Report - lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home

Report Overview

Submitted URL
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home
IP
63.250.43.1
ASN
#22612 NAMECHEAP-NET
Submitted
2022-10-26 15:58:16
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Apple

Detections

urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.9 kB	577 kB	63.250.43.1
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.9 kB	142.250.74.35
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	95 kB	216.58.207.195
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.6 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	964 B	172.64.155.188
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.161.6.128
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	54 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	460 B	746 B	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home	Phishing
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home	Phishing
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/	Phishing
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/angular.min.js	Phishing
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.CardValidator.js	Phishing
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.min.js	Phishing
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.validate.min.js	Phishing
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.mask.js	Phishing
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/style.js	Phishing
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/popper.min.js	Phishing
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/bootstrap.min.js	Phishing
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/main.js	Phishing
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/fontawesome.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.CardValidator.js	6.6 kB	2023-03-07	2024-04-24
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.CardValidator.js IP 63.250.43.1 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:35 Last Seen2024-04-24 15:08:50 Times Seen719 Hash abb9a501a5640cf0f8563ea64120248a 11848f5498d35bb4d746f64d537d85de0d4a4876 bfa489820b4cff47140a8f1741f50f8bf752df013ac13388357ccef04600c8ab Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 05:39:29 Times Seen37055267 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/style.js	2.2 kB	2023-03-07	2024-04-25
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/style.js IP 63.250.43.1 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:19 Last Seen2024-04-25 02:03:14 Times Seen912 Hash 898f19a99389c21b45afaa5cbc50ebbe 6dd2957947201f36f3a50cad3bda18874d2508d7 f050012b033cb391112b37757113c73ff09884815ff73ce45592ee309ce87b3f Loading...

	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/popper.min.js	20 kB	2023-03-07	2024-04-24
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/popper.min.js IP 63.250.43.1 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2024-04-24 08:00:15 Times Seen4095 Hash 5644e6835941af44dcb5cead916c2b79 6eb1840d55338895ce6ecc3eab56132b1d152b93 315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58 Loading...

	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/bootstrap.min.js	59 kB	2023-03-07	2024-04-21
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/bootstrap.min.js IP 63.250.43.1 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:40 Last Seen2024-04-21 18:29:49 Times Seen1851 Hash 0f9ea8d6bb66dbed6e0966f9da35b7fd 8095a33f75ca53aa5409b8bf00ea30372755092d 306ab8dd287ef041231a510b7e4c027a11e28b20c3408a9185d895c091dc72a4 Loading...

	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/main.js	4.4 kB	2023-03-07	2024-04-21
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/main.js IP 63.250.43.1 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:40 Last Seen2024-04-21 18:29:49 Times Seen1022 Hash def4a999cf8f389438ebe315c275cb73 90b28790feddac38637591835420fe87a6071ce8 3fbc9360e36438e4cdcda3f25cb6dad97b6fe96cbba9455ad4bb75183e5fc2dc Loading...

	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/angular.min.js	167 kB	2023-03-07	2024-04-25
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/angular.min.js IP 63.250.43.1 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:29 Last Seen2024-04-25 02:03:14 Times Seen3453 Hash be6af23e2a716c006da75d0291784254 9c923313eabc56d715a7c07bf855feb26a72f671 8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9 Loading...

	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.min.js	88 kB	2023-03-07	2024-04-24
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.min.js IP 63.250.43.1 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2024-04-24 17:48:40 Times Seen8453 Hash 2f772fed444d5489079f275bd01e26cc a8927ac2830b2fdd4a729eb0eb7f80923539ceb9 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a Loading...

	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.mask.js	18 kB	2023-03-07	2024-04-25
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.mask.js IP 63.250.43.1 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:19 Last Seen2024-04-25 02:03:14 Times Seen3598 Hash 219d169a80568884a3d6baab3e5e7def 61d00104de8c972c820cd9b527d8e2edb30e5c4a cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a Loading...

HTTP Transactions (46)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3492
Expires: Wed, 26 Oct 2022 16:56:17 GMT
Date: Wed, 26 Oct 2022 15:58:05 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2635
Cache-Control: max-age=152212
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 15:58:05 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 10:14:57 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2250
Expires: Wed, 26 Oct 2022 16:35:35 GMT
Date: Wed, 26 Oct 2022 15:58:05 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: +VmfOpXXJbP/v2b0vL15bWU1rfQQLluJpyjrIt/gGOwE9wM5UM6Nk9Fn38N7RXJfM8yZ38ih70o=
x-amz-request-id: VNBTM6X2EG3XV0C2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 15:39:15 GMT
age: 1130
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home

63.250.43.1

301 Moved Permanently

0 B

URL HTTP/1.1
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:58:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
f94ee7108c5d7f3162dad329568aac0e
59aa8ee1f8da0c45629fabf42c8046349801d6fb
2fa145334f81e7e08b0ad7bac7bd3b81ec21a6be9671f722200fddf16f67bdbf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 15:58:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 23:39:23 GMT
Expires: Mon, 31 Oct 2022 23:39:22 GMT
Etag: "59aa8ee1f8da0c45629fabf42c8046349801d6fb"
Cache-Control: max-age=459076,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76046435dc57b506-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1607
Cache-Control: max-age=146129
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 15:58:05 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 08:33:34 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home

63.250.43.1

301 Moved Permanently

162 B

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 26 Oct 2022 15:58:05 GMT
content-type: text/html
content-length: 162
location: http://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/

63.250.43.1

200 OK

3.6 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (15746), with CRLF line terminators
Size
3.6 kB (3590 bytes)
Hash
d20b9d24eb255774b6ed467ca366c93b
edb38792692477cd4c5889737b8ad7785ef9edfc
c9e4778604f87d2b79b31caca2a1cd8e986ae098074e01f3e207690405b5ec1e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/ HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:04:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, public
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 3243
x-cache: HIT
accept-ranges: bytes
content-length: 3590
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.161.6.128

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.6.128:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7U1DPZmR1/qLTiOzM81YCA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BfdmHpKvb4fT01Od2RcQqEh5ofg=

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/angular.min.js

63.250.43.1

200 OK

58 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/angular.min.js
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (566)
Size
58 kB (58485 bytes)
Hash
7fea74563a0d2d9bb508a51c6e322b22
0a62a90f9a99d185e1bce49dabea132e0edb468a
8e65040e11a39214c1bb095831fc24b0e6799a732627f7d682c48442eeff2bfd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/angular.min.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:37:12 GMT
etag: "63574bd8-28cdb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3308
x-cache: HIT
accept-ranges: bytes
content-length: 58485
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.CardValidator.js

63.250.43.1

200 OK

2.1 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.CardValidator.js
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
2.1 kB (2104 bytes)
Hash
d558576e06a82da499d5973c48d598a7
2884301c84175b327c8718a1d7c48aa4c32c73cb
bc63b227823bfb3946f21efeb221ccade3eab3cf8ef35f3d75e2e6758919a64e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/jquery.CardValidator.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:37:17 GMT
etag: "63574bdd-19b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3308
x-cache: HIT
accept-ranges: bytes
content-length: 2104
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.min.js

63.250.43.1

200 OK

31 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.min.js
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
31 kB (30719 bytes)
Hash
036ea929140cc272177d72861479bc9d
d44e3b6a79ee1049628ac55ac258cce758074d68
a2b493a2b7f79b8c544dd10224faccf27480b58bb57e93499ceb54ed28494388

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/jquery.min.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:37:21 GMT
etag: "63574be1-15851"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3308
x-cache: HIT
accept-ranges: bytes
content-length: 30719
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.validate.min.js

63.250.43.1

200 OK

7.4 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.validate.min.js
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (22900), with CRLF line terminators
Size
7.4 kB (7436 bytes)
Hash
d7bc6e8cdb2dd5b9c2c1d3bccb98136c
7e94399918a2d2f69e34cea53d5f541fa46c8627
c94b49ad8d2aeda51b11782148bdec662d16e237632c0231520b98e935696cf3

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Apple
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/jquery.validate.min.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:37:24 GMT
etag: "63574be4-5a01"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3308
x-cache: HIT
accept-ranges: bytes
content-length: 7436
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.mask.js

63.250.43.1

200 OK

4.9 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.mask.js
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
4.9 kB (4948 bytes)
Hash
72561daefcabe07fcd6e4a000ce2b1f9
29f4b8a00c67c6d29e8beb9cbe1fcc040bfc4bf5
3a19e4fd29ca6cd5ba35dd0f38915107a432a326280051d32ca2b16af7d668b7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/jquery.mask.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:37:19 GMT
etag: "63574bdf-47fe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3308
x-cache: HIT
accept-ranges: bytes
content-length: 4948
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/style.js

63.250.43.1

200 OK

834 B

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/style.js
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
834 B (834 bytes)
Hash
b3b513a42ba66924bd794f00ab1e8756
4990006b11c02a9fb9ab4c4d1fba2ab75d550bac
5d654ce1762a87c9ea2b1d3dc9300a649d9669a357f5cff1641d30155906405f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/style.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:37:26 GMT
etag: "63574be6-8bf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3308
x-cache: HIT
accept-ranges: bytes
content-length: 834
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/fonts.css

63.250.43.1

200 OK

278 B

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/fonts.css
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
278 B (278 bytes)
Hash
06459c2424f7d5ff44aa178c85dd841d
0db3d229a2c5a07b883d67bc64ba5b3922dc97a6
c471df84afcedc1634f70869703a7ce9571ad39b950a0380a2e2af7bf73c2647

HTTP Headers

GET /20221025/home/style/css/fonts.css HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:36:37 GMT
etag: "63574bb5-570"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3308
x-cache: HIT
accept-ranges: bytes
content-length: 278
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/bootstrap.min.css

63.250.43.1

200 OK

21 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/bootstrap.min.css
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65324)
Size
21 kB (21050 bytes)
Hash
6416cbec949fa843a85c7ac285bb9245
94173c891940336570801e9c8ce3f85427d41c70
631d8a942c958f1b03cab6822d5f25b7221a24bbb2d60ec49bdf40295e1483ef

HTTP Headers

GET /20221025/home/style/css/bootstrap.min.css HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:36:38 GMT
etag: "63574bb6-22688"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3308
x-cache: HIT
accept-ranges: bytes
content-length: 21050
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/main.css

63.250.43.1

200 OK

2.3 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/main.css
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (10363), with CRLF line terminators
Size
2.3 kB (2347 bytes)
Hash
c1c58e51a8162ef58988adbbbd1a0e6e
e6b1dd813ba904a3175b84304a04c7d2f5cec311
3fdbef6476a9d9c0f7ab6f1bf4cb8efe3e193723a95fa7638dff597222fccd6b

HTTP Headers

GET /20221025/home/style/css/main.css HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:36:39 GMT
etag: "63574bb7-287d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3308
x-cache: HIT
accept-ranges: bytes
content-length: 2347
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/popper.min.js

63.250.43.1

200 OK

7.2 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/popper.min.js
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (20164), with CRLF line terminators
Size
7.2 kB (7243 bytes)
Hash
826c95f8ce58f52645faade7d3484af5
b8899da5a2f443322884adbd2233fbbdefbe1099
75c715d9dd66e7093d3e2b1e50d52570cae39df9b13c2f6cf31b3386e290b5ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/popper.min.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:06:36 GMT
last-modified: Tue, 25 Oct 2022 02:37:25 GMT
etag: "63574be5-4f74"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3090
x-cache: HIT
accept-ranges: bytes
content-length: 7243
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/CADIF_logo_horizontal_rvb_v4.png

63.250.43.1

200 OK

19 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/CADIF_logo_horizontal_rvb_v4.png
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 350 x 105, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18782 bytes)
Hash
71cb5c78702e00ffb116f88d9280896a
d32b9b4f245643b1e4477f923b12a4d17d50cc3d
f8e9befa13e3ff93d974729ae3c727461555d582bb63bb388a4bd497619ef20b

HTTP Headers

GET /20221025/home/style/CADIF_logo_horizontal_rvb_v4.png HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:07:26 GMT
last-modified: Tue, 25 Oct 2022 02:36:01 GMT
etag: "63574b91-495e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: image/png
content-length: 18782
x-cacheable: YES
age: 3039
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 15:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/bootstrap.min.js

63.250.43.1

200 OK

15 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/bootstrap.min.js
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (59058), with no line terminators
Size
15 kB (15336 bytes)
Hash
ee1256b5b52bb54c61a5bd830b57890e
4b5b0bf0609f18a265ee410044c1d980f0526244
0b8c25aafc1308b83d904cf9e358e8043e286d5e01f5f825e5234c305bba5bbc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/bootstrap.min.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:06:36 GMT
last-modified: Tue, 25 Oct 2022 02:37:14 GMT
etag: "63574bda-e6b2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3090
x-cache: HIT
accept-ranges: bytes
content-length: 15336
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 15:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 15:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 15:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 15:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 15:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 05:42:51 GMT
expires: Fri, 20 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 555316
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

216.58.207.195

200 OK

48 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Size
48 kB (47952 bytes)
Hash
17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

HTTP Headers

GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 18:59:14 GMT
expires: Tue, 24 Oct 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 161933
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 15:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/main.js

63.250.43.1

200 OK

963 B

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/main.js
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
Algol 68 source text\012- Pascal source, ASCII text, with CRLF line terminators
Size
963 B (963 bytes)
Hash
d339a145df005deb6cce0837853fa5db
463e384739266e5e979405dee242bcfe0f8098a5
8639be7630b3bcb63a8a922d308de088a483f9ca2a7d7035835bca7dc2ec924d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/main.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:06:36 GMT
last-modified: Tue, 25 Oct 2022 02:37:25 GMT
etag: "63574be5-111f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3090
x-cache: HIT
accept-ranges: bytes
content-length: 963
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/fontawesome.js

63.250.43.1

200 OK

387 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/fontawesome.js
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65347), with CRLF line terminators
Size
387 kB (387147 bytes)
Hash
39cdd99630caf56e49a9d3aacca54383
37ef54d71e4c6ddac63310c3885cb749f2de0779
ba86ed9a9e26cc1dae4da678046477563d10903f646b2dfbdf16be25c7db5701

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/fontawesome.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:06:36 GMT
last-modified: Tue, 25 Oct 2022 02:37:22 GMT
etag: "63574be2-10314e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3090
x-cache: HIT
accept-ranges: bytes
content-length: 387147
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home//style/fermeture-agence-travaux-DAB_septembre2020.jpg

63.250.43.1

200 OK

503 B

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home//style/fermeture-agence-travaux-DAB_septembre2020.jpg
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
503 B (503 bytes)
Hash
262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4

HTTP Headers

GET /20221025/home//style/fermeture-agence-travaux-DAB_septembre2020.jpg HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:07:26 GMT
last-modified: Tue, 25 Oct 2022 02:36:06 GMT
etag: "63574b96-28561"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: image/jpeg
content-length: 165217
x-cacheable: YES
age: 3040
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9952
Expires: Wed, 26 Oct 2022 18:43:59 GMT
Date: Wed, 26 Oct 2022 15:58:07 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4524 bytes)
Hash
91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NQJHFIbLMzw0aGwCkVGIEIHOMHprTpvLkLQRKgrGeVj35sk7sW4IUg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 00:36:34 GMT
age: 55293
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe87578f5-db38-4350-a6ac-22b0577d75a1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7435 bytes)
Hash
548cc254725b085a0794f02585db37f6
69ebcb96188f5e3f6355aabecbe925e26ff00668
09906078ef781e283e939b86e3ee34665ed5df4524a9af4be26f7106a8cab836

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe87578f5-db38-4350-a6ac-22b0577d75a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7435
x-amzn-requestid: fd538694-534d-4938-bebc-1131c0bb7c62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB1HWdIAMFuSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-2f9210cb5a6a28a71b130497;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TQ5GJaRJk5tw0implydS2L5z43-8mywPnViwhDI_mK4Wj9HzmDliIg==
via: 1.1 58f9a50682bb94842197f3e957919c60.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 02:47:30 GMT
age: 47437
etag: "69ebcb96188f5e3f6355aabecbe925e26ff00668"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7929 bytes)
Hash
c3ae78510434fd68063fc144bf614382
3bb87ca5274ce9f6d81da60ab940d23ccd12843b
f42d89328435cb37cba1111903a6bd5e900857d0942e1506ea2115b4e6301541

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7929
x-amzn-requestid: 6324abd6-8e27-4903-8bfc-a0fc6a8625be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alK9LEeoIAMF5mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585854-2900343b1ae208a903fe58fd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:42:44 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5MR4UzoW6rVsSpEyPAWrcFb2LCRICaG-toy3JflaXRrzZwcgMs48VQ==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:09:07 GMT
etag: "3bb87ca5274ce9f6d81da60ab940d23ccd12843b"
content-type: image/jpeg
age: 64140
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5da11cdb-c8be-46f4-95b0-792c49d930a7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8553 bytes)
Hash
5987bcd44ab0db5313aa4f409a8a212f
691a36cde98a9fe1660745dd811e0be2ae67036c
e47ce3587c647b52669f675dc7e84e21555f82138091fb04febc951b4c06ba30

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5da11cdb-c8be-46f4-95b0-792c49d930a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8553
x-amzn-requestid: 69931a9c-027e-428e-a88d-61c5fac64daa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ2iEnzoAMFZAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585690-12c78c5157fb3fa41a13548c;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zfjAcNokC0aMpSY3juYAi_Wo1MMRskGGJ0y9jb7x3Ps9R6wfiUg-IQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:57:47 GMT
age: 64820
etag: "691a36cde98a9fe1660745dd811e0be2ae67036c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8439 bytes)
Hash
db946866312c734e0c5f91ca76255b2f
e8b8236baab9106a426a415eb01494cc4cc91ad1
a695e7bc87da2c6d9f5669c09e662fe22982e69cb139466efa5093429fe19866

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8439
x-amzn-requestid: e0eed725-0725-4f5a-9c91-fec13ad0ebe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ajKYQGWhIAMFdhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63578a9b-2a0115120e75f5271cea992f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 07:04:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pf98qKWMjPBID3auXFKPhj1kt67xEWF_e2CpRMQ7_HkPJGzJ3cK1qw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 07:18:26 GMT
age: 31181
etag: "e8b8236baab9106a426a415eb01494cc4cc91ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6831 bytes)
Hash
1cc61ad4b1d66ab4bce27288ee690e12
324e13ad5c99f628d713e55a2994ad4042ece70e
62cd88bc19bc1f0be2a37c3e990897158acd3d55aa3ddd299144d4f9596ba34e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6831
x-amzn-requestid: cc6f38ff-ab33-4b18-8cae-aa6bc061962f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alKjPH7ToAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635857ae-3db2790d0e6c5fab6c4bc81f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tiWbOUwlRzaT2EnCWIgoFaT_ho55s3tgRxalb7yBbI21Pv0BhfLJOg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:05:09 GMT
age: 64378
etag: "324e13ad5c99f628d713e55a2994ad4042ece70e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/favicon.png

63.250.43.1

200 OK

1.8 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/favicon.png
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
1.8 kB (1793 bytes)
Hash
ed9c56116b458dfeef180879add56940
f661f922f0bfdf0d2d470aea158eb77d49b5bb26
0c6849d4541c1b5d297b7e48dc2c13d43c357610effd13e1a90929b6638205e0

HTTP Headers

GET /20221025/home/style/favicon.png HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:19:44 GMT
last-modified: Tue, 25 Oct 2022 02:36:03 GMT
etag: "63574b93-701"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: image/png
content-length: 1793
x-cacheable: YES
age: 2303
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac38eda-2bed-4703-8560-7d07ad90dabc.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.3 kB (3337 bytes)
Hash
494a826ce7609ee5cc8157ea5de5f4f7
3d28f2daeef33f37c91bd26cb527793288635103
09f702f40e29e6b0c27abc5c7bb4605e504453b543c92805ba4045bd3d65c4d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac38eda-2bed-4703-8560-7d07ad90dabc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 3337
x-amzn-requestid: 5a06b710-2b88-435e-8863-3e0e58742e6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ21FjooAMFp8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585691-2adc1ac2375e087b20ad0e32;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:13 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 02nWxjGUWnLOfCCH-_N91bhvwj9nD2aqZr757DDchdNlHitK7bih4Q==
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:12:48 GMT
age: 63926
etag: "3d28f2daeef33f37c91bd26cb527793288635103"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/helpers.css

63.250.43.1

200 OK

0 B

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/helpers.css
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /20221025/home/style/css/helpers.css HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:36:39 GMT
etag: "63574bb7-9faa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3308
x-cache: HIT
accept-ranges: bytes
content-length: 4564
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 26 Oct 2022 15:58:07 GMT
date: Wed, 26 Oct 2022 15:58:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP