Report - preprod.urban3a.fr/wp-content/vim/asb/index.php

Report Overview

Submitted URL
preprod.urban3a.fr/wp-content/vim/asb/index.php
IP
185.2.5.5
ASN
#203461 Register S.p.A.
Submitted
2022-09-28 08:23:04
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	52 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.3
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	631 B	24 kB	142.250.74.164
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	809 B	184 kB	142.250.74.163
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.35.74.102
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
preprod.urban3a.fr	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.0 kB	190 kB	185.2.5.5
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	924 B	33 kB	142.250.74.163
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-27	medium	preprod.urban3a.fr/wp-content/vim/asb/index.php	ASB Bank Limited

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	preprod.urban3a.fr/wp-content/vim/asb/index.php	Phishing
2022-09-28	medium	preprod.urban3a.fr/wp-content/vim/asb/css/fonts.min.css?v=2.1.0.3	Phishing
2022-09-28	medium	preprod.urban3a.fr/wp-content/vim/asb/css/style.min.css?v=2.1.0.3	Phishing
2022-09-28	medium	preprod.urban3a.fr/wp-content/vim/asb/images/icon-asb.svg	Phishing
2022-09-28	medium	preprod.urban3a.fr/wp-content/vim/asb/images/icon-profile.svg	Phishing
2022-09-28	medium	preprod.urban3a.fr/wp-content/vim/asb/images/icon-lock-outline.svg	Phishing
2022-09-28	medium	preprod.urban3a.fr/wp-content/vim/asb/images/icon-information.svg	Phishing
2022-09-28	medium	preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-regular.woff2	Phishing
2022-09-28	medium	preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-extralight.woff2	Phishing
2022-09-28	medium	preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-semibold.woff2	Phishing
2022-09-28	medium	preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-regular.woff2	Phishing
2022-09-28	medium	preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-regular.woff	Phishing
2022-09-28	medium	preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-extralight.woff	Phishing
2022-09-28	medium	preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-semibold.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	preprod.urban3a.fr/wp-content/vim/asb/index.php	77 B	2023-03-07	2023-03-17
Pretty URL preprod.urban3a.fr/wp-content/vim/asb/index.php IP 185.2.5.5 ASN #203461 Register S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:32:30 Last Seen2023-03-17 11:32:41 Times Seen1 Hash 35535c313d4685ee02a96fac82b40dc7 55a1f6ee4799eb67822f3517b035eb9bcb3d1306 428184fcddadc917cc3d188acfac888223102ea1afa7c079b0bc718520d7c080 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHumoUAAAAAM6d5MNFsuwIypIszPyRVVP0n_H0&co=aHR0cHM6Ly9vbmxpbmUuYXNiLmNvLm56OjQ0Mw..&hl=en&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=jwcd39bsvh49	69 B	2023-03-07	2024-04-19
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHumoUAAAAAM6d5MNFsuwIypIszPyRVVP0n_H0&co=aHR0cHM6Ly9vbmxpbmUuYXNiLmNvLm56OjQ0Mw..&hl=en&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=jwcd39bsvh49 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-19 04:03:46 Times Seen99031 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js	398 kB	2023-03-07	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:20:45 Last Seen2023-03-17 11:40:02 Times Seen1 Hash 4ba43a63c7e907af7ec62d08348f3b9b 5cf61ea391f9788c24e9e6eb8b715bcea22ecdf6 51d9c9160f4c0e20b5a69fa1b09a8947bf74235330d522fae8217ad19c17b93b Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHumoUAAAAAM6d5MNFsuwIypIszPyRVVP0n_H0&co=aHR0cHM6Ly9vbmxpbmUuYXNiLmNvLm56OjQ0Mw..&hl=en&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=jwcd39bsvh49	36 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHumoUAAAAAM6d5MNFsuwIypIszPyRVVP0n_H0&co=aHR0cHM6Ly9vbmxpbmUuYXNiLmNvLm56OjQ0Mw..&hl=en&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=jwcd39bsvh49 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01:29 Last Seen2023-03-08 03:01:29 Times Seen1 Hash a09341c6262d593afc830494265f043b c957e251046ec8b937c5021a893756e33c74c8fc 96b5113ae2e46658917ec393f926695f70ae97665ce99cfe20bfeac290b09f68 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2851c27fe4d7dcfce30aeaa53cfb59ed	16 kB	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:04:59 Last Seen2023-03-08 03:22:24 Times Seen1 Hash 2851c27fe4d7dcfce30aeaa53cfb59ed e6d6747077359e2996fcb8ce60c94647e548a120 b7bb0c5ac33ab436c5fe975360ef1af5f66987c6c8bf5c0569e749197b16ecaa Loading...

	#2 Eval - 921f62f13ac651d01d0c2bbe4940529d	16 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 03:01:29 Last Seen2023-03-08 03:01:29 Times Seen1 Hash 921f62f13ac651d01d0c2bbe4940529d 8e35ebd076ac32045dae3381a366e81d44c6f10f 5bb0deaa52a19c4a017877d2bd19360935e9bba55a891ff3dd53304779747520 Loading...

	#3 Eval - c4bcc9c08455c63b6941587911bb5e33	62 B	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:04:59 Last Seen2023-03-08 03:22:24 Times Seen1 Hash c4bcc9c08455c63b6941587911bb5e33 a63bdfb594e7769cde32b002448f0fec82476ce7 9a40ef33f7700831131770a8048c5a08faa312d7311fc2c6ced1909ea6e458ce Loading...

	#4 Eval - 1845a1a5613a3cc719cdfd0f4354c64d	22 B	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:04:59 Last Seen2023-03-08 03:22:24 Times Seen1 Hash 1845a1a5613a3cc719cdfd0f4354c64d d98cc33e5143dec9bb98528b47284c10072c60ce 531ec07d216cb5810b6ebf63f292c8c1759049139e175d847973b17cd08238fa Loading...

	#5 Eval - 8255e47c8659ff37c9b3a0934673908e	22 B	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:04:59 Last Seen2023-03-08 03:22:24 Times Seen1 Hash 8255e47c8659ff37c9b3a0934673908e e851f0d2bd2c672883af76176e787f6530feabcf d651a2902f113132877a12117727707b1031e8f12615f8a3a0ad138ea5eb79ea Loading...

HTTP Transactions (43)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 07:42:53 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yHuFSEJfNtrCOuDql4ttCYHZfqB3TUFfJxDKYuHgjCc2r99QxnNsyQ==
Age: 2400

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3949
Expires: Wed, 28 Sep 2022 09:28:42 GMT
Date: Wed, 28 Sep 2022 08:22:53 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kX8JpU4wQE2bLKZlBceD_uT1n-WEy47HURbtXNjJXjH8ylM_GwOgHQ==
age: 82720
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f01389bcea0bfb9da6c441ae51bdc289
5decf0d4f75087d13d095fb426ff1a6ecb6bb83c
2b4ad3dac821f97aacf199c317fd0ebdf1083ab144c4e371a6881a59a8111543

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B4AD3DAC821F97AACF199C317FD0EBDF1083AB144C4E371A6881A59A8111543"
Last-Modified: Wed, 28 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16081
Expires: Wed, 28 Sep 2022 12:50:54 GMT
Date: Wed, 28 Sep 2022 08:22:53 GMT
Connection: keep-alive

preprod.urban3a.fr/wp-content/vim/asb/index.php

185.2.5.5

200 OK

14 kB

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/index.php
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1156)
Size
14 kB (14290 bytes)
Hash
4757b7d15b5234580cc443b82b11ddcc
b6af6bde0e6bef780b1ea3de61df456167e97a64
6e249f20458d8f0c2603dd79644a4761b8bf90b6c99dacfaf573b4488df51a6a

Detections

Analyzer	Verdict	Alert
openphish	ASB Bank Limited
fortinet	Phishing

HTTP Headers

GET /wp-content/vim/asb/index.php HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 08:22:53 GMT
Server: Apache
X-Powered-By: PHP/7.3.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0; path=/
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:22:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

preprod.urban3a.fr/wp-content/vim/asb/css/fonts.min.css?v=2.1.0.3

185.2.5.5

200 OK

2.7 kB

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/css/fonts.min.css?v=2.1.0.3
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
ASCII text, with very long lines (2742), with no line terminators
Size
2.7 kB (2742 bytes)
Hash
ca9aea5166c05e02e64204493ec859e2
79bb2884613eaa83e28b51ff53d10d36ec2820ca
34c1757c7eac4eeb1f4c65be191d76ea7a851ea44f155e79d4db456971f09926

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/vim/asb/css/fonts.min.css?v=2.1.0.3 HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://preprod.urban3a.fr/wp-content/vim/asb/index.php
Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 08:22:54 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 19:04:46 GMT
ETag: "2b20545-ab6-5e9ad515232a3"
Accept-Ranges: bytes
Content-Length: 2742
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: text/css

preprod.urban3a.fr/wp-content/vim/asb/css/style.min.css?v=2.1.0.3

185.2.5.5

200 OK

27 kB

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/css/style.min.css?v=2.1.0.3
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
ASCII text, with very long lines (26645)
Size
27 kB (26646 bytes)
Hash
6c1ddfcbc978dc1eeeba0e9331defcf3
a1883d206cba8360134153c26a8f83a1879c6456
0a9a86b6cc87167bb0570f246b7d1d0202a994d9d7316d177814ce35fec50944

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/vim/asb/css/style.min.css?v=2.1.0.3 HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://preprod.urban3a.fr/wp-content/vim/asb/index.php
Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 08:22:54 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 19:04:46 GMT
ETag: "2b20543-6816-5e9ad515232a3"
Accept-Ranges: bytes
Content-Length: 26646
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: text/css

preprod.urban3a.fr/wp-content/vim/asb/images/icon-asb.svg

185.2.5.5

200 OK

1.0 kB

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/images/icon-asb.svg
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1036), with no line terminators
Size
1.0 kB (1036 bytes)
Hash
7403308b42e819410b521a4d39ab1a78
1f8d05ddd45e795fcb3fcc02415525fbce5da7d8
3f20f7b5c6a167c81a08fd9f810c149dd791d9dcd8c5565f7e55a20140c70d94

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/vim/asb/images/icon-asb.svg HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://preprod.urban3a.fr/wp-content/vim/asb/css/style.min.css?v=2.1.0.3
Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0; IV_JCT=%2Fauth
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 08:22:54 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 19:04:46 GMT
ETag: "2b20536-40c-5e9ad51522ad3"
Accept-Ranges: bytes
Content-Length: 1036
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: image/svg+xml

preprod.urban3a.fr/wp-content/vim/asb/images/icon-profile.svg

185.2.5.5

200 OK

534 B

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/images/icon-profile.svg
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (336), with CRLF line terminators
Size
534 B (534 bytes)
Hash
e645d04ddef15840ceda9246ea11a45e
15e9949df060ff02a7c89130689091ae8c12bb19
8ed769e9c3db90a36cfc03e8cae73eedf2a554b464d689b7b246442302ffe41e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/vim/asb/images/icon-profile.svg HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://preprod.urban3a.fr/wp-content/vim/asb/css/style.min.css?v=2.1.0.3
Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0; IV_JCT=%2Fauth
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 08:22:54 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 19:04:46 GMT
ETag: "2b20532-216-5e9ad515226eb"
Accept-Ranges: bytes
Content-Length: 534
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: image/svg+xml

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:22:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

preprod.urban3a.fr/wp-content/vim/asb/images/icon-lock-outline.svg

185.2.5.5

200 OK

757 B

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/images/icon-lock-outline.svg
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (559), with CRLF line terminators
Size
757 B (757 bytes)
Hash
4707d13ed2b0d2782e8bc7a0d0b2f0df
3fcba37278fc1cead5805031c3198317d28a610e
daff09c2eed6877d426f90bff5e7997c1f2d8123a0a3637fa5a7b1e2ac71f305

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/vim/asb/images/icon-lock-outline.svg HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://preprod.urban3a.fr/wp-content/vim/asb/css/style.min.css?v=2.1.0.3
Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0; IV_JCT=%2Fauth
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 08:22:54 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 19:04:46 GMT
ETag: "2b2052c-2f5-5e9ad515226eb"
Accept-Ranges: bytes
Content-Length: 757
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: image/svg+xml

preprod.urban3a.fr/wp-content/vim/asb/images/icon-information.svg

185.2.5.5

200 OK

2.2 kB

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/images/icon-information.svg
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1461), with CRLF line terminators
Size
2.2 kB (2229 bytes)
Hash
e4504595f05792a26fa03c3c8ba56274
259be4360789dc7e8a2e676311007eec13619be8
a073f4b5de1358710e099851f696b89975c2fdbdceb462f4d806903bc203be20

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/vim/asb/images/icon-information.svg HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://preprod.urban3a.fr/wp-content/vim/asb/css/style.min.css?v=2.1.0.3
Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0; IV_JCT=%2Fauth
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 08:22:54 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 19:04:46 GMT
ETag: "2b20535-8b5-5e9ad51522ad3"
Accept-Ranges: bytes
Content-Length: 2229
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: image/svg+xml

www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHumoUAAAAAM6d5MNFsuwIypIszPyRVVP0n_H0&co=aHR0cHM6Ly9vbmxpbmUuYXNiLmNvLm56OjQ0Mw..&hl=en&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=jwcd39bsvh49

142.250.74.164

200 OK

23 kB

URL HTTP/2
www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHumoUAAAAAM6d5MNFsuwIypIszPyRVVP0n_H0&co=aHR0cHM6Ly9vbmxpbmUuYXNiLmNvLm56OjQ0Mw..&hl=en&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=jwcd39bsvh49
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (35923)
Size
23 kB (23257 bytes)
Hash
657a6fa7bceaeff08723016cffaad3c7
e5dfd37598ed8fc5d723eef4a624b8adb95b3259
60794e8f7f84cbe82fe8d95fd471ed98b2a4389a7bb704de9183bfbb4d730a85

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LcHumoUAAAAAM6d5MNFsuwIypIszPyRVVP0n_H0&co=aHR0cHM6Ly9vbmxpbmUuYXNiLmNvLm56OjQ0Mw..&hl=en&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=jwcd39bsvh49 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://preprod.urban3a.fr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Sep 2022 08:22:54 GMT
content-security-policy: script-src 'nonce-7bVONrk7Z9FuJJIvH14rOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 23257
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:22:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:22:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:22:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css

142.250.74.163

200 OK

24 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (52762), with no line terminators
Size
24 kB (24251 bytes)
Hash
f2d649025c814be9c33f166a5e04fe88
26bf59de631415927ba2c6c9e44fe9c763f95313
f95ec963b7657097e1ef827fc07d96eda5b63f7d3e17b5a1b5eeb7a8d0b67921

HTTP Headers

GET /recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24251
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 09:42:59 GMT
expires: Wed, 27 Sep 2023 09:42:59 GMT
cache-control: public, max-age=31536000
age: 81595
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js

142.250.74.163

200 OK

158 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (579)
Size
158 kB (158056 bytes)
Hash
d63a69f898e1d00cfc7c871744ded8c4
e166540eccb571c95c8c1135c2168cf5df306991
ed7892ca1498d6dfc0ff8b354ab8c409eed81b1fa77b427467815d0c7f45021c

HTTP Headers

GET /recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 21:32:23 GMT
expires: Sat, 23 Sep 2023 21:32:23 GMT
cache-control: public, max-age=31536000
age: 384631
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 07:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 08:18:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jhE5wpem1OPUPUXeqhTOE3TrBS-Z0F_cdJSFE_hHQooX-GpjGGwhjQ==
Age: 3201

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:22:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 12:31:58 GMT
expires: Sun, 24 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 330656
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 00:48:31 GMT
expires: Sat, 23 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 459263
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6290
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:22:54 GMT
Last-Modified: Wed, 28 Sep 2022 06:38:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

preprod.urban3a.fr/wp-content/vim/asb/images/favicon.ico

185.2.5.5

200 OK

1.2 kB

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/images/favicon.ico
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
94faeb11167a1af44cc86615f4a8e4c3
641e42489d6a041a563b4c3ea433817a21516336
0bf2e60ac8fd621ab7245c2556188408735b26d5f5bf799ac35538d39e89006a

HTTP Headers

GET /wp-content/vim/asb/images/favicon.ico HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://preprod.urban3a.fr/wp-content/vim/asb/index.php
Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0; IV_JCT=%2Fauth
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 08:22:54 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 19:04:46 GMT
ETag: "2b20537-47e-5e9ad51522ad3"
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: image/x-icon

push.services.mozilla.com/

52.35.74.102

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.35.74.102:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9VH8fPR9KiGqDYCk4wgbeg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZaerXHKaG0a+gs4TA1xSAtAum0E=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12103
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 08:22:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12103
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 08:22:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12103
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 08:22:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12103
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 08:22:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8500 bytes)
Hash
6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 38038
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6721 bytes)
Hash
c4a66beda24621e812a929933c52025d
e951f6b11e473b68d2fdd95b822cef120d37b1eb
28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EbkbN72NJbDqfnJjnaUcitG0W6yk8vR__5zLvdidXuWqh7VQK2O8OA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:18:40 GMT
age: 36256
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5944 bytes)
Hash
1fa8cb4f4be5057788cd1a2a4d0e76d6
1aec1d67a36867bee8069a144fb1b0d95ff2cb54
5193131db8040ef254554d59109002ec7b8cfc2eab1e872b63e5f65db7cf5105

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5944
x-amzn-requestid: 040b4452-4120-4ae5-9ad2-c5b341abbb13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34BFdmIAMFmew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cff-103adde82b57535e4f3fb16a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: q03mXCSikJcsTBGqk1Xq7452EiDz4t9PFbp5Qj4xwobiFgqtPwGCBw==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:21:35 GMT
age: 36081
etag: "1aec1d67a36867bee8069a144fb1b0d95ff2cb54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7723c423-9c9b-4e58-93cc-7198e8ff6f62.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7359 bytes)
Hash
46dc8f1499f4de5f03bd87a68c3c6c7b
0cd28a243f9704140ccb9eb1415a77fcccc7cf87
3d7a5cdc0812857efabd7ab941aea6d6582790b86a9587809d222c0a8546262b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7723c423-9c9b-4e58-93cc-7198e8ff6f62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7359
x-amzn-requestid: 6e3123b2-ea7e-4e3e-8399-19a66d27923f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34CEYtIAMF01w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336d00-5995316c70da7a0c460ac432;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: t_uz9vKifWkMj014gCS83STU-fnM39a49_LB5By3j9NqLpqfl8tKSA==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:57:38 GMT
age: 37518
etag: "0cd28a243f9704140ccb9eb1415a77fcccc7cf87"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11314 bytes)
Hash
ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 38216
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14e2acf-9d43-48bc-ab80-1dc73fa7dfc8.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5377 bytes)
Hash
c301dff6ddda16fd64692c19173cfa8c
2afdfb716192540a61327137706462c53588bf23
fd0f33a778fec87dbfa323ffa6b24ca5f94aa16d102e62683ad54b759208058b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14e2acf-9d43-48bc-ab80-1dc73fa7dfc8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 28ddd5cd-c299-4b36-98be-b6dbeaadc1ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI4KRGo7oAMFUiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336d74-27ebe6e974ee5b7d06227fca;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TEv_Z7_1FsPBC2ugxBvTbts1ubHFeZjRhrSFAGt2liOt-Z5GQhmu-g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:28:53 GMT
age: 35643
etag: "2afdfb716192540a61327137706462c53588bf23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-regular.woff2

185.2.5.5

404 Not Found

19 kB

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-regular.woff2
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1835)
Size
19 kB (19323 bytes)
Hash
947ea06cdcc5fefbb167b8c657d35a4b
f39e84c0f1914fc89d7c7aa375515ff8eea7d093
f39b1a977426f4a12dc40a60c9a8bf3f8bb2caf28b6bcdd2107a274d1fa31e21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/vim/asb/css/fonts/overpass-regular.woff2 HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://preprod.urban3a.fr/wp-content/vim/asb/css/fonts.min.css?v=2.1.0.3
Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0; IV_JCT=%2Fauth
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 08:22:54 GMT
Server: Apache
X-Powered-By: PHP/7.3.9
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://preprod.urban3a.fr/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-extralight.woff2

185.2.5.5

404 Not Found

19 kB

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-extralight.woff2
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1835)
Size
19 kB (19323 bytes)
Hash
947ea06cdcc5fefbb167b8c657d35a4b
f39e84c0f1914fc89d7c7aa375515ff8eea7d093
f39b1a977426f4a12dc40a60c9a8bf3f8bb2caf28b6bcdd2107a274d1fa31e21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/vim/asb/css/fonts/overpass-extralight.woff2 HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://preprod.urban3a.fr/wp-content/vim/asb/css/fonts.min.css?v=2.1.0.3
Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0; IV_JCT=%2Fauth
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 08:22:54 GMT
Server: Apache
X-Powered-By: PHP/7.3.9
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://preprod.urban3a.fr/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-semibold.woff2

185.2.5.5

404 Not Found

19 kB

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-semibold.woff2
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1835)
Size
19 kB (19323 bytes)
Hash
947ea06cdcc5fefbb167b8c657d35a4b
f39e84c0f1914fc89d7c7aa375515ff8eea7d093
f39b1a977426f4a12dc40a60c9a8bf3f8bb2caf28b6bcdd2107a274d1fa31e21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/vim/asb/css/fonts/overpass-semibold.woff2 HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://preprod.urban3a.fr/wp-content/vim/asb/css/fonts.min.css?v=2.1.0.3
Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0; IV_JCT=%2Fauth
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 08:22:54 GMT
Server: Apache
X-Powered-By: PHP/7.3.9
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://preprod.urban3a.fr/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-regular.woff2

185.2.5.5

404 Not Found

19 kB

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-regular.woff2
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1835)
Size
19 kB (19323 bytes)
Hash
947ea06cdcc5fefbb167b8c657d35a4b
f39e84c0f1914fc89d7c7aa375515ff8eea7d093
f39b1a977426f4a12dc40a60c9a8bf3f8bb2caf28b6bcdd2107a274d1fa31e21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/vim/asb/css/fonts/overpass-regular.woff2 HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://preprod.urban3a.fr/wp-content/vim/asb/css/fonts.min.css?v=2.1.0.3
Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0; IV_JCT=%2Fauth
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 08:22:56 GMT
Server: Apache
X-Powered-By: PHP/7.3.9
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://preprod.urban3a.fr/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-regular.woff

185.2.5.5

404 Not Found

19 kB

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-regular.woff
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1835)
Size
19 kB (19323 bytes)
Hash
947ea06cdcc5fefbb167b8c657d35a4b
f39e84c0f1914fc89d7c7aa375515ff8eea7d093
f39b1a977426f4a12dc40a60c9a8bf3f8bb2caf28b6bcdd2107a274d1fa31e21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/vim/asb/css/fonts/overpass-regular.woff HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://preprod.urban3a.fr/wp-content/vim/asb/css/fonts.min.css?v=2.1.0.3
Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0; IV_JCT=%2Fauth
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 08:22:56 GMT
Server: Apache
X-Powered-By: PHP/7.3.9
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://preprod.urban3a.fr/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-extralight.woff

185.2.5.5

404 Not Found

19 kB

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-extralight.woff
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1835)
Size
19 kB (19323 bytes)
Hash
947ea06cdcc5fefbb167b8c657d35a4b
f39e84c0f1914fc89d7c7aa375515ff8eea7d093
f39b1a977426f4a12dc40a60c9a8bf3f8bb2caf28b6bcdd2107a274d1fa31e21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/vim/asb/css/fonts/overpass-extralight.woff HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://preprod.urban3a.fr/wp-content/vim/asb/css/fonts.min.css?v=2.1.0.3
Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0; IV_JCT=%2Fauth
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 08:22:57 GMT
Server: Apache
X-Powered-By: PHP/7.3.9
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://preprod.urban3a.fr/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-semibold.woff

185.2.5.5

404 Not Found

19 kB

URL HTTP/1.1
preprod.urban3a.fr/wp-content/vim/asb/css/fonts/overpass-semibold.woff
IP
185.2.5.5:0
ASN
#203461 Register S.p.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1835)
Size
19 kB (19323 bytes)
Hash
947ea06cdcc5fefbb167b8c657d35a4b
f39e84c0f1914fc89d7c7aa375515ff8eea7d093
f39b1a977426f4a12dc40a60c9a8bf3f8bb2caf28b6bcdd2107a274d1fa31e21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/vim/asb/css/fonts/overpass-semibold.woff HTTP/1.1
Host: preprod.urban3a.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://preprod.urban3a.fr/wp-content/vim/asb/css/fonts.min.css?v=2.1.0.3
Cookie: PHPSESSID=e9c2fe72cfa53a5ca9552a5bd3343ad0; IV_JCT=%2Fauth
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 08:22:57 GMT
Server: Apache
X-Powered-By: PHP/7.3.9
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://preprod.urban3a.fr/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (43)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP