| firefox.settings.services.mozilla.com/v1/ | 143.204.55.35 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashbdb8b66c705a7b996496d780f50c00b5 403ae92039fcc933870f51f913f78ccaf9652256 c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 18 Oct 2022 21:51:31 GMT
Expires: Tue, 18 Oct 2022 22:37:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gHdyTIAg5KP_tACO2wiYK64DwNNiRzmmTuVEWnC-HpT6KsAfh6b10w==
Age: 3077
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash10ab470535c002d333b4f27d38b51091 ed3b0850c5d75881de410f7e8ca35e012e38bd38 31d6655d048ec8a62e00125766fea65cde04beae0b11f12ce7f722c9a5f7e232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31D6655D048EC8A62E00125766FEA65CDE04BEAE0B11F12CE7F722C9A5F7E232"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9368
Expires: Wed, 19 Oct 2022 01:18:57 GMT
Date: Tue, 18 Oct 2022 22:42:49 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe05519b041815f59eabd8f9ebcb42794 19a72a669874195dbb9fea752ce3af97f31b128c 0b5a4f64e57c02f5150e155ad3467d6acf445ab04b13e815063cef74b927c35f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B5A4F64E57C02F5150E155AD3467D6ACF445AB04B13E815063CEF74B927C35F"
Last-Modified: Mon, 17 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19444
Expires: Wed, 19 Oct 2022 04:06:53 GMT
Date: Tue, 18 Oct 2022 22:42:49 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash533e1d53f291993ed5886f88a85c6e55 eb4396e8422f71168d32ac6ff3ef49496f625e62 0d1b73b2a228fe76bf14688e603741025a40803971e05570f873b28788334b33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D1B73B2A228FE76BF14688E603741025A40803971E05570F873B28788334B33"
Last-Modified: Mon, 17 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4847
Expires: Wed, 19 Oct 2022 00:03:36 GMT
Date: Tue, 18 Oct 2022 22:42:49 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: whIqzOvIjCxUzX5HRhRTeVnA2bl+utXzm35tylrj2nto7GPo43bI3QaDfHjY1ncvE1jP7u0jlXKj7tMJmFbqow==
x-amz-request-id: 8VYABZW71DG5QWPH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 18 Oct 2022 22:04:01 GMT
age: 2328
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/Small-logoSMART.png | 86.48.5.49 | 200 OK | 2.3 kB |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/Small-logoSMART.png IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
File typePNG image data, 225 x 225, 8-bit colormap, non-interlaced\012- data Hashc546c9a78e206d482076fae524cedbe5 d9ad14007be975fb477763f26ce653e332b56c70 dfcae6bf0ca22253e333881e0bf7eb42d14057eb00024a5bd19943b04cbb95ec
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/Small-logoSMART.png HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: image/png
content-length: 2347
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "62f13a74-92b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/dac.css | 86.48.5.49 | 200 OK | 437 B |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/dac.css IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
Hashc1124596b18d57508ee39db304da59d4 7cc5b65c9902ae98e82a1cf9a884f4fa3f9d2aeb 403448fd4658eddab6100cb7bcf32fdaf63f924f1181f17e7a12beae252d8506
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/dac.css HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: text/css
content-length: 437
x-accel-version: 0.01
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "303-5e5bd5a2c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/spi1.svg | 86.48.5.49 | 200 OK | 4.0 kB |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/spi1.svg IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
File typeSVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (4014), with no line terminators Hash9b3c39ed6edf582c7f571289b4dbc725 28abdf9efc2cf91ec83f48d29313de71198905c0 434c00e8f522092a173a70f7f6e95747cf8c2b75328bdf76c6ed1e4b2039cbbc
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/spi1.svg HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: image/svg+xml
content-length: 4024
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "62f13a74-fb8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/num_acces.svg | 86.48.5.49 | 200 OK | 6.4 kB |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/num_acces.svg IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
File typeSVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text Hash44f52f8bcf815b2a962c029c9fb41440 c8608e65a9b82d02ae133834543c28aecd103325 880cbec4f5672334414f9b979a09ad51f7158c92a694bbabfc8a83538c8e0e2e
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/num_acces.svg HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: image/svg+xml
content-length: 6414
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "62f13a74-190e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/rfr.svg | 86.48.5.49 | 200 OK | 13 kB |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/rfr.svg IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
File typeSVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text Hash3a1ecefe2e0d9605fe4d647902159cad 8586a81974bb58c1e17380b8d692bf468d1246cd 5ae03f34bdff7916f1dd42d760a41c0b5b939aafc3fc5e733bf6903b03421d94
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/rfr.svg HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: image/svg+xml
content-length: 13299
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "62f13a74-33f3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/logo-fc.svg | 86.48.5.49 | 200 OK | 14 kB |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/logo-fc.svg IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
File typeSVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators Hashf3c02532347779d974e702c09cf85019 9eec54318e9c5f892342b7c259c081dd88e6ea4b f38f88db94a67b5fcc8f90965a6623a509e35cb81b6b252f0c9d7fdd29ff1a88
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/logo-fc.svg HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: image/svg+xml
content-length: 13893
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "62f13a74-3645"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/spi.svg | 86.48.5.49 | 200 OK | 5.5 kB |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/spi.svg IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
File typeSVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text Hash0d59ec026a9708271caca148c56959df 02cc9a6887e9ca7ac69729d499813436157546a4 2be11b4cf348ebdb13674d8cf0d1938df9c71f0f64fb0fb70fa08ed40830f684
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/spi.svg HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: image/svg+xml
content-length: 5485
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "62f13a74-156d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/franceConnect.js | 86.48.5.49 | 200 OK | 126 B |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/franceConnect.js IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
Hashb3ef4b26432540c106ccc9f1ab2b160b 16d0bc9778928680b7799f9586371a2bebf4ee1b 6a6155c324c6abe7a8d61e6ea05d568c8fe6165040b13c33381c5b5a193b758c
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/franceConnect.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
content-length: 126
x-accel-version: 0.01
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "9f-5e5bd5a2c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/urls.js | 86.48.5.49 | 200 OK | 248 B |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/urls.js IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
Hash625b7f89f3ad3c97aa756d0c045119e3 d477e4cb09b38d10d7abaa173b8ed29107ae2fae 6d6fbb7e00363a9383061138d53f4370db341c045dd78d8042d0e6a99eea240c
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/urls.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
content-length: 248
x-accel-version: 0.01
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "23b-5e5bd5a2c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/configuration.js | 86.48.5.49 | 200 OK | 467 B |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/configuration.js IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
Hash709b8a900edb0a69a1125948bdf0fa93 b70b409ea436a3508143cee402e2cdbf1d5bfc3b b58c04266cb0744519eb7d15a287045cfa59ea34cc3a62ce71c602750d24e822
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/configuration.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
content-length: 467
x-accel-version: 0.01
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "3a1-5e5bd5a2c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/auth2019v3.js | 86.48.5.49 | 200 OK | 31 kB |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/auth2019v3.js IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
File typeUnicode text, UTF-8 text, with very long lines (327) Hash775fdc4cfe94ba92e42e434dac667d57 de29f59397223760704754dfd456afe58648def6 7a90f1aed07b396a305b349431cfb27b2536578748b2a3084e6b9212fe8dc999
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/auth2019v3.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-13192"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.usertrust.com/ | 172.64.155.188 | 200 OK | 2.2 kB |
IP172.64.155.188:0
Hashf8e83de170e896c45e1822a6b9a9d968 c979e58a9d15d1f01b4622acbdfb04583d20998a aaf289c44960ee7f0f5d97733900849e4702b38eada29d722a2b485f9d047937
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 22:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 22:12:16 GMT
Expires: Sat, 22 Oct 2022 22:12:15 GMT
Etag: "c979e58a9d15d1f01b4622acbdfb04583d20998a"
Cache-Control: max-age=603064,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1157
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c4ca13dc9b0b4d-OSL
|
|
| ocsp.usertrust.com/ | 172.64.155.188 | 200 OK | 2.2 kB |
IP172.64.155.188:0
Hashf8e83de170e896c45e1822a6b9a9d968 c979e58a9d15d1f01b4622acbdfb04583d20998a aaf289c44960ee7f0f5d97733900849e4702b38eada29d722a2b485f9d047937
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 22:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 22:12:16 GMT
Expires: Sat, 22 Oct 2022 22:12:15 GMT
Etag: "c979e58a9d15d1f01b4622acbdfb04583d20998a"
Cache-Control: max-age=603064,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1157
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c4ca13d9bc1c0e-OSL
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/jquery.details.js | 86.48.5.49 | 200 OK | 1.3 kB |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/jquery.details.js IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
File typeASCII text, with very long lines (1908) Hash378ea03656d813578d29160834846571 650810a577d64b5b23f4abefdd5c1a6a67597024 b2b1cd0f97788e7f15a9550ce7a1c4aaec98f1dc7316407850dc1c0165b0dedc
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/jquery.details.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-7d0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cfspart.impots.gouv.fr/templates/images/bloc-marque.svg | 145.242.11.27 | 200 OK | 5.7 kB |
URL HTTP/1.1cfspart.impots.gouv.fr/templates/images/bloc-marque.svg IP145.242.11.27:0
File typeSVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (17928), with no line terminators Hash542e90e968e808958f23740d028bf385 21df8fb442714890c2d45d889692e8168fa47486 c9c4a16bfc62ca1cb83c8e7704e49f1710c736bd89f54078e5304570d179aaba
GET /templates/images/bloc-marque.svg HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 22:42:49 GMT
Server: Apache
Last-Modified: Thu, 11 Mar 2021 07:17:24 GMT
ETag: "419fe-4608-5bd3d9338d9a7"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx033
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 5743
Age: 608
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 472 B |
IP104.18.32.68:0
Hash6a101fb80f342a51e31b00aab2a268f8 8c441ff51d8b3250347ccc2b040799b5cc1071ed e1ea09000eca802135e944e9fe3cfc0ebe3906850e430971c06a61b4467e844d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 22:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 18:59:05 GMT
Expires: Mon, 24 Oct 2022 18:59:04 GMT
Etag: "8c441ff51d8b3250347ccc2b040799b5cc1071ed"
Cache-Control: max-age=504374,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75c4ca13ed9db503-OSL
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.35 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 18 Oct 2022 21:43:40 GMT
Cache-Control: max-age=3600
Expires: Tue, 18 Oct 2022 21:54:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Cq83EyjzcNb91nfLODqEFAFGqR0YRe9lrnNt8I3_36u_goLObxFpJg==
Age: 3549
|
|
| cfspart.impots.gouv.fr/templates/images/logo_impots.svg | 145.242.11.27 | 200 OK | 1.3 kB |
URL HTTP/1.1cfspart.impots.gouv.fr/templates/images/logo_impots.svg IP145.242.11.27:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3344), with no line terminators Hash06c5a27ab846e65558b2994b38989c29 4961fc7074a2750dd4ddb0914ef9d28045cbf949 efc7ede915c6c97c167e293ae4488dcba99c37d6a4dafc4aa1ca543f0fcd0623
GET /templates/images/logo_impots.svg HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 22:42:49 GMT
Server: Apache
Last-Modified: Thu, 11 Mar 2021 07:17:24 GMT
ETag: "419fd-d10-5bd3d93377dff"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx033
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 1340
Age: 609
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashc9b278637bdca251f78b46e4a0850473 a48fe5095fc27af1c6b6628149d9e8f655295621 eea38f271e134a85a7b586631a8831888ab81f0edb33120b26bd35cdfa032e52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5456
Cache-Control: max-age=125691
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 22:42:50 GMT
Etag: "634e5e95-1d7"
Expires: Thu, 20 Oct 2022 09:37:41 GMT
Last-Modified: Tue, 18 Oct 2022 08:06:45 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/bootstrap.min.css | 86.48.5.49 | 200 OK | 16 kB |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/bootstrap.min.css IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
File typeASCII text, with very long lines (64976) Hash6b3b57e599ac194202b2dde78368b8a9 2b8fa5456011674faaebfa03492cec73d7a281af a6e06f93f76ce4f811f7db6b4510fa189ee4d70d94b386a368f75bcbfbe5775c
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/bootstrap.min.css HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: text/css
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-1a442"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.impots.gouv.fr/themes/custom/pus_inea/favicon.ico | 152.199.19.61 | 200 OK | 1.2 kB |
URL HTTP/2www.impots.gouv.fr/themes/custom/pus_inea/favicon.ico IP152.199.19.61:0
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Hash4c2c39d7cb584994b956b7001fc462e1 82c00353c1ca67d925e65fd6022cd0ccbc0f5c3c 99af879888a29feeec095725f74e18cd070de29e7f1b4a35f20746fa45382c21
GET /themes/custom/pus_inea/favicon.ico HTTP/1.1
Host: www.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes, bytes
age: 0
cache-control: must-revalidate
content-type: image/vnd.microsoft.icon
date: Tue, 18 Oct 2022 22:42:50 GMT
expires: Thu, 1 Jan 1970 00:00:00 GMT
pragma: no-cache
server: ECAcc (ska/F7A3)
strict-transport-security: max-age=34560000; includeSubDomains
x-content-type-options: nosniff
content-length: 1150
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 44.237.239.70 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.237.239.70:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3ztqz0rwfa+X69Gi3pG7zA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LcI0IKBD4mnpXTucEFvnAHQFvo4=
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/bootstrap.min.js | 86.48.5.49 | 200 OK | 9.1 kB |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/bootstrap.min.js IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
File typeASCII text, with very long lines (32002) Hashd884c9508c35dfff9cdcda95a252e0c9 41e744fe613b961307f02ded3eb4ac6b497e5428 c84a9af0e384c98a54de536658b51cfdd78bacd293823604d8d2f7699b2e91db
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/bootstrap.min.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-8208"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/messages.js | 86.48.5.49 | 200 OK | 3.3 kB |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/messages.js IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
Hasha6e20741b2b92490c6747fb62a00cef5 82e8c593796dd70430eccb89cfa3f62831e2386d 7f37749aa5f177dbdc568f02716d883a96e5c4b5088c0e1d374fffa7180f5291
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/messages.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-2a2f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0fcfa6b657f8e34f9eeaf49d51ccbc73 e508c6dbaaa34541005d8307a48f17a724471048 af4ef3ecc726fe0cd395a395a8449b985991df26ccdabc67eddd22c70eb78a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF4EF3ECC726FE0CD395A395A8449B985991DF26CCDABC67EDDD22C70EB78A1E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12177
Expires: Wed, 19 Oct 2022 02:05:48 GMT
Date: Tue, 18 Oct 2022 22:42:51 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ee9fc2-069f-4d47-8dc4-92164338568f.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ee9fc2-069f-4d47-8dc4-92164338568f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4fbdd9eb79e636b5543f5e46fe04ea31 20c5fb32a63d98075777829cc363785e2f4ffed2 6596cd730a0caaa9d1a997153fad51e9f958c6cae6916c27e0b6b4f2a512e0ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ee9fc2-069f-4d47-8dc4-92164338568f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8047
x-amzn-requestid: 365880af-3731-4bb2-b90c-9cb4fa442e66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aBsM-E9zoAMFvwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634a271f-2cc91f8e54a08ce06255bc6b;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 03:21:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dLx9u0nMlvSa7w38t4ueu2B-fxGljKvJtRLD6cc3da5ub9Rc0J3-IA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:55:51 GMT
age: 2820
etag: "20c5fb32a63d98075777829cc363785e2f4ffed2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87514736-0d8f-4476-92ba-b15762c98332.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87514736-0d8f-4476-92ba-b15762c98332.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7cf86d59e28da601117810faf66d57c4 7ea3dc5cec73e3003430fd4ecfd0b5eb58a4d513 2dc2bfcbd1ae97396ee2f95c436d48b27b056a2922b9415329e34144a5950472
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87514736-0d8f-4476-92ba-b15762c98332.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8696
x-amzn-requestid: 8a14fadf-4f6f-4dca-9d39-75d89cbf9a4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z1CmlEKeIAMFUWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634517c3-6d1f242d2dd574235f570b87;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 07:14:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MMfbWp_ZrEOesN9JUmg1PM_I_ivUbd0E3Qt5B1KhzN5svIIDbhPuKA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 06:57:52 GMT
age: 56699
etag: "7ea3dc5cec73e3003430fd4ecfd0b5eb58a4d513"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87d6cfa7-6d1f-40ca-bf2d-507a8fffc5dd.jpeg | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87d6cfa7-6d1f-40ca-bf2d-507a8fffc5dd.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash34233831dc5c15001753b8bcc03382b0 00790fcdc95ebb458a67c1de32fbb58039795d81 a63d7d3ff74534fa2edfef6aae76074b228fdd3966917903176d897e7ea1e1c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87d6cfa7-6d1f-40ca-bf2d-507a8fffc5dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7749
x-amzn-requestid: 389e9ef8-8bf4-4aa4-9255-e71f64442dd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aBq4FFKioAMFoOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634a2500-307d1b4103e58eb400cdc6bc;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 03:12:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CSmVVhHYJ0HW3D61Xse0jsVoDBqKGx-scT6Vno55Ld8x3aK5gDU41w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 05:06:33 GMT
age: 63378
etag: "00790fcdc95ebb458a67c1de32fbb58039795d81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc809406-f843-4494-9a76-eab77bec4daa.jpeg | 34.120.237.76 | 200 OK | 35 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc809406-f843-4494-9a76-eab77bec4daa.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb683fafb36238c7da6be76247f60600b e975f7a307a970ab45b03f861fd7d875ec66028d b65fa7f3e7e0d999ebdfc1a4beb74e21221e4ceabd9e57ed0af6ab4560e12fdd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc809406-f843-4494-9a76-eab77bec4daa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 35276
x-amzn-requestid: 6e8a79ad-d0f3-4290-a1ed-ef9b1239f193
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aOFApGzbIAMFRGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f1b9d-65cf1b926ab122b1716a2983;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 21:33:17 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hPbTIgByMSbi22qlqk74Vk8h6AWf5DxSWDZHjew5y-RHl6X0uRu_wQ==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:42:49 GMT
age: 3602
etag: "e975f7a307a970ab45b03f861fd7d875ec66028d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b5a91b4-f537-421e-8b13-62843ad940ad.jpeg | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b5a91b4-f537-421e-8b13-62843ad940ad.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash92a90f3b620eabc7ed15fa14182ab0d1 2250764fd089f9b34180ef5cfd20dc3486261107 40ffc2e0b243630aba041940aa239c82720057525b9591399c4cfcefa3509b56
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b5a91b4-f537-421e-8b13-62843ad940ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7702
x-amzn-requestid: 8fa4e14b-317b-4ca8-9a32-52e58f493a69
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aBsM-EUEIAMF8Sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634a271f-07a02fd8190b163d50ebb5c4;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 03:21:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TzOjtmvdmf1X8EeDJiOHrqZ6Lafujfzhpk-rqtx29F_3y_EyvL-nxQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 07:55:33 GMT
age: 53238
etag: "2250764fd089f9b34180ef5cfd20dc3486261107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F194b4740-96c9-4288-beb4-2bb6b10771b1.jpeg | 34.120.237.76 | 200 OK | 4.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F194b4740-96c9-4288-beb4-2bb6b10771b1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8b18cc36d516d20449dbba4fa894e898 40f6c41e0259a820bec12e31c6e650fd6c5dea57 1202e14ec5edc289d0be7b7f9d8538b9bc23a35f4ede6eae39179a61f6128bb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F194b4740-96c9-4288-beb4-2bb6b10771b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4044
x-amzn-requestid: 08cb82b3-386b-4d87-b11c-ab7c4c66173b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aOFFWEDjIAMF5jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f1bbb-4d516cbb74baf2a0228f8cbe;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 21:33:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4gPxIb8DzdibfZ-TsuJIDW7YYeeMvz5vpXrp4wsUenEzjEHnRn7yzg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:56:09 GMT
age: 2802
etag: "40f6c41e0259a820bec12e31c6e650fd6c5dea57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/jquery.min.js | 86.48.5.49 | 200 OK | 0 B |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/jquery.min.js IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/jquery.min.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-14e4a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/mire.css | 86.48.5.49 | 200 OK | 0 B |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/mire.css IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/mire.css HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: text/css
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-ab7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.impots.gouv.fr/sites/all/themes/impotsgouv/images/favicon/favicon-152.png | 152.199.19.61 | 404 Not Found | 0 B |
URL HTTP/2www.impots.gouv.fr/sites/all/themes/impotsgouv/images/favicon/favicon-152.png IP152.199.19.61:0
GET /sites/all/themes/impotsgouv/images/favicon/favicon-152.png HTTP/1.1
Host: www.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://impot-refgouv.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
age: 0
cache-control: must-revalidate
content-language: fr
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 22:42:50 GMT
expires: Tue, 18 Oct 2022 22:43:50 GMT
from-origin: same
permissions-policy: interest-cohort=()
server: ECAcc (ska/F737)
strict-transport-security: max-age=34560000; includeSubDomains
x-content-type-options: nosniff, nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/commun.css | 86.48.5.49 | 200 OK | 0 B |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/commun.css IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/commun.css HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: text/css
last-modified: Mon, 08 Aug 2022 16:51:36 GMT
etag: W/"62f13f18-168c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification_files/idContact.js | 86.48.5.49 | 200 OK | 0 B |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification_files/idContact.js IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification_files/idContact.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-b4f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| impot-refgouv.fr/Particuliers%20authentification.html | 86.48.5.49 | 200 OK | 0 B |
URL HTTP/2impot-refgouv.fr/Particuliers%20authentification.html IP86.48.5.49:0 ASN#16095 Sentia Denmark A/S
Analyzer | Verdict | Alert | openphish | DGI (French Tax Authority) | |
GET /Particuliers%20authentification.html HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: text/html
last-modified: Mon, 08 Aug 2022 19:44:54 GMT
etag: W/"62f167b6-fd38"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|