu, 11 Mar 2021 07:17:24 GMT
Keep-Alive: timeout=1, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
|
|
| cfspart.impots.gouv.fr/templates/images/logo-fc.svg | 145.242.11.27 | 200 OK | 4.0 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/images/logo-fc.svg IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashf3c02532347779d974e702c09cf85019 9eec54318e9c5f892342b7c259c081dd88e6ea4b f38f88db94a67b5fcc8f90965a6623a509e35cb81b6b252f0c9d7fdd29ff1a88
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/images/logo-fc.svg HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "2c39-3645-590ff5bcd9373"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 4049
Last-Modified: Mon, 26 Aug 2019 06:35:14 GMT
Keep-Alive: timeout=1, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
|
|
| cfspart.impots.gouv.fr/templates/images/logo_impots.svg | 145.242.11.27 | 200 OK | 1.3 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/images/logo_impots.svg IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash3d338ec68af63179fa417a191e8a012d 540f4fedc21e0b7dcb7252233d94c62b747fb88d c4502e1bffc9155988eeb261ae88885e93211e73cad60005d710ba19ac860b5e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/images/logo_impots.svg HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/templates/styles/commun.css
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "2fb8-d10-5bd3d933ef5c3"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 1340
Last-Modified: Thu, 11 Mar 2021 07:17:24 GMT
Keep-Alive: timeout=1, max=94
Connection: Keep-Alive
Content-Type: image/svg+xml
|
|
| cfspart.impots.gouv.fr/templates/images/Small-logoSMART.png | 145.242.11.27 | 200 OK | 2.3 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/images/Small-logoSMART.png IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typePNG image data, 225 x 225, 8-bit colormap, non-interlaced Hashc546c9a78e206d482076fae524cedbe5 d9ad14007be975fb477763f26ce653e332b56c70 dfcae6bf0ca22253e333881e0bf7eb42d14057eb00024a5bd19943b04cbb95ec
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/images/Small-logoSMART.png HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "2c60-92b-5daf8930c80a8"
Accept-Ranges: bytes
Content-Length: 2347
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 24 Mar 2022 15:33:57 GMT
Keep-Alive: timeout=1, max=97
Connection: Keep-Alive
Content-Type: image/png
|
|
| cfspart.impots.gouv.fr/templates/images/spi.svg | 145.242.11.27 | 200 OK | 1.6 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/images/spi.svg IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash0d59ec026a9708271caca148c56959df 02cc9a6887e9ca7ac69729d499813436157546a4 2be11b4cf348ebdb13674d8cf0d1938df9c71f0f64fb0fb70fa08ed40830f684
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/images/spi.svg HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "2c37-156d-590ff5bcd8ba3"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 1619
Last-Modified: Mon, 26 Aug 2019 06:35:14 GMT
Keep-Alive: timeout=1, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
|
|
| cfspart.impots.gouv.fr/templates/images/spi1.svg | 145.242.11.27 | 200 OK | 979 B |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/images/spi1.svg IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash9b3c39ed6edf582c7f571289b4dbc725 28abdf9efc2cf91ec83f48d29313de71198905c0 434c00e8f522092a173a70f7f6e95747cf8c2b75328bdf76c6ed1e4b2039cbbc
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/images/spi1.svg HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "2c6e-fb8-590ff5bcdd5db"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 979
Last-Modified: Mon, 26 Aug 2019 06:35:14 GMT
Keep-Alive: timeout=1, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
|
|
| cfspart.impots.gouv.fr/templates/polices/open-sans-latin-ext-regular.woff2 | 145.242.11.27 | 200 OK | 19 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/polices/open-sans-latin-ext-regular.woff2 IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 19392, version 1.0 Hash6e2308ee6037e901e59de209310cf5ff cea4c2bb4465f3c1a7692d2b218c3b1a41b7426a 516c7b2926dbd461e33f19ff05db8587e5990184dba657483d5a569cc099a8ee
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/polices/open-sans-latin-ext-regular.woff2 HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/templates/styles/commun.css
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "41b6d-4bc0-5daf88ff0684c"
Accept-Ranges: bytes
Content-Length: 19392
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 24 Mar 2022 15:33:05 GMT
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: text/plain; charset=utf-8
|
|
| cfspart.impots.gouv.fr/templates/images/num_acces.svg | 145.242.11.27 | 200 OK | 1.9 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/images/num_acces.svg IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash44f52f8bcf815b2a962c029c9fb41440 c8608e65a9b82d02ae133834543c28aecd103325 880cbec4f5672334414f9b979a09ad51f7158c92a694bbabfc8a83538c8e0e2e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/images/num_acces.svg HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "2c3f-190e-590ff5bcd9b43"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 1900
Last-Modified: Mon, 26 Aug 2019 06:35:14 GMT
Keep-Alive: timeout=1, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml
|
|
| cfspart.impots.gouv.fr/templates/polices/dgfip_dgfipicons.woff | 145.242.11.27 | 200 OK | 94 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/polices/dgfip_dgfipicons.woff IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeWeb Open Font Format, TrueType, length 93700, version 1.0 Hash53f606d531c08964174e91d4c4dfb345 daf42355520971c9b707756869f269c77e0eddf4 254798574aeb4e94ef4b45f271e804f0b63eb45def80468d9af516213ebe13dd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/polices/dgfip_dgfipicons.woff HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/templates/styles/commun.css
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "41b17-16e04-598283377035c"
Accept-Ranges: bytes
Content-Length: 93700
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 25 Nov 2019 09:15:13 GMT
Keep-Alive: timeout=1, max=98
Connection: Keep-Alive
Content-Type: application/x-font-woff
|
|
| cfspart.impots.gouv.fr/templates/images/favicon-152.png | 145.242.11.27 | 200 OK | 5.3 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/images/favicon-152.png IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typePNG image data, 152 x 152, 8-bit/color RGB, non-interlaced Hashb1479c387a9643444ab8c0ea00700b85 4393e635ea58ecc112e9a305937758c9312eec32 691587ccf86f22dfe92da5c239d5b1d4321e700a91f533baeab55387bc3164c0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/images/favicon-152.png HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "2c3e-1496-5efb0561ee618"
Accept-Ranges: bytes
Content-Length: 5270
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 13 Dec 2022 07:12:01 GMT
Keep-Alive: timeout=1, max=97
Connection: Keep-Alive
Content-Type: image/png
|
|
| cfspart.impots.gouv.fr/templates/images/favicon.ico | 145.242.11.27 | 200 OK | 1.2 kB |
URL GET HTTP/1.1cfspart.impots.gouv.fr/templates/images/favicon.ico IP145.242.11.27:443
Requested byhttps://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ== CertificateIssuerDHIMYOTIS Subjectcfsfc.impots.gouv.fr Fingerprint93:3D:68:AE:CC:37:B5:F4:EF:A7:BF:CF:F6:FD:3A:3F:63:7D:F9:FF ValidityMon, 03 Jul 2023 22:00:00 GMT - Sat, 03 Aug 2024 21:59:59 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash4c2c39d7cb584994b956b7001fc462e1 82c00353c1ca67d925e65fd6022cd0ccbc0f5c3c 99af879888a29feeec095725f74e18cd070de29e7f1b4a35f20746fa45382c21
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - France Tax Agency |
GET /templates/images/favicon.ico HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL2VucC9BZmZpY2hhZ2VfRG9jdW1lbnRfUERGP2lkRW5zdWE9OTQ0NUMyNTM5MTdBMDg1MjZFODM1MzZCQzI2MTRCMEEwNDcwMjZBNjk2M0NBNDE3QUYyNjg4RDc3MDlDRTQ4NQ==
Cookie: lemondgfipprodpart=_test_client; ctxcfs=8dc15cc5cacd82a64a8bbd2bdce3ec7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 08:26:19 GMT
Server: Apache
ETag: "2c33-47e-5efb0403ea906"
Accept-Ranges: bytes
Content-Length: 1150
Via: dpapusx036
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 13 Dec 2022 07:05:54 GMT
Keep-Alive: timeout=1, max=98
Connection: Keep-Alive
Content-Type: image/x-icon
|
|