Report - impot-refgouv.fr/Particuliers%20authentification.html

Report Overview

Submitted URL
impot-refgouv.fr/Particuliers%20authentification.html
IP
86.48.5.49
ASN
#16095 Sentia Denmark A/S
Submitted
2022-10-18 22:42:59
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
40

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.35
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-09T05:11:35Z	660 B	5.6 kB	172.64.155.188
cfspart.impots.gouv.fr	643420	2017-02-05T08:17:33Z	2023-03-09T08:42:38Z	800 B	8.8 kB	145.242.11.27
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	44.237.239.70
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	329 B	797 B	93.184.220.29
www.impots.gouv.fr	309898	2012-05-22T21:51:58Z	2023-03-09T04:49:23Z	834 B	2.0 kB	152.199.19.61
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	78 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	1.3 kB	3.5 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
impot-refgouv.fr	unknown	2022-10-17T12:50:25Z	2022-10-21T00:27:46Z	9.1 kB	114 kB	86.48.5.49
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-09T11:25:06Z	328 B	964 B	104.18.32.68

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/	DGI (French Tax Authority)
2022-10-18	medium	impot-refgouv.fr/Particuliers%20authentification.html	DGI (French Tax Authority)

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	impot-refgouv.fr/Particuliers%20authentification_files/idContact.js	2.9 kB	2023-03-10	2023-07-10
Pretty URL impot-refgouv.fr/Particuliers%20authentification_files/idContact.js IP 86.48.5.49 ASN #16095 Sentia Denmark A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:21:52 Last Seen2023-07-10 14:26:01 Times Seen6 Hash 400b09b4614f5e155cedf93878ee5f01 dd7abac86569f9e0d637dedb878d14a03f9445aa 1e05d5d23b8124c5e60353c518fcb3cf37761fe10084cd71a4fab125896ace03 Loading...

	impot-refgouv.fr/Particuliers%20authentification.html	378 B	2023-03-10	2024-03-28
Pretty URL impot-refgouv.fr/Particuliers%20authentification.html IP 86.48.5.49 ASN #16095 Sentia Denmark A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:21:51 Last Seen2024-03-28 09:34:05 Times Seen13 Hash 261afa5a07c74c5521e5401d1a1a61a8 23afee32ac8d997bbec2ae00c01ca164d0cc5be5 1404908be4474920b88a871ade204f65810a38284a542640168f9357cd23ec91 Loading...

	impot-refgouv.fr/Particuliers%20authentification.html	3.4 kB	2023-03-10	2024-03-28
Pretty URL impot-refgouv.fr/Particuliers%20authentification.html IP 86.48.5.49 ASN #16095 Sentia Denmark A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:21:52 Last Seen2024-03-28 09:34:06 Times Seen7 Hash c4756770f81107117ae92a536be3f035 5872bfb2f1db604ca14b646d8895828af4241226 6f251a4d393a6039f377bd10be986fbc3606ad7ec8c40a74149c68f2bbd9edf4 Loading...

	impot-refgouv.fr/Particuliers%20authentification_files/messages.js	11 kB	2023-03-10	2023-07-10
Pretty URL impot-refgouv.fr/Particuliers%20authentification_files/messages.js IP 86.48.5.49 ASN #16095 Sentia Denmark A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:21:52 Last Seen2023-07-10 14:26:01 Times Seen4 Hash 519781c30e8b8eb9d60e362a8bf1b2cf 208f3355b99c429db6b345bba9ac90301f85d1aa cb758b225db6df1261ad6f18ebfe1a6baee7e2b40d82129dc410ec93be60905f Loading...

	impot-refgouv.fr/Particuliers%20authentification_files/jquery.min.js	86 kB	2023-03-07	2024-04-26
Pretty URL impot-refgouv.fr/Particuliers%20authentification_files/jquery.min.js IP 86.48.5.49 ASN #16095 Sentia Denmark A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 15:25:47 Times Seen384786 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	impot-refgouv.fr/Particuliers%20authentification_files/configuration.js	929 B	2023-03-10	2024-03-28
Pretty URL impot-refgouv.fr/Particuliers%20authentification_files/configuration.js IP 86.48.5.49 ASN #16095 Sentia Denmark A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:21:51 Last Seen2024-03-28 09:34:06 Times Seen20 Hash c1655b8bff588e7b1659d10f21233639 fdbe3771ea4dd5e17cdca41c991b2585a2b78ab4 64a83804a787c8b6c4ee5b82936a842d7d2b96355d891f1d02863bc26a2deed5 Loading...

	impot-refgouv.fr/Particuliers%20authentification.html	245 B	2023-03-10	2023-04-20
Pretty URL impot-refgouv.fr/Particuliers%20authentification.html IP 86.48.5.49 ASN #16095 Sentia Denmark A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:21:52 Last Seen2023-04-20 19:52:51 Times Seen4 Hash 00e775e7300d60fc639fdab15077689f c4a000d8ae4e1f01cc5bfb7f169304c5977fd849 b8fd0116e6433565676dcd682e7d22fd5a3cfaa3b08153af19dced3c02dda7a7 Loading...

	impot-refgouv.fr/Particuliers%20authentification_files/auth2019v3.js	78 kB	2023-03-10	2023-07-10
Pretty URL impot-refgouv.fr/Particuliers%20authentification_files/auth2019v3.js IP 86.48.5.49 ASN #16095 Sentia Denmark A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:21:52 Last Seen2023-07-10 14:26:01 Times Seen6 Hash c19d3725bbc5aea6a6602b2643bd3d81 d2ca7bab66389a0adbf404f9acb8b376215c369d cebd29406aab268faf80e6cefc58c418ce4e3dfecd57a45a95d2d7d3d0df508b Loading...

	impot-refgouv.fr/Particuliers%20authentification_files/urls.js	571 B	2023-03-10	2024-03-28
Pretty URL impot-refgouv.fr/Particuliers%20authentification_files/urls.js IP 86.48.5.49 ASN #16095 Sentia Denmark A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:21:52 Last Seen2024-03-28 09:34:06 Times Seen19 Hash 0490574b4f675f9ceceafc8ec5aee4c6 ed0fe52a6382c698e9ca870363e58ab1e6dc7ca5 f9d32f35707df52561a55b4649691ba45a3b1d638ffbfdaf514d3c7b1751c49d Loading...

	impot-refgouv.fr/Particuliers%20authentification_files/franceConnect.js	159 B	2023-03-10	2024-04-22
Pretty URL impot-refgouv.fr/Particuliers%20authentification_files/franceConnect.js IP 86.48.5.49 ASN #16095 Sentia Denmark A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:21:52 Last Seen2024-04-22 18:38:32 Times Seen23 Hash e1bdb29090bf90479997b5eabda963f2 dc88d844892f8b51970e31d8815689e7aa014cc1 dc35e548f9f5cdddeb342e5663624a19cf8f4df71260d362b92d5bc620fbdaba Loading...

	impot-refgouv.fr/Particuliers%20authentification_files/jquery.details.js	2.0 kB	2023-03-07	2024-04-22
Pretty URL impot-refgouv.fr/Particuliers%20authentification_files/jquery.details.js IP 86.48.5.49 ASN #16095 Sentia Denmark A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:12:23 Last Seen2024-04-22 18:38:32 Times Seen27 Hash c10f732cb103ddc9eecf769ec9f1a47c 9afe5279c4b275ff6d7e5215c2bb3c45a67a4a82 07a4d78d858bb93b3220fd4af3f599035ea5e4f932bfb53b1196ee328116c5b9 Loading...

	impot-refgouv.fr/Particuliers%20authentification.html	203 B	2023-03-07	2024-03-28
Pretty URL impot-refgouv.fr/Particuliers%20authentification.html IP 86.48.5.49 ASN #16095 Sentia Denmark A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:12:23 Last Seen2024-03-28 09:34:05 Times Seen15 Hash c9981a84f05f4afd70ac9c8b85b7ec1d b4d414b7e7756bb56fef68a6e653b6749214ef25 9d60a744fd0b3b22692f26c8e530db39da71e0ff64091d48b6bcc22daca35033 Loading...

	impot-refgouv.fr/Particuliers%20authentification.html	442 B	2023-03-10	2023-04-20
Pretty URL impot-refgouv.fr/Particuliers%20authentification.html IP 86.48.5.49 ASN #16095 Sentia Denmark A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:21:52 Last Seen2023-04-20 19:52:51 Times Seen4 Hash 3d1909828d6029a73c8bcedba0282454 1dbb7e44553bd11a5677a18769a8e0769756f6e1 8aafc2808376214be95410902722ac2676034e4182793879bfc2bf9714b9d418 Loading...

	impot-refgouv.fr/Particuliers%20authentification.html	6.4 kB	2023-03-10	2024-03-28
Pretty URL impot-refgouv.fr/Particuliers%20authentification.html IP 86.48.5.49 ASN #16095 Sentia Denmark A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:21:52 Last Seen2024-03-28 09:34:05 Times Seen10 Hash 04b82ade9306ff68376d389b01720848 53528573f631acb337de8b2ff741161357ed3d5e 3016659e468dc24394c1452d011ec444b9b7df4db62043469d2e00bba433852a Loading...

HTTP Transactions (43)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 18 Oct 2022 21:51:31 GMT
Expires: Tue, 18 Oct 2022 22:37:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gHdyTIAg5KP_tACO2wiYK64DwNNiRzmmTuVEWnC-HpT6KsAfh6b10w==
Age: 3077

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
10ab470535c002d333b4f27d38b51091
ed3b0850c5d75881de410f7e8ca35e012e38bd38
31d6655d048ec8a62e00125766fea65cde04beae0b11f12ce7f722c9a5f7e232

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31D6655D048EC8A62E00125766FEA65CDE04BEAE0B11F12CE7F722C9A5F7E232"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9368
Expires: Wed, 19 Oct 2022 01:18:57 GMT
Date: Tue, 18 Oct 2022 22:42:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e05519b041815f59eabd8f9ebcb42794
19a72a669874195dbb9fea752ce3af97f31b128c
0b5a4f64e57c02f5150e155ad3467d6acf445ab04b13e815063cef74b927c35f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B5A4F64E57C02F5150E155AD3467D6ACF445AB04B13E815063CEF74B927C35F"
Last-Modified: Mon, 17 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19444
Expires: Wed, 19 Oct 2022 04:06:53 GMT
Date: Tue, 18 Oct 2022 22:42:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
533e1d53f291993ed5886f88a85c6e55
eb4396e8422f71168d32ac6ff3ef49496f625e62
0d1b73b2a228fe76bf14688e603741025a40803971e05570f873b28788334b33

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D1B73B2A228FE76BF14688E603741025A40803971E05570F873B28788334B33"
Last-Modified: Mon, 17 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4847
Expires: Wed, 19 Oct 2022 00:03:36 GMT
Date: Tue, 18 Oct 2022 22:42:49 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: whIqzOvIjCxUzX5HRhRTeVnA2bl+utXzm35tylrj2nto7GPo43bI3QaDfHjY1ncvE1jP7u0jlXKj7tMJmFbqow==
x-amz-request-id: 8VYABZW71DG5QWPH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 18 Oct 2022 22:04:01 GMT
age: 2328
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/Small-logoSMART.png

86.48.5.49

200 OK

2.3 kB

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/Small-logoSMART.png
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
PNG image data, 225 x 225, 8-bit colormap, non-interlaced\012- data
Size
2.3 kB (2347 bytes)
Hash
c546c9a78e206d482076fae524cedbe5
d9ad14007be975fb477763f26ce653e332b56c70
dfcae6bf0ca22253e333881e0bf7eb42d14057eb00024a5bd19943b04cbb95ec

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/Small-logoSMART.png HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: image/png
content-length: 2347
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "62f13a74-92b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/dac.css

86.48.5.49

200 OK

437 B

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/dac.css
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
ASCII text
Size
437 B (437 bytes)
Hash
c1124596b18d57508ee39db304da59d4
7cc5b65c9902ae98e82a1cf9a884f4fa3f9d2aeb
403448fd4658eddab6100cb7bcf32fdaf63f924f1181f17e7a12beae252d8506

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/dac.css HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: text/css
content-length: 437
x-accel-version: 0.01
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "303-5e5bd5a2c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/spi1.svg

86.48.5.49

200 OK

4.0 kB

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/spi1.svg
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (4014), with no line terminators
Size
4.0 kB (4024 bytes)
Hash
9b3c39ed6edf582c7f571289b4dbc725
28abdf9efc2cf91ec83f48d29313de71198905c0
434c00e8f522092a173a70f7f6e95747cf8c2b75328bdf76c6ed1e4b2039cbbc

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/spi1.svg HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: image/svg+xml
content-length: 4024
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "62f13a74-fb8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/num_acces.svg

86.48.5.49

200 OK

6.4 kB

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/num_acces.svg
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text
Size
6.4 kB (6414 bytes)
Hash
44f52f8bcf815b2a962c029c9fb41440
c8608e65a9b82d02ae133834543c28aecd103325
880cbec4f5672334414f9b979a09ad51f7158c92a694bbabfc8a83538c8e0e2e

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/num_acces.svg HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: image/svg+xml
content-length: 6414
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "62f13a74-190e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/rfr.svg

86.48.5.49

200 OK

13 kB

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/rfr.svg
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text
Size
13 kB (13299 bytes)
Hash
3a1ecefe2e0d9605fe4d647902159cad
8586a81974bb58c1e17380b8d692bf468d1246cd
5ae03f34bdff7916f1dd42d760a41c0b5b939aafc3fc5e733bf6903b03421d94

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/rfr.svg HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: image/svg+xml
content-length: 13299
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "62f13a74-33f3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/logo-fc.svg

86.48.5.49

200 OK

14 kB

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/logo-fc.svg
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
14 kB (13893 bytes)
Hash
f3c02532347779d974e702c09cf85019
9eec54318e9c5f892342b7c259c081dd88e6ea4b
f38f88db94a67b5fcc8f90965a6623a509e35cb81b6b252f0c9d7fdd29ff1a88

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/logo-fc.svg HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: image/svg+xml
content-length: 13893
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "62f13a74-3645"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/spi.svg

86.48.5.49

200 OK

5.5 kB

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/spi.svg
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text
Size
5.5 kB (5485 bytes)
Hash
0d59ec026a9708271caca148c56959df
02cc9a6887e9ca7ac69729d499813436157546a4
2be11b4cf348ebdb13674d8cf0d1938df9c71f0f64fb0fb70fa08ed40830f684

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/spi.svg HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: image/svg+xml
content-length: 5485
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "62f13a74-156d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/franceConnect.js

86.48.5.49

200 OK

126 B

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/franceConnect.js
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
ASCII text
Size
126 B (126 bytes)
Hash
b3ef4b26432540c106ccc9f1ab2b160b
16d0bc9778928680b7799f9586371a2bebf4ee1b
6a6155c324c6abe7a8d61e6ea05d568c8fe6165040b13c33381c5b5a193b758c

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/franceConnect.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
content-length: 126
x-accel-version: 0.01
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "9f-5e5bd5a2c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/urls.js

86.48.5.49

200 OK

248 B

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/urls.js
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
ASCII text
Size
248 B (248 bytes)
Hash
625b7f89f3ad3c97aa756d0c045119e3
d477e4cb09b38d10d7abaa173b8ed29107ae2fae
6d6fbb7e00363a9383061138d53f4370db341c045dd78d8042d0e6a99eea240c

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/urls.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
content-length: 248
x-accel-version: 0.01
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "23b-5e5bd5a2c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/configuration.js

86.48.5.49

200 OK

467 B

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/configuration.js
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
ASCII text
Size
467 B (467 bytes)
Hash
709b8a900edb0a69a1125948bdf0fa93
b70b409ea436a3508143cee402e2cdbf1d5bfc3b
b58c04266cb0744519eb7d15a287045cfa59ea34cc3a62ce71c602750d24e822

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/configuration.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
content-length: 467
x-accel-version: 0.01
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: "3a1-5e5bd5a2c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/auth2019v3.js

86.48.5.49

200 OK

31 kB

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/auth2019v3.js
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
Unicode text, UTF-8 text, with very long lines (327)
Size
31 kB (31396 bytes)
Hash
775fdc4cfe94ba92e42e434dac667d57
de29f59397223760704754dfd456afe58648def6
7a90f1aed07b396a305b349431cfb27b2536578748b2a3084e6b9212fe8dc999

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/auth2019v3.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-13192"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ocsp.usertrust.com/

172.64.155.188

200 OK

2.2 kB

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.2 kB (2236 bytes)
Hash
f8e83de170e896c45e1822a6b9a9d968
c979e58a9d15d1f01b4622acbdfb04583d20998a
aaf289c44960ee7f0f5d97733900849e4702b38eada29d722a2b485f9d047937

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 22:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 22:12:16 GMT
Expires: Sat, 22 Oct 2022 22:12:15 GMT
Etag: "c979e58a9d15d1f01b4622acbdfb04583d20998a"
Cache-Control: max-age=603064,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1157
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c4ca13dc9b0b4d-OSL

ocsp.usertrust.com/

172.64.155.188

200 OK

2.2 kB

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.2 kB (2236 bytes)
Hash
f8e83de170e896c45e1822a6b9a9d968
c979e58a9d15d1f01b4622acbdfb04583d20998a
aaf289c44960ee7f0f5d97733900849e4702b38eada29d722a2b485f9d047937

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 22:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 22:12:16 GMT
Expires: Sat, 22 Oct 2022 22:12:15 GMT
Etag: "c979e58a9d15d1f01b4622acbdfb04583d20998a"
Cache-Control: max-age=603064,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1157
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c4ca13d9bc1c0e-OSL

impot-refgouv.fr/Particuliers%20authentification_files/jquery.details.js

86.48.5.49

200 OK

1.3 kB

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/jquery.details.js
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
ASCII text, with very long lines (1908)
Size
1.3 kB (1293 bytes)
Hash
378ea03656d813578d29160834846571
650810a577d64b5b23f4abefdd5c1a6a67597024
b2b1cd0f97788e7f15a9550ce7a1c4aaec98f1dc7316407850dc1c0165b0dedc

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/jquery.details.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-7d0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cfspart.impots.gouv.fr/templates/images/bloc-marque.svg

145.242.11.27

200 OK

5.7 kB

URL HTTP/1.1
cfspart.impots.gouv.fr/templates/images/bloc-marque.svg
IP
145.242.11.27:0
ASN
#3215 Orange

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (17928), with no line terminators
Size
5.7 kB (5743 bytes)
Hash
542e90e968e808958f23740d028bf385
21df8fb442714890c2d45d889692e8168fa47486
c9c4a16bfc62ca1cb83c8e7704e49f1710c736bd89f54078e5304570d179aaba

HTTP Headers

GET /templates/images/bloc-marque.svg HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 22:42:49 GMT
Server: Apache
Last-Modified: Thu, 11 Mar 2021 07:17:24 GMT
ETag: "419fe-4608-5bd3d9338d9a7"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx033
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 5743
Age: 608
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
6a101fb80f342a51e31b00aab2a268f8
8c441ff51d8b3250347ccc2b040799b5cc1071ed
e1ea09000eca802135e944e9fe3cfc0ebe3906850e430971c06a61b4467e844d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 22:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 18:59:05 GMT
Expires: Mon, 24 Oct 2022 18:59:04 GMT
Etag: "8c441ff51d8b3250347ccc2b040799b5cc1071ed"
Cache-Control: max-age=504374,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75c4ca13ed9db503-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 18 Oct 2022 21:43:40 GMT
Cache-Control: max-age=3600
Expires: Tue, 18 Oct 2022 21:54:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Cq83EyjzcNb91nfLODqEFAFGqR0YRe9lrnNt8I3_36u_goLObxFpJg==
Age: 3549

cfspart.impots.gouv.fr/templates/images/logo_impots.svg

145.242.11.27

200 OK

1.3 kB

URL HTTP/1.1
cfspart.impots.gouv.fr/templates/images/logo_impots.svg
IP
145.242.11.27:0
ASN
#3215 Orange

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3344), with no line terminators
Size
1.3 kB (1340 bytes)
Hash
06c5a27ab846e65558b2994b38989c29
4961fc7074a2750dd4ddb0914ef9d28045cbf949
efc7ede915c6c97c167e293ae4488dcba99c37d6a4dafc4aa1ca543f0fcd0623

HTTP Headers

GET /templates/images/logo_impots.svg HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 22:42:49 GMT
Server: Apache
Last-Modified: Thu, 11 Mar 2021 07:17:24 GMT
ETag: "419fd-d10-5bd3d93377dff"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx033
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 1340
Age: 609
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c9b278637bdca251f78b46e4a0850473
a48fe5095fc27af1c6b6628149d9e8f655295621
eea38f271e134a85a7b586631a8831888ab81f0edb33120b26bd35cdfa032e52

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5456
Cache-Control: max-age=125691
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 22:42:50 GMT
Etag: "634e5e95-1d7"
Expires: Thu, 20 Oct 2022 09:37:41 GMT
Last-Modified: Tue, 18 Oct 2022 08:06:45 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

impot-refgouv.fr/Particuliers%20authentification_files/bootstrap.min.css

86.48.5.49

200 OK

16 kB

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/bootstrap.min.css
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
ASCII text, with very long lines (64976)
Size
16 kB (16508 bytes)
Hash
6b3b57e599ac194202b2dde78368b8a9
2b8fa5456011674faaebfa03492cec73d7a281af
a6e06f93f76ce4f811f7db6b4510fa189ee4d70d94b386a368f75bcbfbe5775c

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/bootstrap.min.css HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: text/css
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-1a442"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.impots.gouv.fr/themes/custom/pus_inea/favicon.ico

152.199.19.61

200 OK

1.2 kB

URL HTTP/2
www.impots.gouv.fr/themes/custom/pus_inea/favicon.ico
IP
152.199.19.61:0
ASN
#15133 EDGECAST

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
4c2c39d7cb584994b956b7001fc462e1
82c00353c1ca67d925e65fd6022cd0ccbc0f5c3c
99af879888a29feeec095725f74e18cd070de29e7f1b4a35f20746fa45382c21

HTTP Headers

GET /themes/custom/pus_inea/favicon.ico HTTP/1.1
Host: www.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes, bytes
age: 0
cache-control: must-revalidate
content-type: image/vnd.microsoft.icon
date: Tue, 18 Oct 2022 22:42:50 GMT
expires: Thu, 1 Jan 1970 00:00:00 GMT
pragma: no-cache
server: ECAcc (ska/F7A3)
strict-transport-security: max-age=34560000; includeSubDomains
x-content-type-options: nosniff
content-length: 1150
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.237.239.70

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.237.239.70:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3ztqz0rwfa+X69Gi3pG7zA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LcI0IKBD4mnpXTucEFvnAHQFvo4=

impot-refgouv.fr/Particuliers%20authentification_files/bootstrap.min.js

86.48.5.49

200 OK

9.1 kB

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/bootstrap.min.js
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
ASCII text, with very long lines (32002)
Size
9.1 kB (9092 bytes)
Hash
d884c9508c35dfff9cdcda95a252e0c9
41e744fe613b961307f02ded3eb4ac6b497e5428
c84a9af0e384c98a54de536658b51cfdd78bacd293823604d8d2f7699b2e91db

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/bootstrap.min.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-8208"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/messages.js

86.48.5.49

200 OK

3.3 kB

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/messages.js
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type
Unicode text, UTF-8 text
Size
3.3 kB (3322 bytes)
Hash
a6e20741b2b92490c6747fb62a00cef5
82e8c593796dd70430eccb89cfa3f62831e2386d
7f37749aa5f177dbdc568f02716d883a96e5c4b5088c0e1d374fffa7180f5291

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/messages.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-2a2f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0fcfa6b657f8e34f9eeaf49d51ccbc73
e508c6dbaaa34541005d8307a48f17a724471048
af4ef3ecc726fe0cd395a395a8449b985991df26ccdabc67eddd22c70eb78a1e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF4EF3ECC726FE0CD395A395A8449B985991DF26CCDABC67EDDD22C70EB78A1E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12177
Expires: Wed, 19 Oct 2022 02:05:48 GMT
Date: Tue, 18 Oct 2022 22:42:51 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ee9fc2-069f-4d47-8dc4-92164338568f.jpeg

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ee9fc2-069f-4d47-8dc4-92164338568f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8047 bytes)
Hash
4fbdd9eb79e636b5543f5e46fe04ea31
20c5fb32a63d98075777829cc363785e2f4ffed2
6596cd730a0caaa9d1a997153fad51e9f958c6cae6916c27e0b6b4f2a512e0ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ee9fc2-069f-4d47-8dc4-92164338568f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8047
x-amzn-requestid: 365880af-3731-4bb2-b90c-9cb4fa442e66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aBsM-E9zoAMFvwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634a271f-2cc91f8e54a08ce06255bc6b;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 03:21:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dLx9u0nMlvSa7w38t4ueu2B-fxGljKvJtRLD6cc3da5ub9Rc0J3-IA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:55:51 GMT
age: 2820
etag: "20c5fb32a63d98075777829cc363785e2f4ffed2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87514736-0d8f-4476-92ba-b15762c98332.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8696 bytes)
Hash
7cf86d59e28da601117810faf66d57c4
7ea3dc5cec73e3003430fd4ecfd0b5eb58a4d513
2dc2bfcbd1ae97396ee2f95c436d48b27b056a2922b9415329e34144a5950472

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87514736-0d8f-4476-92ba-b15762c98332.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8696
x-amzn-requestid: 8a14fadf-4f6f-4dca-9d39-75d89cbf9a4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z1CmlEKeIAMFUWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634517c3-6d1f242d2dd574235f570b87;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 07:14:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MMfbWp_ZrEOesN9JUmg1PM_I_ivUbd0E3Qt5B1KhzN5svIIDbhPuKA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 06:57:52 GMT
age: 56699
etag: "7ea3dc5cec73e3003430fd4ecfd0b5eb58a4d513"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87d6cfa7-6d1f-40ca-bf2d-507a8fffc5dd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7749 bytes)
Hash
34233831dc5c15001753b8bcc03382b0
00790fcdc95ebb458a67c1de32fbb58039795d81
a63d7d3ff74534fa2edfef6aae76074b228fdd3966917903176d897e7ea1e1c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87d6cfa7-6d1f-40ca-bf2d-507a8fffc5dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7749
x-amzn-requestid: 389e9ef8-8bf4-4aa4-9255-e71f64442dd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aBq4FFKioAMFoOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634a2500-307d1b4103e58eb400cdc6bc;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 03:12:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CSmVVhHYJ0HW3D61Xse0jsVoDBqKGx-scT6Vno55Ld8x3aK5gDU41w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 05:06:33 GMT
age: 63378
etag: "00790fcdc95ebb458a67c1de32fbb58039795d81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

35 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc809406-f843-4494-9a76-eab77bec4daa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
35 kB (35276 bytes)
Hash
b683fafb36238c7da6be76247f60600b
e975f7a307a970ab45b03f861fd7d875ec66028d
b65fa7f3e7e0d999ebdfc1a4beb74e21221e4ceabd9e57ed0af6ab4560e12fdd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc809406-f843-4494-9a76-eab77bec4daa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 35276
x-amzn-requestid: 6e8a79ad-d0f3-4290-a1ed-ef9b1239f193
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aOFApGzbIAMFRGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f1b9d-65cf1b926ab122b1716a2983;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 21:33:17 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hPbTIgByMSbi22qlqk74Vk8h6AWf5DxSWDZHjew5y-RHl6X0uRu_wQ==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:42:49 GMT
age: 3602
etag: "e975f7a307a970ab45b03f861fd7d875ec66028d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b5a91b4-f537-421e-8b13-62843ad940ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7702 bytes)
Hash
92a90f3b620eabc7ed15fa14182ab0d1
2250764fd089f9b34180ef5cfd20dc3486261107
40ffc2e0b243630aba041940aa239c82720057525b9591399c4cfcefa3509b56

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b5a91b4-f537-421e-8b13-62843ad940ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7702
x-amzn-requestid: 8fa4e14b-317b-4ca8-9a32-52e58f493a69
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aBsM-EUEIAMF8Sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634a271f-07a02fd8190b163d50ebb5c4;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 03:21:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TzOjtmvdmf1X8EeDJiOHrqZ6Lafujfzhpk-rqtx29F_3y_EyvL-nxQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 07:55:33 GMT
age: 53238
etag: "2250764fd089f9b34180ef5cfd20dc3486261107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F194b4740-96c9-4288-beb4-2bb6b10771b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (4044 bytes)
Hash
8b18cc36d516d20449dbba4fa894e898
40f6c41e0259a820bec12e31c6e650fd6c5dea57
1202e14ec5edc289d0be7b7f9d8538b9bc23a35f4ede6eae39179a61f6128bb1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F194b4740-96c9-4288-beb4-2bb6b10771b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4044
x-amzn-requestid: 08cb82b3-386b-4d87-b11c-ab7c4c66173b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aOFFWEDjIAMF5jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f1bbb-4d516cbb74baf2a0228f8cbe;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 21:33:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4gPxIb8DzdibfZ-TsuJIDW7YYeeMvz5vpXrp4wsUenEzjEHnRn7yzg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:56:09 GMT
age: 2802
etag: "40f6c41e0259a820bec12e31c6e650fd6c5dea57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/jquery.min.js

86.48.5.49

200 OK

0 B

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/jquery.min.js
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/jquery.min.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-14e4a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/mire.css

86.48.5.49

200 OK

0 B

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/mire.css
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/mire.css HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: text/css
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-ab7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.impots.gouv.fr/sites/all/themes/impotsgouv/images/favicon/favicon-152.png

152.199.19.61

404 Not Found

0 B

URL HTTP/2
www.impots.gouv.fr/sites/all/themes/impotsgouv/images/favicon/favicon-152.png
IP
152.199.19.61:0
ASN
#15133 EDGECAST

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sites/all/themes/impotsgouv/images/favicon/favicon-152.png HTTP/1.1
Host: www.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://impot-refgouv.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
age: 0
cache-control: must-revalidate
content-language: fr
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 22:42:50 GMT
expires: Tue, 18 Oct 2022 22:43:50 GMT
from-origin: same
permissions-policy: interest-cohort=()
server: ECAcc (ska/F737)
strict-transport-security: max-age=34560000; includeSubDomains
x-content-type-options: nosniff, nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/commun.css

86.48.5.49

200 OK

0 B

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/commun.css
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/commun.css HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: text/css
last-modified: Mon, 08 Aug 2022 16:51:36 GMT
etag: W/"62f13f18-168c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification_files/idContact.js

86.48.5.49

200 OK

0 B

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification_files/idContact.js
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification_files/idContact.js HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impot-refgouv.fr/Particuliers%20authentification.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:31:48 GMT
etag: W/"62f13a74-b4f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

impot-refgouv.fr/Particuliers%20authentification.html

86.48.5.49

200 OK

0 B

URL HTTP/2
impot-refgouv.fr/Particuliers%20authentification.html
IP
86.48.5.49:0
ASN
#16095 Sentia Denmark A/S

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)

HTTP Headers

GET /Particuliers%20authentification.html HTTP/1.1
Host: impot-refgouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 22:42:49 GMT
content-type: text/html
last-modified: Mon, 08 Aug 2022 19:44:54 GMT
etag: W/"62f167b6-fd38"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations